Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/58A54E04351C11EEA6C9E532C4F9AE02.roa
File: 58A54E04351C11EEA6C9E532C4F9AE02.roa (raw, json)
Hash identifier: Gk8Wy7uaQvVpITa0GAcS0f71qLS9syGAZUbq68obX2Q=
Subject key identifier: D2:57:D9:B8:54:A7:0C:57:7A:24:57:E8:C6:95:36:70:AF:80:B9:7D
Certificate issuer: /CN=A9139322/serialNumber=EDC547BD0E6C0C0706A185833835F65EA3C71013
Certificate serial: 04B3
Authority key identifier: ED:C5:47:BD:0E:6C:0C:07:06:A1:85:83:38:35:F6:5E:A3:C7:10:13
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7cVHvQ5sDAcGoYWDODX2XqPHEBM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/58A54E04351C11EEA6C9E532C4F9AE02.roa
Signing time: Tue 05 Sep 2023 00:51:30 +0000
ROA not before: Tue 05 Sep 2023 00:51:30 +0000
ROA not after: Sun 01 Dec 2024 00:00:00 +0000
asID: 14618
IP address blocks: 43.247.135.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1203 (0x4b3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9139322, serialNumber=EDC547BD0E6C0C0706A185833835F65EA3C71013
Validity
Not Before: Sep 5 00:51:30 2023 GMT
Not After : Dec 1 00:00:00 2024 GMT
Subject: CN=64f67b92-029f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:ba:1d:5f:36:36:c2:24:93:7c:82:59:ad:37:
2c:9f:5e:6d:e3:3e:5b:d9:f0:99:41:d5:a5:2e:7e:
c4:9e:5b:08:0b:ec:e1:a4:3b:67:8a:4e:75:25:7a:
d0:60:fc:12:c5:9f:57:03:40:2c:86:b4:10:4c:17:
1d:0c:4b:ea:ba:87:10:6d:2a:77:56:72:bf:f2:60:
44:0e:24:2e:70:7f:46:9c:2c:78:27:03:8d:ff:81:
be:db:74:92:e4:40:d5:0d:92:1e:df:32:51:ed:f9:
81:7b:a3:59:17:fa:15:38:04:16:28:03:a2:2a:bd:
1b:af:1a:97:41:76:ae:d3:4b:0b:3b:cb:df:97:34:
93:20:40:13:32:e5:5a:ca:5f:3a:a1:8f:84:08:15:
d3:02:0a:6e:bd:15:ed:5a:84:43:fc:03:e5:ce:fa:
c4:42:4e:87:c4:53:2f:a4:0b:e2:5e:ee:89:c3:79:
80:9c:ee:e5:51:5d:95:f1:19:7a:f7:c3:0d:9d:bf:
d6:a7:fc:11:5c:17:7c:3e:fb:38:09:2b:e2:2d:18:
5d:51:3a:91:c8:db:a4:75:2b:58:c9:2e:ce:bf:ed:
84:dc:d6:a5:a1:f8:07:e0:73:ea:90:0a:3f:36:6f:
6b:96:79:01:05:4c:66:44:30:9a:cc:f4:98:20:e2:
29:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:57:D9:B8:54:A7:0C:57:7A:24:57:E8:C6:95:36:70:AF:80:B9:7D
X509v3 Authority Key Identifier:
keyid:ED:C5:47:BD:0E:6C:0C:07:06:A1:85:83:38:35:F6:5E:A3:C7:10:13
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/7cVHvQ5sDAcGoYWDODX2XqPHEBM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7cVHvQ5sDAcGoYWDODX2XqPHEBM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9139322/2CB1EEBAF65311EBA1B4A61AC4F9AE02/58A54E04351C11EEA6C9E532C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.247.135.0/24
Signature Algorithm: sha256WithRSAEncryption
71:dc:a6:47:e0:3b:71:1b:3c:25:ec:56:6c:67:68:ce:e2:17:
c3:48:dc:8c:35:dc:26:6e:97:c3:f3:2e:c6:ca:95:70:e2:d9:
0a:1e:be:b7:f1:2d:b3:fd:54:71:87:c1:12:31:ad:eb:8b:aa:
09:81:7d:21:9e:74:2c:79:7f:09:d4:88:5c:1c:91:cb:76:39:
29:85:71:92:d9:de:23:11:c8:99:e3:ff:19:6b:2c:01:18:09:
a0:a5:02:ba:e4:a7:fc:4c:92:86:7c:19:53:f9:c7:2f:0e:ca:
b3:2a:43:25:73:fe:e8:e9:3c:a8:28:7c:27:ce:1d:ad:a5:54:
74:ef:0e:de:9b:0f:1d:6d:92:e6:9b:8f:8d:9e:fe:a4:70:fa:
f5:30:c4:79:44:75:ba:33:07:d5:04:56:2b:8c:73:93:5b:dc:
6e:2d:ab:6e:a1:ae:35:06:ac:56:91:c0:23:53:15:3d:f3:ec:
dc:46:0f:0f:19:7c:6b:25:a8:44:49:8e:ae:b8:5f:2d:14:62:
a0:4e:06:53:3e:03:1c:00:64:32:95:b2:b5:c3:a6:19:2b:55:
3e:f4:3c:04:a6:3c:a1:9e:66:6e:b5:0b:a2:54:c4:aa:cc:91:
d0:c2:5f:87:d8:50:de:be:b7:88:aa:38:3d:a3:fe:82:33:ed:
16:29:2b:2e
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBLMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzkzMjIxMTAvBgNVBAUTKEVEQzU0N0JEMEU2QzBDMDcwNkExODU4MzM4MzVGNjVF
QTNDNzEwMTMwHhcNMjMwOTA1MDA1MTMwWhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGY2N2I5Mi0wMjlmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArLodXzY2wiSTfIJZrTcsn15t4z5b2fCZQdWlLn7EnlsIC+zhpDtnik51JXrQ
YPwSxZ9XA0AshrQQTBcdDEvquocQbSp3VnK/8mBEDiQucH9GnCx4JwON/4G+23SS
5EDVDZIe3zJR7fmBe6NZF/oVOAQWKAOiKr0brxqXQXau00sLO8vflzSTIEATMuVa
yl86oY+ECBXTAgpuvRXtWoRD/APlzvrEQk6HxFMvpAviXu6Jw3mAnO7lUV2V8Rl6
98MNnb/Wp/wRXBd8Pvs4CSviLRhdUTqRyNukdStYyS7Ov+2E3NalofgH4HPqkAo/
Nm9rlnkBBUxmRDCazPSYIOIp4QIDAQABo4IClTCCApEwHQYDVR0OBBYEFNJX2bhU
pwxXeiRX6MaVNnCvgLl9MB8GA1UdIwQYMBaAFO3FR70ObAwHBqGFgzg19l6jxxAT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzOTMyMi8yQ0IxRUVCQUY2
NTMxMUVCQTFCNEE2MUFDNEY5QUUwMi83Y1ZIdlE1c0RBY0dvWVdET0RYMlhxUEhF
Qk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzdjVkh2UTVzREFjR29ZV0RPRFgyWHFQSEVCTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzkzMjIvMkNCMUVFQkFGNjUzMTFFQkExQjRBNjFBQzRGOUFFMDIvNThBNTRFMDQz
NTFDMTFFRUE2QzlFNTMyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAAr94cwDQYJKoZIhvcNAQELBQADggEBAHHcpkfgO3EbPCXs
VmxnaM7iF8NI3Iw13CZul8PzLsbKlXDi2QoevrfxLbP9VHGHwRIxreuLqgmBfSGe
dCx5fwnUiFwckct2OSmFcZLZ3iMRyJnj/xlrLAEYCaClArrkp/xMkoZ8GVP5xy8O
yrMqQyVz/ujpPKgofCfOHa2lVHTvDt6bDx1tkuabj42e/qRw+vUwxHlEdbozB9UE
ViuMc5Nb3G4tq26hrjUGrFaRwCNTFT3z7NxGDw8ZfGslqERJjq64Xy0UYqBOBlM+
AxwAZDKVsrXDphkrVT70PASmPKGeZm61C6JUxKrMkdDCX4fYUN6+t4iqOD2j/oIz
7RYpKy4=
-----END CERTIFICATE-----
Generated at Sat Apr 26 09:08:52 2025 by rpki-client