Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D873B/4A16BBDAC60411ECAA94594BC4F9AE02/A96D5F96C60711ECA38AF363C4F9AE02.roa
File: A96D5F96C60711ECA38AF363C4F9AE02.roa (raw, json)
Hash identifier: b1fPaW8PAcWf8l6Ovrn/PaYw35Ha385artPouF0uYSY=
Subject key identifier: 84:5B:E4:D5:BF:12:C7:CB:6D:EA:11:82:83:97:55:4D:55:81:65:75
Certificate issuer: /CN=A91D873B/serialNumber=03BD909A1A15A4503DFAD594C3C6DE9B94604E66
Certificate serial: 02
Authority key identifier: 03:BD:90:9A:1A:15:A4:50:3D:FA:D5:94:C3:C6:DE:9B:94:60:4E:66
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/A72QmhoVpFA9-tWUw8bem5RgTmY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D873B/4A16BBDAC60411ECAA94594BC4F9AE02/A96D5F96C60711ECA38AF363C4F9AE02.roa
Signing time: Wed 27 Apr 2022 08:54:35 +0000
ROA not before: Wed 27 Apr 2022 08:54:35 +0000
ROA not after: Tue 31 Jan 2023 00:00:00 +0000
asID: 132742
IP address blocks: 43.249.220.0/22 maxlen: 22
103.41.80.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D873B/serialNumber=03BD909A1A15A4503DFAD594C3C6DE9B94604E66
Validity
Not Before: Apr 27 08:54:35 2022 GMT
Not After : Jan 31 00:00:00 2023 GMT
Subject: CN=626904cb-a74a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:53:74:ae:22:bd:3e:a0:99:90:9b:f5:a3:dd:
0c:fb:a8:42:83:cb:2f:a6:fb:8e:de:a2:a5:ec:81:
77:e3:5f:6e:4f:ca:13:72:c0:05:e1:59:2e:7c:c6:
b4:94:12:a2:2a:8b:c6:f8:88:7a:7b:35:e9:ad:45:
d8:85:9e:1d:de:ad:31:5e:c1:76:30:55:f3:17:36:
22:a8:5c:44:c1:37:ba:55:61:64:9f:80:4b:ec:b2:
08:27:b8:92:6f:9b:a5:63:77:66:60:9b:93:e2:2f:
18:ea:e2:df:80:d4:0e:4f:3f:12:c1:8e:fa:c6:ea:
12:b9:cb:a0:29:f7:80:5b:ed:02:78:49:30:c4:af:
d6:8c:f6:2b:78:cc:41:94:0c:9c:93:cf:a3:83:05:
54:97:85:9a:47:60:81:c8:f1:89:3a:fc:58:38:f6:
9a:8c:54:08:64:5a:11:29:d1:9e:25:f9:db:fd:0d:
0e:44:de:d8:d3:76:d8:14:6e:b2:52:cd:60:5d:c8:
0b:68:b9:80:92:48:3d:b3:8f:62:be:8e:15:9c:de:
e9:1a:b7:60:da:49:97:81:bf:6f:df:04:7b:00:20:
45:2a:15:c3:34:57:f0:59:3d:66:c1:e2:06:2e:a9:
f1:6c:eb:9c:0b:07:e5:af:8f:53:73:c6:0a:43:3a:
f7:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:5B:E4:D5:BF:12:C7:CB:6D:EA:11:82:83:97:55:4D:55:81:65:75
X509v3 Authority Key Identifier:
keyid:03:BD:90:9A:1A:15:A4:50:3D:FA:D5:94:C3:C6:DE:9B:94:60:4E:66
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D873B/4A16BBDAC60411ECAA94594BC4F9AE02/A72QmhoVpFA9-tWUw8bem5RgTmY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/A72QmhoVpFA9-tWUw8bem5RgTmY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D873B/4A16BBDAC60411ECAA94594BC4F9AE02/A96D5F96C60711ECA38AF363C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.249.220.0/22
103.41.80.0/22
Signature Algorithm: sha256WithRSAEncryption
3c:f4:83:4d:81:76:81:c8:bb:56:bf:e8:e0:d5:ce:2d:46:ac:
87:d0:41:dc:6a:37:1b:ba:a9:aa:ff:60:f2:f7:ba:21:47:66:
c5:ed:be:68:5f:41:11:73:b4:1b:3e:88:02:2e:e4:34:50:64:
dc:5c:75:d1:61:e0:dc:da:f0:d0:1d:58:32:2b:a0:92:d4:2a:
ff:c7:03:82:64:a1:b2:40:6e:26:fd:4e:1e:ed:e2:f5:6b:56:
5f:32:1d:da:15:61:74:dd:9a:17:5c:43:ce:05:01:a5:ab:f8:
8f:43:da:2c:3b:93:be:38:06:80:27:fa:62:f4:eb:8b:25:e5:
92:e0:6f:25:66:b4:e8:be:06:97:61:c3:ee:ba:db:1c:e0:49:
78:79:14:32:98:c2:d6:07:aa:dd:da:54:e7:cc:80:81:32:80:
a5:bc:08:14:a7:d3:1c:5d:2d:c6:7c:29:75:17:5b:9f:d4:6e:
94:ea:cb:7c:29:04:5c:6d:fa:d7:1e:a6:f4:a3:3b:10:6b:19:
e2:ad:73:4f:52:49:d8:65:cb:f3:bf:c7:92:ef:0c:8c:4d:a3:
68:aa:15:a4:c7:19:62:cb:b3:c2:f2:85:72:55:6f:43:35:a6:
d6:2a:d0:3e:be:02:d5:50:df:32:32:a0:5e:76:bb:83:b7:e3:
ab:e9:70:0d
-----BEGIN CERTIFICATE-----
MIIFdjCCBF6gAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE
ODczQjExMC8GA1UEBRMoMDNCRDkwOUExQTE1QTQ1MDNERkFENTk0QzNDNkRFOUI5
NDYwNEU2NjAeFw0yMjA0MjcwODU0MzVaFw0yMzAxMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYyNjkwNGNiLWE3NGEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC+U3SuIr0+oJmQm/Wj3Qz7qEKDyy+m+47eoqXsgXfjX25PyhNywAXhWS58xrSU
EqIqi8b4iHp7NemtRdiFnh3erTFewXYwVfMXNiKoXETBN7pVYWSfgEvssggnuJJv
m6Vjd2Zgm5PiLxjq4t+A1A5PPxLBjvrG6hK5y6Ap94Bb7QJ4STDEr9aM9it4zEGU
DJyTz6ODBVSXhZpHYIHI8Yk6/Fg49pqMVAhkWhEp0Z4l+dv9DQ5E3tjTdtgUbrJS
zWBdyAtouYCSSD2zj2K+jhWc3ukat2DaSZeBv2/fBHsAIEUqFcM0V/BZPWbB4gYu
qfFs65wLB+Wvj1NzxgpDOvfNAgMBAAGjggKbMIIClzAdBgNVHQ4EFgQUhFvk1b8S
x8tt6hGCg5dVTVWBZXUwHwYDVR0jBBgwFoAUA72QmhoVpFA9+tWUw8bem5RgTmYw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUQ4NzNCLzRBMTZCQkRBQzYw
NDExRUNBQTk0NTk0QkM0RjlBRTAyL0E3MlFtaG9WcEZBOS10V1V3OGJlbTVSZ1Rt
WS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvQTcyUW1ob1ZwRkE5LXRXVXc4YmVtNVJnVG1ZLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE
ODczQi80QTE2QkJEQUM2MDQxMUVDQUE5NDU5NEJDNEY5QUUwMi9BOTZENUY5NkM2
MDcxMUVDQTM4QUYzNjNDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAlBggrBgEFBQcBBwEB/wQW
MBQwEgQCAAEwDAMEAiv53AMEAmcpUDANBgkqhkiG9w0BAQsFAAOCAQEAPPSDTYF2
gci7Vr/o4NXOLUash9BB3Go3G7qpqv9g8ve6IUdmxe2+aF9BEXO0Gz6IAi7kNFBk
3Fx10WHg3Nrw0B1YMiugktQq/8cDgmShskBuJv1OHu3i9WtWXzId2hVhdN2aF1xD
zgUBpav4j0PaLDuTvjgGgCf6YvTriyXlkuBvJWa06L4Gl2HD7rrbHOBJeHkUMpjC
1geq3dpU58yAgTKApbwIFKfTHF0txnwpdRdbn9RulOrLfCkEXG361x6m9KM7EGsZ
4q1zT1JJ2GXL87/Hku8MjE2jaKoVpMcZYsuzwvKFclVvQzWm1irQPr4C1VDfMjKg
Xna7g7fjq+lwDQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:10 2023 by rpki-client on console-fra.rpki-client.org