Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/AC839F0296AF11EB945D174DC4F9AE02.roa
File: AC839F0296AF11EB945D174DC4F9AE02.roa (raw, json)
Hash identifier: a4j64s7w8jf83YpHRTrA1xLJs1KxAspUt3jqVwksf7U=
Subject key identifier: FB:86:6D:46:E9:32:E0:41:C9:5E:05:E0:5E:15:FE:35:06:B1:D7:39
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 696B
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/AC839F0296AF11EB945D174DC4F9AE02.roa
Signing time: Tue 02 May 2023 09:51:49 +0000
ROA not before: Tue 02 May 2023 09:51:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 135845
IP address blocks: 103.81.236.0/24 maxlen: 24
103.81.237.0/24 maxlen: 24
103.81.238.0/24 maxlen: 24
103.81.239.0/24 maxlen: 24
2406:a2c0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 26987 (0x696b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: May 2 09:51:49 2023 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6450dd33-fbe3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:47:8f:c7:ac:48:79:f3:38:b2:fe:50:c9:f3:
99:f9:65:5d:c1:7a:c7:10:d2:03:de:87:58:b7:54:
cf:52:cc:48:16:ca:41:e0:07:04:26:a0:76:e6:ae:
31:71:47:6c:6c:96:64:1f:f7:6c:99:8c:e3:7b:43:
be:f1:dd:47:56:b5:0a:45:17:3a:d0:75:f8:0e:09:
b3:eb:2c:cc:26:81:04:a0:99:38:e9:cd:f7:68:33:
c7:a3:58:45:7b:3c:a5:c4:ee:85:5e:7a:e7:24:5a:
d5:b7:7e:c1:ac:f7:78:c1:47:29:81:c3:4c:5b:31:
e7:d6:ed:d4:80:64:02:af:12:48:b0:ab:a1:03:95:
d6:5d:a8:8a:5d:d9:0b:2e:c2:18:41:9a:d6:c2:39:
cd:f3:9f:10:89:96:b2:92:b7:45:f5:26:0f:7a:80:
db:74:d8:93:af:54:27:e4:f1:a9:f7:b7:de:62:5c:
d6:88:57:bb:03:00:8d:bc:f8:41:8c:5b:6e:0f:f7:
71:39:3b:31:93:7a:b3:54:eb:e4:d5:b7:83:e6:a3:
a0:df:2a:4d:51:fc:a3:af:0d:f1:fb:5e:8b:67:37:
d2:62:be:0e:af:04:91:ff:f4:1f:28:d4:cb:1e:de:
fb:97:7a:42:54:80:c1:6a:73:76:c5:03:d1:e7:6b:
30:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:86:6D:46:E9:32:E0:41:C9:5E:05:E0:5E:15:FE:35:06:B1:D7:39
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/AC839F0296AF11EB945D174DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.81.236.0/22
IPv6:
2406:a2c0::/32
Signature Algorithm: sha256WithRSAEncryption
04:63:0f:f1:b7:04:07:b0:d3:a8:64:ca:67:d7:05:fd:8a:3c:
28:c7:91:09:a8:11:0d:28:54:d8:e0:aa:57:03:04:55:24:e4:
e5:c8:fa:99:ca:44:c0:13:a6:f1:bc:aa:a3:53:fb:ea:fb:0e:
c7:4c:81:a3:a2:d8:1b:4b:8b:c8:ce:58:e6:55:39:c6:c7:24:
9f:6a:90:72:a9:8f:bd:00:fe:2c:62:cb:60:b7:61:4f:60:ff:
2e:98:61:9c:df:51:88:7a:4a:ce:db:27:8c:c5:d1:d3:5b:eb:
8a:25:c6:4a:6e:9a:14:53:2e:89:14:93:76:db:4d:5d:4f:99:
66:9a:a6:98:1b:1f:67:c5:b9:fb:6c:36:43:9f:87:d6:15:6e:
cf:0e:64:bf:fc:74:34:6f:ee:45:d4:dc:94:5f:fe:4d:c4:26:
8e:cc:f1:f3:42:81:65:69:74:c5:79:e6:69:c9:63:bc:5e:cd:
e6:3c:49:53:88:00:25:7a:b8:a3:bb:d2:59:39:ee:f0:e4:f7:
64:da:8e:94:24:ad:31:d2:19:a4:a8:b9:8f:c2:b6:68:d1:31:
69:f0:1f:17:b1:60:bf:8a:ae:b9:b7:70:b8:07:48:37:d4:82:
64:af:62:29:e0:20:08:3c:b5:0c:c6:fb:94:18:77:c0:81:8d:
15:64:8b:68
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICaWswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMwNTAyMDk1MTQ5WhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDUwZGQzMy1mYmUzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAt0ePx6xIefM4sv5QyfOZ+WVdwXrHENID3odYt1TPUsxIFspB4AcEJqB25q4x
cUdsbJZkH/dsmYzje0O+8d1HVrUKRRc60HX4Dgmz6yzMJoEEoJk46c33aDPHo1hF
ezylxO6FXnrnJFrVt37BrPd4wUcpgcNMWzHn1u3UgGQCrxJIsKuhA5XWXaiKXdkL
LsIYQZrWwjnN858QiZaykrdF9SYPeoDbdNiTr1Qn5PGp97feYlzWiFe7AwCNvPhB
jFtuD/dxOTsxk3qzVOvk1beD5qOg3ypNUfyjrw3x+16LZzfSYr4OrwSR//QfKNTL
Ht77l3pCVIDBanN2xQPR52sw6wIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFPuGbUbp
MuBByV4F4F4V/jUGsdc5MB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvQUM4MzlGMDI5
NkFGMTFFQjk0NUQxNzREQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAJnUewwDQQCAAIwBwMFACQGosAwDQYJKoZIhvcNAQELBQAD
ggEBAARjD/G3BAew06hkymfXBf2KPCjHkQmoEQ0oVNjgqlcDBFUk5OXI+pnKRMAT
pvG8qqNT++r7DsdMgaOi2BtLi8jOWOZVOcbHJJ9qkHKpj70A/ixiy2C3YU9g/y6Y
YZzfUYh6Ss7bJ4zF0dNb64olxkpumhRTLokUk3bbTV1PmWaappgbH2fFuftsNkOf
h9YVbs8OZL/8dDRv7kXU3JRf/k3EJo7M8fNCgWVpdMV55mnJY7xezeY8SVOIACV6
uKO70lk57vDk92TajpQkrTHSGaSouY/CtmjRMWnwHxexYL+Krrm3cLgHSDfUgmSv
YingIAg8tQzG+5QYd8CBjRVki2g=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:54 2023 by rpki-client on console-ams.rpki-client.org