Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/0D19DE0E4E1911EDBEE5B430C4F9AE02.roa
File: 0D19DE0E4E1911EDBEE5B430C4F9AE02.roa (raw, json)
Hash identifier: NuawcxfGTFbHf/s+0MxmxiP2XRC/yYHdPGC/t8Ppx7w=
Subject key identifier: 64:96:52:F3:C2:A6:42:75:AD:B1:89:CC:0E:94:03:00:58:F5:BC:69
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 5ECF
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/0D19DE0E4E1911EDBEE5B430C4F9AE02.roa
Signing time: Mon 17 Oct 2022 12:41:42 +0000
ROA not before: Mon 17 Oct 2022 12:41:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 147224
IP address blocks: 103.171.77.0/24 maxlen: 24
103.174.246.0/23 maxlen: 24
2001:df0:f740::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 24271 (0x5ecf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Oct 17 12:41:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=634d4d86-042b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:a4:25:ba:10:ee:78:f9:cf:d8:a1:58:5e:8a:
87:b8:63:e5:c7:eb:b0:66:c3:f1:95:13:c6:eb:26:
30:5d:08:7d:27:77:02:e2:97:6b:58:cb:d3:92:e1:
fe:c8:8f:80:f2:14:f1:25:f9:82:9e:ef:ac:d4:6e:
a9:b5:7c:e4:70:86:2f:0c:f2:c1:5b:6e:dc:e2:69:
77:9e:f9:61:d5:36:4b:0f:dd:b0:54:49:2e:8c:c6:
7f:20:e9:87:38:5f:3e:82:93:c9:ab:8c:ef:eb:5d:
9a:32:de:cf:49:10:3c:b6:ae:b0:03:07:d9:fa:f6:
22:4a:5b:0e:fd:b2:bc:c2:70:54:3f:44:94:ca:b7:
ed:1f:e6:4d:de:02:a1:f2:c4:ba:51:14:31:8d:af:
d4:fa:e5:e9:5b:15:a0:ee:ba:6c:87:22:69:22:0b:
57:50:aa:8e:71:59:ac:65:16:2e:b9:06:70:65:d0:
f0:3b:6b:0d:13:29:75:dc:41:96:ca:f3:44:43:29:
db:31:30:c0:18:ff:8e:28:05:89:80:96:0c:88:73:
3a:cc:b7:14:a4:07:61:cb:c7:8c:66:53:d0:22:b7:
74:18:6a:0d:4e:7a:f3:7a:f7:51:3e:07:b5:9b:03:
5d:aa:50:39:cb:f5:85:28:23:20:aa:2a:f0:1a:c1:
d5:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:96:52:F3:C2:A6:42:75:AD:B1:89:CC:0E:94:03:00:58:F5:BC:69
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/0D19DE0E4E1911EDBEE5B430C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.171.77.0/24
103.174.246.0/23
IPv6:
2001:df0:f740::/48
Signature Algorithm: sha256WithRSAEncryption
43:16:25:cd:47:8a:54:2e:62:bc:2e:6f:e7:4a:a5:59:4d:86:
ec:15:bf:6b:ce:4b:50:ce:dc:e8:29:ff:17:7f:6f:3d:29:cb:
d9:87:d0:0d:b4:6c:eb:3d:af:dd:c1:78:af:c9:64:56:23:39:
3c:a9:79:e2:69:be:db:8f:53:27:9a:6e:9d:ba:49:40:40:5e:
e3:62:0c:a0:b1:19:d6:47:8f:80:34:f2:d0:db:78:87:3d:37:
ab:02:6b:40:71:21:a1:6c:1c:87:a8:31:56:d9:f5:57:e0:a5:
63:93:71:7d:bc:cc:61:3a:d8:65:19:43:93:02:6b:3d:ab:e6:
cb:77:38:87:ef:76:ba:84:95:8b:bc:74:01:71:59:0d:8b:db:
55:78:b7:d7:35:a1:c4:f6:93:5b:75:4c:98:55:b3:9c:81:00:
3c:29:90:50:f6:27:f1:49:8a:f1:5c:eb:3b:65:a7:a2:cf:4a:
00:d6:df:4b:81:35:b4:ba:d8:98:b3:8a:b0:80:8e:cd:31:ee:
ed:77:29:69:25:5c:7e:58:24:d1:05:b9:fa:18:f2:2a:fa:d7:
3a:ec:11:9e:c5:3a:53:da:1b:4b:ee:c7:00:f8:f8:fc:34:11:
5f:1d:a7:e9:36:e0:80:f4:88:dc:a2:c4:98:92:b8:78:52:eb:
5c:b6:a0:3a
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgICXs8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjIxMDE3MTI0MTQyWhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzRkNGQ4Ni0wNDJiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtqQluhDuePnP2KFYXoqHuGPlx+uwZsPxlRPG6yYwXQh9J3cC4pdrWMvTkuH+
yI+A8hTxJfmCnu+s1G6ptXzkcIYvDPLBW27c4ml3nvlh1TZLD92wVEkujMZ/IOmH
OF8+gpPJq4zv612aMt7PSRA8tq6wAwfZ+vYiSlsO/bK8wnBUP0SUyrftH+ZN3gKh
8sS6URQxja/U+uXpWxWg7rpshyJpIgtXUKqOcVmsZRYuuQZwZdDwO2sNEyl13EGW
yvNEQynbMTDAGP+OKAWJgJYMiHM6zLcUpAdhy8eMZlPQIrd0GGoNTnrzevdRPge1
mwNdqlA5y/WFKCMgqirwGsHV7QIDAQABo4ICrDCCAqgwHQYDVR0OBBYEFGSWUvPC
pkJ1rbGJzA6UAwBY9bxpMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvMEQxOURFMEU0
RTE5MTFFREJFRTVCNDMwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNgYIKwYBBQUHAQcBAf8E
JzAlMBIEAgABMAwDBABnq00DBAFnrvYwDwQCAAIwCQMHACABDfD3QDANBgkqhkiG
9w0BAQsFAAOCAQEAQxYlzUeKVC5ivC5v50qlWU2G7BW/a85LUM7c6Cn/F39vPSnL
2YfQDbRs6z2v3cF4r8lkViM5PKl54mm+249TJ5punbpJQEBe42IMoLEZ1kePgDTy
0Nt4hz03qwJrQHEhoWwch6gxVtn1V+ClY5NxfbzMYTrYZRlDkwJrPavmy3c4h+92
uoSVi7x0AXFZDYvbVXi31zWhxPaTW3VMmFWznIEAPCmQUPYn8UmK8VzrO2Wnos9K
ANbfS4E1tLrYmLOKsICOzTHu7XcpaSVcflgk0QW5+hjyKvrXOuwRnsU6U9obS+7H
APj4/DQRXx2n6TbggPSI3KLEmJK4eFLrXLagOg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:47 2023 by rpki-client on console-ams.rpki-client.org