Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F13B9/1897B2529F9D11E49619532DC4F9AE02/26E6F444DB9311E988E56C33C4F9AE02.roa
File: 26E6F444DB9311E988E56C33C4F9AE02.roa (raw, json)
Hash identifier: gn9WXI0ZQkpxI2rIHKt3XqTLtH4xikvqI+4pI0c067k=
Subject key identifier: CC:10:12:CA:72:8C:12:48:0E:72:74:C0:6E:CE:6A:7A:EB:71:C1:28
Certificate issuer: /CN=A91F13B9/serialNumber=7EAC0C2CB27A30A138EE475B07FE97E8E933FDCA
Certificate serial: 23B6
Authority key identifier: 7E:AC:0C:2C:B2:7A:30:A1:38:EE:47:5B:07:FE:97:E8:E9:33:FD:CA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fqwMLLJ6MKE47kdbB_6X6Okz_co.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F13B9/1897B2529F9D11E49619532DC4F9AE02/26E6F444DB9311E988E56C33C4F9AE02.roa
Signing time: Thu 16 Dec 2021 04:32:06 +0000
ROA not before: Thu 16 Dec 2021 04:32:06 +0000
ROA not after: Thu 02 Mar 2023 00:00:00 +0000
asID: 133177
IP address blocks: 43.250.125.0/24 maxlen: 24
43.250.126.0/23 maxlen: 24
103.254.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9142 (0x23b6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F13B9/serialNumber=7EAC0C2CB27A30A138EE475B07FE97E8E933FDCA
Validity
Not Before: Dec 16 04:32:06 2021 GMT
Not After : Mar 2 00:00:00 2023 GMT
Subject: CN=61bac146-f162
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:53:d9:5e:a1:df:72:7a:96:7f:e4:47:cb:0b:
0c:86:37:f0:c1:ef:1b:33:e9:f8:26:94:04:da:b6:
2d:0a:56:88:97:c1:f9:f4:cb:1c:1d:83:2f:a6:70:
37:d8:2e:e4:b9:53:2b:fb:00:d2:dd:bc:9c:4c:bf:
87:c6:9d:e2:fa:76:32:54:9d:90:22:29:9a:f0:3b:
ad:5d:c4:12:35:81:03:cb:0e:cc:48:10:4b:c1:65:
72:c2:76:dd:75:a6:9f:45:d4:d0:a9:81:08:46:57:
89:58:cc:cf:e9:21:2e:fd:3c:92:ec:e0:33:1c:5a:
ed:f2:e8:90:e7:26:ee:71:41:2f:0c:c4:ee:35:3f:
a9:5c:37:d1:bf:1a:07:13:03:ac:6c:58:d2:f5:35:
38:35:80:69:23:40:6f:94:a0:90:be:c9:e7:ae:a8:
f4:09:20:e4:18:6d:ce:ff:1c:9b:d4:02:ec:ec:b4:
93:bd:7a:4e:94:56:b8:9e:2a:1d:66:30:c6:47:ce:
8c:38:6a:8a:49:c4:9b:1c:d1:07:24:51:9a:70:6c:
c6:c7:7c:23:c5:7c:d5:03:df:a5:82:a4:98:0e:b4:
65:40:13:5b:24:ab:8f:38:43:c2:79:e6:a5:f6:d2:
c8:1b:87:5a:ef:26:57:40:e4:c5:ae:e5:0a:ab:94:
86:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:10:12:CA:72:8C:12:48:0E:72:74:C0:6E:CE:6A:7A:EB:71:C1:28
X509v3 Authority Key Identifier:
keyid:7E:AC:0C:2C:B2:7A:30:A1:38:EE:47:5B:07:FE:97:E8:E9:33:FD:CA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F13B9/1897B2529F9D11E49619532DC4F9AE02/fqwMLLJ6MKE47kdbB_6X6Okz_co.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fqwMLLJ6MKE47kdbB_6X6Okz_co.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F13B9/1897B2529F9D11E49619532DC4F9AE02/26E6F444DB9311E988E56C33C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.250.125.0-43.250.127.255
103.254.120.0/24
Signature Algorithm: sha256WithRSAEncryption
42:1d:90:a2:09:b4:26:88:19:f1:14:a5:6e:7f:8a:3a:10:1a:
02:f9:b8:89:53:42:67:76:50:71:42:e8:5d:be:5a:92:ed:a8:
d3:61:3e:81:f2:d7:bb:cb:42:bd:b2:60:17:23:04:90:05:4e:
81:65:01:f2:0d:44:12:41:0b:1b:f8:5f:3a:59:8f:dc:fb:13:
ae:07:dd:2b:ab:b7:4d:3f:eb:34:bb:7e:91:b2:67:d2:26:06:
12:a8:bf:30:ad:de:c6:a6:96:6d:ac:39:7c:c7:b1:f9:56:55:
3f:df:63:ca:dc:64:2b:b4:bb:49:da:78:ce:58:ee:86:dd:ff:
e5:87:2b:f2:75:60:f2:04:9b:a0:0a:42:3a:26:cc:21:aa:a3:
53:e0:85:15:b5:14:41:5f:de:07:58:d4:7d:89:ad:8d:0d:5d:
70:e6:39:34:60:54:c7:f2:62:b7:9f:87:17:5b:7e:95:38:22:
12:07:80:63:19:6c:a0:af:21:1f:11:44:10:9d:cb:8b:a4:a5:
89:9c:6e:10:65:f3:ae:e6:ab:a1:83:48:a6:77:36:98:22:dd:
b1:44:a0:03:d7:10:53:c6:2f:58:bd:51:47:8e:0c:b2:46:4c:
fb:d2:57:89:86:f2:fa:ea:2d:aa:3f:09:af:0d:fd:bd:46:d2:
17:d5:cd:17
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgICI7YwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjEzQjkxMTAvBgNVBAUTKDdFQUMwQzJDQjI3QTMwQTEzOEVFNDc1QjA3RkU5N0U4
RTkzM0ZEQ0EwHhcNMjExMjE2MDQzMjA2WhcNMjMwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02MWJhYzE0Ni1mMTYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqlPZXqHfcnqWf+RHywsMhjfwwe8bM+n4JpQE2rYtClaIl8H59MscHYMvpnA3
2C7kuVMr+wDS3bycTL+Hxp3i+nYyVJ2QIima8DutXcQSNYEDyw7MSBBLwWVywnbd
daafRdTQqYEIRleJWMzP6SEu/TyS7OAzHFrt8uiQ5ybucUEvDMTuNT+pXDfRvxoH
EwOsbFjS9TU4NYBpI0BvlKCQvsnnrqj0CSDkGG3O/xyb1ALs7LSTvXpOlFa4niod
ZjDGR86MOGqKScSbHNEHJFGacGzGx3wjxXzVA9+lgqSYDrRlQBNbJKuPOEPCeeal
9tLIG4da7yZXQOTFruUKq5SGvQIDAQABo4ICozCCAp8wHQYDVR0OBBYEFMwQEspy
jBJIDnJ0wG7OanrrccEoMB8GA1UdIwQYMBaAFH6sDCyyejChOO5HWwf+l+jpM/3K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMTNCOS8xODk3QjI1MjlG
OUQxMUU0OTYxOTUzMkRDNEY5QUUwMi9mcXdNTExKNk1LRTQ3a2RiQl82WDZPa3pf
Y28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2Zxd01MTEo2TUtFNDdrZGJCXzZYNk9rel9jby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjEzQjkvMTg5N0IyNTI5RjlEMTFFNDk2MTk1MzJEQzRGOUFFMDIvMjZFNkY0NDRE
QjkzMTFFOTg4RTU2QzMzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLQYIKwYBBQUHAQcBAf8E
HjAcMBoEAgABMBQwDAMEACv6fQMEByv6AAMEAGf+eDANBgkqhkiG9w0BAQsFAAOC
AQEAQh2Qogm0JogZ8RSlbn+KOhAaAvm4iVNCZ3ZQcULoXb5aku2o02E+gfLXu8tC
vbJgFyMEkAVOgWUB8g1EEkELG/hfOlmP3PsTrgfdK6u3TT/rNLt+kbJn0iYGEqi/
MK3exqaWbaw5fMex+VZVP99jytxkK7S7Sdp4zljuht3/5Ycr8nVg8gSboApCOibM
IaqjU+CFFbUUQV/eB1jUfYmtjQ1dcOY5NGBUx/Jit5+HF1t+lTgiEgeAYxlsoK8h
HxFEEJ3Li6SliZxuEGXzruaroYNIpnc2mCLdsUSgA9cQU8YvWL1RR44MskZM+9JX
iYby+uotqj8Jrw39vUbSF9XNFw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:47 2024 by rpki-client on console-fra.rpki-client.org