Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/9FC62F6804D811ECACBB0957C4F9AE02.roa
File: 9FC62F6804D811ECACBB0957C4F9AE02.roa (raw, json)
Hash identifier: ZvcITv0EvCjoyMyMk5ASa5uME1VVCht3Q0yxS0ns2Rw=
Subject key identifier: 5D:B7:FA:19:B9:CD:A1:9E:16:4F:D4:E6:28:FC:8B:AC:D9:ED:27:78
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 53D9
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/9FC62F6804D811ECACBB0957C4F9AE02.roa
Signing time: Mon 16 May 2022 04:27:11 +0000
ROA not before: Mon 16 May 2022 04:27:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 146846
IP address blocks: 103.83.248.0/22 maxlen: 24
103.171.205.0/24 maxlen: 24
103.217.88.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21465 (0x53d9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: May 16 04:27:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6281d29f-82bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:be:8f:98:31:e2:d8:e1:8c:99:2b:b7:82:81:
8c:4e:77:b2:75:5e:cc:2a:bf:25:ad:14:d5:4e:e8:
93:60:00:ce:bb:1c:e1:d5:ff:85:3d:a7:6d:f3:9a:
1f:5c:1e:c2:22:25:7a:a8:85:96:ed:13:17:35:c8:
91:98:c9:35:22:bc:3c:f8:b4:fa:d5:fe:03:07:00:
88:ca:0b:1c:5e:a7:83:d0:e9:5e:e1:97:0c:bc:72:
30:59:14:70:67:9b:6b:26:47:19:aa:28:06:39:ee:
66:af:35:3c:58:a3:0a:ab:5b:de:a5:d1:38:8c:77:
7f:b7:ee:4a:76:92:50:e1:a2:60:06:62:8a:62:b2:
e9:d0:46:d8:94:bb:4b:91:1b:4d:aa:ce:99:4f:45:
bc:75:a6:79:76:aa:a6:2c:34:26:fb:ad:3c:6b:cf:
6f:25:7c:91:ab:37:6a:eb:52:70:3c:41:3b:ad:8e:
19:b8:9d:80:3e:ff:14:79:52:eb:38:6e:7d:ea:8f:
2b:a5:44:53:99:27:7e:f9:36:00:b6:37:30:be:ff:
b6:05:36:7b:c4:8f:d7:d6:f8:1f:f6:94:de:ea:7a:
26:e8:18:6b:75:d0:98:d1:f4:51:0c:cf:3b:ea:83:
81:31:b8:cb:60:c6:fd:26:99:c7:77:50:f0:ad:c0:
1f:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:B7:FA:19:B9:CD:A1:9E:16:4F:D4:E6:28:FC:8B:AC:D9:ED:27:78
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/9FC62F6804D811ECACBB0957C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.83.248.0/22
103.171.205.0/24
103.217.88.0/22
Signature Algorithm: sha256WithRSAEncryption
89:74:4c:cd:0b:9f:1d:45:71:e4:e4:e9:b8:c7:72:8f:31:1f:
bc:8d:75:43:55:2f:46:f9:85:c3:56:44:e8:0e:22:d3:f6:a5:
b3:a6:10:ed:e4:92:0e:c2:53:8b:3a:7f:90:9c:da:ff:4b:37:
3c:1a:af:af:f9:81:65:0e:3a:f7:da:76:8c:5c:f3:53:32:1f:
f1:17:66:60:91:46:a1:50:1a:ac:30:45:96:8f:eb:08:24:4c:
27:df:17:aa:aa:1d:7b:f5:c3:fa:33:2e:dc:e4:95:ca:24:e7:
a4:d2:5c:01:49:b4:02:88:8f:c7:72:18:b9:5f:3d:9a:b2:bf:
6f:55:3c:f4:11:bd:c1:3b:39:5b:ee:40:5e:04:54:9b:c9:41:
e7:87:a2:47:20:80:81:7b:31:eb:a5:34:bb:fa:22:1c:5d:15:
5b:8b:b7:67:09:74:2d:86:cc:34:d7:ac:6b:f6:6e:b2:e5:70:
2f:4d:ad:84:29:6b:91:7c:2a:80:0d:e2:97:c1:4f:8b:3f:e5:
fd:63:8d:4b:07:8d:58:66:e0:81:eb:2d:64:e0:73:54:ec:fd:
cd:f2:6b:7d:52:1d:a9:93:0a:67:af:2f:7f:ba:8d:04:1e:a1:
94:4e:37:a5:4a:17:e8:6e:af:4d:55:b1:4e:95:c6:2e:3d:ec:
58:64:de:38
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICU9kwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjIwNTE2MDQyNzExWhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjgxZDI5Zi04MmJkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAub6PmDHi2OGMmSu3goGMTneydV7MKr8lrRTVTuiTYADOuxzh1f+FPadt85of
XB7CIiV6qIWW7RMXNciRmMk1Irw8+LT61f4DBwCIygscXqeD0Ole4ZcMvHIwWRRw
Z5trJkcZqigGOe5mrzU8WKMKq1vepdE4jHd/t+5KdpJQ4aJgBmKKYrLp0EbYlLtL
kRtNqs6ZT0W8daZ5dqqmLDQm+608a89vJXyRqzdq61JwPEE7rY4ZuJ2APv8UeVLr
OG596o8rpURTmSd++TYAtjcwvv+2BTZ7xI/X1vgf9pTe6nom6BhrddCY0fRRDM87
6oOBMbjLYMb9JpnHd1DwrcAfJwIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFF23+hm5
zaGeFk/U5ij8i6zZ7Sd4MB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvOUZDNjJGNjgw
NEQ4MTFFQ0FDQkIwOTU3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAJnU/gDBABnq80DBAJn2VgwDQYJKoZIhvcNAQELBQADggEB
AIl0TM0Lnx1FceTk6bjHco8xH7yNdUNVL0b5hcNWROgOItP2pbOmEO3kkg7CU4s6
f5Cc2v9LNzwar6/5gWUOOvfadoxc81MyH/EXZmCRRqFQGqwwRZaP6wgkTCffF6qq
HXv1w/ozLtzklcok56TSXAFJtAKIj8dyGLlfPZqyv29VPPQRvcE7OVvuQF4EVJvJ
QeeHokcggIF7MeulNLv6IhxdFVuLt2cJdC2GzDTXrGv2brLlcC9NrYQpa5F8KoAN
4pfBT4s/5f1jjUsHjVhm4IHrLWTgc1Ts/c3ya31SHamTCmevL3+6jQQeoZRON6VK
F+hur01VsU6Vxi497Fhk3jg=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:53 2023 by rpki-client on console-ams.rpki-client.org