Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/33D2FE1A93D711EC85DCC43FC4F9AE02.roa
File: 33D2FE1A93D711EC85DCC43FC4F9AE02.roa (raw, json)
Hash identifier: YwuST3FCeV4D2bImpvMZe37lKWa3eTDPD296f+iA8GE=
Subject key identifier: 6F:C6:71:2D:5C:F3:9A:1F:93:A4:2D:EE:D5:F3:74:59:DF:49:4E:37
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 48EE
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/33D2FE1A93D711EC85DCC43FC4F9AE02.roa
Signing time: Tue 22 Feb 2022 12:01:44 +0000
ROA not before: Tue 22 Feb 2022 12:01:44 +0000
ROA not after: Fri 01 Jul 2022 00:00:00 +0000
asID: 149250
IP address blocks: 103.179.114.0/24 maxlen: 24
103.179.115.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18670 (0x48ee)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Feb 22 12:01:44 2022 GMT
Not After : Jul 1 00:00:00 2022 GMT
Subject: CN=6214d0a8-413d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:9d:a1:5c:22:7b:5e:d6:7a:99:dc:62:2f:64:
c0:bb:de:b4:24:4a:5e:4d:63:4f:13:47:a9:ab:18:
9f:d2:45:07:e3:59:f8:2e:97:b6:27:6e:ce:5c:23:
98:7f:a4:88:f9:1c:f4:6e:a8:9a:32:89:64:52:72:
fd:3f:a8:6f:a2:2a:bd:99:d7:bc:68:92:99:71:f5:
35:4a:c5:59:8c:1b:fb:7b:8e:55:7d:1d:4d:0d:89:
89:f1:55:f7:98:b0:85:64:71:72:c5:03:58:e7:54:
66:f7:11:98:5c:40:07:5c:47:68:a9:61:28:37:0b:
55:ae:78:2c:da:2b:01:63:62:2c:6d:57:7f:53:07:
ff:21:db:e9:b8:56:52:b5:99:46:ce:df:b9:7f:cd:
11:02:94:bc:f4:c6:c0:15:d7:d2:92:ca:d1:0d:47:
98:10:fb:cb:51:ed:67:d8:bc:27:58:fd:55:0c:99:
a1:6c:54:aa:6d:ce:fe:3d:d4:85:36:57:b6:b7:d8:
1a:48:d8:80:ea:9d:84:cc:62:7f:e1:7e:4a:12:67:
ec:5c:53:c8:82:16:86:47:ff:b5:17:0c:8f:47:da:
4e:20:8a:6b:42:df:aa:ed:1c:09:c4:19:06:73:6d:
ea:8d:c7:8f:ed:2a:72:47:e1:7c:79:09:fe:91:0c:
53:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:C6:71:2D:5C:F3:9A:1F:93:A4:2D:EE:D5:F3:74:59:DF:49:4E:37
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/33D2FE1A93D711EC85DCC43FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.179.114.0/23
Signature Algorithm: sha256WithRSAEncryption
a5:d3:18:dc:65:66:e5:b0:b3:30:0d:31:cb:e1:d7:4d:21:24:
31:fc:94:85:f8:6b:0d:39:29:29:d8:b1:4d:ca:ca:2c:58:86:
7c:4c:64:57:67:6a:e3:ae:ee:a1:42:13:60:2c:db:66:08:6c:
8a:e9:07:6a:24:82:1e:dc:60:e8:f8:95:4e:3c:be:01:d1:1c:
50:c3:4b:17:10:f5:4b:03:1c:03:4c:ef:02:83:b5:3f:61:8e:
6e:30:34:b3:f8:03:cb:d8:46:e8:50:62:4d:53:78:cc:e2:0d:
30:e9:c9:ca:67:6a:4a:91:8f:73:62:cc:c1:ae:1a:9d:1d:e5:
fc:26:40:42:2a:c6:f2:47:ef:7a:09:57:b3:71:46:a4:02:e8:
f3:62:f9:77:98:5b:b1:22:fb:32:cd:9c:59:ca:cf:de:bd:2d:
d7:7d:b0:a1:54:2f:23:fc:37:dd:75:c6:71:a4:ba:0b:0b:f6:
4e:fa:44:a7:79:c0:f5:6f:88:ce:15:7a:48:bf:2f:ef:73:07:
6b:79:61:e1:e2:e1:ef:84:fa:8f:c9:f5:dc:a7:27:c0:35:d4:
47:4b:b7:19:42:3b:c9:22:3b:14:0a:cd:98:c3:61:8b:0b:b4:
23:fa:54:6b:48:27:36:5d:9b:32:2d:ee:4f:96:b8:e7:7c:ee:
73:a3:77:7f
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICSO4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjIwMjIyMTIwMTQ0WhcNMjIwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjE0ZDBhOC00MTNkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAmZ2hXCJ7XtZ6mdxiL2TAu960JEpeTWNPE0epqxif0kUH41n4Lpe2J27OXCOY
f6SI+Rz0bqiaMolkUnL9P6hvoiq9mde8aJKZcfU1SsVZjBv7e45VfR1NDYmJ8VX3
mLCFZHFyxQNY51Rm9xGYXEAHXEdoqWEoNwtVrngs2isBY2IsbVd/Uwf/IdvpuFZS
tZlGzt+5f80RApS89MbAFdfSksrRDUeYEPvLUe1n2LwnWP1VDJmhbFSqbc7+PdSF
Nle2t9gaSNiA6p2EzGJ/4X5KEmfsXFPIghaGR/+1FwyPR9pOIIprQt+q7RwJxBkG
c23qjceP7SpyR+F8eQn+kQxT1QIDAQABo4IClTCCApEwHQYDVR0OBBYEFG/GcS1c
85ofk6Qt7tXzdFnfSU43MB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvMzNEMkZFMUE5
M0Q3MTFFQzg1RENDNDNGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFns3IwDQYJKoZIhvcNAQELBQADggEBAKXTGNxlZuWwszAN
Mcvh100hJDH8lIX4aw05KSnYsU3KyixYhnxMZFdnauOu7qFCE2As22YIbIrpB2ok
gh7cYOj4lU48vgHRHFDDSxcQ9UsDHANM7wKDtT9hjm4wNLP4A8vYRuhQYk1TeMzi
DTDpycpnakqRj3NizMGuGp0d5fwmQEIqxvJH73oJV7NxRqQC6PNi+XeYW7Ei+zLN
nFnKz969Ldd9sKFULyP8N911xnGkugsL9k76RKd5wPVviM4Veki/L+9zB2t5YeHi
4e+E+o/J9dynJ8A11EdLtxlCO8kiOxQKzZjDYYsLtCP6VGtIJzZdmzIt7k+WuOd8
7nOjd38=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:52 2023 by rpki-client on console-fra.rpki-client.org