Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/52EAAFFA87F711EC8CC84619C4F9AE02.roa
File: 52EAAFFA87F711EC8CC84619C4F9AE02.roa (raw, json)
Hash identifier: ELEnZOO7t7EL0g9OVF0H7Whi2WreXQHsXXK2P2wUcE8=
Subject key identifier: 57:FE:42:7E:B4:62:EB:EA:7F:A5:AE:8E:32:D5:36:F8:A3:53:87:4F
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 5680
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/52EAAFFA87F711EC8CC84619C4F9AE02.roa
Signing time: Thu 02 Jun 2022 08:41:50 +0000
ROA not before: Thu 02 Jun 2022 08:41:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 132445
IP address blocks: 103.180.38.0/23 maxlen: 24
103.180.80.0/23 maxlen: 24
103.187.100.0/24 maxlen: 24
103.187.101.0/24 maxlen: 24
103.187.160.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22144 (0x5680)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Jun 2 08:41:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=629877cd-2d8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:9b:c9:c9:65:d0:0a:9f:50:51:2a:a6:85:9d:
40:83:e2:a0:d2:0b:d5:0f:60:8b:c8:d0:d5:2b:27:
0d:07:29:e0:02:6e:16:d8:5c:b2:2c:33:5a:ac:96:
94:57:fe:bd:54:59:83:ae:d7:9a:43:e5:9a:4f:77:
02:8d:61:d8:88:13:cb:77:03:e0:78:ff:38:3a:9c:
f6:cb:2d:37:e4:b8:b7:e6:01:fb:d5:37:60:9c:7f:
cf:e3:f3:e0:07:8d:68:22:52:1c:4e:df:bd:30:12:
2b:a3:15:ce:97:d7:90:10:2f:3e:aa:be:12:ec:1e:
13:26:43:65:96:b7:5c:cb:16:30:3f:36:b2:88:9e:
00:5e:64:b9:66:1a:96:c4:76:37:55:eb:d1:53:df:
aa:fa:f5:01:4e:fd:31:bc:3c:0d:78:ea:74:c3:2f:
0f:89:5e:67:17:97:6e:89:e3:43:0e:4b:a9:45:df:
56:7d:0c:c4:9c:83:7c:c8:c8:b0:81:54:6a:41:b8:
17:a2:34:31:5b:cb:72:19:ec:a8:ba:fd:ef:47:7d:
e7:e9:02:52:fb:e6:a8:88:c8:3b:a8:6b:09:89:67:
96:47:e5:8f:66:c8:21:c3:e4:dc:c1:e1:88:7b:bf:
7a:07:dd:c6:d6:a8:9d:0d:66:49:76:10:80:1f:49:
ef:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:FE:42:7E:B4:62:EB:EA:7F:A5:AE:8E:32:D5:36:F8:A3:53:87:4F
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/52EAAFFA87F711EC8CC84619C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.180.38.0/23
103.180.80.0/23
103.187.100.0/23
103.187.160.0/23
Signature Algorithm: sha256WithRSAEncryption
41:76:c1:c9:1d:44:6c:b3:36:77:7c:a6:19:4e:15:07:3c:41:
09:10:5c:26:76:93:38:42:d1:c3:c0:4a:a9:7e:26:9e:6d:09:
d0:d0:aa:a6:2e:10:7e:e0:fa:d0:1a:1f:88:58:70:9f:45:b6:
97:d9:b8:92:46:c8:b0:3b:72:f6:b8:25:f9:d9:ec:eb:19:e9:
fe:54:44:72:94:1b:9e:64:94:75:18:b8:10:17:b4:f0:b1:5d:
e2:19:43:3e:9f:4d:cf:43:68:1c:50:a7:e9:6b:1e:df:cd:22:
58:60:52:66:67:bc:0a:dc:27:cb:c4:ce:d7:65:94:57:36:52:
b6:4c:1c:c1:00:86:bd:cb:f9:14:49:6e:a6:ba:b5:0f:49:c0:
cd:0f:9d:31:50:a7:c9:15:bb:93:22:aa:31:ab:77:cb:5f:30:
93:c4:52:e2:0e:b7:55:2e:0e:2e:21:4c:20:25:bc:f3:5f:20:
37:3a:85:a8:c6:d6:14:1e:79:f7:29:20:7a:e3:44:10:70:e6:
48:ac:aa:da:d5:55:39:ac:c9:06:bc:60:ba:15:cf:72:33:13:
47:45:0c:81:da:d3:20:40:fb:59:6e:f9:ed:3a:94:ae:19:96:
d8:b2:20:03:15:9b:ee:ad:6a:12:79:be:b2:74:4f:87:50:b0:
45:5e:e3:71
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICVoAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjIwNjAyMDg0MTUwWhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Mjk4NzdjZC0yZDhkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5pvJyWXQCp9QUSqmhZ1Ag+Kg0gvVD2CLyNDVKycNByngAm4W2FyyLDNarJaU
V/69VFmDrteaQ+WaT3cCjWHYiBPLdwPgeP84Opz2yy035Li35gH71TdgnH/P4/Pg
B41oIlIcTt+9MBIroxXOl9eQEC8+qr4S7B4TJkNllrdcyxYwPzayiJ4AXmS5ZhqW
xHY3VevRU9+q+vUBTv0xvDwNeOp0wy8PiV5nF5duieNDDkupRd9WfQzEnIN8yMiw
gVRqQbgXojQxW8tyGeyouv3vR33n6QJS++aoiMg7qGsJiWeWR+WPZsghw+TcweGI
e796B93G1qidDWZJdhCAH0nvrwIDAQABo4ICpzCCAqMwHQYDVR0OBBYEFFf+Qn60
Yuvqf6WujjLVNvijU4dPMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvNTJFQUFGRkE4
N0Y3MTFFQzhDQzg0NjE5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMQYIKwYBBQUHAQcBAf8E
IjAgMB4EAgABMBgDBAFntCYDBAFntFADBAFnu2QDBAFnu6AwDQYJKoZIhvcNAQEL
BQADggEBAEF2wckdRGyzNnd8phlOFQc8QQkQXCZ2kzhC0cPASql+Jp5tCdDQqqYu
EH7g+tAaH4hYcJ9FtpfZuJJGyLA7cva4JfnZ7OsZ6f5URHKUG55klHUYuBAXtPCx
XeIZQz6fTc9DaBxQp+lrHt/NIlhgUmZnvArcJ8vEztdllFc2UrZMHMEAhr3L+RRJ
bqa6tQ9JwM0PnTFQp8kVu5MiqjGrd8tfMJPEUuIOt1UuDi4hTCAlvPNfIDc6hajG
1hQeefcpIHrjRBBw5kisqtrVVTmsyQa8YLoVz3IzE0dFDIHa0yBA+1lu+e06lK4Z
ltiyIAMVm+6tahJ5vrJ0T4dQsEVe43E=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:52 2023 by rpki-client on console-ams.rpki-client.org