Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/0BFA73D6CB7811ECAA78D16CC4F9AE02.roa
File: 0BFA73D6CB7811ECAA78D16CC4F9AE02.roa (raw, json)
Hash identifier: X2SE8JHnbD6pzGInH+OyNVuE0Dizw4XQtBe3S5E/j90=
Subject key identifier: AC:9D:35:C2:1C:09:6E:0B:D7:76:D1:04:9B:F7:4C:1D:4D:84:5D:7C
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 4D84
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/0BFA73D6CB7811ECAA78D16CC4F9AE02.roa
Signing time: Wed 04 May 2022 07:01:40 +0000
ROA not before: Wed 04 May 2022 07:01:40 +0000
ROA not after: Fri 01 Jul 2022 00:00:00 +0000
asID: 141529
IP address blocks: 103.160.187.0/24 maxlen: 24
2001:df5:c680::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19844 (0x4d84)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: May 4 07:01:40 2022 GMT
Not After : Jul 1 00:00:00 2022 GMT
Subject: CN=627224d4-8b87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:37:99:9a:58:56:c4:34:f5:89:75:d0:3c:77:
8d:61:96:c9:3e:aa:a7:24:ee:6e:04:d1:63:5a:5c:
54:ea:6d:9e:6d:f8:27:23:9c:fa:a2:1f:1b:24:61:
68:9e:38:a2:f2:25:af:39:c6:54:1c:71:55:bd:ae:
91:c5:ab:0f:e2:d3:09:c2:08:8d:82:6f:0b:a4:80:
ff:21:47:98:1e:0f:6a:c7:16:d4:d8:4d:1c:7c:d3:
d1:fa:22:56:9e:8a:29:e1:1e:3e:36:f7:28:18:89:
8a:93:21:2b:9d:66:43:33:24:b9:86:28:df:6c:45:
a9:20:4c:ef:c9:a1:8d:9a:6d:42:2a:2d:af:e5:9b:
00:0f:bf:f4:16:b5:07:04:e7:b9:45:55:83:fc:f9:
00:51:0f:fb:9b:3b:05:38:5c:51:02:ff:ae:64:e5:
0d:7a:3f:3d:ec:73:83:4d:1c:30:96:10:97:8a:c4:
ac:5f:2f:e8:32:16:45:dc:2e:d3:83:8f:25:4e:82:
2a:46:85:1c:c1:8b:9d:bd:bb:74:42:a4:37:47:a8:
78:e1:84:eb:07:29:c1:45:80:c9:c5:99:5d:48:62:
07:2e:b3:b1:8c:ca:d4:f7:ff:cd:b2:9d:b5:28:01:
56:2d:15:87:8a:33:bc:12:b0:a5:b1:9f:39:35:82:
43:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:9D:35:C2:1C:09:6E:0B:D7:76:D1:04:9B:F7:4C:1D:4D:84:5D:7C
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/0BFA73D6CB7811ECAA78D16CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.160.187.0/24
IPv6:
2001:df5:c680::/48
Signature Algorithm: sha256WithRSAEncryption
70:78:d1:ba:34:b3:f0:f2:36:bc:9f:cf:97:4c:43:7d:be:01:
ba:4e:87:bb:4c:06:2b:a8:4f:18:b6:5b:56:e6:b0:46:4e:53:
e2:d4:8e:74:55:f3:20:c9:23:d9:0b:b4:ba:02:78:20:43:1b:
12:d0:2b:1a:60:75:1a:c7:5b:ee:d1:dd:2f:52:57:4b:33:e3:
60:78:de:c8:44:fb:96:ce:dc:9f:e9:73:95:62:21:6a:91:97:
50:6b:ad:d9:27:33:62:3d:aa:fa:9f:e9:84:33:3d:75:a6:aa:
29:cc:a3:a6:8f:61:5b:e2:60:c5:96:b6:52:c4:28:01:e0:94:
8a:ef:e6:d5:ca:e8:89:72:ad:dc:3e:8b:d9:bc:99:66:50:bf:
fa:6a:3d:d7:23:35:a5:d0:22:4c:bb:7d:01:99:02:fe:a3:b1:
21:3b:ef:a9:cb:58:5b:f8:ad:4d:b5:87:33:86:13:76:9f:16:
3c:14:d5:74:69:c9:55:df:d5:2d:9f:41:75:8b:f3:75:dd:06:
d3:0b:e8:4f:34:74:c6:9c:ce:3f:e1:26:08:09:bd:48:6d:38:
cc:e4:dc:b6:7e:5e:a0:41:ea:c8:1b:de:e6:85:b7:50:b7:b9:
a5:72:4d:3d:d1:4a:64:fa:e4:c1:5f:3e:bf:8e:42:84:4e:a4:
d5:1e:06:1d
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICTYQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjIwNTA0MDcwMTQwWhcNMjIwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjcyMjRkNC04Yjg3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2TeZmlhWxDT1iXXQPHeNYZbJPqqnJO5uBNFjWlxU6m2ebfgnI5z6oh8bJGFo
njii8iWvOcZUHHFVva6RxasP4tMJwgiNgm8LpID/IUeYHg9qxxbU2E0cfNPR+iJW
noop4R4+NvcoGImKkyErnWZDMyS5hijfbEWpIEzvyaGNmm1CKi2v5ZsAD7/0FrUH
BOe5RVWD/PkAUQ/7mzsFOFxRAv+uZOUNej897HODTRwwlhCXisSsXy/oMhZF3C7T
g48lToIqRoUcwYudvbt0QqQ3R6h44YTrBynBRYDJxZldSGIHLrOxjMrU9//Nsp21
KAFWLRWHijO8ErClsZ85NYJDdwIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFKydNcIc
CW4L13bRBJv3TB1NhF18MB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvMEJGQTczRDZD
Qjc4MTFFQ0FBNzhEMTZDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBABnoLswDwQCAAIwCQMHACABDfXGgDANBgkqhkiG9w0BAQsF
AAOCAQEAcHjRujSz8PI2vJ/Pl0xDfb4Buk6Hu0wGK6hPGLZbVuawRk5T4tSOdFXz
IMkj2Qu0ugJ4IEMbEtArGmB1Gsdb7tHdL1JXSzPjYHjeyET7ls7cn+lzlWIhapGX
UGut2SczYj2q+p/phDM9daaqKcyjpo9hW+JgxZa2UsQoAeCUiu/m1croiXKt3D6L
2byZZlC/+mo91yM1pdAiTLt9AZkC/qOxITvvqctYW/itTbWHM4YTdp8WPBTVdGnJ
Vd/VLZ9BdYvzdd0G0wvoTzR0xpzOP+EmCAm9SG04zOTctn5eoEHqyBve5oW3ULe5
pXJNPdFKZPrkwV8+v45ChE6k1R4GHQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:47 2023 by rpki-client on console-ams.rpki-client.org