Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/13E8C5AA9EA311EB9549E036C4F9AE02.roa
File: 13E8C5AA9EA311EB9549E036C4F9AE02.roa (raw, json)
Hash identifier: 3k4whXG+YA3iwvy5/6tOZhLh2qlDb54X3s/EwoVUBT8=
Subject key identifier: 86:2B:6F:D6:64:37:6B:AF:89:EC:2D:C1:53:17:CF:63:AE:38:07:9E
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 6563
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/13E8C5AA9EA311EB9549E036C4F9AE02.roa
Signing time: Tue 21 Feb 2023 10:41:39 +0000
ROA not before: Tue 21 Feb 2023 10:41:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 141799
IP address blocks: 103.146.222.0/23 maxlen: 24
103.149.52.0/23 maxlen: 24
103.159.242.0/23 maxlen: 24
103.165.22.0/23 maxlen: 24
103.181.176.0/23 maxlen: 24
2001:df6:f280::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25955 (0x6563)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Feb 21 10:41:39 2023 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=63f49fe3-3f18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:1e:0b:94:27:f7:a5:9c:67:cd:a8:06:e9:9d:
f4:a8:a0:70:2d:ed:b5:39:54:c0:3c:36:6e:2f:37:
00:70:78:f0:dd:e1:9e:94:d8:9a:9d:4a:20:3e:06:
4c:54:ca:5e:ee:fc:b3:f7:e8:c6:64:75:5a:17:d0:
4e:b0:b9:36:81:81:c8:52:21:44:02:85:e3:69:4a:
d3:e4:5a:e2:81:64:39:55:3c:ad:50:ad:97:14:2a:
24:79:4f:14:92:56:74:30:02:8a:a9:70:e3:0e:bf:
a8:ca:9b:0a:cb:22:92:b1:97:97:3c:59:29:43:0f:
b4:64:65:76:d1:57:99:88:3a:d6:a8:13:fa:c9:e5:
37:61:94:e3:06:cc:a8:3a:f0:15:ce:d8:63:78:89:
0d:f3:2c:fa:42:4e:69:bd:a9:51:18:26:c8:6c:34:
b7:3b:ff:24:dc:0f:e8:1f:61:7e:13:4b:ab:7d:b5:
a7:04:d1:5c:b5:8a:97:69:a2:07:db:7d:ef:88:59:
60:e1:7a:e1:ec:35:f0:21:31:cd:28:8c:ef:85:42:
c0:f9:9e:68:e0:c0:b7:21:75:30:65:37:f6:6b:f9:
4f:a1:99:c7:7f:73:3d:a8:fe:84:e4:ff:86:8e:46:
93:f3:ac:25:33:2a:a8:e3:18:ef:f2:7a:28:2a:10:
ca:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:2B:6F:D6:64:37:6B:AF:89:EC:2D:C1:53:17:CF:63:AE:38:07:9E
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/13E8C5AA9EA311EB9549E036C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.146.222.0/23
103.149.52.0/23
103.159.242.0/23
103.165.22.0/23
103.181.176.0/23
IPv6:
2001:df6:f280::/48
Signature Algorithm: sha256WithRSAEncryption
35:ea:18:4d:ea:8b:14:55:e7:bb:9c:59:8b:85:fc:42:11:56:
99:4b:84:7e:df:68:ca:3a:89:75:7c:5c:00:d5:79:2b:da:2a:
12:c4:18:6d:c5:5b:7b:61:38:88:da:b5:5d:13:5b:e2:03:75:
ea:a1:f5:55:8d:75:be:a9:e1:6b:1b:97:9e:e9:fc:40:22:06:
7e:5a:59:25:1f:cf:80:de:ad:58:c7:fe:8c:80:0d:4f:26:24:
f7:ad:dd:35:fd:d9:e9:4d:c7:24:d3:c1:b5:88:2e:0f:3d:d7:
a5:50:af:0c:41:6a:50:49:54:f8:c7:41:f2:92:32:c0:1c:a0:
4a:cb:91:f0:46:41:64:bc:09:3f:0b:f3:c0:9b:c2:8f:5b:19:
68:58:e9:35:52:f2:ed:5d:78:91:08:85:67:61:5a:84:4e:70:
69:86:43:be:9c:c6:f8:cd:15:c2:4c:ca:15:84:7d:7d:5e:44:
1e:4f:59:20:a4:b1:ac:18:c7:52:85:72:a5:3b:05:be:1a:93:
42:7a:ed:eb:f8:1f:c5:86:cb:4c:01:73:9e:91:3e:ac:ae:4a:
5b:82:85:1f:c5:3b:97:d8:9f:a8:88:c0:78:81:f0:6b:ad:1d:
9c:d4:66:e1:2a:64:76:cf:e0:9c:38:7e:ef:0e:a0:94:1c:2c:
ad:bb:54:25
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgICZWMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMwMjIxMTA0MTM5WhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2Y0OWZlMy0zZjE4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3B4LlCf3pZxnzagG6Z30qKBwLe21OVTAPDZuLzcAcHjw3eGelNianUogPgZM
VMpe7vyz9+jGZHVaF9BOsLk2gYHIUiFEAoXjaUrT5FrigWQ5VTytUK2XFCokeU8U
klZ0MAKKqXDjDr+oypsKyyKSsZeXPFkpQw+0ZGV20VeZiDrWqBP6yeU3YZTjBsyo
OvAVzthjeIkN8yz6Qk5pvalRGCbIbDS3O/8k3A/oH2F+E0urfbWnBNFctYqXaaIH
233viFlg4Xrh7DXwITHNKIzvhULA+Z5o4MC3IXUwZTf2a/lPoZnHf3M9qP6E5P+G
jkaT86wlMyqo4xjv8nooKhDK8wIDAQABo4ICvjCCArowHQYDVR0OBBYEFIYrb9Zk
N2uviewtwVMXz2OuOAeeMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvMTNFOEM1QUE5
RUEzMTFFQjk1NDlFMDM2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwSAYIKwYBBQUHAQcBAf8E
OTA3MCQEAgABMB4DBAFnkt4DBAFnlTQDBAFnn/IDBAFnpRYDBAFntbAwDwQCAAIw
CQMHACABDfbygDANBgkqhkiG9w0BAQsFAAOCAQEANeoYTeqLFFXnu5xZi4X8QhFW
mUuEft9oyjqJdXxcANV5K9oqEsQYbcVbe2E4iNq1XRNb4gN16qH1VY11vqnhaxuX
nun8QCIGflpZJR/PgN6tWMf+jIANTyYk963dNf3Z6U3HJNPBtYguDz3XpVCvDEFq
UElU+MdB8pIywBygSsuR8EZBZLwJPwvzwJvCj1sZaFjpNVLy7V14kQiFZ2FahE5w
aYZDvpzG+M0VwkzKFYR9fV5EHk9ZIKSxrBjHUoVypTsFvhqTQnrt6/gfxYbLTAFz
npE+rK5KW4KFH8U7l9ifqIjAeIHwa60dnNRm4Spkds/gnDh+7w6glBwsrbtUJQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:48 2023 by rpki-client on console-ams.rpki-client.org