Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/524371703DE511EB8B82D80BC4F9AE02.roa
File: 524371703DE511EB8B82D80BC4F9AE02.roa (raw, json)
Hash identifier: eixxz+/F2+nNsYNcH9QiQEQtuVU0jAJJuU5TqDKBoyY=
Subject key identifier: 73:F7:7A:4E:2B:A7:93:29:47:80:34:18:70:A7:9F:5F:6C:DC:07:69
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 520A
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/524371703DE511EB8B82D80BC4F9AE02.roa
Signing time: Mon 16 May 2022 04:18:43 +0000
ROA not before: Mon 16 May 2022 04:18:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 138762
IP address blocks: 103.140.244.0/24 maxlen: 24
103.140.245.0/24 maxlen: 24
2001:df0:de80::/48 maxlen: 48
2001:df0:de80:1::/64 maxlen: 64
2001:df0:de80:100::/64 maxlen: 64
2001:df0:de80:200::/64 maxlen: 64
2001:df0:de80:244::/64 maxlen: 64
2001:df0:de80:245::/64 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21002 (0x520a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: May 16 04:18:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6281d0a3-34df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:c4:6b:9e:b0:43:40:a5:18:fc:35:88:a3:cc:
30:b9:b6:45:6f:24:50:e6:5f:89:9e:1e:ec:fa:df:
1d:7c:ba:d9:79:b7:32:af:ae:f7:ed:a5:57:f1:06:
86:ff:8a:bf:eb:01:69:b7:fc:ae:e3:a4:a7:24:eb:
71:ae:d8:0c:bd:91:af:43:7d:d1:b5:b6:9d:d8:b9:
15:53:7f:a9:e1:85:e7:e5:26:22:ec:c0:e7:69:7b:
8d:ce:9d:9f:b0:f5:70:b1:95:04:af:d6:1a:ee:f0:
81:16:fd:58:20:bd:c2:e1:bc:a1:f7:64:76:d2:20:
7d:89:a7:7a:6e:1b:73:82:c8:dc:05:1d:fc:cf:c4:
e6:4e:75:0f:45:7f:0b:21:62:fe:f9:d2:7c:52:b1:
0b:73:8d:06:99:97:9e:43:90:2b:13:3c:9f:2b:90:
53:1f:7d:d7:4c:98:e1:68:33:0f:70:bd:42:a5:a2:
1c:40:3a:22:d1:57:45:64:1d:3a:c9:0e:49:50:74:
69:bf:4c:9c:9b:21:fe:d1:a0:4f:98:63:17:27:c3:
b3:44:c8:71:33:e2:cf:42:2b:3d:fc:05:1e:4d:8c:
06:91:23:e8:53:ca:10:ee:eb:50:01:4c:b8:76:82:
e0:4a:3e:da:87:15:0d:1e:85:c6:34:f0:dc:d0:34:
0a:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:F7:7A:4E:2B:A7:93:29:47:80:34:18:70:A7:9F:5F:6C:DC:07:69
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/524371703DE511EB8B82D80BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.140.244.0/23
IPv6:
2001:df0:de80::/48
Signature Algorithm: sha256WithRSAEncryption
7d:98:12:39:e1:c5:7c:e1:9f:a0:ce:ba:e8:09:eb:6e:a3:4f:
e9:98:52:fa:5f:18:b2:d7:79:a6:9f:57:88:7d:a2:5f:24:35:
a0:cc:37:a4:81:a8:18:6b:88:1f:1e:9a:4d:26:de:7f:46:61:
33:f4:74:20:05:04:59:e3:9d:0d:ea:63:43:3e:e1:e9:bc:bd:
c8:a8:9a:c7:d6:97:dc:1b:20:af:ed:58:2e:c7:08:9a:41:b7:
9d:e5:4d:c5:f1:b2:61:4b:da:87:a3:8a:af:9f:57:b5:22:b1:
3e:24:ef:6f:64:08:f7:10:4a:e3:e2:3d:cc:72:58:a6:22:6d:
13:dd:f4:ce:8a:2f:79:08:d5:ca:85:36:22:76:78:59:a4:4d:
f1:0a:5c:09:15:4a:41:b4:c0:c5:2f:f2:d1:49:bd:3f:a3:b6:
13:06:0f:3b:f5:b9:44:54:ae:44:09:41:f5:b8:ba:f8:80:6e:
30:f6:44:87:e7:0e:24:4b:df:89:71:b0:6e:5a:a7:a2:41:fb:
9e:5f:96:06:9d:4b:c3:ef:98:21:6a:48:f0:b6:07:95:5e:ae:
f9:35:97:cf:6f:ac:66:83:20:f8:47:cc:63:61:f2:a5:84:7a:
80:1d:0c:15:a6:09:3f:13:a8:c0:0a:a6:80:17:ef:24:10:b4:
a8:f4:aa:d6
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICUgowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjIwNTE2MDQxODQzWhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjgxZDBhMy0zNGRmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3cRrnrBDQKUY/DWIo8wwubZFbyRQ5l+Jnh7s+t8dfLrZebcyr6737aVX8QaG
/4q/6wFpt/yu46SnJOtxrtgMvZGvQ33Rtbad2LkVU3+p4YXn5SYi7MDnaXuNzp2f
sPVwsZUEr9Ya7vCBFv1YIL3C4byh92R20iB9iad6bhtzgsjcBR38z8TmTnUPRX8L
IWL++dJ8UrELc40GmZeeQ5ArEzyfK5BTH33XTJjhaDMPcL1CpaIcQDoi0VdFZB06
yQ5JUHRpv0ycmyH+0aBPmGMXJ8OzRMhxM+LPQis9/AUeTYwGkSPoU8oQ7utQAUy4
doLgSj7ahxUNHoXGNPDc0DQKBwIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFHP3ek4r
p5MpR4A0GHCnn19s3AdpMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvNTI0MzcxNzAz
REU1MTFFQjhCODJEODBCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnjPQwDwQCAAIwCQMHACABDfDegDANBgkqhkiG9w0BAQsF
AAOCAQEAfZgSOeHFfOGfoM666AnrbqNP6ZhS+l8Ystd5pp9XiH2iXyQ1oMw3pIGo
GGuIHx6aTSbef0ZhM/R0IAUEWeOdDepjQz7h6by9yKiax9aX3Bsgr+1YLscImkG3
neVNxfGyYUvah6OKr59XtSKxPiTvb2QI9xBK4+I9zHJYpiJtE930zooveQjVyoU2
InZ4WaRN8QpcCRVKQbTAxS/y0Um9P6O2EwYPO/W5RFSuRAlB9bi6+IBuMPZEh+cO
JEvfiXGwblqnokH7nl+WBp1Lw++YIWpI8LYHlV6u+TWXz2+sZoMg+EfMY2HypYR6
gB0MFaYJPxOowAqmgBfvJBC0qPSq1g==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:52 2023 by rpki-client on console-ams.rpki-client.org