Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F13B9/1897B2529F9D11E49619532DC4F9AE02/FA613DFADB9511E99F3F673EC4F9AE02.roa
File: FA613DFADB9511E99F3F673EC4F9AE02.roa (raw, json)
Hash identifier: yD5pFu3G5O8xXFt/M13MgzwcBcu+8npM4aS7cchSp3Y=
Subject key identifier: 8D:5F:95:F8:87:8E:4E:E0:08:DA:B7:6E:28:4F:E7:14:9F:1C:AE:3F
Certificate issuer: /CN=A91F13B9/serialNumber=7EAC0C2CB27A30A138EE475B07FE97E8E933FDCA
Certificate serial: 23B8
Authority key identifier: 7E:AC:0C:2C:B2:7A:30:A1:38:EE:47:5B:07:FE:97:E8:E9:33:FD:CA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fqwMLLJ6MKE47kdbB_6X6Okz_co.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F13B9/1897B2529F9D11E49619532DC4F9AE02/FA613DFADB9511E99F3F673EC4F9AE02.roa
Signing time: Thu 16 Dec 2021 04:32:08 +0000
ROA not before: Thu 16 Dec 2021 04:32:08 +0000
ROA not after: Thu 02 Mar 2023 00:00:00 +0000
asID: 18126
IP address blocks: 43.250.124.0/24 maxlen: 24
103.254.121.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9144 (0x23b8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F13B9/serialNumber=7EAC0C2CB27A30A138EE475B07FE97E8E933FDCA
Validity
Not Before: Dec 16 04:32:08 2021 GMT
Not After : Mar 2 00:00:00 2023 GMT
Subject: CN=61bac148-f44f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:2a:e1:4c:44:47:5f:a7:39:2b:07:d9:31:34:
1a:50:9e:e1:ef:bb:3d:5f:52:ae:df:85:e8:33:77:
2f:31:06:54:43:ca:a0:56:b8:d3:81:47:8e:7a:53:
54:95:ca:a3:a8:83:e1:9b:20:15:44:f9:c7:72:40:
a9:bc:70:15:6e:56:64:c6:01:73:03:e2:54:a2:ea:
5b:00:be:73:6b:12:ee:46:4b:ef:39:6b:a8:a3:4b:
ae:6a:d5:88:02:cc:8c:b2:91:e6:93:c1:61:1e:b5:
a3:4a:1b:89:be:ce:7e:8b:0d:99:b4:1f:ba:4c:f0:
70:57:41:e0:47:a3:f0:7d:e3:5d:03:c6:c9:27:e6:
9d:bb:c5:92:1a:be:d5:67:42:63:5b:d0:bb:bb:e9:
b3:0f:52:1f:c3:84:57:91:15:0b:10:80:9f:e1:08:
81:61:4a:ae:06:58:d7:5f:67:4a:72:ef:55:dd:6e:
6d:60:37:3d:7a:b8:71:e8:d0:08:e3:38:ee:ad:a3:
97:7e:53:9e:e3:4d:f5:0c:6a:0d:8d:7f:ea:9e:7a:
22:3a:e9:7b:86:a0:f2:7b:a4:18:78:79:8c:bf:12:
a8:b9:f4:c1:1a:86:bb:21:78:90:8c:64:0d:11:4c:
f3:cb:f3:b3:c9:75:31:c5:c7:b8:68:b4:8f:08:29:
e9:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:5F:95:F8:87:8E:4E:E0:08:DA:B7:6E:28:4F:E7:14:9F:1C:AE:3F
X509v3 Authority Key Identifier:
keyid:7E:AC:0C:2C:B2:7A:30:A1:38:EE:47:5B:07:FE:97:E8:E9:33:FD:CA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F13B9/1897B2529F9D11E49619532DC4F9AE02/fqwMLLJ6MKE47kdbB_6X6Okz_co.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fqwMLLJ6MKE47kdbB_6X6Okz_co.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F13B9/1897B2529F9D11E49619532DC4F9AE02/FA613DFADB9511E99F3F673EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.250.124.0/24
103.254.121.0/24
Signature Algorithm: sha256WithRSAEncryption
15:c9:f0:32:3e:1a:4e:de:68:b2:96:38:9c:7a:1f:b6:ca:68:
e9:6e:fb:6d:48:c2:39:cc:07:fc:0c:0b:23:b3:47:37:cd:26:
c0:88:48:ea:c6:29:17:bc:f3:a3:9c:9d:80:fd:88:e9:8c:20:
f5:4d:e3:1a:76:9d:b2:10:fb:a3:83:15:bd:36:78:71:48:cb:
62:9b:66:57:f7:56:ed:c9:89:c0:54:24:21:b4:0d:a9:c8:a9:
dc:c3:e6:58:69:0f:98:94:ad:a7:fe:01:46:1d:4a:22:8b:8d:
e6:54:89:ac:6a:ed:c1:b8:4a:20:bc:e4:d7:75:96:2c:67:ef:
24:48:df:96:46:d0:1f:28:89:a6:03:4d:cc:ce:53:3b:d2:b8:
58:0f:e9:61:50:22:91:61:80:33:52:c2:ae:83:0f:5a:31:7e:
82:96:11:dc:36:b1:3a:9b:98:0a:d4:dd:88:32:08:46:5e:65:
01:b1:eb:1b:09:de:a6:f7:d0:b8:89:6b:3f:fb:73:46:26:fb:
b5:5d:06:d1:27:54:a3:71:19:af:cb:02:70:68:da:aa:a5:34:
68:cf:57:ea:68:9a:47:8b:e3:f7:d3:82:2e:17:e0:ef:8c:bd:
3f:d0:fb:a2:16:a6:b5:e6:5c:ae:71:48:26:f3:78:75:1d:7a:
81:0c:f0:b0
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICI7gwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjEzQjkxMTAvBgNVBAUTKDdFQUMwQzJDQjI3QTMwQTEzOEVFNDc1QjA3RkU5N0U4
RTkzM0ZEQ0EwHhcNMjExMjE2MDQzMjA4WhcNMjMwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02MWJhYzE0OC1mNDRmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuSrhTERHX6c5KwfZMTQaUJ7h77s9X1Ku34XoM3cvMQZUQ8qgVrjTgUeOelNU
lcqjqIPhmyAVRPnHckCpvHAVblZkxgFzA+JUoupbAL5zaxLuRkvvOWuoo0uuatWI
AsyMspHmk8FhHrWjShuJvs5+iw2ZtB+6TPBwV0HgR6PwfeNdA8bJJ+adu8WSGr7V
Z0JjW9C7u+mzD1Ifw4RXkRULEICf4QiBYUquBljXX2dKcu9V3W5tYDc9erhx6NAI
4zjuraOXflOe4031DGoNjX/qnnoiOul7hqDye6QYeHmMvxKoufTBGoa7IXiQjGQN
EUzzy/OzyXUxxce4aLSPCCnpKQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFI1flfiH
jk7gCNq3bihP5xSfHK4/MB8GA1UdIwQYMBaAFH6sDCyyejChOO5HWwf+l+jpM/3K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMTNCOS8xODk3QjI1MjlG
OUQxMUU0OTYxOTUzMkRDNEY5QUUwMi9mcXdNTExKNk1LRTQ3a2RiQl82WDZPa3pf
Y28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2Zxd01MTEo2TUtFNDdrZGJCXzZYNk9rel9jby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjEzQjkvMTg5N0IyNTI5RjlEMTFFNDk2MTk1MzJEQzRGOUFFMDIvRkE2MTNERkFE
Qjk1MTFFOTlGM0Y2NzNFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAAr+nwDBABn/nkwDQYJKoZIhvcNAQELBQADggEBABXJ8DI+
Gk7eaLKWOJx6H7bKaOlu+21IwjnMB/wMCyOzRzfNJsCISOrGKRe886OcnYD9iOmM
IPVN4xp2nbIQ+6ODFb02eHFIy2KbZlf3Vu3JicBUJCG0DanIqdzD5lhpD5iUraf+
AUYdSiKLjeZUiaxq7cG4SiC85Nd1lixn7yRI35ZG0B8oiaYDTczOUzvSuFgP6WFQ
IpFhgDNSwq6DD1oxfoKWEdw2sTqbmArU3YgyCEZeZQGx6xsJ3qb30LiJaz/7c0Ym
+7VdBtEnVKNxGa/LAnBo2qqlNGjPV+pomkeL4/fTgi4X4O+MvT/Q+6IWprXmXK5x
SCbzeHUdeoEM8LA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:06:37 2024 by rpki-client on console-ams.rpki-client.org