Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/AD18281CE4F411ED96B69566C4F9AE02.roa
File: AD18281CE4F411ED96B69566C4F9AE02.roa (raw, json)
Hash identifier: CjzPjYq+dQSf+yRHGdGtNRz3/1uiERUsGQ4ikzg0MO4=
Subject key identifier: B5:AA:3D:57:8A:8F:03:0C:69:14:81:91:FE:82:39:B0:2D:84:94:59
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 6931
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/AD18281CE4F411ED96B69566C4F9AE02.roa
Signing time: Thu 27 Apr 2023 13:51:44 +0000
ROA not before: Thu 27 Apr 2023 13:51:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 136290
IP address blocks: 103.21.68.0/23 maxlen: 24
103.48.70.0/24 maxlen: 24
103.48.71.0/24 maxlen: 24
2407:b7c0::/32 maxlen: 32
2407:b7c0::/40 maxlen: 48
2407:b7c0:100::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 26929 (0x6931)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Apr 27 13:51:44 2023 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=644a7def-f069
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:97:87:8d:69:4e:3a:d9:43:c2:e6:60:a6:f4:
fc:c9:8b:15:8f:e2:e0:cd:f7:a4:9a:97:a1:88:e8:
d3:bc:f6:a5:ce:80:9b:ee:22:b8:7f:f8:4b:aa:ac:
ee:b1:90:10:9e:75:2b:71:6f:c6:15:d2:66:64:ac:
a1:51:13:5a:7a:59:c8:33:aa:18:17:f6:a7:63:dd:
63:a2:d9:3e:06:59:a6:c9:de:76:2f:4d:1e:b2:37:
83:1b:23:26:6c:d5:88:43:58:62:56:73:b0:08:b9:
94:1d:3c:ce:b6:ed:ef:44:38:c9:ac:b6:b0:3c:5f:
a8:19:62:ad:64:f7:e4:1c:13:0a:df:0e:e2:c3:8a:
f7:5f:c7:2d:f0:1d:11:82:72:c8:45:4f:b8:fa:9a:
8a:53:fd:25:6d:3d:70:1f:b4:f8:62:6d:13:00:b9:
6d:54:09:e0:b7:31:07:77:d1:77:c2:81:72:02:e0:
16:86:05:d8:01:fd:5a:6c:7a:d2:48:d8:c8:9d:6d:
8b:db:17:e1:79:96:76:90:2b:41:06:b6:a2:13:91:
5d:9f:78:6e:90:32:93:30:a6:7c:b5:92:6d:6a:2e:
dc:68:0b:3f:50:6a:46:c2:ae:a8:2b:e0:65:bf:b6:
27:90:36:dd:02:c7:a8:4d:2c:8c:db:dc:b2:67:e8:
6d:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:AA:3D:57:8A:8F:03:0C:69:14:81:91:FE:82:39:B0:2D:84:94:59
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/AD18281CE4F411ED96B69566C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.21.68.0/23
103.48.70.0/23
IPv6:
2407:b7c0::/32
Signature Algorithm: sha256WithRSAEncryption
93:a4:c8:21:91:12:20:f7:19:ca:d5:8f:78:da:84:78:a1:70:
7f:09:eb:10:2d:9a:af:b6:52:a0:06:fb:94:d9:12:88:cf:f6:
0a:bd:c9:37:ec:d0:dd:11:b4:06:3f:cb:aa:ca:9f:3f:6e:3d:
c2:0a:a2:17:fd:cd:da:a4:69:1c:dc:99:b5:bd:09:c2:58:93:
7a:e6:51:ed:e0:d0:86:1a:3a:77:38:d1:0a:80:ea:4f:fd:28:
f9:6d:00:42:d1:21:d4:01:1b:19:14:b5:c8:99:ae:5c:4c:86:
0c:f1:8e:aa:b2:e0:0e:68:29:72:81:03:b3:45:65:3f:2c:6c:
62:d1:7f:a6:91:2d:cc:70:73:6b:60:ce:45:f4:41:47:00:b5:
98:a4:5d:70:fc:9e:b5:05:af:1e:a9:09:f8:18:52:c9:47:3e:
99:b5:f7:c8:a2:3e:e0:64:90:60:38:a1:9d:2a:1f:95:8c:1c:
c3:88:68:38:99:04:9b:2d:88:83:6f:b6:0e:ba:d0:6c:6a:21:
c0:fc:37:9c:41:03:0f:cc:5a:9d:dc:15:22:bf:d8:c9:bc:8c:
23:29:7c:bd:09:52:3c:72:0f:8d:c4:7b:4f:62:d1:b7:f5:ea:
9f:50:b6:25:9a:26:f3:a8:57:8f:2a:0f:24:13:4d:af:90:de:
ec:14:67:57
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICaTEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMwNDI3MTM1MTQ0WhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDRhN2RlZi1mMDY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuZeHjWlOOtlDwuZgpvT8yYsVj+LgzfekmpehiOjTvPalzoCb7iK4f/hLqqzu
sZAQnnUrcW/GFdJmZKyhURNaelnIM6oYF/anY91jotk+Blmmyd52L00esjeDGyMm
bNWIQ1hiVnOwCLmUHTzOtu3vRDjJrLawPF+oGWKtZPfkHBMK3w7iw4r3X8ct8B0R
gnLIRU+4+pqKU/0lbT1wH7T4Ym0TALltVAngtzEHd9F3woFyAuAWhgXYAf1abHrS
SNjInW2L2xfheZZ2kCtBBraiE5Fdn3hukDKTMKZ8tZJtai7caAs/UGpGwq6oK+Bl
v7YnkDbdAseoTSyM29yyZ+htQQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFLWqPVeK
jwMMaRSBkf6CObAthJRZMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvQUQxODI4MUNF
NEY0MTFFRDk2QjY5NTY2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAFnFUQDBAFnMEYwDQQCAAIwBwMFACQHt8AwDQYJKoZIhvcN
AQELBQADggEBAJOkyCGREiD3GcrVj3jahHihcH8J6xAtmq+2UqAG+5TZEojP9gq9
yTfs0N0RtAY/y6rKnz9uPcIKohf9zdqkaRzcmbW9CcJYk3rmUe3g0IYaOnc40QqA
6k/9KPltAELRIdQBGxkUtciZrlxMhgzxjqqy4A5oKXKBA7NFZT8sbGLRf6aRLcxw
c2tgzkX0QUcAtZikXXD8nrUFrx6pCfgYUslHPpm198iiPuBkkGA4oZ0qH5WMHMOI
aDiZBJstiINvtg660GxqIcD8N5xBAw/MWp3cFSK/2Mm8jCMpfL0JUjxyD43Ee09i
0bf16p9QtiWaJvOoV48qDyQTTa+Q3uwUZ1c=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:54 2023 by rpki-client on console-ams.rpki-client.org