Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/C4B5AB64E66411ECB54FFE6BC4F9AE02.roa
File: C4B5AB64E66411ECB54FFE6BC4F9AE02.roa (raw, json)
Hash identifier: wRAYJ0MkG7d2JRtG2DDR5kqOWsxMYPz6xjJ1e3vce5I=
Subject key identifier: 39:4C:7C:AF:99:37:13:2E:44:5F:C6:8C:CA:85:16:C0:D9:C5:5C:1E
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 5C43
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/C4B5AB64E66411ECB54FFE6BC4F9AE02.roa
Signing time: Mon 29 Aug 2022 11:31:43 +0000
ROA not before: Mon 29 Aug 2022 11:31:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 133278
IP address blocks: 27.123.248.0/22 maxlen: 24
103.37.80.0/22 maxlen: 24
103.230.152.0/22 maxlen: 24
2405:ac0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 23619 (0x5c43)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Aug 29 11:31:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=630ca39f-eaec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:fa:7f:f5:97:65:d2:f0:65:5b:39:ae:f8:1c:
41:4d:0a:58:79:73:9d:60:a1:b1:4b:21:62:2e:86:
c4:5d:87:94:41:1e:3d:d8:08:43:63:45:a7:d3:db:
44:1d:c3:79:7f:01:47:7c:a3:67:f3:95:16:04:6a:
c4:3f:0f:d6:21:44:58:f9:5f:2c:7c:ae:d9:b2:8c:
e5:55:d4:4c:a9:6f:f3:ce:da:ca:67:26:11:13:0d:
62:0f:97:9d:a3:54:bd:87:97:7f:0e:12:6a:3b:a7:
8d:63:52:9c:9d:8b:8d:87:f2:16:fb:73:75:cf:0d:
f7:c9:70:1e:4c:2c:63:af:d9:34:07:f3:e3:09:bc:
2a:9b:16:1e:6f:30:dc:13:50:e9:72:45:83:e4:8c:
dd:4b:c3:8e:5b:9a:57:5b:75:4d:d6:6a:28:e5:a6:
3a:4b:ce:8f:9a:51:dc:6c:aa:4d:97:a6:77:c9:cf:
d3:e2:22:db:f6:d5:f5:2e:a3:30:a9:72:93:40:d2:
44:85:f2:5c:1f:ec:57:36:51:04:dc:9e:93:03:b6:
7f:ba:5b:75:62:8f:e4:d9:a4:bc:3e:00:de:ee:2a:
fa:5a:8f:68:92:26:a8:5c:76:a4:21:52:ae:7b:51:
c0:19:08:5e:cf:1f:32:68:0b:0f:5b:d0:e7:7b:73:
06:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:4C:7C:AF:99:37:13:2E:44:5F:C6:8C:CA:85:16:C0:D9:C5:5C:1E
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/C4B5AB64E66411ECB54FFE6BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.123.248.0/22
103.37.80.0/22
103.230.152.0/22
IPv6:
2405:ac0::/32
Signature Algorithm: sha256WithRSAEncryption
82:7e:45:39:14:3e:10:50:55:0f:36:f8:31:8e:db:0d:a7:bf:
1d:05:bd:92:60:bb:26:d9:3c:da:ba:90:e7:17:85:67:06:48:
ce:dd:fe:97:07:86:f7:01:db:91:18:53:05:45:dc:65:62:34:
73:e4:cc:96:4b:33:02:c1:13:8b:8e:65:29:bb:03:00:3b:5b:
5d:4a:c7:f1:f4:ee:3a:e0:a3:de:60:c2:cb:41:60:40:f1:40:
87:51:c7:07:ab:a5:2b:fc:20:2e:55:3b:09:8f:92:03:f5:26:
cb:a3:23:c5:b1:54:cc:be:c4:46:b7:b6:d3:73:46:47:30:fa:
66:81:c3:a1:28:19:b5:d1:5e:dc:cc:03:64:74:9e:9f:cc:7e:
b0:7e:9e:30:32:c8:77:ef:ed:33:6a:3a:09:cc:78:99:21:eb:
4c:99:ae:ae:b5:d8:65:16:4f:2a:74:26:ac:94:44:84:2d:38:
34:b9:23:62:ba:00:90:13:11:7e:70:75:64:56:94:17:2d:f1:
9f:12:5d:3d:85:57:75:af:62:f7:69:b7:56:03:eb:3c:f2:23:
d3:fb:d8:0f:ba:a6:37:9f:e8:3e:0b:08:75:22:9a:3f:42:e6:
11:ab:8f:80:6f:43:5e:6b:e2:95:71:78:44:87:83:07:5a:b2:
ef:2f:6e:7b
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgICXEMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjIwODI5MTEzMTQzWhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzBjYTM5Zi1lYWVjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAr/p/9Zdl0vBlWzmu+BxBTQpYeXOdYKGxSyFiLobEXYeUQR492AhDY0Wn09tE
HcN5fwFHfKNn85UWBGrEPw/WIURY+V8sfK7ZsozlVdRMqW/zztrKZyYREw1iD5ed
o1S9h5d/DhJqO6eNY1KcnYuNh/IW+3N1zw33yXAeTCxjr9k0B/PjCbwqmxYebzDc
E1DpckWD5IzdS8OOW5pXW3VN1moo5aY6S86PmlHcbKpNl6Z3yc/T4iLb9tX1LqMw
qXKTQNJEhfJcH+xXNlEE3J6TA7Z/ult1Yo/k2aS8PgDe7ir6Wo9okiaoXHakIVKu
e1HAGQhezx8yaAsPW9Dne3MGfQIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFDlMfK+Z
NxMuRF/GjMqFFsDZxVweMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvQzRCNUFCNjRF
NjY0MTFFQ0I1NEZGRTZCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOgYIKwYBBQUHAQcBAf8E
KzApMBgEAgABMBIDBAIbe/gDBAJnJVADBAJn5pgwDQQCAAIwBwMFACQFCsAwDQYJ
KoZIhvcNAQELBQADggEBAIJ+RTkUPhBQVQ82+DGO2w2nvx0FvZJguybZPNq6kOcX
hWcGSM7d/pcHhvcB25EYUwVF3GViNHPkzJZLMwLBE4uOZSm7AwA7W11Kx/H07jrg
o95gwstBYEDxQIdRxwerpSv8IC5VOwmPkgP1JsujI8WxVMy+xEa3ttNzRkcw+maB
w6EoGbXRXtzMA2R0np/MfrB+njAyyHfv7TNqOgnMeJkh60yZrq612GUWTyp0JqyU
RIQtODS5I2K6AJATEX5wdWRWlBct8Z8SXT2FV3WvYvdpt1YD6zzyI9P72A+6pjef
6D4LCHUimj9C5hGrj4BvQ15r4pVxeESHgwdasu8vbns=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:54 2023 by rpki-client on console-ams.rpki-client.org