Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/4C7CC67EC1DE11EBA05D064AC4F9AE02.roa
File: 4C7CC67EC1DE11EBA05D064AC4F9AE02.roa (raw, json)
Hash identifier: zO99wty4rA22ImsceVQpQwPFaU5+ZVcipjg3bO32sRY=
Subject key identifier: 8B:27:9C:65:7E:FB:98:B5:48:5F:4B:B3:57:61:23:DD:A2:FF:3F:40
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 50D0
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/4C7CC67EC1DE11EBA05D064AC4F9AE02.roa
Signing time: Mon 16 May 2022 04:12:47 +0000
ROA not before: Mon 16 May 2022 04:12:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 136308
IP address blocks: 103.89.232.0/24 maxlen: 24
103.89.233.0/24 maxlen: 24
103.89.234.0/24 maxlen: 24
103.89.235.0/24 maxlen: 24
2403:7340::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20688 (0x50d0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: May 16 04:12:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6281cf3f-6a23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:28:81:da:f7:f9:0d:22:48:e4:0f:42:9d:cb:
80:a1:dc:05:81:8b:09:e3:db:e1:60:1b:5c:ff:63:
b6:e9:34:4c:5e:db:5e:c1:38:e0:ca:f9:d7:80:7b:
69:1e:e1:a6:08:5c:e8:a9:43:be:6c:66:32:b4:ad:
a3:99:be:66:ce:22:f0:46:19:1f:9c:67:37:e0:44:
05:9f:c3:1a:8e:4a:f5:51:3d:d1:59:6a:e6:f5:d5:
5f:3c:33:3e:36:c0:83:ec:e0:09:62:15:02:93:9f:
0d:9c:5d:c6:3a:04:91:e7:6b:33:48:19:c5:1f:9b:
39:9d:85:46:c8:52:5b:d3:ec:55:4c:b8:9c:eb:33:
db:2c:b6:b6:f6:a7:54:4b:19:32:45:1e:77:e3:8c:
76:98:ae:7a:2f:3e:de:9f:ca:9f:80:01:67:57:82:
59:88:35:13:ef:ea:71:e4:95:13:4e:4a:22:2d:40:
76:c7:93:54:4e:4b:b7:4a:43:65:43:14:05:ac:07:
e8:73:83:3c:78:bf:b5:9f:3a:50:ae:3c:66:bc:3d:
b8:0f:82:d8:cb:ab:8f:24:2d:66:3e:1d:2f:27:5c:
7d:c5:83:95:72:66:bf:60:79:05:12:82:2d:d4:a9:
5a:58:a5:aa:c8:50:24:71:0b:3c:e0:2d:e9:64:57:
e1:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:27:9C:65:7E:FB:98:B5:48:5F:4B:B3:57:61:23:DD:A2:FF:3F:40
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/4C7CC67EC1DE11EBA05D064AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.89.232.0/22
IPv6:
2403:7340::/32
Signature Algorithm: sha256WithRSAEncryption
3a:f2:a7:41:20:19:45:40:9b:78:1d:5d:ba:3e:d1:16:14:cd:
1a:0a:63:7f:18:ef:4c:77:b3:e4:98:41:6c:f6:a2:0b:ff:b1:
5a:ba:ff:21:93:5a:84:23:1f:52:52:43:9a:80:b9:da:03:97:
1c:ea:47:ec:d7:06:4f:73:0a:98:ce:df:fe:c1:2b:db:8c:ea:
10:b3:a3:28:c5:83:ed:38:ce:60:70:d2:08:01:2c:29:52:7b:
b3:49:e9:65:fd:32:ff:1e:0a:97:10:d0:50:d3:8a:e1:01:33:
cb:cc:94:24:32:59:76:49:6e:81:da:17:9e:0d:05:29:9e:c9:
54:87:7a:75:c0:b6:16:07:79:2b:23:2e:aa:41:69:3a:cd:92:
24:4d:0a:88:fd:3c:bc:cd:af:d4:9a:00:bf:89:db:e7:a7:89:
51:11:08:bf:a1:e9:87:95:c3:32:c5:70:29:4d:eb:91:43:af:
56:af:a9:5e:db:d6:b4:21:ed:fa:df:32:06:3a:68:97:cf:1a:
c7:0c:25:cd:89:79:81:fb:f5:be:4a:6f:64:ac:d4:eb:f8:fe:
6b:ad:02:57:95:6f:2d:69:14:62:5e:f6:16:4a:0e:47:9f:a7:
69:64:9e:fb:70:71:e7:78:6d:21:c2:13:41:9a:0e:64:c2:1d:
80:3c:1b:f2
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICUNAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjIwNTE2MDQxMjQ3WhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjgxY2YzZi02YTIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArCiB2vf5DSJI5A9CncuAodwFgYsJ49vhYBtc/2O26TRMXttewTjgyvnXgHtp
HuGmCFzoqUO+bGYytK2jmb5mziLwRhkfnGc34EQFn8Majkr1UT3RWWrm9dVfPDM+
NsCD7OAJYhUCk58NnF3GOgSR52szSBnFH5s5nYVGyFJb0+xVTLic6zPbLLa29qdU
SxkyRR5344x2mK56Lz7en8qfgAFnV4JZiDUT7+px5JUTTkoiLUB2x5NUTku3SkNl
QxQFrAfoc4M8eL+1nzpQrjxmvD24D4LYy6uPJC1mPh0vJ1x9xYOVcma/YHkFEoIt
1KlaWKWqyFAkcQs84C3pZFfh/QIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFIsnnGV+
+5i1SF9Ls1dhI92i/z9AMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvNEM3Q0M2N0VD
MURFMTFFQkEwNUQwNjRBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAJnWegwDQQCAAIwBwMFACQDc0AwDQYJKoZIhvcNAQELBQAD
ggEBADryp0EgGUVAm3gdXbo+0RYUzRoKY38Y70x3s+SYQWz2ogv/sVq6/yGTWoQj
H1JSQ5qAudoDlxzqR+zXBk9zCpjO3/7BK9uM6hCzoyjFg+04zmBw0ggBLClSe7NJ
6WX9Mv8eCpcQ0FDTiuEBM8vMlCQyWXZJboHaF54NBSmeyVSHenXAthYHeSsjLqpB
aTrNkiRNCoj9PLzNr9SaAL+J2+eniVERCL+h6YeVwzLFcClN65FDr1avqV7b1rQh
7frfMgY6aJfPGscMJc2JeYH79b5Kb2Ss1Ov4/mutAleVby1pFGJe9hZKDkefp2lk
nvtwced4bSHCE0GaDmTCHYA8G/I=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:55 2023 by rpki-client on console-fra.rpki-client.org