Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F13B9/1897B2529F9D11E49619532DC4F9AE02/BC87F9784F7E11EDACECBE79C4F9AE02.roa
File: BC87F9784F7E11EDACECBE79C4F9AE02.roa (raw, json)
Hash identifier: /ZhNqueaPuKfYRz4ese9c91H/znwj2nE7QAN+w3DYtA=
Subject key identifier: 48:ED:34:29:19:11:E9:3A:69:37:E9:06:26:EE:4C:8F:D9:F6:5D:62
Certificate issuer: /CN=A91F13B9/serialNumber=7EAC0C2CB27A30A138EE475B07FE97E8E933FDCA
Certificate serial: 2608
Authority key identifier: 7E:AC:0C:2C:B2:7A:30:A1:38:EE:47:5B:07:FE:97:E8:E9:33:FD:CA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fqwMLLJ6MKE47kdbB_6X6Okz_co.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F13B9/1897B2529F9D11E49619532DC4F9AE02/BC87F9784F7E11EDACECBE79C4F9AE02.roa
Signing time: Wed 19 Oct 2022 07:22:07 +0000
ROA not before: Wed 19 Oct 2022 07:22:07 +0000
ROA not after: Thu 02 Mar 2023 00:00:00 +0000
asID: 141681
IP address blocks: 43.250.125.0/24 maxlen: 24
43.250.126.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9736 (0x2608)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F13B9/serialNumber=7EAC0C2CB27A30A138EE475B07FE97E8E933FDCA
Validity
Not Before: Oct 19 07:22:07 2022 GMT
Not After : Mar 2 00:00:00 2023 GMT
Subject: CN=634fa59e-dfa9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:56:6e:4d:e2:2e:a7:e7:f7:67:96:2a:b5:0c:
eb:1f:fc:d5:f6:dc:6e:2a:93:4f:7c:7a:c1:be:46:
e6:ea:d8:76:df:0e:98:ca:71:68:50:02:f6:7d:fd:
9b:13:27:8c:c7:4e:56:92:0d:f8:8f:f9:e6:c8:10:
60:72:93:3a:74:fc:19:67:b2:b5:c0:f7:b4:9b:7a:
1c:46:2d:a6:7e:94:d1:c4:9a:d2:0e:2b:d9:e6:7d:
6a:28:5c:cb:ad:1b:d7:b8:00:62:4f:dd:b4:ea:d8:
08:db:03:8c:3c:75:92:9a:ca:17:97:12:cd:d5:2d:
10:65:34:d2:b4:cf:05:9f:7b:3a:f3:d2:33:a5:8d:
5e:d4:10:80:c1:12:cd:26:0c:be:46:76:8c:c4:77:
7a:00:9c:f0:f1:86:8e:1f:ce:4d:25:c8:bd:b0:9d:
a4:59:d4:79:38:19:02:d6:1d:97:87:e6:ae:84:34:
59:e5:30:fc:a2:fb:92:b6:20:d5:c1:db:b3:f5:5d:
90:08:c1:1e:63:ab:2a:f0:3a:b8:3d:e8:7a:dc:0a:
24:26:0f:b2:05:b0:4c:a2:b6:2b:87:29:ad:9f:5a:
d0:51:ef:ae:ca:99:78:2c:e3:e6:56:a0:90:b2:96:
ed:c0:14:10:f3:30:42:5d:91:41:3a:e6:da:ce:95:
f7:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:ED:34:29:19:11:E9:3A:69:37:E9:06:26:EE:4C:8F:D9:F6:5D:62
X509v3 Authority Key Identifier:
keyid:7E:AC:0C:2C:B2:7A:30:A1:38:EE:47:5B:07:FE:97:E8:E9:33:FD:CA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F13B9/1897B2529F9D11E49619532DC4F9AE02/fqwMLLJ6MKE47kdbB_6X6Okz_co.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fqwMLLJ6MKE47kdbB_6X6Okz_co.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F13B9/1897B2529F9D11E49619532DC4F9AE02/BC87F9784F7E11EDACECBE79C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.250.125.0-43.250.126.255
Signature Algorithm: sha256WithRSAEncryption
b6:bc:c7:97:5a:3c:b2:26:38:95:90:4b:b6:fc:a5:00:93:02:
87:cc:ac:68:9c:70:9d:bb:ac:f9:55:c9:12:2e:b4:3c:30:f0:
90:80:1d:4e:54:59:00:4f:35:f8:57:d2:d9:1a:d4:24:ef:f3:
cc:11:bd:33:3c:c9:14:4a:4b:81:a5:3e:8a:55:67:d1:c3:48:
ee:c5:e4:2e:a2:2e:07:f3:84:7f:56:1f:4a:27:84:3e:95:36:
84:f8:2b:43:6e:3d:af:30:c9:6b:81:4a:56:27:c8:1c:87:b2:
fc:41:7f:22:a2:08:03:f5:b8:f9:b1:40:c8:5b:36:c3:c5:43:
c9:58:9c:80:b1:79:3e:8c:59:2f:5a:dd:45:26:77:c3:e1:a5:
9b:e6:fb:3a:02:3d:0e:63:d4:01:a5:d4:a4:ab:d1:51:94:b6:
cb:d3:1d:7c:1c:59:2a:ee:6b:90:33:55:66:d0:38:97:ea:cc:
34:50:ef:4d:34:e2:30:5a:eb:7d:12:eb:df:fa:9d:18:c8:cb:
db:76:8c:b0:3b:ea:68:a2:49:2f:33:a2:2e:ab:9f:c0:35:42:
a1:05:0c:f4:15:f6:c9:f4:34:98:86:41:58:16:2b:d6:e6:47:
a4:68:05:86:b1:e5:85:27:6d:b8:df:49:c7:43:61:09:8f:4f:
5e:23:11:e3
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgICJggwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjEzQjkxMTAvBgNVBAUTKDdFQUMwQzJDQjI3QTMwQTEzOEVFNDc1QjA3RkU5N0U4
RTkzM0ZEQ0EwHhcNMjIxMDE5MDcyMjA3WhcNMjMwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzRmYTU5ZS1kZmE5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxFZuTeIup+f3Z5YqtQzrH/zV9txuKpNPfHrBvkbm6th23w6YynFoUAL2ff2b
EyeMx05Wkg34j/nmyBBgcpM6dPwZZ7K1wPe0m3ocRi2mfpTRxJrSDivZ5n1qKFzL
rRvXuABiT9206tgI2wOMPHWSmsoXlxLN1S0QZTTStM8Fn3s689IzpY1e1BCAwRLN
Jgy+RnaMxHd6AJzw8YaOH85NJci9sJ2kWdR5OBkC1h2Xh+auhDRZ5TD8ovuStiDV
wduz9V2QCMEeY6sq8Dq4Peh63AokJg+yBbBMorYrhymtn1rQUe+uypl4LOPmVqCQ
spbtwBQQ8zBCXZFBOubazpX3NwIDAQABo4ICnTCCApkwHQYDVR0OBBYEFEjtNCkZ
Eek6aTfpBibuTI/Z9l1iMB8GA1UdIwQYMBaAFH6sDCyyejChOO5HWwf+l+jpM/3K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMTNCOS8xODk3QjI1MjlG
OUQxMUU0OTYxOTUzMkRDNEY5QUUwMi9mcXdNTExKNk1LRTQ3a2RiQl82WDZPa3pf
Y28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2Zxd01MTEo2TUtFNDdrZGJCXzZYNk9rel9jby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjEzQjkvMTg5N0IyNTI5RjlEMTFFNDk2MTk1MzJEQzRGOUFFMDIvQkM4N0Y5Nzg0
RjdFMTFFREFDRUNCRTc5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJwYIKwYBBQUHAQcBAf8E
GDAWMBQEAgABMA4wDAMEACv6fQMEACv6fjANBgkqhkiG9w0BAQsFAAOCAQEAtrzH
l1o8siY4lZBLtvylAJMCh8ysaJxwnbus+VXJEi60PDDwkIAdTlRZAE81+FfS2RrU
JO/zzBG9MzzJFEpLgaU+ilVn0cNI7sXkLqIuB/OEf1YfSieEPpU2hPgrQ249rzDJ
a4FKVifIHIey/EF/IqIIA/W4+bFAyFs2w8VDyVicgLF5PoxZL1rdRSZ3w+Glm+b7
OgI9DmPUAaXUpKvRUZS2y9MdfBxZKu5rkDNVZtA4l+rMNFDvTTTiMFrrfRLr3/qd
GMjL23aMsDvqaKJJLzOiLqufwDVCoQUM9BX2yfQ0mIZBWBYr1uZHpGgFhrHlhSdt
uN9Jx0NhCY9PXiMR4w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:47 2024 by rpki-client on console-fra.rpki-client.org