Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E8D27/C0C5807042E911E29750A32E2979BB20/8FE85552067211EDB0728D7DC4F9AE02.roa
File: 8FE85552067211EDB0728D7DC4F9AE02.roa (raw, json)
Hash identifier: dcdh+cb4gjtJJb8smgegMDnB9NIi9ivepIy8zJjnBmU=
Subject key identifier: F6:FA:FD:3D:50:BE:32:F3:AE:B1:90:3B:CA:6D:67:73:66:CE:21:0E
Certificate issuer: /CN=A91E8D27/serialNumber=6BE43E6B139643CB4C19E6DF7323B503C49311DB
Certificate serial: 31A5
Authority key identifier: 6B:E4:3E:6B:13:96:43:CB:4C:19:E6:DF:73:23:B5:03:C4:93:11:DB
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/a-Q-axOWQ8tMGebfcyO1A8STEds.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E8D27/C0C5807042E911E29750A32E2979BB20/8FE85552067211EDB0728D7DC4F9AE02.roa
Signing time: Wed 24 Aug 2022 08:50:59 +0000
ROA not before: Wed 24 Aug 2022 08:50:59 +0000
ROA not after: Fri 31 Mar 2023 00:00:00 +0000
asID: 58779
IP address blocks: 43.243.224.0/22 maxlen: 24
43.252.168.0/22 maxlen: 22
2405:ef00::/32 maxlen: 32
2405:ef00::/32 maxlen: 48
2405:ef00:17::/48 maxlen: 48
2405:ef00:17::/64 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 12709 (0x31a5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E8D27/serialNumber=6BE43E6B139643CB4C19E6DF7323B503C49311DB
Validity
Not Before: Aug 24 08:50:59 2022 GMT
Not After : Mar 31 00:00:00 2023 GMT
Subject: CN=6305e673-b4a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:c4:9f:37:48:93:66:ef:09:b0:1b:7f:ab:ef:
ce:3b:d7:0d:25:ab:03:a3:bf:05:f0:5d:c7:0c:ff:
16:0c:71:e7:c5:f6:40:7b:9b:2d:40:74:b7:74:c6:
c5:af:9b:2c:41:69:61:d2:92:a2:b4:69:2f:f1:06:
ea:c6:7f:d0:69:81:8e:2d:c8:b2:5e:8a:1f:e5:e6:
d9:07:33:b9:1e:0b:0c:7c:14:3d:db:49:21:87:95:
c3:84:c1:2b:e3:2a:e1:b9:9f:da:be:83:fc:05:db:
68:05:38:7b:f4:ed:fd:81:f7:d7:e9:19:90:3c:72:
c3:57:b4:3e:89:24:f8:7b:34:13:ae:da:09:06:11:
e5:05:08:2d:54:ea:8a:75:82:8f:df:3c:c2:13:18:
65:82:8b:cb:b7:e4:7c:16:0b:61:ca:f2:92:41:24:
61:40:e4:a2:21:b4:cf:b8:24:bb:45:9c:bf:3e:7d:
c1:ce:36:e8:c2:e8:1f:1d:85:ae:d9:2e:d2:6e:ed:
aa:bc:d4:15:1e:de:d3:9b:ff:71:e6:16:d6:49:be:
11:ff:b1:36:3f:1c:7e:e4:f0:88:4e:d6:fc:df:89:
82:38:fc:e8:4a:5f:77:94:ee:b2:ff:a3:26:8d:c9:
8c:57:dc:79:c2:1c:18:bf:7f:b7:0a:36:06:d8:72:
ec:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:FA:FD:3D:50:BE:32:F3:AE:B1:90:3B:CA:6D:67:73:66:CE:21:0E
X509v3 Authority Key Identifier:
keyid:6B:E4:3E:6B:13:96:43:CB:4C:19:E6:DF:73:23:B5:03:C4:93:11:DB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E8D27/C0C5807042E911E29750A32E2979BB20/a-Q-axOWQ8tMGebfcyO1A8STEds.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/a-Q-axOWQ8tMGebfcyO1A8STEds.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E8D27/C0C5807042E911E29750A32E2979BB20/8FE85552067211EDB0728D7DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.243.224.0/22
43.252.168.0/22
IPv6:
2405:ef00::/32
Signature Algorithm: sha256WithRSAEncryption
41:f1:f1:f0:22:e5:92:a0:42:48:50:c8:c8:56:7f:25:a7:5e:
13:2d:6b:58:51:3d:21:73:79:b9:ab:09:5c:35:9a:75:cc:ef:
83:9e:57:71:7b:42:97:cf:26:de:61:1c:13:f5:51:b4:a7:f0:
c4:61:8e:c1:55:90:71:a5:e3:25:23:c1:26:14:dd:9f:0d:54:
6d:7a:bd:13:6d:0d:97:10:a5:26:cc:51:83:c1:5e:33:2b:99:
d5:18:23:86:e4:ff:f6:80:94:dd:bc:ef:f8:84:b0:55:b6:f5:
6d:3a:84:b1:fb:81:b5:8e:f6:73:bc:41:98:3e:31:75:65:f6:
c4:fd:7c:70:fe:8a:2f:db:9e:d5:7c:34:66:71:6f:ff:93:6c:
af:85:4b:f0:c0:6f:c4:8f:3e:80:19:39:21:4a:ea:0f:7b:f7:
8e:dd:fc:2c:3e:1e:41:63:5c:56:b1:5d:19:2b:fc:c5:ee:cf:
78:c3:2f:12:6f:1a:a3:d7:92:82:95:c1:35:dd:fc:82:26:87:
86:f6:08:17:3d:b1:95:41:96:fc:a2:a3:d7:be:70:ce:5c:20:
47:ed:40:c2:10:70:d5:03:61:76:65:04:40:b0:c6:e7:b6:33:
fa:74:ef:03:17:96:39:e2:84:03:99:67:7b:32:f5:21:b2:2d:
e6:03:56:d9
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICMaUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RThEMjcxMTAvBgNVBAUTKDZCRTQzRTZCMTM5NjQzQ0I0QzE5RTZERjczMjNCNTAz
QzQ5MzExREIwHhcNMjIwODI0MDg1MDU5WhcNMjMwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzA1ZTY3My1iNGE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAw8SfN0iTZu8JsBt/q+/OO9cNJasDo78F8F3HDP8WDHHnxfZAe5stQHS3dMbF
r5ssQWlh0pKitGkv8Qbqxn/QaYGOLciyXoof5ebZBzO5HgsMfBQ920khh5XDhMEr
4yrhuZ/avoP8BdtoBTh79O39gffX6RmQPHLDV7Q+iST4ezQTrtoJBhHlBQgtVOqK
dYKP3zzCExhlgovLt+R8FgthyvKSQSRhQOSiIbTPuCS7RZy/Pn3BzjbowugfHYWu
2S7Sbu2qvNQVHt7Tm/9x5hbWSb4R/7E2Pxx+5PCITtb834mCOPzoSl93lO6y/6Mm
jcmMV9x5whwYv3+3CjYG2HLsqwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFPb6/T1Q
vjLzrrGQO8ptZ3NmziEOMB8GA1UdIwQYMBaAFGvkPmsTlkPLTBnm33MjtQPEkxHb
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFOEQyNy9DMEM1ODA3MDQy
RTkxMUUyOTc1MEEzMkUyOTc5QkIyMC9hLVEtYXhPV1E4dE1HZWJmY3lPMUE4U1RF
ZHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2EtUS1heE9XUTh0TUdlYmZjeU8xQThTVEVkcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RThEMjcvQzBDNTgwNzA0MkU5MTFFMjk3NTBBMzJFMjk3OUJCMjAvOEZFODU1NTIw
NjcyMTFFREIwNzI4RDdEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAIr8+ADBAIr/KgwDQQCAAIwBwMFACQF7wAwDQYJKoZIhvcN
AQELBQADggEBAEHx8fAi5ZKgQkhQyMhWfyWnXhMta1hRPSFzebmrCVw1mnXM74Oe
V3F7QpfPJt5hHBP1UbSn8MRhjsFVkHGl4yUjwSYU3Z8NVG16vRNtDZcQpSbMUYPB
XjMrmdUYI4bk//aAlN287/iEsFW29W06hLH7gbWO9nO8QZg+MXVl9sT9fHD+ii/b
ntV8NGZxb/+TbK+FS/DAb8SPPoAZOSFK6g97947d/Cw+HkFjXFaxXRkr/MXuz3jD
LxJvGqPXkoKVwTXd/IImh4b2CBc9sZVBlvyio9e+cM5cIEftQMIQcNUDYXZlBECw
xue2M/p07wMXljnihAOZZ3sy9SGyLeYDVtk=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:13 2023 by rpki-client on console-fra.rpki-client.org