Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F13B9/1897B2529F9D11E49619532DC4F9AE02/12D958EA568611EDAB9E6D87C4F9AE02.roa
File: 12D958EA568611EDAB9E6D87C4F9AE02.roa (raw, json)
Hash identifier: q1wSpItO1zk4oItfQTzoH8OoILLwgmzcCPJ009Inc/4=
Subject key identifier: 53:81:E3:E9:6D:35:E5:80:FF:FF:36:D5:13:DB:16:D5:DA:98:14:BB
Certificate issuer: /CN=A91F13B9/serialNumber=7EAC0C2CB27A30A138EE475B07FE97E8E933FDCA
Certificate serial: 2635
Authority key identifier: 7E:AC:0C:2C:B2:7A:30:A1:38:EE:47:5B:07:FE:97:E8:E9:33:FD:CA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fqwMLLJ6MKE47kdbB_6X6Okz_co.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F13B9/1897B2529F9D11E49619532DC4F9AE02/12D958EA568611EDAB9E6D87C4F9AE02.roa
Signing time: Tue 20 Dec 2022 16:12:09 +0000
ROA not before: Tue 20 Dec 2022 16:12:09 +0000
ROA not after: Fri 01 Mar 2024 00:00:00 +0000
asID: 18126
IP address blocks: 43.250.124.0/24 maxlen: 24
43.250.125.0/24 maxlen: 24
43.250.126.0/24 maxlen: 24
43.250.127.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9781 (0x2635)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F13B9/serialNumber=7EAC0C2CB27A30A138EE475B07FE97E8E933FDCA
Validity
Not Before: Dec 20 16:12:09 2022 GMT
Not After : Mar 1 00:00:00 2024 GMT
Subject: CN=63a1ded9-f770
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:32:6b:88:b3:a9:c1:8f:ce:f7:bd:d9:86:76:
3f:a3:57:14:6d:e6:5b:51:25:69:c8:aa:3f:1e:a7:
b8:6b:29:c2:f6:60:8c:2d:81:ee:b0:7f:a1:f2:20:
b8:52:5b:8c:1e:b9:e2:36:d1:a3:ad:dd:d1:72:c7:
43:da:ba:76:8d:47:c0:80:77:dc:dd:b9:26:11:6c:
9e:e7:64:0a:e3:79:b6:dc:6c:23:b2:ac:36:df:ac:
b6:86:9a:fb:77:54:a5:b3:4e:3a:ce:26:a8:4f:ed:
c5:5a:4a:fe:67:67:77:5a:31:99:1e:c6:0d:0a:25:
9e:cf:5c:9e:99:9a:cf:ae:ba:d7:6e:a3:84:1e:35:
7b:e7:37:cb:93:3a:78:eb:5a:c5:32:20:4f:39:80:
6e:4e:4e:d7:02:ff:6c:39:c0:a4:7e:cd:66:c9:82:
38:ac:93:21:af:50:cb:1c:ce:49:9d:3f:55:71:4e:
c1:4d:55:81:15:dd:e6:96:26:af:db:45:af:a7:ed:
79:d3:10:4f:81:44:e8:74:b4:dc:7d:ab:e2:4e:bf:
d1:67:7c:6f:28:78:23:5e:d8:34:47:56:d5:0f:c8:
7d:ba:1a:dc:7c:a6:ba:a4:cf:70:a9:6f:37:a3:1e:
cb:72:93:56:f4:64:3b:12:3c:d9:7f:f7:2d:58:51:
83:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:81:E3:E9:6D:35:E5:80:FF:FF:36:D5:13:DB:16:D5:DA:98:14:BB
X509v3 Authority Key Identifier:
keyid:7E:AC:0C:2C:B2:7A:30:A1:38:EE:47:5B:07:FE:97:E8:E9:33:FD:CA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F13B9/1897B2529F9D11E49619532DC4F9AE02/fqwMLLJ6MKE47kdbB_6X6Okz_co.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fqwMLLJ6MKE47kdbB_6X6Okz_co.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F13B9/1897B2529F9D11E49619532DC4F9AE02/12D958EA568611EDAB9E6D87C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.250.124.0/22
Signature Algorithm: sha256WithRSAEncryption
10:96:4a:64:57:e6:40:ed:b3:03:ba:05:e3:8a:47:48:f1:11:
1d:81:6b:b3:eb:c7:b1:ac:16:49:14:51:54:04:4a:06:ae:0f:
ac:ec:b2:c5:4b:a9:32:4c:e6:f9:1f:2e:4f:fb:67:71:6a:fd:
2b:8f:e0:cd:77:85:84:70:24:ae:68:2c:15:00:80:43:be:89:
87:96:bf:5f:59:d2:17:ba:f2:d5:a3:f0:c5:f6:fe:95:05:4e:
5b:c2:11:52:61:a7:42:5f:22:40:3e:79:55:ca:c5:3e:ad:e7:
a1:e2:1c:c8:2e:5e:48:82:26:1a:69:78:69:fc:1c:30:f0:ad:
8b:45:8b:21:00:23:ef:e5:f9:96:2e:9f:26:9a:73:5a:1c:1d:
98:38:e2:e4:80:6a:44:6d:2a:a0:32:27:7b:00:f5:75:aa:f9:
ee:d0:a4:56:97:4b:6b:1a:9a:b1:01:32:a8:16:bd:19:6f:cf:
25:cd:51:db:92:b6:3c:2c:ab:49:f4:37:f0:7a:4a:db:ae:4d:
b4:d7:b5:ee:b7:e4:a9:0e:9b:23:09:4b:d5:d6:cb:9e:08:d9:
b2:1a:ca:00:98:89:6c:50:7e:ee:64:1f:77:7b:79:4b:98:0c:
83:b6:c8:03:94:4d:d3:58:4d:76:2f:13:8e:6e:43:77:f0:3b:
39:20:7e:fe
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICJjUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjEzQjkxMTAvBgNVBAUTKDdFQUMwQzJDQjI3QTMwQTEzOEVFNDc1QjA3RkU5N0U4
RTkzM0ZEQ0EwHhcNMjIxMjIwMTYxMjA5WhcNMjQwMzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2ExZGVkOS1mNzcwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5jJriLOpwY/O973ZhnY/o1cUbeZbUSVpyKo/Hqe4aynC9mCMLYHusH+h8iC4
UluMHrniNtGjrd3RcsdD2rp2jUfAgHfc3bkmEWye52QK43m23Gwjsqw236y2hpr7
d1Sls046ziaoT+3FWkr+Z2d3WjGZHsYNCiWez1yemZrPrrrXbqOEHjV75zfLkzp4
61rFMiBPOYBuTk7XAv9sOcCkfs1myYI4rJMhr1DLHM5JnT9VcU7BTVWBFd3mliav
20Wvp+150xBPgUTodLTcfaviTr/RZ3xvKHgjXtg0R1bVD8h9uhrcfKa6pM9wqW83
ox7LcpNW9GQ7EjzZf/ctWFGDCQIDAQABo4IClTCCApEwHQYDVR0OBBYEFFOB4+lt
NeWA//821RPbFtXamBS7MB8GA1UdIwQYMBaAFH6sDCyyejChOO5HWwf+l+jpM/3K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMTNCOS8xODk3QjI1MjlG
OUQxMUU0OTYxOTUzMkRDNEY5QUUwMi9mcXdNTExKNk1LRTQ3a2RiQl82WDZPa3pf
Y28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2Zxd01MTEo2TUtFNDdrZGJCXzZYNk9rel9jby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjEzQjkvMTg5N0IyNTI5RjlEMTFFNDk2MTk1MzJEQzRGOUFFMDIvMTJEOTU4RUE1
Njg2MTFFREFCOUU2RDg3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAIr+nwwDQYJKoZIhvcNAQELBQADggEBABCWSmRX5kDtswO6
BeOKR0jxER2Ba7Prx7GsFkkUUVQESgauD6zsssVLqTJM5vkfLk/7Z3Fq/SuP4M13
hYRwJK5oLBUAgEO+iYeWv19Z0he68tWj8MX2/pUFTlvCEVJhp0JfIkA+eVXKxT6t
56HiHMguXkiCJhppeGn8HDDwrYtFiyEAI+/l+ZYunyaac1ocHZg44uSAakRtKqAy
J3sA9XWq+e7QpFaXS2samrEBMqgWvRlvzyXNUduStjwsq0n0N/B6StuuTbTXte63
5KkOmyMJS9XWy54I2bIaygCYiWxQfu5kH3d7eUuYDIO2yAOUTdNYTXYvE45uQ3fw
Ozkgfv4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:47 2024 by rpki-client on console-fra.rpki-client.org