Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91FA024/D33A4794F18811EA9E80F71EC4F9AE02/2D8BEF9AF40411EABD8F6345C4F9AE02.roa
File: 2D8BEF9AF40411EABD8F6345C4F9AE02.roa (raw, json)
Hash identifier: L1oYApld6tix1mLlAiU1Q4nw+Sx1qNoFiIremk28hHQ=
Subject key identifier: 1A:41:4B:C6:A3:F0:10:98:8F:A4:E5:80:A4:A1:1E:E6:89:5E:74:5C
Certificate issuer: /CN=A91FA024/serialNumber=A0AC427E957B374D0267FA7648DD3FF85702DAB1
Certificate serial: 0437
Authority key identifier: A0:AC:42:7E:95:7B:37:4D:02:67:FA:76:48:DD:3F:F8:57:02:DA:B1
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oKxCfpV7N00CZ_p2SN0_-FcC2rE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91FA024/D33A4794F18811EA9E80F71EC4F9AE02/2D8BEF9AF40411EABD8F6345C4F9AE02.roa
Signing time: Tue 01 Mar 2022 12:10:20 +0000
ROA not before: Tue 01 Mar 2022 12:10:20 +0000
ROA not after: Sun 28 May 2023 00:00:00 +0000
asID: 63962
IP address blocks: 43.231.112.0/22 maxlen: 22
103.50.204.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1079 (0x437)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91FA024/serialNumber=A0AC427E957B374D0267FA7648DD3FF85702DAB1
Validity
Not Before: Mar 1 12:10:20 2022 GMT
Not After : May 28 00:00:00 2023 GMT
Subject: CN=621e0d2b-8423
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:bb:a8:87:9e:5b:c6:0b:dc:d5:ec:5d:85:50:
c8:88:4a:8b:3f:4d:b9:ef:bf:97:0f:f0:90:42:0f:
ce:b6:b5:58:e7:c4:ce:d4:8d:ae:d1:45:45:dc:8a:
d7:16:3f:52:94:ba:8c:5e:ee:75:d3:ae:66:b9:a9:
22:97:10:0d:12:6d:45:6f:30:20:a9:51:f9:fd:84:
0c:3e:92:19:28:cb:94:a5:23:9a:d9:d5:ef:05:75:
f5:c4:3a:cd:1d:7f:db:24:ca:58:81:2f:4f:95:c3:
fc:77:92:0e:f4:fc:46:40:5d:2e:56:c7:a5:26:73:
9d:72:32:27:50:9a:8e:6d:37:fd:49:cb:6a:66:fd:
dd:c2:54:5f:f7:d8:4e:78:7f:ad:e4:ac:21:70:fb:
3b:69:a6:8f:95:48:f9:b2:c6:be:da:15:16:bc:e3:
6d:70:de:ae:0a:ac:35:0b:09:bb:98:03:7f:91:ce:
8c:d3:87:94:c5:e1:81:f6:9d:61:21:2d:74:0a:d1:
eb:e8:eb:d4:40:a7:1c:e7:9a:ca:e8:c2:1c:e3:df:
39:1a:ba:ea:1c:6a:11:ad:36:64:02:5a:82:cd:5e:
f0:ba:03:d7:fc:65:e4:48:5e:55:b1:8c:6b:af:46:
92:74:01:a5:b2:2c:24:7f:ec:1c:76:c3:46:19:8b:
29:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:41:4B:C6:A3:F0:10:98:8F:A4:E5:80:A4:A1:1E:E6:89:5E:74:5C
X509v3 Authority Key Identifier:
keyid:A0:AC:42:7E:95:7B:37:4D:02:67:FA:76:48:DD:3F:F8:57:02:DA:B1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91FA024/D33A4794F18811EA9E80F71EC4F9AE02/oKxCfpV7N00CZ_p2SN0_-FcC2rE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oKxCfpV7N00CZ_p2SN0_-FcC2rE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FA024/D33A4794F18811EA9E80F71EC4F9AE02/2D8BEF9AF40411EABD8F6345C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.231.112.0/22
103.50.204.0/22
Signature Algorithm: sha256WithRSAEncryption
16:82:ed:2c:a2:2b:6f:8e:e2:c1:cf:a9:5c:10:16:9a:ea:50:
e9:7d:73:6b:9c:c1:83:9f:91:ce:08:64:cb:44:20:06:b0:64:
5d:ea:dd:00:f3:19:7f:7a:6e:47:58:ac:dd:a6:a9:08:0b:0f:
3f:d9:1b:ba:9f:29:8b:9b:9e:2b:b9:f6:8a:b7:0c:60:2f:1b:
54:c5:3b:e8:9c:06:b7:84:cc:a5:40:7d:d3:5d:dc:3d:f2:af:
9f:33:a4:d8:50:2b:10:5f:6e:a1:f1:0d:91:c2:4b:ec:6b:e8:
60:27:39:78:47:38:6d:c9:42:f3:b7:2c:b8:c9:e4:90:b6:e9:
dd:f2:87:69:98:77:71:7e:03:11:0e:1e:d6:77:3e:2e:0b:86:
2a:bb:0e:36:ae:fa:38:ea:62:fb:43:ba:3d:20:0c:d9:a5:02:
35:91:7c:6c:6b:b0:8b:a9:03:b1:06:90:d9:ad:d6:b7:95:92:
78:da:43:26:4c:ae:02:e4:54:08:1d:78:1d:08:4d:76:52:1f:
68:2c:4a:29:92:08:1b:64:78:a6:2c:ed:06:23:dc:38:b8:74:
bd:10:dd:c9:30:70:e4:31:ea:5b:85:35:56:c5:c7:37:ed:d2:
5b:5f:0f:42:8f:54:b8:01:ba:b5:e0:25:a0:23:e5:0b:e1:20:
b7:58:5f:20
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICBDcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RkEwMjQxMTAvBgNVBAUTKEEwQUM0MjdFOTU3QjM3NEQwMjY3RkE3NjQ4REQzRkY4
NTcwMkRBQjEwHhcNMjIwMzAxMTIxMDIwWhcNMjMwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02MjFlMGQyYi04NDIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAu7uoh55bxgvc1exdhVDIiEqLP02577+XD/CQQg/OtrVY58TO1I2u0UVF3IrX
Fj9SlLqMXu51065muakilxANEm1FbzAgqVH5/YQMPpIZKMuUpSOa2dXvBXX1xDrN
HX/bJMpYgS9PlcP8d5IO9PxGQF0uVselJnOdcjInUJqObTf9SctqZv3dwlRf99hO
eH+t5KwhcPs7aaaPlUj5ssa+2hUWvONtcN6uCqw1Cwm7mAN/kc6M04eUxeGB9p1h
IS10CtHr6OvUQKcc55rK6MIc4985GrrqHGoRrTZkAlqCzV7wugPX/GXkSF5VsYxr
r0aSdAGlsiwkf+wcdsNGGYspgQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFBpBS8aj
8BCYj6TlgKShHuaJXnRcMB8GA1UdIwQYMBaAFKCsQn6VezdNAmf6dkjdP/hXAtqx
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGQTAyNC9EMzNBNDc5NEYx
ODgxMUVBOUU4MEY3MUVDNEY5QUUwMi9vS3hDZnBWN04wMENaX3AyU04wXy1GY0My
ckUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL29LeENmcFY3TjAwQ1pfcDJTTjBfLUZjQzJyRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RkEwMjQvRDMzQTQ3OTRGMTg4MTFFQTlFODBGNzFFQzRGOUFFMDIvMkQ4QkVGOUFG
NDA0MTFFQUJEOEY2MzQ1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAIr53ADBAJnMswwDQYJKoZIhvcNAQELBQADggEBABaC7Syi
K2+O4sHPqVwQFprqUOl9c2ucwYOfkc4IZMtEIAawZF3q3QDzGX96bkdYrN2mqQgL
Dz/ZG7qfKYubniu59oq3DGAvG1TFO+icBreEzKVAfdNd3D3yr58zpNhQKxBfbqHx
DZHCS+xr6GAnOXhHOG3JQvO3LLjJ5JC26d3yh2mYd3F+AxEOHtZ3Pi4Lhiq7Djau
+jjqYvtDuj0gDNmlAjWRfGxrsIupA7EGkNmt1reVknjaQyZMrgLkVAgdeB0ITXZS
H2gsSimSCBtkeKYs7QYj3Di4dL0Q3ckwcOQx6luFNVbFxzft0ltfD0KPVLgBurXg
JaAj5QvhILdYXyA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:52 2024 by rpki-client on console-fra.rpki-client.org