Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/CE522C4E13E411ED83A0374FC4F9AE02.roa
File: CE522C4E13E411ED83A0374FC4F9AE02.roa (raw, json)
Hash identifier: rF0qCwS/e15KFokEMHELhSm1hPyAV5EoNfaalj9+rZQ=
Subject key identifier: 6C:A6:C6:E8:BE:0E:6A:68:0F:52:2D:E4:C8:2C:E7:A9:7B:63:28:12
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 5AD8
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/CE522C4E13E411ED83A0374FC4F9AE02.roa
Signing time: Thu 04 Aug 2022 11:01:35 +0000
ROA not before: Thu 04 Aug 2022 11:01:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 134039
IP address blocks: 103.184.22.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 23256 (0x5ad8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Aug 4 11:01:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=62eba70f-0324
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:65:0d:7a:1a:dd:6c:9f:a7:3b:9d:24:7f:05:
a2:1c:c1:e9:67:d4:50:63:be:30:c5:b2:ac:1c:6a:
b9:70:fb:34:78:ed:62:e8:53:13:fa:de:ab:2f:00:
72:76:97:e7:00:ac:a2:87:d2:15:7c:59:a1:71:10:
48:ce:4c:79:bf:9a:09:b3:10:ac:0b:6c:c2:4a:29:
14:1a:6f:df:27:eb:11:60:7a:98:cc:31:28:e6:0f:
15:c2:8f:d3:61:5d:34:e6:a2:8a:ac:8c:39:3b:2f:
83:e4:67:23:e8:43:f5:63:cf:b4:a8:aa:ee:fc:05:
e5:bb:e0:e4:18:1a:45:2f:48:78:2d:67:b5:f0:72:
ad:8b:8d:3b:cd:96:96:54:76:f9:62:2d:36:fa:d9:
59:99:dc:81:e2:b7:6f:95:19:fd:41:11:d1:86:c5:
d9:2a:83:0b:cd:be:81:19:ac:76:07:03:a3:de:57:
d7:d3:c4:37:65:99:a9:e1:7d:04:1c:8c:46:df:56:
77:ab:2a:da:fb:c7:eb:39:11:c7:55:36:cc:9d:3b:
27:be:c4:b3:bc:f9:b0:3b:1e:08:70:db:b0:06:fe:
ec:41:34:9e:3a:59:26:88:a4:b2:87:1f:26:0e:fe:
5a:05:ed:87:da:44:35:a3:f3:e2:03:0f:fd:4f:07:
bf:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:A6:C6:E8:BE:0E:6A:68:0F:52:2D:E4:C8:2C:E7:A9:7B:63:28:12
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/CE522C4E13E411ED83A0374FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.184.22.0/23
Signature Algorithm: sha256WithRSAEncryption
6a:f5:81:74:aa:17:51:b8:f3:bd:92:8d:f5:43:4d:b6:c8:57:
01:0f:96:d7:47:9f:7d:7f:f8:00:d1:28:5b:10:c7:4f:97:45:
ce:eb:67:79:52:2d:6f:7a:f4:b2:53:a0:c5:12:a0:5e:e3:60:
31:1a:11:1c:da:d3:16:06:1f:78:55:82:1e:7b:fb:e1:e4:69:
ba:fa:7a:b9:b7:29:59:de:1c:2c:89:1b:c3:41:0b:b6:0a:d7:
8b:c2:f0:ec:52:44:64:08:b2:a7:14:e3:fb:c2:6e:c4:65:88:
00:8d:e7:b2:5b:c1:ce:e3:14:21:3b:1e:ef:fd:26:49:7d:19:
90:4e:d4:49:9e:d6:ba:d2:b3:0e:65:89:b4:4e:c2:b9:5b:f0:
80:4b:0d:70:1b:6f:75:71:41:9d:37:8e:74:ed:9e:11:82:08:
c5:b2:21:d4:6c:1d:dc:63:5e:fc:ce:76:9f:38:03:33:3c:6b:
41:e2:62:1e:c8:43:cc:9a:ab:6b:24:c4:a0:00:a1:ac:8f:4d:
c7:dd:0e:46:4b:0f:7d:c0:a5:1c:31:f0:75:dc:f4:b2:d4:88:
1c:be:33:64:cc:80:ef:bb:25:68:5d:71:9d:96:27:be:c2:67:
a6:38:9c:83:b3:ca:8c:66:f8:c8:9e:6b:1b:15:04:c3:d5:80:
a4:59:ad:53
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICWtgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjIwODA0MTEwMTM1WhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmViYTcwZi0wMzI0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA32UNehrdbJ+nO50kfwWiHMHpZ9RQY74wxbKsHGq5cPs0eO1i6FMT+t6rLwBy
dpfnAKyih9IVfFmhcRBIzkx5v5oJsxCsC2zCSikUGm/fJ+sRYHqYzDEo5g8Vwo/T
YV005qKKrIw5Oy+D5Gcj6EP1Y8+0qKru/AXlu+DkGBpFL0h4LWe18HKti407zZaW
VHb5Yi02+tlZmdyB4rdvlRn9QRHRhsXZKoMLzb6BGax2BwOj3lfX08Q3ZZmp4X0E
HIxG31Z3qyra+8frORHHVTbMnTsnvsSzvPmwOx4IcNuwBv7sQTSeOlkmiKSyhx8m
Dv5aBe2H2kQ1o/PiAw/9Twe/MQIDAQABo4IClTCCApEwHQYDVR0OBBYEFGymxui+
DmpoD1It5Mgs56l7YygSMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvQ0U1MjJDNEUx
M0U0MTFFRDgzQTAzNzRGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnuBYwDQYJKoZIhvcNAQELBQADggEBAGr1gXSqF1G4872S
jfVDTbbIVwEPltdHn31/+ADRKFsQx0+XRc7rZ3lSLW969LJToMUSoF7jYDEaERza
0xYGH3hVgh57++Hkabr6erm3KVneHCyJG8NBC7YK14vC8OxSRGQIsqcU4/vCbsRl
iACN57Jbwc7jFCE7Hu/9Jkl9GZBO1Eme1rrSsw5libROwrlb8IBLDXAbb3VxQZ03
jnTtnhGCCMWyIdRsHdxjXvzOdp84AzM8a0HiYh7IQ8yaq2skxKAAoayPTcfdDkZL
D33ApRwx8HXc9LLUiBy+M2TMgO+7JWhdcZ2WJ77CZ6Y4nIOzyoxm+MieaxsVBMPV
gKRZrVM=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:54 2023 by rpki-client on console-ams.rpki-client.org