Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/A2D8AF182FDB11ECBF828259C4F9AE02.roa
File: A2D8AF182FDB11ECBF828259C4F9AE02.roa (raw, json)
Hash identifier: fzvqgXPzliqQNNt4yuoNDxvQ55nEskj4aZ/r+C4wiGA=
Subject key identifier: 04:49:67:AC:E8:40:7C:CF:5A:AE:07:18:4C:70:00:2C:84:01:CF:2E
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 544D
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/A2D8AF182FDB11ECBF828259C4F9AE02.roa
Signing time: Mon 16 May 2022 04:29:22 +0000
ROA not before: Mon 16 May 2022 04:29:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 147280
IP address blocks: 103.174.126.0/23 maxlen: 24
103.174.164.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21581 (0x544d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: May 16 04:29:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6281d321-2251
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:8c:87:50:94:18:9b:62:74:c0:7b:83:57:d4:
e4:73:b0:b1:60:04:23:b9:a2:10:4f:34:0e:1a:f9:
97:ea:2b:51:88:2c:0a:6c:5d:9c:a0:8f:ff:b4:85:
33:bf:3f:f1:f1:d0:ed:bc:36:b9:9e:46:7e:6e:f9:
e8:86:b8:d5:a4:03:9c:3a:f9:62:11:c6:c0:59:6a:
e3:73:f6:65:ef:b4:c3:76:68:6b:6c:42:81:20:a4:
c9:08:d2:0a:f5:8a:e1:2b:ad:52:67:8b:32:90:cd:
a4:57:af:0c:95:2f:69:c8:29:e8:04:c1:bd:f0:56:
51:57:0c:bc:56:9a:55:2f:08:59:05:6f:47:80:17:
91:56:a0:86:db:4c:b5:06:ea:21:40:a3:f9:ae:2e:
e0:7d:93:4c:59:68:47:96:80:84:f4:dc:02:99:9d:
b4:7e:1f:b7:29:be:59:6b:9b:ce:1e:83:be:fc:7f:
de:f2:cd:b5:52:0e:b5:2d:c8:cc:42:55:93:86:b6:
10:46:d1:d9:5f:c0:e8:e8:6c:7a:38:69:90:62:2e:
8e:f4:f2:4e:3c:da:7c:40:56:05:61:a6:cb:8e:4d:
f1:93:41:55:74:63:75:b3:f6:2d:72:6b:ed:70:71:
2b:e7:07:cd:fe:1b:06:05:1f:b8:bd:48:a1:00:23:
93:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:49:67:AC:E8:40:7C:CF:5A:AE:07:18:4C:70:00:2C:84:01:CF:2E
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/A2D8AF182FDB11ECBF828259C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.174.126.0/23
103.174.164.0/23
Signature Algorithm: sha256WithRSAEncryption
1a:1e:41:85:ca:a0:c1:b9:85:7b:e5:3d:cb:d1:79:60:4d:e2:
4f:93:bf:ce:61:0f:0f:b7:e9:90:34:ef:81:d3:2a:aa:2c:f8:
75:b3:7a:9e:8f:af:9b:ab:b5:73:7e:d7:a5:13:2b:94:b6:27:
44:82:89:ab:ee:e4:da:18:4c:67:0a:12:a1:ca:f4:b1:66:6f:
3f:1f:f3:3c:7b:3b:ef:30:6b:6b:eb:be:b2:7c:65:0f:db:5a:
2a:2f:ff:f5:0f:5a:b3:d8:3f:3a:d2:49:30:fa:1b:75:ab:d5:
91:de:90:60:29:26:40:a0:ba:f3:e6:99:cb:12:84:2e:9d:c7:
2d:9f:26:f5:1d:7f:6b:ce:a2:7b:4f:74:47:eb:06:e6:59:44:
5c:d1:a4:da:cf:06:09:a8:a4:fa:cd:cb:f3:62:7a:37:d3:0a:
a5:b9:37:c2:2d:08:0c:cf:8c:79:32:c1:d9:01:a8:08:19:e9:
b1:b1:cf:81:d8:63:64:38:a1:dd:d0:1f:39:cf:52:b9:34:2b:
35:90:87:52:51:31:de:5a:f9:7b:12:ec:d6:48:b1:76:56:30:
f3:60:15:2e:ab:4d:31:c8:c4:72:a6:6a:86:d5:a6:25:15:1d:
fa:4c:06:e3:89:9c:2b:34:2f:fe:e8:fb:3a:75:8d:97:7a:c7:
51:1e:d2:a6
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICVE0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjIwNTE2MDQyOTIyWhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjgxZDMyMS0yMjUxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1IyHUJQYm2J0wHuDV9Tkc7CxYAQjuaIQTzQOGvmX6itRiCwKbF2coI//tIUz
vz/x8dDtvDa5nkZ+bvnohrjVpAOcOvliEcbAWWrjc/Zl77TDdmhrbEKBIKTJCNIK
9YrhK61SZ4sykM2kV68MlS9pyCnoBMG98FZRVwy8VppVLwhZBW9HgBeRVqCG20y1
BuohQKP5ri7gfZNMWWhHloCE9NwCmZ20fh+3Kb5Za5vOHoO+/H/e8s21Ug61LcjM
QlWThrYQRtHZX8Do6Gx6OGmQYi6O9PJOPNp8QFYFYabLjk3xk0FVdGN1s/Ytcmvt
cHEr5wfN/hsGBR+4vUihACOTdwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFARJZ6zo
QHzPWq4HGExwACyEAc8uMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvQTJEOEFGMTgy
RkRCMTFFQ0JGODI4MjU5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAFnrn4DBAFnrqQwDQYJKoZIhvcNAQELBQADggEBABoeQYXK
oMG5hXvlPcvReWBN4k+Tv85hDw+36ZA074HTKqos+HWzep6Pr5urtXN+16UTK5S2
J0SCiavu5NoYTGcKEqHK9LFmbz8f8zx7O+8wa2vrvrJ8ZQ/bWiov//UPWrPYPzrS
STD6G3Wr1ZHekGApJkCguvPmmcsShC6dxy2fJvUdf2vOontPdEfrBuZZRFzRpNrP
BgmopPrNy/NiejfTCqW5N8ItCAzPjHkywdkBqAgZ6bGxz4HYY2Q4od3QHznPUrk0
KzWQh1JRMd5a+XsS7NZIsXZWMPNgFS6rTTHIxHKmaobVpiUVHfpMBuOJnCs0L/7o
+zp1jZd6x1Ee0qY=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:54 2023 by rpki-client on console-ams.rpki-client.org