Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918D3A9/BB7FFB8E3A9211E9B52DCF53C4F9AE02/2AD81E26717011E99BA2FB3DC4F9AE02.roa
File: 2AD81E26717011E99BA2FB3DC4F9AE02.roa (raw, json)
Hash identifier: 4p+P3Lh2uKerF09n42IrzjLcJUOn82tFYb9GF4Bw+CE=
Subject key identifier: DD:04:4D:B3:29:CA:7B:F4:BD:72:BA:36:44:74:30:E9:EF:98:A1:6D
Certificate issuer: /CN=A918D3A9/serialNumber=1968423ED6D2495880A56A6DB02BC67298C5E686
Certificate serial: 0C41
Authority key identifier: 19:68:42:3E:D6:D2:49:58:80:A5:6A:6D:B0:2B:C6:72:98:C5:E6:86
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GWhCPtbSSViApWptsCvGcpjF5oY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918D3A9/BB7FFB8E3A9211E9B52DCF53C4F9AE02/2AD81E26717011E99BA2FB3DC4F9AE02.roa
Signing time: Mon 03 Jan 2022 18:54:43 +0000
ROA not before: Mon 03 Jan 2022 18:54:43 +0000
ROA not after: Thu 02 Mar 2023 00:00:00 +0000
asID: 9654
IP address blocks: 103.103.194.0/24 maxlen: 24
103.116.192.0/24 maxlen: 24
103.116.193.0/24 maxlen: 24
2405:1340::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3137 (0xc41)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918D3A9/serialNumber=1968423ED6D2495880A56A6DB02BC67298C5E686
Validity
Not Before: Jan 3 18:54:43 2022 GMT
Not After : Mar 2 00:00:00 2023 GMT
Subject: CN=61d34673-0da4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:7c:8c:7d:3d:89:4b:06:3f:31:8b:c9:35:c6:
e4:52:03:f5:fb:ae:a7:71:10:b7:d3:60:76:ca:32:
a4:69:b8:26:6b:d1:56:e9:b2:3c:11:ef:c3:67:72:
6b:03:88:61:95:7f:da:f4:d2:39:b0:81:28:62:30:
7e:ef:e0:86:e1:3e:23:6b:78:f6:b3:7d:7d:c7:84:
59:2a:88:00:12:2f:fa:39:9d:13:6f:50:d5:a9:9f:
05:04:99:00:ae:d8:69:86:f2:df:85:92:43:7e:d5:
f3:33:1f:be:a9:8e:4e:23:c3:bd:4c:0c:d6:8c:91:
b6:43:59:69:22:6d:49:93:60:0b:4b:98:96:a3:4a:
be:bc:ea:5d:87:d6:02:c4:34:58:6c:5d:b9:bf:db:
74:6c:66:bc:aa:d1:a8:a6:e8:c3:4a:c5:2c:a0:14:
21:1b:78:53:6b:b8:19:1b:bd:c4:5b:e8:8d:6a:77:
e0:99:3e:f3:f8:94:17:9d:40:d6:77:b4:e9:a9:a8:
2d:7a:fd:99:23:e8:14:9e:96:b1:18:34:37:30:56:
01:fb:68:11:d4:b5:64:d6:aa:d0:cd:6d:e8:20:f0:
23:65:c7:c4:fd:da:5d:2f:48:9d:ea:dc:b4:0a:be:
36:cc:fc:3a:5a:91:a0:a2:17:a1:e4:63:8a:c4:08:
91:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:04:4D:B3:29:CA:7B:F4:BD:72:BA:36:44:74:30:E9:EF:98:A1:6D
X509v3 Authority Key Identifier:
keyid:19:68:42:3E:D6:D2:49:58:80:A5:6A:6D:B0:2B:C6:72:98:C5:E6:86
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918D3A9/BB7FFB8E3A9211E9B52DCF53C4F9AE02/GWhCPtbSSViApWptsCvGcpjF5oY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GWhCPtbSSViApWptsCvGcpjF5oY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918D3A9/BB7FFB8E3A9211E9B52DCF53C4F9AE02/2AD81E26717011E99BA2FB3DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.103.194.0/24
103.116.192.0/23
IPv6:
2405:1340::/32
Signature Algorithm: sha256WithRSAEncryption
12:05:0f:62:5d:ae:57:64:3b:70:2f:6a:19:ff:f9:b4:99:bf:
8a:b5:81:0b:b8:d2:3d:b3:ec:fa:3c:ce:30:8d:12:ce:f2:f9:
d1:36:25:55:75:69:e2:93:46:65:3f:d6:c5:29:5f:68:80:1e:
0c:4f:59:86:36:cf:5f:bf:39:dd:1f:11:7d:23:88:ff:49:e0:
25:83:c6:79:b4:88:0b:48:49:1c:7e:98:aa:ee:95:18:44:74:
d1:cd:ef:fc:20:26:ec:e4:16:62:ca:64:7b:4e:a0:eb:0c:8c:
78:b5:ee:3b:82:94:92:86:c4:b6:06:d4:e3:3e:b6:4c:f8:32:
65:19:42:79:56:21:7c:17:65:0c:ef:c0:55:a9:a7:64:b5:af:
59:4f:54:b4:48:8c:fa:b2:c3:f6:ca:de:c6:da:3f:f7:77:d3:
b6:9a:18:35:5e:41:52:b1:4d:9e:8c:b9:4a:6b:e2:30:b3:14:
bd:58:e6:89:5f:5c:0b:ef:52:bf:fa:35:12:20:03:a2:19:8e:
a2:83:f9:69:41:49:f7:79:73:2f:03:3a:c9:4d:a3:ff:5d:69:
db:0b:bb:5d:c8:e1:fd:1d:fa:bc:50:09:02:ad:72:4a:4b:4f:
24:84:79:51:ff:5d:01:74:5c:75:bf:bf:5e:03:ba:c0:96:84:
4c:b0:a6:e6
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICDEEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEQzQTkxMTAvBgNVBAUTKDE5Njg0MjNFRDZEMjQ5NTg4MEE1NkE2REIwMkJDNjcy
OThDNUU2ODYwHhcNMjIwMTAzMTg1NDQzWhcNMjMwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02MWQzNDY3My0wZGE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5HyMfT2JSwY/MYvJNcbkUgP1+66ncRC302B2yjKkabgma9FW6bI8Ee/DZ3Jr
A4hhlX/a9NI5sIEoYjB+7+CG4T4ja3j2s319x4RZKogAEi/6OZ0Tb1DVqZ8FBJkA
rthphvLfhZJDftXzMx++qY5OI8O9TAzWjJG2Q1lpIm1Jk2ALS5iWo0q+vOpdh9YC
xDRYbF25v9t0bGa8qtGopujDSsUsoBQhG3hTa7gZG73EW+iNanfgmT7z+JQXnUDW
d7Tpqagtev2ZI+gUnpaxGDQ3MFYB+2gR1LVk1qrQzW3oIPAjZcfE/dpdL0id6ty0
Cr42zPw6WpGgoheh5GOKxAiRIQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFN0ETbMp
ynv0vXK6NkR0MOnvmKFtMB8GA1UdIwQYMBaAFBloQj7W0klYgKVqbbArxnKYxeaG
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RDNBOS9CQjdGRkI4RTNB
OTIxMUU5QjUyRENGNTNDNEY5QUUwMi9HV2hDUHRiU1NWaUFwV3B0c0N2R2NwakY1
b1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0dXaENQdGJTU1ZpQXBXcHRzQ3ZHY3BqRjVvWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEQzQTkvQkI3RkZCOEUzQTkyMTFFOUI1MkRDRjUzQzRGOUFFMDIvMkFEODFFMjY3
MTcwMTFFOTlCQTJGQjNEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBABnZ8IDBAFndMAwDQQCAAIwBwMFACQFE0AwDQYJKoZIhvcN
AQELBQADggEBABIFD2JdrldkO3Avahn/+bSZv4q1gQu40j2z7Po8zjCNEs7y+dE2
JVV1aeKTRmU/1sUpX2iAHgxPWYY2z1+/Od0fEX0jiP9J4CWDxnm0iAtISRx+mKru
lRhEdNHN7/wgJuzkFmLKZHtOoOsMjHi17juClJKGxLYG1OM+tkz4MmUZQnlWIXwX
ZQzvwFWpp2S1r1lPVLRIjPqyw/bK3sbaP/d307aaGDVeQVKxTZ6MuUpr4jCzFL1Y
5olfXAvvUr/6NRIgA6IZjqKD+WlBSfd5cy8DOslNo/9dadsLu13I4f0d+rxQCQKt
ckpLTySEeVH/XQF0XHW/v14DusCWhEywpuY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:26 2024 by rpki-client on console-ams.rpki-client.org