Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918664E/DF900E36CEE211EDA41C381CC4F9AE02/AEEDB40ACEE611ED9501FC4CC4F9AE02.roa
File: AEEDB40ACEE611ED9501FC4CC4F9AE02.roa (raw, json)
Hash identifier: 3ZN4vz1Hk99WIaSBeipbhm4heEX/bnt1vqre+eAPff4=
Subject key identifier: B4:C3:29:7E:8F:DC:1B:F0:35:DA:42:C2:50:14:0A:2B:74:22:05:88
Certificate issuer: /CN=A918664E/serialNumber=4C05BA8935E8DF3CC23250B567F2056B850715B9
Certificate serial: 2B
Authority key identifier: 4C:05:BA:89:35:E8:DF:3C:C2:32:50:B5:67:F2:05:6B:85:07:15:B9
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TAW6iTXo3zzCMlC1Z_IFa4UHFbk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918664E/DF900E36CEE211EDA41C381CC4F9AE02/AEEDB40ACEE611ED9501FC4CC4F9AE02.roa
Signing time: Tue 13 Jun 2023 14:46:10 +0000
ROA not before: Tue 13 Jun 2023 14:46:10 +0000
ROA not after: Wed 29 May 2024 00:00:00 +0000
asID: 142063
IP address blocks: 103.122.222.0/24 maxlen: 24
103.122.223.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 43 (0x2b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918664E/serialNumber=4C05BA8935E8DF3CC23250B567F2056B850715B9
Validity
Not Before: Jun 13 14:46:10 2023 GMT
Not After : May 29 00:00:00 2024 GMT
Subject: CN=64888132-edf7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:5b:b8:1c:a0:b1:92:d6:9f:43:6b:59:72:b3:
ad:12:c4:b1:12:1a:70:a3:f1:92:ac:99:ce:2f:28:
e1:fb:fb:29:88:2d:22:99:83:de:f9:b6:a7:50:74:
ea:b4:bb:0e:e7:06:87:a1:5c:2b:75:9d:7e:4e:36:
1d:b7:f9:1c:7d:0f:f2:a6:ee:de:4c:85:19:60:40:
a6:d7:2a:6f:d1:b9:61:bb:2c:bb:55:8e:4d:78:af:
81:ab:04:2f:fd:d2:04:e6:cf:3f:3c:55:ef:36:f4:
9d:25:ce:ce:a5:50:77:af:9f:dc:e2:b6:f4:6f:f6:
86:a4:f5:6a:fb:00:7c:4e:22:58:24:ee:5f:a7:8d:
c7:e5:77:eb:44:6e:5c:33:86:db:71:a6:ed:d3:3b:
ce:85:20:dc:2b:f4:c8:c5:78:cb:a5:6d:95:e6:ce:
bf:2d:af:ae:3e:c7:a1:88:a9:49:32:96:70:af:5f:
44:ca:fe:e4:7a:53:e7:0d:ec:70:24:b5:b9:b6:65:
4f:fa:7e:ae:e1:07:59:15:e4:42:25:44:c7:54:35:
97:85:aa:3b:fb:22:6d:ff:cf:34:76:18:eb:ec:4c:
71:00:b6:74:af:af:98:2a:f8:7b:96:44:c6:99:8e:
aa:78:e8:43:4a:ff:08:89:e0:6c:4d:85:48:af:92:
81:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:C3:29:7E:8F:DC:1B:F0:35:DA:42:C2:50:14:0A:2B:74:22:05:88
X509v3 Authority Key Identifier:
keyid:4C:05:BA:89:35:E8:DF:3C:C2:32:50:B5:67:F2:05:6B:85:07:15:B9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918664E/DF900E36CEE211EDA41C381CC4F9AE02/TAW6iTXo3zzCMlC1Z_IFa4UHFbk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TAW6iTXo3zzCMlC1Z_IFa4UHFbk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918664E/DF900E36CEE211EDA41C381CC4F9AE02/AEEDB40ACEE611ED9501FC4CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.122.222.0/23
Signature Algorithm: sha256WithRSAEncryption
6f:a5:ff:8e:7a:92:d1:57:5d:cf:b4:5b:a0:00:a4:18:93:ea:
c9:7b:32:75:74:c2:eb:42:02:22:ad:32:bb:35:13:25:4f:69:
a6:21:15:c0:9d:d8:b7:8c:67:25:f4:3b:e3:d8:c2:ac:9e:c1:
62:8d:1a:7c:67:9e:cb:cb:08:f5:4f:2c:c7:1b:86:7c:de:d9:
08:35:47:4e:78:bc:b3:78:20:11:d8:c1:18:32:30:d5:e3:9c:
4d:24:48:37:6b:f7:a1:57:fe:33:cb:62:a5:cc:02:da:aa:6e:
c9:85:a8:29:65:f9:00:77:fe:0e:f6:f9:65:67:69:94:85:13:
4a:3e:4f:fa:ed:bb:0e:3e:59:f6:ac:bd:0b:6c:f2:a5:0a:9f:
7f:a7:40:4b:5e:35:f5:be:8b:3c:a9:5e:c3:6c:ab:c1:37:be:
75:3d:8c:5d:6b:f1:2a:d3:91:02:d0:ab:82:b5:d2:cf:a7:16:
22:0a:8f:3a:e3:95:ad:b0:6e:fb:e4:b6:87:90:66:8c:98:78:
5c:3d:a8:9f:02:33:53:3e:61:6e:d3:4a:12:4d:77:2c:e0:09:
fc:f7:3d:ef:8f:55:65:52:5f:e3:6e:6a:da:90:21:f6:26:b2:
33:65:c8:c0:5f:6d:af:be:38:e8:66:96:6d:6a:56:46:95:1f:
77:b5:68:7b
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBKzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE4
NjY0RTExMC8GA1UEBRMoNEMwNUJBODkzNUU4REYzQ0MyMzI1MEI1NjdGMjA1NkI4
NTA3MTVCOTAeFw0yMzA2MTMxNDQ2MTBaFw0yNDA1MjkwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0ODg4MTMyLWVkZjcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDQW7gcoLGS1p9Da1lys60SxLESGnCj8ZKsmc4vKOH7+ymILSKZg975tqdQdOq0
uw7nBoehXCt1nX5ONh23+Rx9D/Km7t5MhRlgQKbXKm/RuWG7LLtVjk14r4GrBC/9
0gTmzz88Ve829J0lzs6lUHevn9zitvRv9oak9Wr7AHxOIlgk7l+njcfld+tEblwz
httxpu3TO86FINwr9MjFeMulbZXmzr8tr64+x6GIqUkylnCvX0TK/uR6U+cN7HAk
tbm2ZU/6fq7hB1kV5EIlRMdUNZeFqjv7Im3/zzR2GOvsTHEAtnSvr5gq+HuWRMaZ
jqp46ENK/wiJ4GxNhUivkoEpAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUtMMpfo/c
G/A12kLCUBQKK3QiBYgwHwYDVR0jBBgwFoAUTAW6iTXo3zzCMlC1Z/IFa4UHFbkw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTg2NjRFL0RGOTAwRTM2Q0VF
MjExRURBNDFDMzgxQ0M0RjlBRTAyL1RBVzZpVFhvM3p6Q01sQzFaX0lGYTRVSEZi
ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvVEFXNmlUWG8zenpDTWxDMVpfSUZhNFVIRmJrLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4
NjY0RS9ERjkwMEUzNkNFRTIxMUVEQTQxQzM4MUNDNEY5QUUwMi9BRUVEQjQwQUNF
RTYxMUVEOTUwMUZDNENDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWd63jANBgkqhkiG9w0BAQsFAAOCAQEAb6X/jnqS0Vddz7Rb
oACkGJPqyXsydXTC60ICIq0yuzUTJU9ppiEVwJ3Yt4xnJfQ749jCrJ7BYo0afGee
y8sI9U8sxxuGfN7ZCDVHTni8s3ggEdjBGDIw1eOcTSRIN2v3oVf+M8tipcwC2qpu
yYWoKWX5AHf+Dvb5ZWdplIUTSj5P+u27Dj5Z9qy9C2zypQqff6dAS1419b6LPKle
w2yrwTe+dT2MXWvxKtORAtCrgrXSz6cWIgqPOuOVrbBu++S2h5BmjJh4XD2onwIz
Uz5hbtNKEk13LOAJ/Pc9749VZVJf425q2pAh9iayM2XIwF9tr7446GaWbWpWRpUf
d7Voew==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:14 2024 by rpki-client on console-fra.rpki-client.org