Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/2EF70328D8C511EBB077C81FC4F9AE02.roa
File: 2EF70328D8C511EBB077C81FC4F9AE02.roa (raw, json)
Hash identifier: 38MbmPuwXauJRuOyuv1ZQkMB5RFW1H2KEy/Hien1dl8=
Subject key identifier: 49:2B:72:E1:41:08:D2:6D:BF:E9:6D:8D:00:0A:C1:D0:37:2C:DA:C9
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 3712
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/2EF70328D8C511EBB077C81FC4F9AE02.roa
Signing time: Tue 29 Jun 2021 10:31:38 +0000
ROA not before: Tue 29 Jun 2021 10:31:38 +0000
ROA not after: Fri 01 Jul 2022 00:00:00 +0000
asID: 142464
IP address blocks: 103.168.216.0/23 maxlen: 23
103.168.217.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14098 (0x3712)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Jun 29 10:31:38 2021 GMT
Not After : Jul 1 00:00:00 2022 GMT
Subject: CN=60daf689-1890
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:2e:b9:03:19:fa:6f:dc:2a:8a:2e:9f:b5:b3:
5f:96:c9:c4:84:33:ea:bc:84:85:20:f5:25:e4:4e:
80:a6:f3:f6:9c:c3:e8:81:b4:fd:54:22:14:32:f5:
30:b9:9e:04:e3:4f:1d:e6:f5:f4:0d:d9:0d:20:b3:
8f:8d:4a:06:91:95:a3:27:f0:3c:00:58:dc:44:77:
51:4c:5d:6e:2b:6e:1a:89:93:eb:79:d0:5f:7d:6c:
d6:48:57:d6:11:a7:07:ce:8f:91:85:d9:6a:5e:d0:
af:b1:f7:ab:31:5c:5a:58:95:eb:13:29:0f:dd:68:
99:b5:e2:d8:0d:97:7c:86:26:e3:55:41:58:67:1f:
0e:8b:6a:b3:20:6b:84:79:94:dd:63:36:ad:26:59:
27:13:fe:04:62:c9:99:ad:c4:20:c0:a8:0e:11:ff:
84:0d:2a:9d:6a:53:1d:f8:31:ff:52:6a:3c:34:00:
f2:55:d3:1e:24:6e:b2:3d:2c:9a:87:84:da:ae:1a:
98:53:2c:63:7c:d5:0a:16:52:1c:b7:b6:78:f4:4a:
f4:a4:c5:0d:c8:64:41:fc:f3:a4:74:28:0e:77:17:
03:b4:40:2c:11:7d:de:3f:69:d5:4b:7f:ae:aa:c4:
00:4b:3a:1a:6f:12:00:46:a7:33:92:20:27:7f:9d:
83:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:2B:72:E1:41:08:D2:6D:BF:E9:6D:8D:00:0A:C1:D0:37:2C:DA:C9
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/2EF70328D8C511EBB077C81FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.168.216.0/23
Signature Algorithm: sha256WithRSAEncryption
b1:36:3e:aa:de:aa:e8:3a:ec:e9:7d:12:b1:be:a6:6f:eb:9b:
6b:72:15:ce:55:f2:86:98:25:bc:81:02:35:eb:d7:19:43:5c:
94:76:56:03:37:7e:1d:8d:cb:b1:dd:a0:51:49:b6:1c:0c:33:
01:36:a2:23:18:70:90:33:af:cd:b9:cc:9a:17:97:08:91:80:
55:18:c8:55:28:af:41:a5:cb:38:4a:c7:5d:c7:a9:e2:8d:0e:
11:89:bf:03:54:35:c7:a4:2e:aa:af:bb:98:74:b8:ee:22:83:
3b:59:19:fd:74:be:e5:11:c2:ed:de:d5:ff:44:56:ba:1f:fb:
7b:90:b4:5a:a2:5d:3a:cc:e4:4d:73:db:08:6c:b7:70:02:91:
c1:4c:60:03:9c:b2:3d:21:97:d4:f1:6f:b7:06:34:78:93:b1:
b0:c7:80:52:fb:4d:55:7b:40:f0:71:d7:2a:10:6a:26:93:92:
72:df:ff:46:78:ea:04:7e:7b:50:6e:a8:66:5b:be:bb:3f:07:
79:1a:47:c0:2a:3b:94:78:f3:b7:55:72:6b:03:02:07:41:7e:
f2:a2:15:26:87:17:c7:58:52:e8:fd:27:89:f2:7d:04:79:26:
56:67:92:0e:24:8d:4d:ca:c9:f2:01:a8:08:f4:43:62:c3:89:
6d:6a:32:75
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICNxIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjEwNjI5MTAzMTM4WhcNMjIwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MGRhZjY4OS0xODkwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAoi65Axn6b9wqii6ftbNflsnEhDPqvISFIPUl5E6ApvP2nMPogbT9VCIUMvUw
uZ4E408d5vX0DdkNILOPjUoGkZWjJ/A8AFjcRHdRTF1uK24aiZPredBffWzWSFfW
EacHzo+RhdlqXtCvsferMVxaWJXrEykP3WiZteLYDZd8hibjVUFYZx8Oi2qzIGuE
eZTdYzatJlknE/4EYsmZrcQgwKgOEf+EDSqdalMd+DH/Umo8NADyVdMeJG6yPSya
h4TarhqYUyxjfNUKFlIct7Z49Er0pMUNyGRB/POkdCgOdxcDtEAsEX3eP2nVS3+u
qsQASzoabxIARqczkiAnf52DFQIDAQABo4IClTCCApEwHQYDVR0OBBYEFEkrcuFB
CNJtv+ltjQAKwdA3LNrJMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvMkVGNzAzMjhE
OEM1MTFFQkIwNzdDODFGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnqNgwDQYJKoZIhvcNAQELBQADggEBALE2Pqrequg67Ol9
ErG+pm/rm2tyFc5V8oaYJbyBAjXr1xlDXJR2VgM3fh2Ny7HdoFFJthwMMwE2oiMY
cJAzr825zJoXlwiRgFUYyFUor0GlyzhKx13HqeKNDhGJvwNUNcekLqqvu5h0uO4i
gztZGf10vuURwu3e1f9EVrof+3uQtFqiXTrM5E1z2whst3ACkcFMYAOcsj0hl9Tx
b7cGNHiTsbDHgFL7TVV7QPBx1yoQaiaTknLf/0Z46gR+e1BuqGZbvrs/B3kaR8Aq
O5R487dVcmsDAgdBfvKiFSaHF8dYUuj9J4nyfQR5JlZnkg4kjU3KyfIBqAj0Q2LD
iW1qMnU=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:51 2023 by rpki-client on console-fra.rpki-client.org