Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/2A7F51F6FD5B11EA9188B658C4F9AE02.roa
File: 2A7F51F6FD5B11EA9188B658C4F9AE02.roa (raw, json)
Hash identifier: sdDJcvAIPsImt9TUQkshArx3i567EeWtMiZ+BtZGeiw=
Subject key identifier: 86:A2:13:51:D5:21:49:61:ED:AC:9D:CD:BB:A4:52:BE:33:5F:F9:8D
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 4F97
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/2A7F51F6FD5B11EA9188B658C4F9AE02.roa
Signing time: Mon 16 May 2022 04:06:50 +0000
ROA not before: Mon 16 May 2022 04:06:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 134042
IP address blocks: 103.61.196.0/24 maxlen: 24
103.61.197.0/24 maxlen: 24
103.61.198.0/24 maxlen: 24
103.61.199.0/24 maxlen: 24
103.68.32.0/22 maxlen: 24
103.69.224.0/22 maxlen: 22
103.69.224.0/24 maxlen: 24
103.69.225.0/24 maxlen: 24
103.69.226.0/24 maxlen: 24
103.69.227.0/24 maxlen: 24
103.78.148.0/22 maxlen: 22
103.78.148.0/24 maxlen: 24
103.78.149.0/24 maxlen: 24
103.78.150.0/24 maxlen: 24
103.78.151.0/24 maxlen: 24
103.89.8.0/24 maxlen: 24
103.138.78.0/23 maxlen: 24
103.165.26.0/23 maxlen: 24
103.171.2.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20375 (0x4f97)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: May 16 04:06:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6281cdda-0a03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:c6:87:6a:39:a3:63:b4:f8:7e:0a:b9:cd:6f:
1f:b5:20:e7:7c:c8:c7:56:f5:da:ee:a4:82:e3:50:
c6:b0:45:d4:7d:f1:6f:23:a0:4d:eb:5e:5b:4e:66:
e9:22:87:41:90:6f:7b:5b:05:65:29:4e:3b:ca:35:
5b:11:d0:00:c9:60:7c:06:1c:57:de:8f:a9:d6:b7:
b2:c5:3b:18:13:5c:52:91:3f:e0:6d:8d:21:4d:64:
5b:75:1e:f8:f3:f3:8c:94:62:6d:15:42:f1:14:ad:
fa:be:d2:63:7e:10:f5:ea:e5:9d:26:8d:45:e1:4f:
c7:27:a5:b3:00:cb:72:3e:d1:97:ee:3d:80:30:8d:
de:69:55:9a:29:a7:71:f5:68:71:59:0e:ae:65:77:
5c:c4:e9:ec:36:be:74:dc:c2:07:8e:d0:ca:57:82:
3e:de:64:58:d9:9c:5a:24:96:86:2c:66:03:e9:07:
b5:06:3c:8c:6c:6a:73:b1:db:56:5f:50:ea:1e:50:
25:c6:84:75:86:a9:66:e4:74:85:b6:67:d1:29:07:
38:c3:48:82:55:be:78:ec:c2:9f:4b:a7:6a:fe:68:
45:42:e1:b2:a1:65:6b:b7:70:d0:bf:00:b4:bd:f5:
c0:cc:32:51:3e:9a:04:46:37:81:21:c5:66:a3:98:
5f:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:A2:13:51:D5:21:49:61:ED:AC:9D:CD:BB:A4:52:BE:33:5F:F9:8D
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/2A7F51F6FD5B11EA9188B658C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.61.196.0/22
103.68.32.0/22
103.69.224.0/22
103.78.148.0/22
103.89.8.0/24
103.138.78.0/23
103.165.26.0/23
103.171.2.0/23
Signature Algorithm: sha256WithRSAEncryption
9c:c0:36:e3:07:cf:05:26:c2:6f:b9:10:3a:49:ba:ca:3c:ce:
ba:be:5b:11:62:ef:0b:78:85:92:41:cd:34:17:7d:8a:93:59:
48:06:76:97:6a:6c:c0:53:55:ce:1c:45:fe:05:18:ed:31:71:
b5:42:7a:2c:2e:ca:fd:d3:b6:65:0e:1b:d2:f8:46:f4:56:77:
db:bd:63:88:0a:51:0a:09:b7:ae:d0:92:a5:80:45:82:a2:98:
33:9a:25:40:6d:33:ce:0e:e0:cc:a9:cf:4f:96:ba:98:88:cd:
cc:5e:ee:e7:e6:2d:cc:ae:d3:35:68:db:fd:41:40:a0:eb:fb:
05:e1:97:27:d9:d3:5c:6f:74:be:18:fd:6b:d0:86:66:58:38:
26:4c:9e:29:b2:c3:ef:0d:cb:11:cf:c4:4c:e0:d6:87:e3:48:
90:50:92:f7:15:6b:97:59:27:6a:73:23:62:fc:9a:d0:40:21:
6b:b7:cb:c2:44:fc:d6:01:7b:f3:4b:09:fb:6c:8a:44:76:12:
44:b5:ca:7a:9a:ce:20:31:82:30:39:ce:62:de:26:7d:da:3c:
bc:6e:27:e3:8c:e3:31:58:af:30:f9:62:c9:4e:03:dd:6b:d1:
e1:32:99:bf:11:5a:90:b2:b1:ec:7b:aa:92:4e:be:c3:b4:f6:
1b:2e:66:ce
-----BEGIN CERTIFICATE-----
MIIFmzCCBIOgAwIBAgICT5cwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjIwNTE2MDQwNjUwWhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjgxY2RkYS0wYTAzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAx8aHajmjY7T4fgq5zW8ftSDnfMjHVvXa7qSC41DGsEXUffFvI6BN615bTmbp
IodBkG97WwVlKU47yjVbEdAAyWB8BhxX3o+p1reyxTsYE1xSkT/gbY0hTWRbdR74
8/OMlGJtFULxFK36vtJjfhD16uWdJo1F4U/HJ6WzAMtyPtGX7j2AMI3eaVWaKadx
9WhxWQ6uZXdcxOnsNr503MIHjtDKV4I+3mRY2ZxaJJaGLGYD6Qe1BjyMbGpzsdtW
X1DqHlAlxoR1hqlm5HSFtmfRKQc4w0iCVb547MKfS6dq/mhFQuGyoWVrt3DQvwC0
vfXAzDJRPpoERjeBIcVmo5hf6QIDAQABo4ICvzCCArswHQYDVR0OBBYEFIaiE1HV
IUlh7aydzbukUr4zX/mNMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvMkE3RjUxRjZG
RDVCMTFFQTkxODhCNjU4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwSQYIKwYBBQUHAQcBAf8E
OjA4MDYEAgABMDADBAJnPcQDBAJnRCADBAJnReADBAJnTpQDBABnWQgDBAFnik4D
BAFnpRoDBAFnqwIwDQYJKoZIhvcNAQELBQADggEBAJzANuMHzwUmwm+5EDpJuso8
zrq+WxFi7wt4hZJBzTQXfYqTWUgGdpdqbMBTVc4cRf4FGO0xcbVCeiwuyv3TtmUO
G9L4RvRWd9u9Y4gKUQoJt67QkqWARYKimDOaJUBtM84O4Mypz0+WupiIzcxe7ufm
Lcyu0zVo2/1BQKDr+wXhlyfZ01xvdL4Y/WvQhmZYOCZMnimyw+8NyxHPxEzg1ofj
SJBQkvcVa5dZJ2pzI2L8mtBAIWu3y8JE/NYBe/NLCftsikR2EkS1ynqaziAxgjA5
zmLeJn3aPLxuJ+OM4zFYrzD5YslOA91r0eEymb8RWpCysex7qpJOvsO09hsuZs4=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:48 2023 by rpki-client on console-ams.rpki-client.org