Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/3C9E663ACB7511ECA314FF62C4F9AE02.roa
File: 3C9E663ACB7511ECA314FF62C4F9AE02.roa (raw, json)
Hash identifier: ta6hs6vEzhsDPQ1eQf+qjfhf6h7JIOlNwSjcaMW+AMg=
Subject key identifier: E3:3E:58:9E:00:A6:26:A7:31:E1:D0:86:36:0B:D5:E6:57:3A:C7:72
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 5099
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/3C9E663ACB7511ECA314FF62C4F9AE02.roa
Signing time: Mon 16 May 2022 04:11:46 +0000
ROA not before: Mon 16 May 2022 04:11:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 135817
IP address blocks: 103.148.144.0/24 maxlen: 24
103.170.56.0/23 maxlen: 24
103.201.136.0/22 maxlen: 22
103.201.136.0/24 maxlen: 24
103.201.137.0/24 maxlen: 24
103.201.138.0/24 maxlen: 24
103.201.139.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20633 (0x5099)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: May 16 04:11:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6281cf01-7af6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:15:86:1f:12:52:7b:77:5a:7f:ac:30:69:36:
8f:fa:09:66:03:09:b1:00:2f:b1:f2:db:76:22:a4:
48:af:ae:16:1b:c9:7e:92:aa:58:63:e6:c8:19:5e:
92:c5:75:ef:94:53:aa:87:14:d5:6a:b4:6e:cf:72:
eb:86:4c:61:6a:db:99:f6:cd:82:c0:ee:22:72:b5:
39:55:b4:b7:e0:ec:a0:3f:04:6f:b7:53:89:8b:ca:
66:b6:0a:81:5a:3c:4d:cc:77:15:f8:b3:8b:0a:41:
9f:03:bc:15:45:21:43:21:e3:1e:bc:4e:00:26:65:
ca:40:d5:82:05:b5:ed:53:3f:70:e9:e7:32:9c:30:
aa:65:0d:5d:b0:4a:c5:ca:be:da:0e:f6:8b:e4:e9:
c3:c3:70:f7:30:1a:55:36:56:cc:36:d3:3c:ae:bd:
26:a7:0a:eb:ee:25:2b:8d:e8:67:2b:fd:42:d9:2c:
f6:a2:6e:ac:6d:e2:5f:1b:4c:13:d4:c9:80:2f:ef:
6f:a1:ac:e6:9d:55:34:12:5b:db:a6:e7:f7:bb:1e:
7b:5d:c3:09:a2:29:fb:2b:3d:c3:27:c4:c4:ea:40:
bf:f8:ef:8e:a9:f2:0a:a8:9b:58:93:cb:e7:c3:d9:
31:e2:f8:80:e5:f1:71:42:f2:83:74:29:6c:1a:fd:
fe:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:3E:58:9E:00:A6:26:A7:31:E1:D0:86:36:0B:D5:E6:57:3A:C7:72
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/3C9E663ACB7511ECA314FF62C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.148.144.0/24
103.170.56.0/23
103.201.136.0/22
Signature Algorithm: sha256WithRSAEncryption
90:56:d4:dc:15:24:b7:30:2a:3c:49:67:74:d8:41:c5:05:1a:
47:41:8e:ba:bd:f2:b1:f2:74:e1:01:6f:88:5c:e9:e0:5c:5d:
1b:9e:90:41:8f:5e:96:5a:d1:93:b5:b6:84:50:1f:ba:3e:60:
ce:3b:56:1f:ad:b8:16:7d:6c:96:d3:78:f6:7c:53:f6:c0:a6:
8a:73:db:19:ec:6f:63:fa:c5:a0:82:b9:c8:f9:e6:85:07:0d:
8c:e5:79:e4:ae:ab:7b:91:09:de:50:ba:18:22:97:33:99:d7:
90:fb:21:0b:a7:a2:c1:c3:a7:37:ff:0e:c6:66:29:79:b8:2f:
49:33:4b:e5:ad:1f:21:d6:f0:1c:7b:be:65:a7:3c:91:b4:e9:
85:8d:f2:7f:45:56:f2:56:f7:98:15:ff:87:94:32:6d:ba:f0:
c9:74:98:a6:68:6f:bb:3b:3e:2f:00:8c:46:00:52:8b:18:98:
ea:de:18:d9:05:c8:89:0e:0c:f9:60:20:c6:1e:c0:c4:dc:a7:
14:1e:b7:f2:1e:eb:ce:66:cc:b3:0c:97:78:2c:06:5e:d2:f5:
27:35:59:4e:81:b0:92:0f:10:9e:36:d9:67:78:8f:3c:a7:ac:
41:a6:72:41:15:2b:44:09:2e:c9:c7:b4:ce:cd:c0:99:5d:a5:
87:12:1a:37
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICUJkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjIwNTE2MDQxMTQ2WhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjgxY2YwMS03YWY2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA6RWGHxJSe3daf6wwaTaP+glmAwmxAC+x8tt2IqRIr64WG8l+kqpYY+bIGV6S
xXXvlFOqhxTVarRuz3LrhkxhatuZ9s2CwO4icrU5VbS34OygPwRvt1OJi8pmtgqB
WjxNzHcV+LOLCkGfA7wVRSFDIeMevE4AJmXKQNWCBbXtUz9w6ecynDCqZQ1dsErF
yr7aDvaL5OnDw3D3MBpVNlbMNtM8rr0mpwrr7iUrjehnK/1C2Sz2om6sbeJfG0wT
1MmAL+9voazmnVU0Elvbpuf3ux57XcMJoin7Kz3DJ8TE6kC/+O+OqfIKqJtYk8vn
w9kx4viA5fFxQvKDdClsGv3+ewIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFOM+WJ4A
pianMeHQhjYL1eZXOsdyMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvM0M5RTY2M0FD
Qjc1MTFFQ0EzMTRGRjYyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBABnlJADBAFnqjgDBAJnyYgwDQYJKoZIhvcNAQELBQADggEB
AJBW1NwVJLcwKjxJZ3TYQcUFGkdBjrq98rHydOEBb4hc6eBcXRuekEGPXpZa0ZO1
toRQH7o+YM47Vh+tuBZ9bJbTePZ8U/bApopz2xnsb2P6xaCCucj55oUHDYzleeSu
q3uRCd5QuhgilzOZ15D7IQunosHDpzf/DsZmKXm4L0kzS+WtHyHW8Bx7vmWnPJG0
6YWN8n9FVvJW95gV/4eUMm268Ml0mKZob7s7Pi8AjEYAUosYmOreGNkFyIkODPlg
IMYewMTcpxQet/Ie685mzLMMl3gsBl7S9Sc1WU6BsJIPEJ422Wd4jzynrEGmckEV
K0QJLsnHtM7NwJldpYcSGjc=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:49 2023 by rpki-client on console-ams.rpki-client.org