Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/3BDA4EF6C6F811ED84D3881EC4F9AE02.roa
File: 3BDA4EF6C6F811ED84D3881EC4F9AE02.roa (raw, json)
Hash identifier: Hzyj9eeOMuhTj57v4lBZg5zWNRE7hakk2Pn+yn7tsZw=
Subject key identifier: AA:6B:30:0A:28:F9:13:44:CC:99:32:D5:1E:3A:1F:93:9B:0E:FD:85
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 66E6
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/3BDA4EF6C6F811ED84D3881EC4F9AE02.roa
Signing time: Mon 20 Mar 2023 08:21:38 +0000
ROA not before: Mon 20 Mar 2023 08:21:38 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 149222
IP address blocks: 103.179.104.0/24 maxlen: 24
103.179.105.0/24 maxlen: 24
2001:df1:6c40::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 26342 (0x66e6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Mar 20 08:21:38 2023 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=64181791-bbe4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:e0:be:c9:bb:bb:80:aa:8f:4f:1d:9a:21:61:
fd:7c:e5:a1:52:90:79:f4:6a:dd:a8:97:a6:92:ce:
30:12:d9:17:09:98:ae:74:0f:da:99:2f:2b:b5:b5:
83:80:81:2f:1b:41:42:f1:33:03:61:c2:17:71:34:
c0:e6:d5:20:fb:1f:01:d6:25:d0:31:6c:c2:27:80:
9c:c1:de:80:36:cf:b8:82:55:59:1f:db:dc:26:77:
26:e8:74:6f:9d:4b:16:f7:87:89:28:8e:f0:d4:00:
1e:eb:e5:4a:1c:98:0d:86:19:4b:c7:d4:48:6d:3a:
38:a2:b6:a4:13:a4:90:49:14:fd:19:8f:db:5d:c1:
1a:7f:02:56:56:17:86:05:a9:82:13:d7:c7:6a:09:
7e:6a:57:1f:34:cd:9c:6f:e1:d7:bb:77:2f:7d:f3:
69:33:8f:10:b4:9b:04:bc:6b:ed:c8:f7:bc:b8:c1:
ec:be:c8:23:c0:77:c2:9e:1d:3d:35:45:c3:92:87:
d4:85:3d:ec:8f:65:9b:0d:ce:f7:f5:b5:0b:6a:e5:
fe:2a:a4:e2:75:52:b4:19:7e:0a:24:06:bc:6e:cb:
8f:4a:42:49:2e:41:79:24:58:3e:1b:09:bd:2a:39:
f3:56:7a:10:29:41:ee:5c:eb:36:67:19:84:74:21:
c8:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:6B:30:0A:28:F9:13:44:CC:99:32:D5:1E:3A:1F:93:9B:0E:FD:85
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/3BDA4EF6C6F811ED84D3881EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.179.104.0/23
IPv6:
2001:df1:6c40::/48
Signature Algorithm: sha256WithRSAEncryption
ad:03:80:a2:70:1c:ba:52:9c:a3:62:51:14:55:49:61:7e:7c:
d8:a0:c7:4e:ca:7c:7e:85:dd:11:45:bc:6f:73:c6:9a:93:29:
21:8f:41:87:c9:32:31:20:61:fa:70:b1:f5:1c:bc:70:34:d0:
8d:5a:f1:9c:91:5a:56:53:b1:2f:f8:ce:86:4f:7c:d5:a4:c9:
9c:be:2a:4f:6f:ab:0a:93:6d:5a:e5:9b:7e:35:1e:30:b3:60:
c2:93:c0:19:7d:e0:1d:73:4a:4c:0f:81:0a:98:25:eb:16:b3:
f1:78:0d:02:98:9e:be:ae:b5:22:b6:28:e4:10:95:47:60:10:
b5:bb:f9:4e:80:be:93:db:0d:53:6a:21:6b:55:75:1f:d7:32:
d3:15:b0:85:60:e9:46:18:5a:3e:41:51:b0:89:79:94:96:14:
88:99:24:4a:05:8f:29:12:88:12:a8:df:e2:c7:51:09:8b:2f:
e2:be:2f:a5:c5:10:29:c3:d4:48:ed:d4:33:08:b3:30:16:87:
f9:90:3b:af:10:92:90:1c:11:5e:1d:5d:0a:3e:74:4e:cc:ab:
9f:8d:78:ea:64:c4:56:10:6d:53:a1:bc:d0:87:bb:48:23:f5:
fb:b1:01:28:86:de:41:8b:42:04:f1:97:a3:84:0f:53:50:22:
f6:d2:c4:e3
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICZuYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMwMzIwMDgyMTM4WhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDE4MTc5MS1iYmU0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAteC+ybu7gKqPTx2aIWH9fOWhUpB59GrdqJemks4wEtkXCZiudA/amS8rtbWD
gIEvG0FC8TMDYcIXcTTA5tUg+x8B1iXQMWzCJ4Ccwd6ANs+4glVZH9vcJncm6HRv
nUsW94eJKI7w1AAe6+VKHJgNhhlLx9RIbTo4orakE6SQSRT9GY/bXcEafwJWVheG
BamCE9fHagl+alcfNM2cb+HXu3cvffNpM48QtJsEvGvtyPe8uMHsvsgjwHfCnh09
NUXDkofUhT3sj2WbDc739bULauX+KqTidVK0GX4KJAa8bsuPSkJJLkF5JFg+Gwm9
KjnzVnoQKUHuXOs2ZxmEdCHIYQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFKprMAoo
+RNEzJky1R46H5ObDv2FMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvM0JEQTRFRjZD
NkY4MTFFRDg0RDM4ODFFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFns2gwDwQCAAIwCQMHACABDfFsQDANBgkqhkiG9w0BAQsF
AAOCAQEArQOAonAculKco2JRFFVJYX582KDHTsp8foXdEUW8b3PGmpMpIY9Bh8ky
MSBh+nCx9Ry8cDTQjVrxnJFaVlOxL/jOhk981aTJnL4qT2+rCpNtWuWbfjUeMLNg
wpPAGX3gHXNKTA+BCpgl6xaz8XgNApievq61IrYo5BCVR2AQtbv5ToC+k9sNU2oh
a1V1H9cy0xWwhWDpRhhaPkFRsIl5lJYUiJkkSgWPKRKIEqjf4sdRCYsv4r4vpcUQ
KcPUSO3UMwizMBaH+ZA7rxCSkBwRXh1dCj50Tsyrn4146mTEVhBtU6G80Ie7SCP1
+7EBKIbeQYtCBPGXo4QPU1Ai9tLE4w==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:48 2023 by rpki-client on console-ams.rpki-client.org