Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/6DB61FB0D97211EBB8CC3F40C4F9AE02.roa
File: 6DB61FB0D97211EBB8CC3F40C4F9AE02.roa (raw, json)
Hash identifier: FmDGlv0P1LuSbs3Q2HCEx4oOGoGjsqq5upApnkEi9f4=
Subject key identifier: 2E:9B:1F:FA:C8:6C:20:B3:6A:92:88:E6:44:01:2F:05:CE:63:6B:F9
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 4521
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/6DB61FB0D97211EBB8CC3F40C4F9AE02.roa
Signing time: Tue 04 Jan 2022 12:51:23 +0000
ROA not before: Tue 04 Jan 2022 12:51:23 +0000
ROA not after: Fri 01 Jul 2022 00:00:00 +0000
asID: 134286
IP address blocks: 103.109.7.0/24 maxlen: 24
103.139.59.0/24 maxlen: 24
103.148.165.0/24 maxlen: 24
103.178.113.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17697 (0x4521)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Jan 4 12:51:23 2022 GMT
Not After : Jul 1 00:00:00 2022 GMT
Subject: CN=61d442ca-511d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:4e:6a:2b:eb:b0:5a:25:db:55:16:c3:ee:ce:
cb:2d:1d:d5:90:ae:f8:9c:d1:74:43:3d:b6:f5:05:
98:ff:85:ce:71:a1:19:b2:41:3b:96:0a:d2:9a:f2:
86:91:7d:12:38:10:ef:e8:78:89:2e:d1:01:fa:1a:
d9:bb:69:73:97:12:b2:41:d9:0b:37:41:5a:af:87:
1c:fa:f0:d5:1e:d3:f5:8d:95:28:70:18:07:24:8e:
05:00:9e:6c:61:82:45:48:98:3a:75:65:e2:bf:17:
b8:69:e6:cd:2d:69:64:77:68:e7:e9:3c:04:2f:86:
f5:ed:ed:6d:99:98:69:3e:f6:a7:1c:76:90:c7:6b:
14:3d:e5:50:6a:69:01:5b:12:ea:32:97:3f:12:4e:
09:5b:db:de:93:95:a6:78:58:c2:1f:80:07:9e:6c:
39:ce:53:7a:7e:89:c2:f5:22:ee:ab:9b:2b:a7:b1:
b2:a8:13:c7:da:19:7f:b2:37:42:98:47:41:45:28:
8a:61:9c:c2:1f:c3:9d:df:0c:87:24:e6:2d:2a:2a:
0d:05:fe:f3:86:bc:fa:6e:cf:ce:01:e8:67:9e:f9:
93:26:c7:1c:c7:b6:6e:ba:1d:71:02:82:0a:bd:c3:
7b:5e:e0:ad:1e:a7:29:4a:90:ff:8a:8e:23:d4:c8:
5d:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:9B:1F:FA:C8:6C:20:B3:6A:92:88:E6:44:01:2F:05:CE:63:6B:F9
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/6DB61FB0D97211EBB8CC3F40C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.109.7.0/24
103.139.59.0/24
103.148.165.0/24
103.178.113.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:ba:dd:bb:8b:33:fd:64:f1:3c:4d:f3:a0:44:4d:b0:65:f5:
1b:0c:27:85:3d:2d:e2:88:9c:4a:82:40:50:2c:2d:03:fc:29:
3e:3c:bc:4f:32:78:12:47:5f:9c:52:5e:a1:ed:0b:06:c4:7f:
44:d0:4b:fb:fe:98:76:85:66:54:98:86:5c:28:78:13:67:2a:
04:a2:fb:86:e4:da:64:d3:af:1d:e3:73:81:8f:2b:35:db:75:
c0:b4:27:fb:db:17:ca:d8:18:b6:d4:4d:fa:2c:2d:12:07:fd:
e9:3d:4f:03:e8:3f:40:f5:30:be:84:53:1c:a8:56:c0:f4:0e:
1e:2e:ab:19:09:8c:65:bb:e9:97:77:a9:fd:68:4b:ea:49:d6:
3c:ce:84:a8:d4:d3:9a:6c:41:bf:86:ce:09:8a:91:0d:52:43:
ac:b4:6e:6a:4f:86:d1:b3:01:ee:59:83:ee:6b:cd:66:42:22:
0b:3c:44:26:5b:1b:e2:8f:96:61:9e:1d:8c:8f:81:e7:91:16:
8b:9a:b6:41:be:c0:f3:8e:ce:dd:24:bc:f2:8b:35:3c:42:c1:
a4:01:29:0c:aa:c0:87:7c:1b:82:dc:88:d5:17:c2:31:2e:42:
f2:65:f4:82:7f:74:be:39:f9:ba:8d:35:f6:0f:a0:47:0c:ea:
8f:e8:20:e3
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICRSEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjIwMTA0MTI1MTIzWhcNMjIwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MWQ0NDJjYS01MTFkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1U5qK+uwWiXbVRbD7s7LLR3VkK74nNF0Qz229QWY/4XOcaEZskE7lgrSmvKG
kX0SOBDv6HiJLtEB+hrZu2lzlxKyQdkLN0Far4cc+vDVHtP1jZUocBgHJI4FAJ5s
YYJFSJg6dWXivxe4aebNLWlkd2jn6TwEL4b17e1tmZhpPvanHHaQx2sUPeVQamkB
WxLqMpc/Ek4JW9vek5WmeFjCH4AHnmw5zlN6fonC9SLuq5srp7GyqBPH2hl/sjdC
mEdBRSiKYZzCH8Od3wyHJOYtKioNBf7zhrz6bs/OAehnnvmTJsccx7Zuuh1xAoIK
vcN7XuCtHqcpSpD/io4j1MhdGQIDAQABo4ICpzCCAqMwHQYDVR0OBBYEFC6bH/rI
bCCzapKI5kQBLwXOY2v5MB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvNkRCNjFGQjBE
OTcyMTFFQkI4Q0MzRjQwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMQYIKwYBBQUHAQcBAf8E
IjAgMB4EAgABMBgDBABnbQcDBABnizsDBABnlKUDBABnsnEwDQYJKoZIhvcNAQEL
BQADggEBAJy63buLM/1k8TxN86BETbBl9RsMJ4U9LeKInEqCQFAsLQP8KT48vE8y
eBJHX5xSXqHtCwbEf0TQS/v+mHaFZlSYhlwoeBNnKgSi+4bk2mTTrx3jc4GPKzXb
dcC0J/vbF8rYGLbUTfosLRIH/ek9TwPoP0D1ML6EUxyoVsD0Dh4uqxkJjGW76Zd3
qf1oS+pJ1jzOhKjU05psQb+GzgmKkQ1SQ6y0bmpPhtGzAe5Zg+5rzWZCIgs8RCZb
G+KPlmGeHYyPgeeRFouatkG+wPOOzt0kvPKLNTxCwaQBKQyqwId8G4LciNUXwjEu
QvJl9IJ/dL45+bqNNfYPoEcM6o/oIOM=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:56 2023 by rpki-client on console-fra.rpki-client.org