Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E0875/6D91AABC593111EAAA31B40AC4F9AE02/23DE0B44593211EAADD24B0BC4F9AE02.roa
File: 23DE0B44593211EAADD24B0BC4F9AE02.roa (raw, json)
Hash identifier: yklsWpdbNz8kOPnf4QBXoGkpUKg1CogCVms4gO0Ylfg=
Subject key identifier: FA:76:00:A9:F8:76:7C:1E:26:C0:C5:75:30:39:36:6E:1A:29:91:E3
Certificate issuer: /CN=A91E0875/serialNumber=F973492ED646928ED1F10DE84662E5523F55CC8D
Certificate serial: 0913
Authority key identifier: F9:73:49:2E:D6:46:92:8E:D1:F1:0D:E8:46:62:E5:52:3F:55:CC:8D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-XNJLtZGko7R8Q3oRmLlUj9VzI0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E0875/6D91AABC593111EAAA31B40AC4F9AE02/23DE0B44593211EAADD24B0BC4F9AE02.roa
Signing time: Tue 11 Apr 2023 07:17:55 +0000
ROA not before: Tue 11 Apr 2023 07:17:55 +0000
ROA not after: Wed 01 May 2024 00:00:00 +0000
asID: 134069
IP address blocks: 43.231.224.0/22 maxlen: 22
45.115.220.0/22 maxlen: 22
45.115.220.0/24 maxlen: 24
45.115.221.0/24 maxlen: 24
103.51.48.0/22 maxlen: 22
103.51.50.0/24 maxlen: 24
103.51.51.0/24 maxlen: 24
202.6.248.0/22 maxlen: 22
202.6.250.0/24 maxlen: 24
202.6.251.0/24 maxlen: 24
2402:1a80::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2323 (0x913)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E0875/serialNumber=F973492ED646928ED1F10DE84662E5523F55CC8D
Validity
Not Before: Apr 11 07:17:55 2023 GMT
Not After : May 1 00:00:00 2024 GMT
Subject: CN=643509a3-add7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:74:90:ba:97:22:49:67:de:fa:ab:a7:30:6a:
6a:6c:76:64:ab:ca:9b:b8:a8:ef:30:4f:30:12:e9:
59:b5:98:b2:27:b1:96:00:26:a2:08:22:13:af:3f:
c4:ff:a1:b3:dc:ba:c2:4c:47:ba:3f:1f:1f:ca:05:
40:71:7c:f3:7a:68:51:91:e8:1a:eb:2f:0d:6c:f6:
de:79:c7:05:47:79:f4:e0:40:53:47:0d:d6:f0:26:
cc:97:9c:54:53:f3:74:42:8c:7b:0d:25:83:ac:32:
dd:71:1a:5b:3a:85:14:9e:a2:15:81:03:d7:15:a2:
57:15:d0:0b:f5:9f:6a:53:61:d2:51:d7:4b:19:fb:
27:1b:ce:77:8b:89:fa:bf:e2:ba:9f:0f:a0:e3:53:
41:e7:d5:62:e2:0b:eb:14:a0:d8:2b:89:6b:b8:c7:
24:7b:f0:cb:6b:25:c7:d0:de:6c:97:7d:ea:50:81:
f8:6f:cf:ac:d7:dc:1f:57:ab:d8:ef:7b:63:7c:aa:
b5:cf:12:19:b0:ee:a9:47:b2:88:ff:93:21:bc:d7:
ea:0a:db:30:a3:b5:44:d2:f3:f2:17:40:05:55:b9:
c1:70:54:f8:c1:e3:fc:70:b2:a3:2b:d8:7f:ad:5c:
a8:77:40:b1:42:c3:42:2e:93:25:fe:f6:5a:ec:7b:
a7:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:76:00:A9:F8:76:7C:1E:26:C0:C5:75:30:39:36:6E:1A:29:91:E3
X509v3 Authority Key Identifier:
keyid:F9:73:49:2E:D6:46:92:8E:D1:F1:0D:E8:46:62:E5:52:3F:55:CC:8D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E0875/6D91AABC593111EAAA31B40AC4F9AE02/-XNJLtZGko7R8Q3oRmLlUj9VzI0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-XNJLtZGko7R8Q3oRmLlUj9VzI0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E0875/6D91AABC593111EAAA31B40AC4F9AE02/23DE0B44593211EAADD24B0BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.231.224.0/22
45.115.220.0/22
103.51.48.0/22
202.6.248.0/22
IPv6:
2402:1a80::/32
Signature Algorithm: sha256WithRSAEncryption
27:c1:80:f9:3a:dd:9b:fc:65:c3:ca:a3:23:ee:d3:f3:9a:84:
30:2c:92:a0:67:35:34:91:6c:65:f2:e2:14:48:d0:f7:c9:58:
98:b7:9b:98:fd:6e:5e:40:9e:f0:42:05:1a:fd:fb:29:bb:f7:
bf:10:a6:68:b5:3e:0b:be:0f:d2:d9:9c:56:d0:c2:32:59:7e:
59:6c:20:bb:ac:8e:d3:fc:d8:d5:19:96:41:ff:bd:b0:d4:3c:
d7:6c:08:fb:da:1e:1d:c1:4b:3e:a5:3d:9b:4f:61:e3:db:01:
9e:b6:a4:2c:3f:d1:5c:40:cb:7a:ba:94:c3:a9:7d:0b:b3:5b:
38:4b:28:5e:cd:0e:e3:1d:7e:cd:3b:9d:94:ca:cd:29:4d:b5:
62:9a:ef:70:71:d6:c1:3e:7e:12:0c:4f:f3:b9:e8:0b:30:31:
c8:7e:61:f9:4a:67:31:71:04:de:ba:99:52:58:86:1f:37:49:
e2:38:56:25:21:af:56:ba:cd:14:d3:60:43:08:cc:14:71:c1:
68:94:f0:87:8d:3a:1d:6a:5b:d8:ff:fd:ac:2f:82:bd:f2:04:
66:ac:d4:15:fd:2d:0e:ef:e5:19:6a:6b:8d:29:3b:80:65:36:
72:ef:08:52:a0:61:19:6d:1c:15:bc:54:a6:d9:53:ba:e8:56:
c1:08:17:76
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICCRMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTA4NzUxMTAvBgNVBAUTKEY5NzM0OTJFRDY0NjkyOEVEMUYxMERFODQ2NjJFNTUy
M0Y1NUNDOEQwHhcNMjMwNDExMDcxNzU1WhcNMjQwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDM1MDlhMy1hZGQ3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5nSQupciSWfe+qunMGpqbHZkq8qbuKjvME8wEulZtZiyJ7GWACaiCCITrz/E
/6Gz3LrCTEe6Px8fygVAcXzzemhRkega6y8NbPbeeccFR3n04EBTRw3W8CbMl5xU
U/N0Qox7DSWDrDLdcRpbOoUUnqIVgQPXFaJXFdAL9Z9qU2HSUddLGfsnG853i4n6
v+K6nw+g41NB59Vi4gvrFKDYK4lruMcke/DLayXH0N5sl33qUIH4b8+s19wfV6vY
73tjfKq1zxIZsO6pR7KI/5MhvNfqCtswo7VE0vPyF0AFVbnBcFT4weP8cLKjK9h/
rVyod0CxQsNCLpMl/vZa7HunuQIDAQABo4ICtjCCArIwHQYDVR0OBBYEFPp2AKn4
dnweJsDFdTA5Nm4aKZHjMB8GA1UdIwQYMBaAFPlzSS7WRpKO0fEN6EZi5VI/VcyN
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMDg3NS82RDkxQUFCQzU5
MzExMUVBQUEzMUI0MEFDNEY5QUUwMi8tWE5KTHRaR2tvN1I4UTNvUm1MbFVqOVZ6
STAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLy1YTkpMdFpHa283UjhRM29SbUxsVWo5VnpJMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTA4NzUvNkQ5MUFBQkM1OTMxMTFFQUFBMzFCNDBBQzRGOUFFMDIvMjNERTBCNDQ1
OTMyMTFFQUFERDI0QjBCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQAYIKwYBBQUHAQcBAf8E
MTAvMB4EAgABMBgDBAIr5+ADBAItc9wDBAJnMzADBALKBvgwDQQCAAIwBwMFACQC
GoAwDQYJKoZIhvcNAQELBQADggEBACfBgPk63Zv8ZcPKoyPu0/OahDAskqBnNTSR
bGXy4hRI0PfJWJi3m5j9bl5AnvBCBRr9+ym7978Qpmi1Pgu+D9LZnFbQwjJZflls
ILusjtP82NUZlkH/vbDUPNdsCPvaHh3BSz6lPZtPYePbAZ62pCw/0VxAy3q6lMOp
fQuzWzhLKF7NDuMdfs07nZTKzSlNtWKa73Bx1sE+fhIMT/O56AswMch+YflKZzFx
BN66mVJYhh83SeI4ViUhr1a6zRTTYEMIzBRxwWiU8IeNOh1qW9j//awvgr3yBGas
1BX9LQ7v5Rlqa40pO4BlNnLvCFKgYRltHBW8VKbZU7roVsEIF3Y=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:43 2024 by rpki-client on console-fra.rpki-client.org