Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/6972EA9C957C11ED9F890D79C4F9AE02.roa
File: 6972EA9C957C11ED9F890D79C4F9AE02.roa (raw, json)
Hash identifier: /tG6UygUG7Xj1iA0V355VnONQ8XefjCQo91DqMZrkwk=
Subject key identifier: 3C:7E:8D:9A:F9:CA:52:F1:37:B4:30:7D:A0:76:C8:FF:46:CB:6A:7F
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 6329
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/6972EA9C957C11ED9F890D79C4F9AE02.roa
Signing time: Mon 16 Jan 2023 09:01:50 +0000
ROA not before: Mon 16 Jan 2023 09:01:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 149208
IP address blocks: 103.178.140.0/24 maxlen: 24
103.178.141.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25385 (0x6329)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Jan 16 09:01:50 2023 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=63c5127d-0c97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:3f:19:23:2c:f8:8b:ee:be:69:67:ba:82:6a:
96:28:6b:55:24:f3:94:cc:8d:3c:22:ce:1e:75:89:
23:d9:dc:05:b9:00:7d:56:2b:ab:49:c4:bf:38:43:
0a:3b:b1:be:dd:8d:f2:2a:7f:ee:32:31:98:52:ef:
5d:2d:52:5b:2c:68:8f:8a:5c:33:c5:1a:76:a1:9a:
0b:e9:74:e0:ec:f5:c9:32:75:0e:4c:21:35:fc:bd:
ec:0b:c9:4a:08:9c:01:bf:76:97:15:b2:1b:f5:d6:
2f:21:8e:71:50:89:07:90:33:53:8b:c3:c5:1a:9d:
c3:ab:b0:45:a0:70:a0:34:f0:1b:de:a0:4f:be:fd:
c8:5e:06:2f:3f:6a:b0:b5:d6:ee:7b:49:ce:73:ae:
94:b4:8a:79:5c:29:ff:52:68:22:c9:24:16:fb:0a:
eb:29:da:f2:df:54:bf:44:80:06:4c:23:79:29:71:
72:aa:2f:42:47:70:98:32:19:8d:2b:88:8c:2a:29:
95:d5:4c:a8:a8:0a:09:1d:bf:aa:78:71:3d:b9:ae:
65:b5:7f:b0:b7:12:44:69:2b:f3:e1:7b:45:73:d5:
e3:17:67:29:67:2c:60:60:94:be:d5:3d:13:1d:82:
e0:af:36:74:8d:fc:7d:a3:f2:a0:e3:b0:5b:26:80:
48:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:7E:8D:9A:F9:CA:52:F1:37:B4:30:7D:A0:76:C8:FF:46:CB:6A:7F
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/6972EA9C957C11ED9F890D79C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.178.140.0/23
Signature Algorithm: sha256WithRSAEncryption
91:50:c6:15:7e:b6:28:48:f4:c6:b5:84:43:5a:5e:dc:12:1d:
8e:1d:81:b2:7f:3c:94:32:2e:b6:c3:7f:28:4f:49:39:2e:41:
85:0a:02:98:d3:da:c6:64:d8:31:0a:a6:31:2c:d0:20:ae:57:
18:8b:48:b5:fd:c9:c8:c2:84:8f:5d:74:4e:13:33:ad:d3:f3:
7d:a4:65:a5:13:47:ce:bf:83:ac:02:cb:89:2f:41:3b:bb:4c:
38:b4:01:38:ed:4d:f9:22:ec:df:10:7d:2b:4d:03:fd:81:e7:
37:c7:4c:c5:d5:de:0b:dd:05:78:ca:be:5a:4e:ee:cf:d7:5c:
12:52:2b:b4:46:cc:36:36:34:52:7e:6c:85:21:82:e4:17:e9:
02:e4:b9:1c:6c:60:ac:e8:7a:41:cf:c4:b9:6a:76:8b:0b:33:
ac:d8:54:14:af:8d:b2:c6:cf:f2:98:b6:1e:0e:9e:33:78:ad:
d5:00:03:e9:4d:e0:58:00:ea:7d:fc:71:06:f8:28:9b:65:61:
7b:68:ec:59:9d:dc:5d:b7:35:4f:af:ab:12:46:65:6f:d9:ad:
f6:26:a9:22:8b:7e:88:ae:0e:ef:3a:cf:d3:4a:e1:65:a0:d8:
d9:b1:98:54:fa:c1:c0:9f:b9:cf:6c:8d:07:c1:6b:73:6d:05:
db:62:db:1e
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICYykwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMwMTE2MDkwMTUwWhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2M1MTI3ZC0wYzk3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvz8ZIyz4i+6+aWe6gmqWKGtVJPOUzI08Is4edYkj2dwFuQB9ViurScS/OEMK
O7G+3Y3yKn/uMjGYUu9dLVJbLGiPilwzxRp2oZoL6XTg7PXJMnUOTCE1/L3sC8lK
CJwBv3aXFbIb9dYvIY5xUIkHkDNTi8PFGp3Dq7BFoHCgNPAb3qBPvv3IXgYvP2qw
tdbue0nOc66UtIp5XCn/UmgiySQW+wrrKdry31S/RIAGTCN5KXFyqi9CR3CYMhmN
K4iMKimV1UyoqAoJHb+qeHE9ua5ltX+wtxJEaSvz4XtFc9XjF2cpZyxgYJS+1T0T
HYLgrzZ0jfx9o/Kg47BbJoBIKwIDAQABo4IClTCCApEwHQYDVR0OBBYEFDx+jZr5
ylLxN7QwfaB2yP9Gy2p/MB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvNjk3MkVBOUM5
NTdDMTFFRDlGODkwRDc5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnsowwDQYJKoZIhvcNAQELBQADggEBAJFQxhV+tihI9Ma1
hENaXtwSHY4dgbJ/PJQyLrbDfyhPSTkuQYUKApjT2sZk2DEKpjEs0CCuVxiLSLX9
ycjChI9ddE4TM63T832kZaUTR86/g6wCy4kvQTu7TDi0ATjtTfki7N8QfStNA/2B
5zfHTMXV3gvdBXjKvlpO7s/XXBJSK7RGzDY2NFJ+bIUhguQX6QLkuRxsYKzoekHP
xLlqdosLM6zYVBSvjbLGz/KYth4OnjN4rdUAA+lN4FgA6n38cQb4KJtlYXto7Fmd
3F23NU+vqxJGZW/ZrfYmqSKLfoiuDu86z9NK4WWg2NmxmFT6wcCfuc9sjQfBa3Nt
Bdti2x4=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:56 2023 by rpki-client on console-fra.rpki-client.org