Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/24BBC43088AA11ECB4A1BC26C4F9AE02.roa
File: 24BBC43088AA11ECB4A1BC26C4F9AE02.roa (raw, json)
Hash identifier: KfCYD6hjVhAe5CECh2UV7WCYG0q3s+y2bQE/WrWyUPA=
Subject key identifier: BB:94:22:BF:89:09:70:A4:C5:9E:90:C1:4A:0A:19:93:DA:29:0E:EB
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 4F14
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/24BBC43088AA11ECB4A1BC26C4F9AE02.roa
Signing time: Mon 16 May 2022 04:04:19 +0000
ROA not before: Mon 16 May 2022 04:04:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 133252
IP address blocks: 103.38.150.0/24 maxlen: 24
103.225.77.0/24 maxlen: 24
103.233.120.0/24 maxlen: 24
103.235.64.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20244 (0x4f14)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: May 16 04:04:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6281cd43-c166
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:0e:26:36:a2:91:a7:a3:f0:7a:12:a3:36:fe:
50:49:85:23:44:d5:94:21:51:4a:3d:da:49:28:71:
22:e4:5a:6a:9b:5b:37:01:4e:e0:40:c4:fb:a3:ff:
e3:20:65:63:ac:0a:2d:2b:2f:a1:94:5a:c0:a0:29:
70:8e:3b:8c:eb:09:4c:27:e8:67:a8:2f:a1:c3:c9:
a8:f1:c7:d4:82:a8:d1:9d:79:c2:fb:42:f3:0e:6d:
92:99:0d:d5:a0:43:f0:dc:eb:8f:fd:4c:1e:d8:e0:
db:91:2e:0c:84:36:4c:01:b4:4f:bf:20:40:26:0d:
42:09:bc:52:a9:99:62:18:f1:c1:bf:3c:2a:3d:c6:
c9:d1:70:4f:de:b9:3f:7f:57:aa:96:4b:61:96:f8:
46:0e:b2:71:f6:b9:ab:d4:1d:17:97:f9:c8:fb:1a:
a4:36:6e:b6:0e:68:bf:80:60:14:70:1a:50:92:b6:
df:b3:f6:da:a3:70:37:55:14:d1:1d:46:f4:cf:e3:
a9:e9:8d:f6:f4:72:b7:20:cb:d8:a9:50:a6:cb:06:
41:dc:7c:52:b9:aa:4a:74:96:f7:ab:2b:e8:0a:2d:
34:23:3f:5c:43:67:82:f2:c5:1a:8a:b8:20:2d:b3:
03:c4:ef:7b:98:64:b0:79:95:b9:97:f0:ee:72:41:
2d:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:94:22:BF:89:09:70:A4:C5:9E:90:C1:4A:0A:19:93:DA:29:0E:EB
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/24BBC43088AA11ECB4A1BC26C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.38.150.0/24
103.225.77.0/24
103.233.120.0/24
103.235.64.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:bd:26:fa:8f:3e:f9:c4:20:72:0c:55:84:4f:22:f6:13:4c:
58:ad:b2:7b:8e:13:e3:b3:13:87:68:fc:6a:e7:5b:6c:a8:78:
77:e1:09:01:76:55:15:99:7b:de:1b:4d:07:7f:f7:86:dc:8d:
94:90:b0:77:fc:c2:bc:27:da:eb:c5:81:18:35:e2:d0:d6:b5:
af:d8:d1:ea:03:72:0f:6e:96:2c:34:14:89:88:ff:8f:22:e6:
7a:f4:12:2d:b4:67:d6:c7:fb:98:92:59:bb:f3:40:e2:a3:55:
b6:50:58:be:76:e3:fe:96:f9:dc:91:2b:f6:58:62:bd:9a:2b:
ab:76:ba:df:6a:5f:9b:a1:6a:79:bf:97:84:7b:34:d0:00:70:
36:ad:1b:88:3b:88:c7:ef:12:c3:59:b7:b4:d0:26:85:ac:1c:
cd:40:b9:51:c6:0e:0e:da:c6:78:dd:db:fc:98:30:e2:ba:2e:
63:cb:65:98:09:2a:d6:40:1e:69:e7:34:34:86:28:02:68:04:
0f:cf:e5:c2:ea:a1:9d:a7:21:e4:db:7f:e9:01:9c:91:c5:b7:
6c:02:8b:db:ef:9a:a4:98:ad:0a:13:dd:24:5f:63:56:22:00:
49:17:89:cf:39:1a:e8:28:a3:ee:61:7e:54:5b:2e:03:e3:fc:
4a:0f:e3:ea
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICTxQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjIwNTE2MDQwNDE5WhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjgxY2Q0My1jMTY2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzQ4mNqKRp6PwehKjNv5QSYUjRNWUIVFKPdpJKHEi5Fpqm1s3AU7gQMT7o//j
IGVjrAotKy+hlFrAoClwjjuM6wlMJ+hnqC+hw8mo8cfUgqjRnXnC+0LzDm2SmQ3V
oEPw3OuP/Uwe2ODbkS4MhDZMAbRPvyBAJg1CCbxSqZliGPHBvzwqPcbJ0XBP3rk/
f1eqlkthlvhGDrJx9rmr1B0Xl/nI+xqkNm62Dmi/gGAUcBpQkrbfs/bao3A3VRTR
HUb0z+Op6Y329HK3IMvYqVCmywZB3HxSuapKdJb3qyvoCi00Iz9cQ2eC8sUairgg
LbMDxO97mGSweZW5l/DuckEtqwIDAQABo4ICpzCCAqMwHQYDVR0OBBYEFLuUIr+J
CXCkxZ6QwUoKGZPaKQ7rMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvMjRCQkM0MzA4
OEFBMTFFQ0I0QTFCQzI2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMQYIKwYBBQUHAQcBAf8E
IjAgMB4EAgABMBgDBABnJpYDBABn4U0DBABn6XgDBABn60AwDQYJKoZIhvcNAQEL
BQADggEBAKi9JvqPPvnEIHIMVYRPIvYTTFitsnuOE+OzE4do/GrnW2yoeHfhCQF2
VRWZe94bTQd/94bcjZSQsHf8wrwn2uvFgRg14tDWta/Y0eoDcg9uliw0FImI/48i
5nr0Ei20Z9bH+5iSWbvzQOKjVbZQWL524/6W+dyRK/ZYYr2aK6t2ut9qX5uhanm/
l4R7NNAAcDatG4g7iMfvEsNZt7TQJoWsHM1AuVHGDg7axnjd2/yYMOK6LmPLZZgJ
KtZAHmnnNDSGKAJoBA/P5cLqoZ2nIeTbf+kBnJHFt2wCi9vvmqSYrQoT3SRfY1Yi
AEkXic85Gugoo+5hflRbLgPj/EoP4+o=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:51 2023 by rpki-client on console-fra.rpki-client.org