Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/8C977B0891BE11EDBEFDD64CC4F9AE02.roa
File: 8C977B0891BE11EDBEFDD64CC4F9AE02.roa (raw, json)
Hash identifier: wN56l/pTZ8IS4ET6NL4P3uuk1udX/lFcZuV5n30VH+U=
Subject key identifier: DA:B9:94:4F:9F:37:67:20:D6:24:69:1E:FF:4F:C3:BA:D0:85:63:EC
Certificate issuer: /CN=A91B6587/serialNumber=2D634077CC847B59D4048D43E04B3309698FE638
Certificate serial: 3C
Authority key identifier: 2D:63:40:77:CC:84:7B:59:D4:04:8D:43:E0:4B:33:09:69:8F:E6:38
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LWNAd8yEe1nUBI1D4EszCWmP5jg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/8C977B0891BE11EDBEFDD64CC4F9AE02.roa
Signing time: Fri 17 Mar 2023 09:35:59 +0000
ROA not before: Fri 17 Mar 2023 09:35:59 +0000
ROA not after: Tue 31 Oct 2023 00:00:00 +0000
asID: 203020
IP address blocks: 43.225.191.0/24 maxlen: 24
45.252.189.0/24 maxlen: 24
103.3.224.0/22 maxlen: 22
103.221.233.0/24 maxlen: 24
103.241.52.0/22 maxlen: 22
160.20.8.0/22 maxlen: 23
202.94.174.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60 (0x3c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B6587/serialNumber=2D634077CC847B59D4048D43E04B3309698FE638
Validity
Not Before: Mar 17 09:35:59 2023 GMT
Not After : Oct 31 00:00:00 2023 GMT
Subject: CN=6414347f-85c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:52:a4:99:58:da:f0:ae:12:61:69:99:8b:20:
22:a8:7e:11:13:7f:96:ff:32:f1:f4:6f:50:93:1d:
e2:81:71:6f:2a:8c:1e:61:e9:25:3d:d2:64:10:44:
7a:94:90:a2:14:80:24:ab:12:04:6a:5c:6e:50:2a:
e9:80:64:46:1c:c5:eb:43:c7:20:90:55:d2:32:b4:
f6:cc:b9:9f:e9:71:d3:62:cb:95:bd:7d:cf:fa:6c:
b7:da:85:6f:8f:a4:31:95:33:67:41:ca:86:a8:5b:
5a:0f:67:b5:d4:39:8e:2a:64:d2:8d:b0:cd:08:18:
3b:a7:ce:68:49:32:82:f6:8e:94:9f:73:b4:ec:fd:
52:a6:f0:a1:e5:de:2b:26:cd:c2:8b:8b:30:eb:b9:
03:fb:53:c9:7b:0f:68:62:ef:27:69:73:57:20:9e:
94:7f:10:6b:f5:5f:6c:60:dc:b4:c7:9f:b7:d2:0e:
dd:51:23:c1:93:de:4b:80:45:9b:37:1d:2a:24:24:
95:eb:c0:e2:56:51:21:95:10:f8:b8:d7:7e:b4:f4:
0a:c8:93:8d:74:38:ee:cc:a9:26:c1:72:7b:45:eb:
25:5b:6a:71:fd:fd:ce:a3:fb:64:79:14:1b:eb:58:
29:45:4e:f8:a7:44:67:d1:b2:fc:75:08:1c:37:c5:
3c:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:B9:94:4F:9F:37:67:20:D6:24:69:1E:FF:4F:C3:BA:D0:85:63:EC
X509v3 Authority Key Identifier:
keyid:2D:63:40:77:CC:84:7B:59:D4:04:8D:43:E0:4B:33:09:69:8F:E6:38
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/LWNAd8yEe1nUBI1D4EszCWmP5jg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LWNAd8yEe1nUBI1D4EszCWmP5jg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B6587/417D71B4918611EDA84A124DC4F9AE02/8C977B0891BE11EDBEFDD64CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.225.191.0/24
45.252.189.0/24
103.3.224.0/22
103.221.233.0/24
103.241.52.0/22
160.20.8.0/22
202.94.174.0/24
Signature Algorithm: sha256WithRSAEncryption
92:f8:c5:47:c6:c2:db:e1:80:d7:a1:ea:9e:2f:b3:5f:5a:6b:
c2:3a:9e:3f:f1:76:46:0b:8c:ce:b9:17:83:32:90:d0:8a:88:
ee:ce:7a:7c:89:bb:a1:a7:43:5a:64:80:b4:94:ec:33:32:1d:
84:fa:c3:14:74:48:3d:b3:26:ed:f2:dc:fc:7a:96:6b:95:8b:
c4:44:31:c7:3b:3e:7b:4a:90:f4:57:de:db:d4:f8:28:9b:83:
0d:c4:b6:6b:a0:cb:be:17:7f:28:07:a5:9f:37:54:24:c7:99:
e5:6a:48:6f:28:ea:c2:22:9a:85:81:bd:31:ac:9b:06:63:26:
16:1a:5b:a3:01:f6:22:d5:bb:93:e7:4a:42:17:08:37:15:d1:
a0:c9:f7:41:d4:0b:d7:75:88:c3:96:62:5d:c7:b4:9a:d5:b0:
e9:6b:2f:75:27:bc:b0:2e:b6:04:ec:74:f8:5e:10:ea:89:09:
14:be:9e:5c:f2:cf:9d:9f:4e:95:22:cd:a5:d3:1e:69:2d:38:
30:8e:3a:2c:8c:a9:e0:1b:ed:fa:b3:71:8f:56:b5:e0:41:d2:
2f:89:20:07:ab:f7:38:63:ab:92:a1:cc:f7:13:62:de:7f:f1:
d0:68:31:9c:e9:49:8b:e5:04:25:0d:df:79:71:60:bc:eb:05:
5d:aa:8c:83
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgIBPDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC
NjU4NzExMC8GA1UEBRMoMkQ2MzQwNzdDQzg0N0I1OUQ0MDQ4RDQzRTA0QjMzMDk2
OThGRTYzODAeFw0yMzAzMTcwOTM1NTlaFw0yMzEwMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0MTQzNDdmLTg1YzYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDHUqSZWNrwrhJhaZmLICKofhETf5b/MvH0b1CTHeKBcW8qjB5h6SU90mQQRHqU
kKIUgCSrEgRqXG5QKumAZEYcxetDxyCQVdIytPbMuZ/pcdNiy5W9fc/6bLfahW+P
pDGVM2dByoaoW1oPZ7XUOY4qZNKNsM0IGDunzmhJMoL2jpSfc7Ts/VKm8KHl3ism
zcKLizDruQP7U8l7D2hi7ydpc1cgnpR/EGv1X2xg3LTHn7fSDt1RI8GT3kuARZs3
HSokJJXrwOJWUSGVEPi413609ArIk410OO7MqSbBcntF6yVbanH9/c6j+2R5FBvr
WClFTvinRGfRsvx1CBw3xTy1AgMBAAGjggK5MIICtTAdBgNVHQ4EFgQU2rmUT583
ZyDWJGke/0/DutCFY+wwHwYDVR0jBBgwFoAULWNAd8yEe1nUBI1D4EszCWmP5jgw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUI2NTg3LzQxN0Q3MUI0OTE4
NjExRURBODRBMTI0REM0RjlBRTAyL0xXTkFkOHlFZTFuVUJJMUQ0RXN6Q1dtUDVq
Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvTFdOQWQ4eUVlMW5VQkkxRDRFc3pDV21QNWpnLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC
NjU4Ny80MTdENzFCNDkxODYxMUVEQTg0QTEyNERDNEY5QUUwMi84Qzk3N0IwODkx
QkUxMUVEQkVGREQ2NENDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDBDBggrBgEFBQcBBwEB/wQ0
MDIwMAQCAAEwKgMEACvhvwMEAC38vQMEAmcD4AMEAGfd6QMEAmfxNAMEAqAUCAME
AMperjANBgkqhkiG9w0BAQsFAAOCAQEAkvjFR8bC2+GA16Hqni+zX1prwjqeP/F2
RguMzrkXgzKQ0IqI7s56fIm7oadDWmSAtJTsMzIdhPrDFHRIPbMm7fLc/HqWa5WL
xEQxxzs+e0qQ9Ffe29T4KJuDDcS2a6DLvhd/KAelnzdUJMeZ5WpIbyjqwiKahYG9
MaybBmMmFhpbowH2ItW7k+dKQhcINxXRoMn3QdQL13WIw5ZiXce0mtWw6WsvdSe8
sC62BOx0+F4Q6okJFL6eXPLPnZ9OlSLNpdMeaS04MI46LIyp4Bvt+rNxj1a14EHS
L4kgB6v3OGOrkqHM9xNi3n/x0GgxnOlJi+UEJQ3feXFgvOsFXaqMgw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:38 2024 by rpki-client on console-fra.rpki-client.org