Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/14FC84E89E0811EDAF82DD74C4F9AE02.roa
File: 14FC84E89E0811EDAF82DD74C4F9AE02.roa (raw, json)
Hash identifier: auEfCJF77R+j11FoFSne2jiuWqLOfCW96jYtamLn1ew=
Subject key identifier: F6:2A:12:93:A1:D0:A8:63:59:64:AC:37:F2:F9:B8:B9:E6:66:EC:AB
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 63D4
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/14FC84E89E0811EDAF82DD74C4F9AE02.roa
Signing time: Fri 27 Jan 2023 06:21:47 +0000
ROA not before: Fri 27 Jan 2023 06:21:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 150102
IP address blocks: 103.194.119.0/24 maxlen: 24
103.212.132.0/24 maxlen: 24
103.212.133.0/24 maxlen: 24
103.217.80.0/23 maxlen: 24
103.225.180.0/24 maxlen: 24
103.225.181.0/24 maxlen: 24
103.229.209.0/24 maxlen: 24
103.252.42.0/24 maxlen: 24
103.252.43.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25556 (0x63d4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Jan 27 06:21:47 2023 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=63d36d7b-7f62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:3a:27:9f:1f:ca:43:f7:36:0f:35:ab:cd:6e:
10:e9:44:5f:7a:8e:ab:ef:b9:9f:8a:ac:cc:69:56:
98:f0:3c:2b:9b:24:c1:53:34:b0:07:20:9c:1f:80:
57:08:40:ae:02:fa:c2:08:45:ec:38:5c:4d:87:22:
de:7d:c7:9a:d3:d7:b4:6f:a2:dd:b0:e2:91:cc:e9:
9f:30:90:c0:3a:ed:b9:b6:5b:12:67:60:ae:c3:6f:
6b:cf:88:c9:02:72:be:b7:21:b3:af:2a:e4:7c:56:
8f:6e:20:03:6d:dd:bb:f6:e4:f0:e3:86:94:d5:3f:
13:3d:7f:67:60:c2:f9:3c:34:6d:79:37:5a:8a:8a:
a9:9a:fe:76:f5:41:e9:36:83:b7:3f:e3:0d:8c:06:
43:a3:97:f3:db:97:37:c0:58:03:18:93:6f:25:25:
ec:4a:d3:cd:ef:8c:5a:ce:8e:46:25:99:04:5b:c7:
d7:51:67:89:4e:00:e6:55:89:a8:3d:34:08:ad:ec:
ca:8a:7a:e6:ee:40:e2:db:4e:3f:66:0e:e3:e5:cf:
a4:a2:1e:8d:83:f2:35:64:1e:c3:71:d6:81:3a:5c:
40:b6:39:3e:3d:e2:56:3e:c5:66:da:54:50:00:a9:
cb:c4:71:6f:59:64:12:5a:c4:db:f6:a3:b4:2c:09:
c4:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:2A:12:93:A1:D0:A8:63:59:64:AC:37:F2:F9:B8:B9:E6:66:EC:AB
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/14FC84E89E0811EDAF82DD74C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.194.119.0/24
103.212.132.0/23
103.217.80.0/23
103.225.180.0/23
103.229.209.0/24
103.252.42.0/23
Signature Algorithm: sha256WithRSAEncryption
59:70:15:ed:84:de:54:8d:5c:5d:32:29:57:bd:ea:e8:2d:3b:
05:f2:2e:3e:1a:5c:78:a4:7d:8a:d5:7c:08:07:4e:f2:c3:5f:
41:b7:95:29:8f:d1:92:2c:dd:10:9a:15:3c:01:af:5b:6c:39:
3b:d4:b9:68:8d:b3:56:db:33:c5:d7:92:f9:91:d8:a8:55:11:
05:d7:d1:47:0b:40:30:4f:e3:41:63:eb:8f:d9:be:9e:64:9e:
6d:78:09:b5:37:63:e4:92:90:bd:05:db:01:d6:75:00:6b:05:
bc:08:e2:69:e6:8b:ba:f7:4c:c1:42:e2:5d:1e:c0:f0:7a:0e:
b7:69:b4:d2:91:ff:31:b1:7a:9c:48:d1:25:8e:eb:b0:67:b8:
d3:6e:63:5d:66:56:2b:e1:e1:84:12:e7:27:b2:ec:03:a7:38:
77:6f:b4:c8:a3:f2:88:76:3f:05:9f:15:cd:9f:79:da:c7:5d:
b4:b1:62:29:2c:29:19:4d:65:8b:db:9b:3c:73:0d:9d:66:33:
15:ea:99:76:a5:43:00:69:32:45:ed:dc:1f:b6:a2:9f:73:54:
25:20:f3:74:bb:61:b6:a3:c3:e6:67:2a:7e:6f:3e:5c:53:3c:
62:22:db:5b:da:ed:80:44:1b:ff:8e:c3:30:6f:6a:0e:1e:ce:
46:c4:fc:d0
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgICY9QwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMwMTI3MDYyMTQ3WhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2QzNmQ3Yi03ZjYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvDonnx/KQ/c2DzWrzW4Q6URfeo6r77mfiqzMaVaY8DwrmyTBUzSwByCcH4BX
CECuAvrCCEXsOFxNhyLefcea09e0b6LdsOKRzOmfMJDAOu25tlsSZ2Cuw29rz4jJ
AnK+tyGzryrkfFaPbiADbd279uTw44aU1T8TPX9nYML5PDRteTdaioqpmv529UHp
NoO3P+MNjAZDo5fz25c3wFgDGJNvJSXsStPN74xazo5GJZkEW8fXUWeJTgDmVYmo
PTQIrezKinrm7kDi204/Zg7j5c+koh6Ng/I1ZB7DcdaBOlxAtjk+PeJWPsVm2lRQ
AKnLxHFvWWQSWsTb9qO0LAnE1wIDAQABo4ICszCCAq8wHQYDVR0OBBYEFPYqEpOh
0KhjWWSsN/L5uLnmZuyrMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvMTRGQzg0RTg5
RTA4MTFFREFGODJERDc0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPQYIKwYBBQUHAQcBAf8E
LjAsMCoEAgABMCQDBABnwncDBAFn1IQDBAFn2VADBAFn4bQDBABn5dEDBAFn/Cow
DQYJKoZIhvcNAQELBQADggEBAFlwFe2E3lSNXF0yKVe96ugtOwXyLj4aXHikfYrV
fAgHTvLDX0G3lSmP0ZIs3RCaFTwBr1tsOTvUuWiNs1bbM8XXkvmR2KhVEQXX0UcL
QDBP40Fj64/Zvp5knm14CbU3Y+SSkL0F2wHWdQBrBbwI4mnmi7r3TMFC4l0ewPB6
DrdptNKR/zGxepxI0SWO67BnuNNuY11mVivh4YQS5yey7AOnOHdvtMij8oh2PwWf
Fc2fedrHXbSxYiksKRlNZYvbmzxzDZ1mMxXqmXalQwBpMkXt3B+2op9zVCUg83S7
Ybajw+ZnKn5vPlxTPGIi21va7YBEG/+OwzBvag4ezkbE/NA=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:48 2023 by rpki-client on console-ams.rpki-client.org