Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916A6BA/169687969BC311EDA6542324C4F9AE02/A18995E29BC711EDB1BAE42AC4F9AE02.roa
File: A18995E29BC711EDB1BAE42AC4F9AE02.roa (raw, json)
Hash identifier: k8Te7UaCt+furFSZSKUqubZ4JSb2ZZAQ8bBBqI6cCV8=
Subject key identifier: 03:EF:2F:D2:D0:D5:83:55:AC:9C:15:48:C7:DC:35:D0:C5:B6:F2:3F
Certificate issuer: /CN=A916A6BA/serialNumber=3ED80FEB3B021A05241ABE70D1A510A867AD71FD
Certificate serial: 0A
Authority key identifier: 3E:D8:0F:EB:3B:02:1A:05:24:1A:BE:70:D1:A5:10:A8:67:AD:71:FD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PtgP6zsCGgUkGr5w0aUQqGetcf0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916A6BA/169687969BC311EDA6542324C4F9AE02/A18995E29BC711EDB1BAE42AC4F9AE02.roa
Signing time: Tue 24 Jan 2023 09:55:01 +0000
ROA not before: Tue 24 Jan 2023 09:55:01 +0000
ROA not after: Wed 01 May 2024 00:00:00 +0000
asID: 24312
IP address blocks: 103.73.218.0/24 maxlen: 24
103.73.219.0/24 maxlen: 24
2400:d8e0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10 (0xa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916A6BA/serialNumber=3ED80FEB3B021A05241ABE70D1A510A867AD71FD
Validity
Not Before: Jan 24 09:55:01 2023 GMT
Not After : May 1 00:00:00 2024 GMT
Subject: CN=63cfaaf5-e096
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:be:78:89:5a:85:ce:97:88:54:05:47:31:2b:
5c:fb:9e:29:fa:2f:7c:2a:d1:49:fc:ee:ed:b2:a1:
85:73:0b:08:f3:13:ae:84:23:94:92:4a:61:27:d7:
c9:f3:0f:28:e3:56:4f:65:18:00:d2:46:1c:2b:37:
e5:1a:26:58:e9:bb:cf:4d:f7:2b:83:ca:e3:86:2e:
87:ef:f8:c9:ba:48:23:d8:07:6a:ff:38:2e:d0:c3:
58:dd:86:5c:df:85:2b:3e:be:e1:d6:70:4e:9b:4e:
c5:07:b3:7a:2c:a4:97:aa:04:45:b6:68:77:f2:58:
6b:70:e0:ea:47:df:60:17:bd:3d:b2:c3:33:4f:a1:
8e:7c:89:ae:9f:16:82:db:40:6f:83:65:c6:65:e9:
17:a7:13:4a:72:e5:29:0d:6d:06:b1:a9:91:9d:f9:
bd:62:dc:44:8c:0d:fa:7e:ca:18:c6:da:ec:c2:8a:
81:2e:28:40:d0:9d:39:36:eb:19:40:bc:db:3f:b1:
3a:59:fc:20:21:96:15:ff:0c:d7:e5:ee:14:4b:3d:
a3:83:9f:d8:9a:41:c3:23:dd:50:fd:6d:72:bf:ca:
d2:81:64:69:1e:df:c4:18:14:b8:0d:ff:81:13:ed:
87:49:85:25:4b:e9:83:6c:78:f3:9f:cf:80:28:8f:
85:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:EF:2F:D2:D0:D5:83:55:AC:9C:15:48:C7:DC:35:D0:C5:B6:F2:3F
X509v3 Authority Key Identifier:
keyid:3E:D8:0F:EB:3B:02:1A:05:24:1A:BE:70:D1:A5:10:A8:67:AD:71:FD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916A6BA/169687969BC311EDA6542324C4F9AE02/PtgP6zsCGgUkGr5w0aUQqGetcf0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PtgP6zsCGgUkGr5w0aUQqGetcf0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916A6BA/169687969BC311EDA6542324C4F9AE02/A18995E29BC711EDB1BAE42AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.73.218.0/23
IPv6:
2400:d8e0::/48
Signature Algorithm: sha256WithRSAEncryption
2a:2d:4d:79:af:6c:dd:e3:71:8e:6d:1c:61:d3:bd:3b:5c:ff:
b3:14:29:9a:a1:96:a4:47:df:89:d2:43:19:86:f9:c6:94:4a:
90:23:c9:7d:56:44:71:52:79:a2:bb:81:9f:d9:73:e5:b1:c1:
27:f2:31:f1:f2:85:82:b9:a2:ed:eb:6b:a9:3c:f9:39:03:34:
6b:35:be:41:8f:90:2d:7d:23:53:f7:8d:58:bd:67:5c:47:f0:
fa:08:96:76:df:df:5f:ce:ed:00:8f:80:38:00:1a:57:cd:36:
82:da:6b:27:b7:d2:a0:3b:84:8c:c1:42:be:0c:e5:dc:e6:90:
6c:d2:c2:8a:88:54:94:6b:bc:45:4e:f7:6d:e8:6b:7b:00:1e:
7c:dc:05:e7:60:84:90:43:21:b3:e3:9d:56:b5:42:d8:a0:36:
61:d8:78:62:4a:8c:86:fb:57:b2:7a:15:81:02:8c:20:99:f5:
4b:7a:2c:5b:53:ca:84:9e:e8:d9:b3:a5:6a:64:9c:8e:f5:99:
5d:b0:ff:ab:72:70:66:ce:34:bc:36:79:bd:be:8a:b0:60:61:
2d:76:3c:90:73:54:5a:da:e0:3c:3a:aa:3c:0c:9a:ee:36:b9:
a8:03:55:e6:43:84:52:9e:9b:bb:f4:7f:88:c3:52:bf:32:e2:
e7:76:34:37
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIBCjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE2
QTZCQTExMC8GA1UEBRMoM0VEODBGRUIzQjAyMUEwNTI0MUFCRTcwRDFBNTEwQTg2
N0FENzFGRDAeFw0yMzAxMjQwOTU1MDFaFw0yNDA1MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTYzY2ZhYWY1LWUwOTYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCsvniJWoXOl4hUBUcxK1z7nin6L3wq0Un87u2yoYVzCwjzE66EI5SSSmEn18nz
DyjjVk9lGADSRhwrN+UaJljpu89N9yuDyuOGLofv+Mm6SCPYB2r/OC7Qw1jdhlzf
hSs+vuHWcE6bTsUHs3ospJeqBEW2aHfyWGtw4OpH32AXvT2ywzNPoY58ia6fFoLb
QG+DZcZl6RenE0py5SkNbQaxqZGd+b1i3ESMDfp+yhjG2uzCioEuKEDQnTk26xlA
vNs/sTpZ/CAhlhX/DNfl7hRLPaODn9iaQcMj3VD9bXK/ytKBZGke38QYFLgN/4ET
7YdJhSVL6YNsePOfz4Aoj4XTAgMBAAGjggKmMIICojAdBgNVHQ4EFgQUA+8v0tDV
g1WsnBVIx9w10MW28j8wHwYDVR0jBBgwFoAUPtgP6zsCGgUkGr5w0aUQqGetcf0w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTZBNkJBLzE2OTY4Nzk2OUJD
MzExRURBNjU0MjMyNEM0RjlBRTAyL1B0Z1A2enNDR2dVa0dyNXcwYVVRcUdldGNm
MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvUHRnUDZ6c0NHZ1VrR3I1dzBhVVFxR2V0Y2YwLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2
QTZCQS8xNjk2ODc5NjlCQzMxMUVEQTY1NDIzMjRDNEY5QUUwMi9BMTg5OTVFMjlC
QzcxMUVEQjFCQUU0MkFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh
MB8wDAQCAAEwBgMEAWdJ2jAPBAIAAjAJAwcAJADY4AAAMA0GCSqGSIb3DQEBCwUA
A4IBAQAqLU15r2zd43GObRxh0707XP+zFCmaoZakR9+J0kMZhvnGlEqQI8l9VkRx
Unmiu4Gf2XPlscEn8jHx8oWCuaLt62upPPk5AzRrNb5Bj5AtfSNT941YvWdcR/D6
CJZ2399fzu0Aj4A4ABpXzTaC2msnt9KgO4SMwUK+DOXc5pBs0sKKiFSUa7xFTvdt
6Gt7AB583AXnYISQQyGz451WtULYoDZh2HhiSoyG+1eyehWBAowgmfVLeixbU8qE
nujZs6VqZJyO9ZldsP+rcnBmzjS8Nnm9voqwYGEtdjyQc1Ra2uA8Oqo8DJruNrmo
A1XmQ4RSnpu79H+Iw1K/MuLndjQ3
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:20 2024 by rpki-client on console-ams.rpki-client.org