Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/140E04F2543011EDBD9E920CC4F9AE02.roa
File: 140E04F2543011EDBD9E920CC4F9AE02.roa (raw, json)
Hash identifier: tvnQe+vltCeZ3oPvOi1kG5VFnJORT/DGeE95upxTiDA=
Subject key identifier: 99:4F:EF:D3:F2:96:4F:B8:EA:04:11:91:4F:42:48:90:B2:F8:4C:87
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 61D2
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/140E04F2543011EDBD9E920CC4F9AE02.roa
Signing time: Thu 22 Dec 2022 15:51:38 +0000
ROA not before: Thu 22 Dec 2022 15:51:38 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 137083
IP address blocks: 103.57.96.0/23 maxlen: 24
103.105.228.0/24 maxlen: 24
103.105.229.0/24 maxlen: 24
103.105.230.0/24 maxlen: 24
103.105.231.0/24 maxlen: 24
103.108.73.0/24 maxlen: 24
103.157.8.0/24 maxlen: 24
103.157.9.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25042 (0x61d2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Dec 22 15:51:38 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=63a47d0a-be6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:a7:07:34:b6:ed:f9:26:c0:5d:d5:15:1e:78:
f5:57:40:7c:a9:01:05:b1:54:eb:70:0a:89:51:9a:
b4:73:db:eb:45:c5:bf:41:b4:88:23:30:ca:da:86:
16:11:43:ec:8f:59:9c:5b:f7:c5:c5:69:30:bf:72:
82:35:df:62:23:59:ed:b5:38:00:b1:01:6a:77:14:
bb:0c:b8:b4:85:16:60:e7:2e:73:3b:02:09:9b:fe:
bb:53:f6:ca:6e:e0:e3:70:d4:85:6e:85:cb:0a:26:
39:88:eb:7a:69:27:42:9d:fd:b7:58:8b:62:6f:b7:
83:9b:84:3b:98:cf:80:36:fa:ce:ac:87:e6:61:af:
50:0a:1d:e2:52:18:f3:bc:4a:1b:83:c1:cc:6e:fc:
fa:bf:d6:b3:79:a7:ec:a0:75:ce:b6:27:91:b4:64:
e5:ac:89:04:9c:e1:ad:38:14:8c:42:43:00:77:28:
27:50:3b:8a:b6:f4:63:78:4c:16:da:6c:c2:06:b6:
84:14:97:7e:cf:9e:c8:f1:77:a9:e2:cd:d0:2f:ed:
78:c4:20:80:e2:97:af:b6:e0:d8:06:66:92:d7:d4:
bc:8a:b8:a1:cd:67:c1:77:df:46:6d:4f:21:be:bb:
26:16:fd:cd:89:8a:49:45:78:b0:b6:10:8e:44:0f:
c1:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:4F:EF:D3:F2:96:4F:B8:EA:04:11:91:4F:42:48:90:B2:F8:4C:87
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/140E04F2543011EDBD9E920CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.57.96.0/23
103.105.228.0/22
103.108.73.0/24
103.157.8.0/23
Signature Algorithm: sha256WithRSAEncryption
0b:ed:e1:e7:c7:5e:5b:1c:49:5b:82:aa:e9:a5:05:d0:d6:d9:
2b:4e:8c:d6:f7:20:23:7c:fe:96:e1:63:dc:fa:65:19:f9:72:
b1:87:a2:cc:1f:08:6f:84:2f:48:dd:b0:62:4a:ae:0f:c6:fe:
fa:3f:18:9e:33:b1:cc:ea:f4:f5:7f:b7:ba:63:b8:ea:bd:07:
60:fc:97:75:25:cd:94:4b:23:ca:9d:74:cc:52:22:a1:1a:ec:
bd:55:83:38:6b:4f:34:bd:cd:3b:de:de:6a:11:12:d7:e6:8c:
ea:db:07:86:b0:03:03:ec:4e:a1:cb:1c:b8:32:c9:9b:ca:33:
04:d0:f5:57:a0:ed:af:2c:e5:87:87:01:a5:30:a7:ce:23:fa:
9b:55:98:84:0f:d7:dd:22:f3:63:3e:3a:15:d8:2f:a2:a9:ba:
44:e1:2f:7a:fb:dd:f2:47:d2:8c:55:ca:05:88:b0:59:4a:b3:
db:a9:7e:b1:ee:22:76:0d:66:3e:01:dd:24:bb:27:a9:54:39:
e4:a4:c8:ba:d1:25:50:7e:fd:c7:47:ac:38:9e:ed:f6:ee:e3:
e0:c5:ac:23:89:b9:af:fb:16:d8:8a:e2:8a:56:3e:53:5c:d5:
cb:dd:b2:d6:6c:f3:0a:39:2c:dc:bb:8f:b2:fc:1b:3d:85:83:
66:1a:19:6b
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICYdIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjIxMjIyMTU1MTM4WhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2E0N2QwYS1iZTZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqKcHNLbt+SbAXdUVHnj1V0B8qQEFsVTrcAqJUZq0c9vrRcW/QbSIIzDK2oYW
EUPsj1mcW/fFxWkwv3KCNd9iI1nttTgAsQFqdxS7DLi0hRZg5y5zOwIJm/67U/bK
buDjcNSFboXLCiY5iOt6aSdCnf23WItib7eDm4Q7mM+ANvrOrIfmYa9QCh3iUhjz
vEobg8HMbvz6v9azeafsoHXOtieRtGTlrIkEnOGtOBSMQkMAdygnUDuKtvRjeEwW
2mzCBraEFJd+z57I8Xep4s3QL+14xCCA4pevtuDYBmaS19S8irihzWfBd99GbU8h
vrsmFv3NiYpJRXiwthCORA/B0QIDAQABo4ICpzCCAqMwHQYDVR0OBBYEFJlP79Py
lk+46gQRkU9CSJCy+EyHMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvMTQwRTA0RjI1
NDMwMTFFREJEOUU5MjBDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMQYIKwYBBQUHAQcBAf8E
IjAgMB4EAgABMBgDBAFnOWADBAJnaeQDBABnbEkDBAFnnQgwDQYJKoZIhvcNAQEL
BQADggEBAAvt4efHXlscSVuCqumlBdDW2StOjNb3ICN8/pbhY9z6ZRn5crGHoswf
CG+EL0jdsGJKrg/G/vo/GJ4zsczq9PV/t7pjuOq9B2D8l3UlzZRLI8qddMxSIqEa
7L1VgzhrTzS9zTve3moREtfmjOrbB4awAwPsTqHLHLgyyZvKMwTQ9Veg7a8s5YeH
AaUwp84j+ptVmIQP190i82M+OhXYL6KpukThL3r73fJH0oxVygWIsFlKs9upfrHu
InYNZj4B3SS7J6lUOeSkyLrRJVB+/cdHrDie7fbu4+DFrCOJua/7FtiK4opWPlNc
1cvdstZs8wo5LNy7j7L8Gz2Fg2YaGWs=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:48 2023 by rpki-client on console-ams.rpki-client.org