Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/D38BF6E2708A11EDB78CDB17C4F9AE02.roa
File: D38BF6E2708A11EDB78CDB17C4F9AE02.roa (raw, json)
Hash identifier: prRcbn+raVua5P+EuW0rW8IvKDuaXvXQ9ecSIWSVrjA=
Subject key identifier: 01:59:12:DB:5B:B7:FD:29:A4:E9:30:29:1C:3C:9C:A5:33:B2:DF:89
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 60EC
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/D38BF6E2708A11EDB78CDB17C4F9AE02.roa
Signing time: Wed 30 Nov 2022 08:41:48 +0000
ROA not before: Wed 30 Nov 2022 08:41:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 150025
IP address blocks: 103.160.142.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 24812 (0x60ec)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Nov 30 08:41:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6387174b-fddf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:df:d4:08:ab:68:ff:75:e1:af:af:d9:ff:d5:
d9:57:84:da:88:10:ba:43:52:22:65:09:4e:73:46:
eb:c7:c3:ae:90:ae:4e:7c:ef:34:ce:38:3e:f3:6b:
e5:46:30:ae:e3:1e:27:22:2f:e2:6b:54:7b:6a:42:
96:3e:13:e7:cd:11:7c:5f:0f:12:4a:37:b9:dc:a4:
8e:c1:8b:0d:29:db:0f:f7:2b:05:9e:14:0c:a0:73:
3a:b3:d7:ea:1e:36:35:ed:a0:d8:c5:1b:ce:eb:0a:
bf:a2:31:57:5e:58:e7:cd:ff:59:cc:61:b5:36:7c:
a1:0c:17:1d:72:96:98:a8:df:58:8e:36:41:56:6b:
72:d7:6b:70:41:b2:8f:6e:1f:d1:24:93:63:9c:4d:
22:c7:74:87:b7:69:d5:a5:a3:72:cd:4e:46:d3:4b:
fd:d6:63:b6:f8:87:ea:88:7c:0f:62:3c:87:2a:e8:
6e:d3:0e:a7:5d:7d:5f:bd:b8:cc:b6:de:81:fc:c1:
95:94:69:8d:59:19:bb:a8:0d:c2:dc:7f:6e:fa:3a:
1b:f6:71:ee:ac:db:24:1c:b6:69:0c:41:f0:15:ad:
bf:a3:07:0c:c1:31:99:78:f9:29:72:1c:23:b5:84:
b7:7b:96:55:44:7b:97:28:f3:17:63:c8:e0:e9:3d:
4e:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:59:12:DB:5B:B7:FD:29:A4:E9:30:29:1C:3C:9C:A5:33:B2:DF:89
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/D38BF6E2708A11EDB78CDB17C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.160.142.0/23
Signature Algorithm: sha256WithRSAEncryption
a3:bc:1f:2e:af:ba:9a:ec:70:85:62:18:26:85:fc:39:26:56:
8e:b5:91:5f:64:87:dc:20:d5:59:da:b5:19:90:a2:cb:87:00:
0f:9b:ba:b5:d6:d5:bb:f2:55:2f:0c:7c:6c:57:d7:5b:72:cc:
c4:fb:40:c1:91:9d:bc:a1:f2:77:69:ea:a5:34:ba:f5:54:f1:
34:20:51:fe:71:a6:81:ec:32:df:47:66:ac:3a:8d:ff:a6:4d:
cc:c7:19:b3:0f:9d:bb:da:b6:7d:8a:49:85:ad:3e:0a:36:24:
00:e9:2b:4e:b4:58:07:d6:54:f8:68:b4:d8:c5:3c:a8:93:eb:
5a:ab:e2:f9:1b:f6:2d:55:54:9c:a8:cb:9c:83:b1:e0:18:6c:
d9:e7:a2:29:ac:26:6a:1d:1c:08:ec:7f:99:51:29:9d:ad:60:
7d:23:96:33:24:2d:95:4a:11:df:b3:e6:cb:13:83:c1:87:4e:
1a:32:d2:ed:01:57:0f:88:fd:c3:f2:4b:43:af:43:06:4a:20:
71:5c:5e:12:d4:55:22:ba:73:5c:40:e8:52:65:b8:0b:4e:4a:
8e:10:3c:e7:2d:e5:8a:ec:f3:4e:a1:f7:7f:7b:d9:01:0a:f5:
18:96:97:b6:8c:8f:37:48:fc:7f:68:a7:af:e6:21:9d:dd:8e:
5d:e9:63:71
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICYOwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjIxMTMwMDg0MTQ4WhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Mzg3MTc0Yi1mZGRmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzN/UCKto/3Xhr6/Z/9XZV4TaiBC6Q1IiZQlOc0brx8OukK5OfO80zjg+82vl
RjCu4x4nIi/ia1R7akKWPhPnzRF8Xw8SSje53KSOwYsNKdsP9ysFnhQMoHM6s9fq
HjY17aDYxRvO6wq/ojFXXljnzf9ZzGG1NnyhDBcdcpaYqN9YjjZBVmty12twQbKP
bh/RJJNjnE0ix3SHt2nVpaNyzU5G00v91mO2+IfqiHwPYjyHKuhu0w6nXX1fvbjM
tt6B/MGVlGmNWRm7qA3C3H9u+job9nHurNskHLZpDEHwFa2/owcMwTGZePkpchwj
tYS3e5ZVRHuXKPMXY8jg6T1O+QIDAQABo4IClTCCApEwHQYDVR0OBBYEFAFZEttb
t/0ppOkwKRw8nKUzst+JMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvRDM4QkY2RTI3
MDhBMTFFREI3OENEQjE3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnoI4wDQYJKoZIhvcNAQELBQADggEBAKO8Hy6vuprscIVi
GCaF/DkmVo61kV9kh9wg1VnatRmQosuHAA+burXW1bvyVS8MfGxX11tyzMT7QMGR
nbyh8ndp6qU0uvVU8TQgUf5xpoHsMt9HZqw6jf+mTczHGbMPnbvatn2KSYWtPgo2
JADpK060WAfWVPhotNjFPKiT61qr4vkb9i1VVJyoy5yDseAYbNnnoimsJmodHAjs
f5lRKZ2tYH0jljMkLZVKEd+z5ssTg8GHThoy0u0BVw+I/cPyS0OvQwZKIHFcXhLU
VSK6c1xA6FJluAtOSo4QPOct5Yrs806h93972QEK9RiWl7aMjzdI/H9op6/mIZ3d
jl3pY3E=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:55 2023 by rpki-client on console-ams.rpki-client.org