Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/8FFD5CE2221311EDBA9F873FC4F9AE02.roa
File: 8FFD5CE2221311EDBA9F873FC4F9AE02.roa (raw, json)
Hash identifier: PNlwJAcz86PdrA7lmn67W5d31LXp9becbnEA1Z6dciA=
Subject key identifier: CE:05:EF:A5:C1:EF:80:DD:A7:C4:0B:73:9A:A0:38:84:E0:E6:08:9C
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 5CA2
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/8FFD5CE2221311EDBA9F873FC4F9AE02.roa
Signing time: Mon 05 Sep 2022 08:51:42 +0000
ROA not before: Mon 05 Sep 2022 08:51:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 141853
IP address blocks: 103.165.76.0/23 maxlen: 24
103.166.214.0/23 maxlen: 24
103.170.36.0/23 maxlen: 24
103.171.108.0/23 maxlen: 24
103.177.226.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 23714 (0x5ca2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Sep 5 08:51:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6315b89e-3b9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:05:bd:ce:19:01:0a:06:5b:36:c3:b7:f2:63:
d1:d3:c2:0d:cb:cf:04:26:f3:aa:57:c9:46:27:a4:
48:14:2d:4c:60:d2:68:14:9d:4c:56:53:eb:e5:48:
f0:28:84:b5:68:e6:ca:bc:13:c2:db:08:7e:95:5d:
0d:65:5e:4b:27:76:7e:21:4b:43:3f:3b:79:53:1a:
87:1b:83:fa:cb:a9:e3:13:89:4b:3e:45:30:3c:59:
ca:84:3b:98:be:f3:f6:2b:87:eb:32:8a:c7:28:ba:
39:ad:a7:91:94:dd:7a:91:2b:10:72:40:60:ad:f6:
5b:f3:8a:9a:b3:8d:f9:bb:f3:5f:02:fa:08:86:d4:
f5:d9:5c:45:8a:3e:37:f7:ad:0a:05:b6:c1:4c:fd:
65:92:2d:57:6d:3f:0b:13:31:ff:01:a4:4a:22:01:
0e:e5:87:e0:cf:58:67:12:21:6c:85:d5:40:66:c1:
25:41:3b:59:25:d7:2e:0f:66:a6:2e:86:18:12:66:
89:93:62:0d:b0:6f:76:54:21:e4:87:54:cc:98:64:
34:08:40:b2:e8:2a:8c:3a:90:1f:4a:b5:92:b6:8a:
6d:07:63:42:3a:cd:5b:5d:6e:2e:02:56:c4:5a:55:
52:98:a2:3a:75:82:75:6d:c2:38:3e:b0:c7:eb:da:
fa:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:05:EF:A5:C1:EF:80:DD:A7:C4:0B:73:9A:A0:38:84:E0:E6:08:9C
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/8FFD5CE2221311EDBA9F873FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.165.76.0/23
103.166.214.0/23
103.170.36.0/23
103.171.108.0/23
103.177.226.0/23
Signature Algorithm: sha256WithRSAEncryption
25:44:3c:cb:ed:48:c8:11:fb:7d:a1:ec:a7:15:6e:c2:3e:11:
a4:db:77:4e:b5:a1:a4:19:4a:a4:57:76:84:15:8c:46:c8:22:
82:52:de:95:0e:04:32:cb:2f:e4:86:f5:90:2c:38:12:8a:93:
84:09:f7:07:60:9d:84:e0:9f:c9:80:14:fe:ab:2c:e8:ed:75:
6a:a8:58:4e:a4:50:47:55:76:83:17:f7:70:7e:5d:1b:05:de:
ae:4d:f5:ba:15:73:eb:9e:ca:40:13:4a:5d:53:ce:aa:e4:da:
7c:b6:86:31:af:54:15:98:13:bf:2b:84:bb:5f:9b:c7:b6:87:
2d:a7:78:55:a3:31:36:f6:c1:29:f2:74:ca:85:08:b6:0e:11:
09:ee:09:b3:61:6c:25:59:bf:f0:d3:7a:23:c6:b5:93:f2:55:
3f:6c:3b:b5:c7:5f:00:cb:46:3c:85:f6:f8:d9:b0:d0:90:20:
4b:08:b4:ee:34:c3:ac:af:72:35:63:bf:33:69:6d:aa:9d:ce:
7f:21:18:26:0b:e3:7e:a1:4e:61:dc:7f:29:b2:13:9e:85:9f:
f3:5f:eb:af:5e:49:d5:cc:9a:ca:72:ee:53:ae:89:37:0f:4b:
d2:c6:f6:93:72:03:fd:3c:44:85:82:bb:2b:34:fe:12:e9:a2:
fa:c3:99:5f
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgICXKIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjIwOTA1MDg1MTQyWhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzE1Yjg5ZS0zYjlhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwQW9zhkBCgZbNsO38mPR08INy88EJvOqV8lGJ6RIFC1MYNJoFJ1MVlPr5Ujw
KIS1aObKvBPC2wh+lV0NZV5LJ3Z+IUtDPzt5UxqHG4P6y6njE4lLPkUwPFnKhDuY
vvP2K4frMorHKLo5raeRlN16kSsQckBgrfZb84qas435u/NfAvoIhtT12VxFij43
960KBbbBTP1lki1XbT8LEzH/AaRKIgEO5Yfgz1hnEiFshdVAZsElQTtZJdcuD2am
LoYYEmaJk2INsG92VCHkh1TMmGQ0CECy6CqMOpAfSrWStoptB2NCOs1bXW4uAlbE
WlVSmKI6dYJ1bcI4PrDH69r6BQIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFM4F76XB
74Ddp8QLc5qgOITg5gicMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvOEZGRDVDRTIy
MjEzMTFFREJBOUY4NzNGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNwYIKwYBBQUHAQcBAf8E
KDAmMCQEAgABMB4DBAFnpUwDBAFnptYDBAFnqiQDBAFnq2wDBAFnseIwDQYJKoZI
hvcNAQELBQADggEBACVEPMvtSMgR+32h7KcVbsI+EaTbd061oaQZSqRXdoQVjEbI
IoJS3pUOBDLLL+SG9ZAsOBKKk4QJ9wdgnYTgn8mAFP6rLOjtdWqoWE6kUEdVdoMX
93B+XRsF3q5N9boVc+ueykATSl1Tzqrk2ny2hjGvVBWYE78rhLtfm8e2hy2neFWj
MTb2wSnydMqFCLYOEQnuCbNhbCVZv/DTeiPGtZPyVT9sO7XHXwDLRjyF9vjZsNCQ
IEsItO40w6yvcjVjvzNpbaqdzn8hGCYL436hTmHcfymyE56Fn/Nf669eSdXMmspy
7lOuiTcPS9LG9pNyA/08RIWCuys0/hLpovrDmV8=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:53 2023 by rpki-client on console-ams.rpki-client.org