Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/AEE6B79671FD11ECA4BCDD52C4F9AE02.roa
File: AEE6B79671FD11ECA4BCDD52C4F9AE02.roa (raw, json)
Hash identifier: DMQbS1CEEX9kZ3DdN7T/dNNE/J3J3u7Ikpq2TGRHLsE=
Subject key identifier: A0:61:2B:EB:1F:1D:AC:52:82:56:2B:C3:D1:43:6F:C4:3D:A8:95:98
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 45A9
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/AEE6B79671FD11ECA4BCDD52C4F9AE02.roa
Signing time: Mon 10 Jan 2022 10:11:32 +0000
ROA not before: Mon 10 Jan 2022 10:11:32 +0000
ROA not after: Fri 01 Jul 2022 00:00:00 +0000
asID: 135848
IP address blocks: 103.81.156.0/22 maxlen: 24
103.158.148.0/23 maxlen: 24
103.160.72.0/23 maxlen: 24
103.174.32.0/24 maxlen: 24
103.174.33.0/24 maxlen: 24
103.176.232.0/24 maxlen: 24
103.176.233.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17833 (0x45a9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Jan 10 10:11:32 2022 GMT
Not After : Jul 1 00:00:00 2022 GMT
Subject: CN=61dc0653-0ed7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:0b:85:84:4e:a2:a5:cd:1e:db:cd:2e:48:0e:
1e:b7:2a:f4:38:54:41:ff:7a:08:7f:ed:34:5a:99:
2a:be:d1:c5:87:bd:f4:9c:40:3d:56:9a:17:07:6e:
05:8f:9f:a9:7a:92:8c:09:84:ff:a0:40:1a:2b:e3:
09:df:b5:d5:6f:bd:04:9d:29:1a:b5:0a:a1:c3:d8:
66:5d:77:87:5e:52:6e:4d:5f:89:72:cd:f9:74:4d:
4f:67:a2:15:a7:29:79:11:8d:86:4d:6d:61:7d:43:
36:3b:de:45:c8:36:86:e9:0d:ef:a7:94:e5:fd:0a:
6f:81:f4:8a:19:d8:54:ba:ea:6a:ce:89:13:df:16:
6e:0d:bf:dd:b8:7a:81:04:da:eb:12:d2:61:be:ee:
7a:b4:0c:3a:c1:84:48:64:a1:e1:ef:63:42:6e:ad:
09:73:5d:4b:01:61:8a:c9:65:63:23:df:f8:09:91:
87:9b:17:8c:38:2a:fa:d6:be:be:9a:4d:1f:1b:12:
10:09:dc:96:76:a8:5b:fe:62:3d:05:78:ee:cf:aa:
a1:65:6b:d2:d5:0a:0c:0b:20:84:a9:03:96:64:e3:
bf:60:bd:1c:56:12:51:bc:b4:e9:61:62:f4:d7:92:
bd:67:d9:4b:29:8a:df:b0:83:0d:56:e8:2c:2c:34:
08:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:61:2B:EB:1F:1D:AC:52:82:56:2B:C3:D1:43:6F:C4:3D:A8:95:98
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/AEE6B79671FD11ECA4BCDD52C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.81.156.0/22
103.158.148.0/23
103.160.72.0/23
103.174.32.0/23
103.176.232.0/23
Signature Algorithm: sha256WithRSAEncryption
ac:da:5a:c3:99:d0:33:35:85:79:39:7e:88:2c:d5:6f:ba:35:
50:80:22:54:6d:78:d4:31:cc:a3:1a:97:84:b9:66:c4:b1:f3:
90:6b:05:9c:19:47:e9:61:e4:32:9d:63:72:1a:44:8f:b2:43:
f8:3f:e5:d0:b3:fe:a0:f9:56:fb:45:c5:ce:af:06:f6:fa:61:
81:31:c7:1e:17:1a:d5:37:89:f4:3d:ab:28:99:be:ba:3f:4b:
8a:3f:4f:00:b1:c2:a1:47:50:12:cf:fa:a4:44:7b:5d:e4:a9:
f4:77:7c:a2:8b:69:58:05:9f:22:ab:18:4c:90:18:d7:4b:bc:
2f:80:63:32:ef:89:d3:a6:3e:a5:20:a8:56:6a:0e:00:85:e5:
3d:27:3a:04:3e:a6:9b:f6:c7:5d:07:7f:5c:b6:0a:cd:fa:95:
b5:bc:38:7c:f4:96:f0:54:cd:f1:1d:84:9c:05:98:86:0d:9a:
41:80:33:17:48:53:99:32:b6:e8:ec:f3:f6:14:a3:ee:ab:47:
65:0c:bd:a8:e3:8d:e6:86:8b:96:1e:85:7d:64:b2:df:fd:d5:
11:f4:a4:3e:62:9f:e1:7f:ed:12:c8:14:cb:42:95:bd:e9:d3:
35:7c:70:be:35:f7:1e:9c:ab:d2:2b:27:13:64:c2:93:5b:4b:
14:44:9c:80
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgICRakwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjIwMTEwMTAxMTMyWhcNMjIwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MWRjMDY1My0wZWQ3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwAuFhE6ipc0e280uSA4etyr0OFRB/3oIf+00WpkqvtHFh730nEA9VpoXB24F
j5+pepKMCYT/oEAaK+MJ37XVb70EnSkatQqhw9hmXXeHXlJuTV+Jcs35dE1PZ6IV
pyl5EY2GTW1hfUM2O95FyDaG6Q3vp5Tl/QpvgfSKGdhUuupqzokT3xZuDb/duHqB
BNrrEtJhvu56tAw6wYRIZKHh72NCbq0Jc11LAWGKyWVjI9/4CZGHmxeMOCr61r6+
mk0fGxIQCdyWdqhb/mI9BXjuz6qhZWvS1QoMCyCEqQOWZOO/YL0cVhJRvLTpYWL0
15K9Z9lLKYrfsIMNVugsLDQI4QIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFKBhK+sf
HaxSglYrw9FDb8Q9qJWYMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvQUVFNkI3OTY3
MUZEMTFFQ0E0QkNERDUyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNwYIKwYBBQUHAQcBAf8E
KDAmMCQEAgABMB4DBAJnUZwDBAFnnpQDBAFnoEgDBAFnriADBAFnsOgwDQYJKoZI
hvcNAQELBQADggEBAKzaWsOZ0DM1hXk5fogs1W+6NVCAIlRteNQxzKMal4S5ZsSx
85BrBZwZR+lh5DKdY3IaRI+yQ/g/5dCz/qD5VvtFxc6vBvb6YYExxx4XGtU3ifQ9
qyiZvro/S4o/TwCxwqFHUBLP+qREe13kqfR3fKKLaVgFnyKrGEyQGNdLvC+AYzLv
idOmPqUgqFZqDgCF5T0nOgQ+ppv2x10Hf1y2Cs36lbW8OHz0lvBUzfEdhJwFmIYN
mkGAMxdIU5kytujs8/YUo+6rR2UMvajjjeaGi5YehX1kst/91RH0pD5in+F/7RLI
FMtClb3p0zV8cL419x6cq9IrJxNkwpNbSxREnIA=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:54 2023 by rpki-client on console-ams.rpki-client.org