Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/A25F0BF4914811EBA70B5548C4F9AE02.roa
File: A25F0BF4914811EBA70B5548C4F9AE02.roa (raw, json)
Hash identifier: VEaPtmlqtkcT+zhVCGOjLP4NhwTjimyf+S6oga9qBys=
Subject key identifier: 38:52:85:17:4D:F4:DC:58:AA:EE:66:1F:A8:F1:37:31:B3:B7:08:A9
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 609D
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/A25F0BF4914811EBA70B5548C4F9AE02.roa
Signing time: Thu 24 Nov 2022 16:01:52 +0000
ROA not before: Thu 24 Nov 2022 16:01:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 137594
IP address blocks: 103.129.108.0/22 maxlen: 22
103.129.108.0/24 maxlen: 24
103.129.109.0/24 maxlen: 24
103.129.110.0/24 maxlen: 24
103.129.111.0/24 maxlen: 24
2001:df1:9040::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 24733 (0x609d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Nov 24 16:01:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=637f956f-8e75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:91:e0:d4:ac:3e:c2:0a:be:34:26:1b:54:cc:
08:85:39:46:c7:d9:5e:91:b4:a5:08:c7:a0:3b:bc:
de:9a:06:0a:cf:5f:46:e8:e3:73:fb:5d:83:6f:40:
8f:99:9e:a0:7f:e5:1a:0e:50:51:7d:b6:c1:84:f6:
34:7b:a7:68:c5:39:45:f6:c0:f0:32:80:84:f1:ec:
03:91:80:4e:84:a5:78:e2:2d:ac:08:4d:7d:be:de:
33:eb:28:31:61:9e:2d:b7:20:a7:dc:26:73:2f:94:
a3:31:47:61:f6:a2:51:69:5b:76:4f:8c:dc:fd:c0:
2d:ae:23:4e:99:07:ee:e6:b0:c8:7c:b1:8b:88:0f:
fe:3f:a3:98:df:be:fe:f4:38:a0:82:52:e4:93:25:
99:52:33:50:c2:da:2b:c8:8e:d4:c8:13:1a:0c:67:
ce:12:6c:ac:aa:5d:54:34:b0:69:9f:6a:ba:36:0e:
4d:c4:ac:a1:d7:da:08:fe:e0:8a:ff:cf:43:8a:e2:
7c:0e:9a:0a:15:53:4d:12:25:01:d4:30:ed:ce:83:
72:33:e9:0a:a7:50:eb:08:40:26:b8:7d:7e:f5:a9:
e4:4e:0f:df:e7:f4:00:90:48:30:c7:4e:6a:62:da:
0a:0c:8f:e9:b0:27:7e:d3:cc:d7:1f:af:99:b7:f9:
29:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:52:85:17:4D:F4:DC:58:AA:EE:66:1F:A8:F1:37:31:B3:B7:08:A9
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/A25F0BF4914811EBA70B5548C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.129.108.0/22
IPv6:
2001:df1:9040::/48
Signature Algorithm: sha256WithRSAEncryption
9e:b5:33:c6:f6:12:c4:70:1b:87:93:3f:c2:ac:3b:6f:d7:0b:
fb:b2:17:69:a8:b0:90:91:8b:e2:75:9a:08:a2:9a:ef:39:95:
03:11:55:ea:7b:b5:15:93:59:49:d0:03:81:f0:9f:69:b5:74:
78:5d:ac:6a:99:d6:e7:9f:17:a9:22:2e:75:cf:39:e1:f0:66:
1f:fb:e6:9c:ba:0f:ef:69:37:e5:b4:4e:3c:fd:88:2b:78:c6:
c7:9e:b1:16:7c:f0:f6:0c:dd:a2:eb:6c:9f:0e:80:43:26:97:
08:88:99:84:65:dd:90:df:79:61:a1:55:9b:8a:e7:e8:b9:c7:
59:67:df:f5:9d:59:0f:25:d9:93:b1:1e:10:52:6b:06:a0:7f:
7b:bf:62:e9:bc:05:db:fb:2b:f7:c8:d1:05:06:1c:ca:e8:7c:
b8:e9:d5:bc:fb:93:33:98:3d:6a:e2:19:c9:02:60:41:ff:8e:
57:4a:22:27:54:24:71:84:f7:3f:b1:5d:17:ea:e2:ac:80:ec:
3e:7e:c1:24:76:00:7c:97:2c:a5:10:1a:e0:d3:72:13:dc:4e:
79:50:e4:31:38:f9:62:c0:3a:60:70:5b:1d:59:a7:61:3c:e4:
80:c3:1e:3e:86:91:40:11:d6:dc:d3:2e:a0:b8:4a:08:e3:00:
ea:dd:54:a7
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICYJ0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjIxMTI0MTYwMTUxWhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzdmOTU2Zi04ZTc1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyJHg1Kw+wgq+NCYbVMwIhTlGx9lekbSlCMegO7zemgYKz19G6ONz+12Db0CP
mZ6gf+UaDlBRfbbBhPY0e6doxTlF9sDwMoCE8ewDkYBOhKV44i2sCE19vt4z6ygx
YZ4ttyCn3CZzL5SjMUdh9qJRaVt2T4zc/cAtriNOmQfu5rDIfLGLiA/+P6OY377+
9DigglLkkyWZUjNQwtoryI7UyBMaDGfOEmysql1UNLBpn2q6Ng5NxKyh19oI/uCK
/89DiuJ8DpoKFVNNEiUB1DDtzoNyM+kKp1DrCEAmuH1+9ankTg/f5/QAkEgwx05q
YtoKDI/psCd+08zXH6+Zt/kpuwIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFDhShRdN
9NxYqu5mH6jxNzGztwipMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvQTI1RjBCRjQ5
MTQ4MTFFQkE3MEI1NTQ4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAJngWwwDwQCAAIwCQMHACABDfGQQDANBgkqhkiG9w0BAQsF
AAOCAQEAnrUzxvYSxHAbh5M/wqw7b9cL+7IXaaiwkJGL4nWaCKKa7zmVAxFV6nu1
FZNZSdADgfCfabV0eF2sapnW558XqSIudc854fBmH/vmnLoP72k35bROPP2IK3jG
x56xFnzw9gzdoutsnw6AQyaXCIiZhGXdkN95YaFVm4rn6LnHWWff9Z1ZDyXZk7Ee
EFJrBqB/e79i6bwF2/sr98jRBQYcyuh8uOnVvPuTM5g9auIZyQJgQf+OV0oiJ1Qk
cYT3P7FdF+rirIDsPn7BJHYAfJcspRAa4NNyE9xOeVDkMTj5YsA6YHBbHVmnYTzk
gMMePoaRQBHW3NMuoLhKCOMA6t1Upw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:54 2023 by rpki-client on console-ams.rpki-client.org