Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/ABAA8D92FB5511EBB7032080C4F9AE02.roa
File: ABAA8D92FB5511EBB7032080C4F9AE02.roa (raw, json)
Hash identifier: fBwqhG09JzkSDwh1R2DHuy+lWa7kiZiLYJIsMuX7R+o=
Subject key identifier: AA:8A:AB:08:DF:E6:E9:77:A1:05:26:7A:6B:43:E9:8D:CB:60:72:CA
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 53D0
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/ABAA8D92FB5511EBB7032080C4F9AE02.roa
Signing time: Mon 16 May 2022 04:27:00 +0000
ROA not before: Mon 16 May 2022 04:27:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 142529
IP address blocks: 103.171.116.0/24 maxlen: 24
103.171.117.0/24 maxlen: 24
2001:df7:4480::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21456 (0x53d0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: May 16 04:27:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6281d294-eda1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:00:c8:72:2c:75:91:f2:ce:b1:62:13:1b:3f:
2b:2a:a3:7a:33:e6:42:c6:11:76:f8:31:4b:f6:b7:
cd:d7:cb:e5:7c:d1:1d:16:49:68:14:2f:60:15:12:
bf:6f:71:ea:58:9a:bd:e1:94:c1:1c:4a:8a:b2:f6:
56:cd:cb:eb:55:93:a4:2d:d3:9b:51:b3:53:35:05:
f6:57:59:15:2f:da:fb:61:5c:db:da:08:c1:6a:e9:
07:42:3a:b6:18:39:48:8d:21:17:74:c4:b5:50:3a:
5e:bc:54:4a:c5:98:cf:44:f0:70:5b:a0:74:b8:df:
74:71:75:f3:e0:0c:f1:04:d0:82:3a:d2:b9:34:3c:
77:34:72:ff:ab:b4:2f:20:be:bf:e9:ca:67:3a:63:
c7:61:76:f9:2b:0e:4a:74:c7:db:45:56:e8:19:11:
6b:8b:be:5c:bf:cd:40:a2:c6:53:cb:90:51:12:31:
17:cd:65:d9:ea:97:d0:79:67:e3:b1:5b:cc:38:c1:
90:1f:84:55:dd:09:40:f0:4f:43:5f:fe:f6:66:1f:
b0:50:45:1c:e9:5d:b6:db:96:43:53:dc:ed:d8:b0:
de:84:c7:f2:d9:d4:77:9a:cd:f3:17:13:85:ef:ee:
6f:cb:30:a8:32:eb:77:1d:65:cc:b9:f7:50:0e:72:
4b:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:8A:AB:08:DF:E6:E9:77:A1:05:26:7A:6B:43:E9:8D:CB:60:72:CA
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/ABAA8D92FB5511EBB7032080C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.171.116.0/23
IPv6:
2001:df7:4480::/48
Signature Algorithm: sha256WithRSAEncryption
a5:54:2b:e5:03:2f:9d:3a:ae:42:1d:b7:73:55:e8:a6:56:5d:
1f:ef:08:01:c7:52:95:78:26:95:97:c5:51:ad:6d:e1:b8:eb:
ef:62:f5:8a:e3:88:34:48:20:19:e9:f9:4a:c9:b0:8d:26:38:
0f:59:17:b0:15:22:40:e6:e5:18:a2:10:c7:4f:d1:3a:cf:a4:
e4:a7:cc:92:ea:b9:17:0e:79:d8:8c:53:7a:0f:61:ba:ec:8d:
35:02:3f:22:ab:0b:12:5f:16:97:4b:0e:86:9d:d3:54:84:b1:
58:64:a4:4f:f0:16:53:85:96:e8:6d:25:d2:49:01:21:52:38:
28:4a:0a:6f:a9:9f:74:6f:76:1e:44:c9:dc:a2:34:4a:a6:20:
98:e1:c9:d8:92:66:83:2a:43:81:ae:e1:59:c2:c0:ee:f5:52:
2d:08:e0:e7:77:af:92:bd:48:15:25:b1:de:8e:fe:89:2f:e8:
9a:99:64:e7:ea:5c:3c:12:dd:ba:c2:df:fe:a2:df:b6:57:6f:
72:a0:90:ad:b2:9a:05:77:eb:9e:ba:3e:3e:28:2a:7c:28:16:
f1:f2:00:60:7e:a5:d2:95:01:bf:e8:28:ab:e4:af:a9:7f:7a:
41:94:a1:60:20:69:62:c2:11:e2:92:b7:1e:e4:82:02:af:fc:
a2:6c:ef:a2
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICU9AwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjIwNTE2MDQyNzAwWhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjgxZDI5NC1lZGExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1ADIcix1kfLOsWITGz8rKqN6M+ZCxhF2+DFL9rfN18vlfNEdFkloFC9gFRK/
b3HqWJq94ZTBHEqKsvZWzcvrVZOkLdObUbNTNQX2V1kVL9r7YVzb2gjBaukHQjq2
GDlIjSEXdMS1UDpevFRKxZjPRPBwW6B0uN90cXXz4AzxBNCCOtK5NDx3NHL/q7Qv
IL6/6cpnOmPHYXb5Kw5KdMfbRVboGRFri75cv81AosZTy5BREjEXzWXZ6pfQeWfj
sVvMOMGQH4RV3QlA8E9DX/72Zh+wUEUc6V2225ZDU9zt2LDehMfy2dR3ms3zFxOF
7+5vyzCoMut3HWXMufdQDnJLWQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFKqKqwjf
5ul3oQUmemtD6Y3LYHLKMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvQUJBQThEOTJG
QjU1MTFFQkI3MDMyMDgwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnq3QwDwQCAAIwCQMHACABDfdEgDANBgkqhkiG9w0BAQsF
AAOCAQEApVQr5QMvnTquQh23c1XoplZdH+8IAcdSlXgmlZfFUa1t4bjr72L1iuOI
NEggGen5SsmwjSY4D1kXsBUiQOblGKIQx0/ROs+k5KfMkuq5Fw552IxTeg9huuyN
NQI/IqsLEl8Wl0sOhp3TVISxWGSkT/AWU4WW6G0l0kkBIVI4KEoKb6mfdG92HkTJ
3KI0SqYgmOHJ2JJmgypDga7hWcLA7vVSLQjg53evkr1IFSWx3o7+iS/omplk5+pc
PBLdusLf/qLftldvcqCQrbKaBXfrnro+PigqfCgW8fIAYH6l0pUBv+goq+SvqX96
QZShYCBpYsIR4pK3HuSCAq/8omzvog==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:54 2023 by rpki-client on console-ams.rpki-client.org