Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/99FBE33A33BD11EB9CBE0C10C4F9AE02.roa
File: 99FBE33A33BD11EB9CBE0C10C4F9AE02.roa (raw, json)
Hash identifier: YuDBM/OgwizmN4Dyky5FumkaMDCCqdD/+a48mYlcDJo=
Subject key identifier: 88:C7:61:77:4C:96:11:A4:63:82:21:50:99:B9:EE:EE:05:D7:D8:80
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 4005
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/99FBE33A33BD11EB9CBE0C10C4F9AE02.roa
Signing time: Wed 27 Oct 2021 10:41:24 +0000
ROA not before: Wed 27 Oct 2021 10:41:24 +0000
ROA not after: Fri 01 Jul 2022 00:00:00 +0000
asID: 141314
IP address blocks: 103.87.104.0/24 maxlen: 24
103.87.105.0/24 maxlen: 24
103.87.106.0/24 maxlen: 24
103.87.107.0/24 maxlen: 24
2001:df5:6b80::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16389 (0x4005)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Oct 27 10:41:24 2021 GMT
Not After : Jul 1 00:00:00 2022 GMT
Subject: CN=61792cd3-350b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:aa:aa:95:d5:73:89:fd:ce:a9:7a:e6:44:92:
1c:38:57:7f:2c:d1:53:9a:23:ca:51:ab:53:de:3d:
77:47:ec:5f:11:01:89:ce:b6:f4:d6:9c:f7:d8:1e:
37:34:f6:25:5e:aa:8e:ab:d1:9f:d3:41:d1:06:69:
bf:11:7d:52:40:53:1e:3c:ee:88:06:8c:8a:71:a6:
e5:a2:43:b2:5b:42:6b:26:3e:39:6d:6a:ee:cc:43:
e4:00:7c:a7:d2:24:b0:a6:bf:3c:16:66:5a:d1:ba:
f9:7f:1d:f0:c0:c9:74:66:f1:8a:36:86:fe:c1:98:
a5:6f:58:b0:e0:0b:c0:0a:95:6b:d9:dd:f7:c7:9c:
9c:60:48:7f:67:de:c7:10:f5:7f:77:8a:f8:09:bf:
f3:4d:e8:a1:f2:c9:d0:b7:3d:11:c8:67:df:1c:2f:
03:71:dd:bd:cb:67:ae:81:7b:71:f6:83:d0:f2:e1:
71:d8:00:dd:16:14:00:ce:f9:dc:85:6b:02:5b:5f:
19:30:72:f7:58:1f:d3:e6:5e:3f:a8:9d:20:5a:5f:
76:c6:b3:08:19:83:ab:43:12:d3:88:f4:cb:b0:d7:
a2:92:74:30:65:c8:77:cf:6a:d7:4f:de:c0:59:b9:
60:e0:67:58:31:a7:e1:28:6f:84:cb:3f:fe:14:f6:
1a:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:C7:61:77:4C:96:11:A4:63:82:21:50:99:B9:EE:EE:05:D7:D8:80
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/99FBE33A33BD11EB9CBE0C10C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.87.104.0/22
IPv6:
2001:df5:6b80::/48
Signature Algorithm: sha256WithRSAEncryption
3f:eb:6c:8e:23:82:28:41:de:72:bf:6b:8b:7c:2d:d0:ec:dc:
dc:51:71:a4:84:80:41:0b:3b:16:2a:3b:b5:13:8e:f0:2f:27:
07:bb:b4:a2:de:3d:76:0f:b8:63:b9:c5:e7:f8:5a:fd:fc:29:
8b:8e:98:f8:75:0a:ce:37:45:55:ea:15:cf:a5:de:ba:83:9e:
a4:6b:c3:03:6d:fa:33:d1:8e:1f:f6:f4:d8:20:60:fb:04:89:
1a:26:9b:95:5e:46:9f:e8:31:63:1a:00:fd:1d:f5:92:8a:de:
1b:df:69:4b:41:aa:13:b3:a0:c6:69:54:bb:90:a5:f9:eb:a0:
af:17:b9:1c:3f:d3:a4:3e:2b:87:86:6c:24:52:2c:4f:57:e1:
37:5a:d6:7f:3a:8c:69:bc:3d:32:d9:c4:62:e5:5c:0a:88:39:
cc:09:a9:36:c8:1d:7a:87:55:5b:1a:43:15:11:7e:27:4a:30:
5d:17:49:36:21:47:57:a0:a6:0a:6f:bd:6d:7d:aa:fa:5a:e2:
fa:cc:68:d7:69:60:ca:d4:c1:df:27:32:81:7e:20:46:ec:fd:
9f:25:e3:58:87:8e:80:7b:58:5b:10:3c:aa:f0:11:c7:57:42:
cc:25:2f:0c:1c:1d:b9:d4:c3:46:9d:26:80:f5:6c:44:aa:c4:
8a:49:3e:35
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICQAUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjExMDI3MTA0MTI0WhcNMjIwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MTc5MmNkMy0zNTBiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAr6qqldVzif3OqXrmRJIcOFd/LNFTmiPKUatT3j13R+xfEQGJzrb01pz32B43
NPYlXqqOq9Gf00HRBmm/EX1SQFMePO6IBoyKcablokOyW0JrJj45bWruzEPkAHyn
0iSwpr88FmZa0br5fx3wwMl0ZvGKNob+wZilb1iw4AvACpVr2d33x5ycYEh/Z97H
EPV/d4r4Cb/zTeih8snQtz0RyGffHC8Dcd29y2eugXtx9oPQ8uFx2ADdFhQAzvnc
hWsCW18ZMHL3WB/T5l4/qJ0gWl92xrMIGYOrQxLTiPTLsNeiknQwZch3z2rXT97A
Wblg4GdYMafhKG+Eyz/+FPYanQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFIjHYXdM
lhGkY4IhUJm57u4F19iAMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvOTlGQkUzM0Ez
M0JEMTFFQjlDQkUwQzEwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAJnV2gwDwQCAAIwCQMHACABDfVrgDANBgkqhkiG9w0BAQsF
AAOCAQEAP+tsjiOCKEHecr9ri3wt0Ozc3FFxpISAQQs7Fio7tROO8C8nB7u0ot49
dg+4Y7nF5/ha/fwpi46Y+HUKzjdFVeoVz6XeuoOepGvDA236M9GOH/b02CBg+wSJ
GiablV5Gn+gxYxoA/R31koreG99pS0GqE7OgxmlUu5Cl+eugrxe5HD/TpD4rh4Zs
JFIsT1fhN1rWfzqMabw9MtnEYuVcCog5zAmpNsgdeodVWxpDFRF+J0owXRdJNiFH
V6CmCm+9bX2q+lri+sxo12lgytTB3ycygX4gRuz9nyXjWIeOgHtYWxA8qvARx1dC
zCUvDBwdudTDRp0mgPVsRKrEikk+NQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:53 2023 by rpki-client on console-ams.rpki-client.org