Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/745D5F32250211ECAAF7BE4FC4F9AE02.roa
File: 745D5F32250211ECAAF7BE4FC4F9AE02.roa (raw, json)
Hash identifier: 1C+sS8UJ6E/FU4Ax4iqBUoWds85zbLvAkOOcFm96dOQ=
Subject key identifier: A6:4A:03:79:35:09:58:E6:4A:8E:EB:0C:D7:D8:D8:BF:F9:44:17:3C
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 508A
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/745D5F32250211ECAAF7BE4FC4F9AE02.roa
Signing time: Mon 16 May 2022 04:11:28 +0000
ROA not before: Mon 16 May 2022 04:11:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 135782
IP address blocks: 103.82.96.0/22 maxlen: 24
2407:ddc0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20618 (0x508a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: May 16 04:11:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6281cef0-713c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:8c:98:99:17:79:82:20:30:f0:31:ab:45:c4:
7c:16:f3:da:82:e6:cd:16:10:66:43:3e:70:ea:92:
fb:d6:0d:ff:eb:0b:32:5e:92:34:25:8d:b8:93:12:
23:eb:05:f5:bf:57:0e:42:d7:50:c8:95:64:57:3f:
c6:ee:c6:5e:5c:9e:4b:41:00:49:1b:ca:3e:d9:7d:
be:35:5a:ef:92:0b:37:1d:ef:0b:fb:b8:75:de:dc:
cc:27:6a:28:1d:cc:b3:95:70:5c:e3:0d:62:48:11:
bd:24:94:48:e4:1e:06:8d:7f:3e:4e:0b:2b:76:97:
70:54:06:b1:b8:e1:f8:c0:8e:33:7d:ee:c9:8a:11:
65:17:1f:bf:d4:57:67:d2:92:97:53:be:18:df:44:
bc:e2:9f:69:6b:7b:60:e0:63:f2:75:dc:bd:04:d5:
68:2e:98:2d:f1:61:ba:86:d1:47:32:a4:51:b9:9a:
92:98:c4:04:54:0c:1e:d4:72:e5:85:70:df:e7:02:
d5:95:61:6b:57:44:2b:94:d0:6d:9a:a4:79:88:3c:
c7:e3:56:c9:66:3e:d1:7a:6c:87:4d:f9:6d:74:78:
40:7c:7d:37:c8:0a:72:4b:20:84:b9:94:e2:ab:f4:
d8:e2:e3:79:84:1c:dd:6a:a1:f8:a9:42:a5:c0:3c:
98:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:4A:03:79:35:09:58:E6:4A:8E:EB:0C:D7:D8:D8:BF:F9:44:17:3C
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/745D5F32250211ECAAF7BE4FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.82.96.0/22
IPv6:
2407:ddc0::/32
Signature Algorithm: sha256WithRSAEncryption
70:cc:8b:b6:be:a5:38:b2:6d:ee:a8:37:29:df:a4:3a:03:42:
a3:d9:8c:1b:31:58:51:92:24:62:c1:69:ba:bc:39:a6:93:1c:
10:3c:22:a5:29:96:41:33:29:69:02:f4:dc:0f:dd:9b:81:36:
b8:0f:37:c6:2c:74:e5:07:a7:a0:54:be:8d:fc:ab:ed:6a:89:
c0:a9:b3:54:14:6c:84:a4:d9:da:a8:be:cf:42:0a:5b:e3:0b:
14:27:63:44:57:62:8d:b1:04:09:80:d9:8c:b6:cf:be:1b:2f:
a0:d9:86:5b:47:49:1d:b1:58:26:1a:e3:1a:ea:22:30:bc:96:
32:4e:11:75:58:35:b5:73:99:f2:5f:e8:22:9c:5f:f7:73:22:
1e:bc:c1:f2:39:8d:3c:10:a8:54:7c:a2:f6:0b:2b:15:ce:32:
40:27:fe:ac:ae:fe:0f:1c:ee:af:c6:fd:74:1a:81:2e:31:d5:
56:6a:70:65:db:9d:1d:7b:68:44:c1:3e:c9:cf:4e:97:18:20:
87:05:5e:b5:16:7a:e0:d0:23:cd:46:63:9a:6f:4e:4d:cd:e0:
c1:24:e0:d8:4e:af:bd:77:38:d1:80:08:92:ef:7e:02:0f:71:
36:10:cb:8e:95:b9:a0:9f:c8:c9:79:85:58:70:83:cf:08:a1:
b4:f5:68:82
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICUIowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjIwNTE2MDQxMTI4WhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjgxY2VmMC03MTNjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsoyYmRd5giAw8DGrRcR8FvPagubNFhBmQz5w6pL71g3/6wsyXpI0JY24kxIj
6wX1v1cOQtdQyJVkVz/G7sZeXJ5LQQBJG8o+2X2+NVrvkgs3He8L+7h13tzMJ2oo
HcyzlXBc4w1iSBG9JJRI5B4GjX8+TgsrdpdwVAaxuOH4wI4zfe7JihFlFx+/1Fdn
0pKXU74Y30S84p9pa3tg4GPyddy9BNVoLpgt8WG6htFHMqRRuZqSmMQEVAwe1HLl
hXDf5wLVlWFrV0QrlNBtmqR5iDzH41bJZj7RemyHTfltdHhAfH03yApySyCEuZTi
q/TY4uN5hBzdaqH4qUKlwDyYVwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFKZKA3k1
CVjmSo7rDNfY2L/5RBc8MB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvNzQ1RDVGMzIy
NTAyMTFFQ0FBRjdCRTRGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAJnUmAwDQQCAAIwBwMFACQH3cAwDQYJKoZIhvcNAQELBQAD
ggEBAHDMi7a+pTiybe6oNynfpDoDQqPZjBsxWFGSJGLBabq8OaaTHBA8IqUplkEz
KWkC9NwP3ZuBNrgPN8YsdOUHp6BUvo38q+1qicCps1QUbISk2dqovs9CClvjCxQn
Y0RXYo2xBAmA2Yy2z74bL6DZhltHSR2xWCYa4xrqIjC8ljJOEXVYNbVzmfJf6CKc
X/dzIh68wfI5jTwQqFR8ovYLKxXOMkAn/qyu/g8c7q/G/XQagS4x1VZqcGXbnR17
aETBPsnPTpcYIIcFXrUWeuDQI81GY5pvTk3N4MEk4NhOr713ONGACJLvfgIPcTYQ
y46VuaCfyMl5hVhwg88IobT1aII=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:52 2023 by rpki-client on console-ams.rpki-client.org