Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/E41D1886455D11EDB72F0127C4F9AE02.roa
File: E41D1886455D11EDB72F0127C4F9AE02.roa (raw, json)
Hash identifier: fksOf//4vN7QC8Pk5YhyfiMs95j863wLW2+XyaueHMg=
Subject key identifier: 5F:25:A4:F4:53:31:F5:7D:74:83:0C:A5:CE:B4:06:06:3D:30:01:85
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 5E67
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/E41D1886455D11EDB72F0127C4F9AE02.roa
Signing time: Mon 10 Oct 2022 07:41:41 +0000
ROA not before: Mon 10 Oct 2022 07:41:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 132930
IP address blocks: 103.179.100.0/23 maxlen: 24
103.180.110.0/24 maxlen: 24
103.180.111.0/24 maxlen: 24
103.180.176.0/24 maxlen: 24
103.180.177.0/24 maxlen: 24
103.181.198.0/23 maxlen: 24
103.183.216.0/24 maxlen: 24
103.183.217.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 24167 (0x5e67)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Oct 10 07:41:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6343ccb5-439f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:2c:f7:83:9a:61:55:e7:d6:fa:f6:57:51:fb:
bf:9f:82:6c:f4:1d:5a:57:27:63:e7:83:d9:67:d4:
b9:32:e4:e0:71:0d:a6:4c:b7:b5:76:55:0a:34:00:
32:23:98:77:ca:ab:e6:82:eb:98:e4:24:d3:1d:40:
db:a4:fb:69:56:ef:40:5c:77:a4:94:89:b4:69:7a:
97:64:f3:b4:85:1c:eb:da:b0:81:52:95:d1:37:fd:
5b:fd:04:be:c8:06:41:9b:77:73:ea:0f:49:51:3b:
96:20:1c:5a:c1:cc:7d:f8:c4:1a:5c:f0:4b:28:89:
2f:28:6e:2a:f6:d1:8b:bb:0d:c7:92:83:c1:73:bd:
bf:3e:15:9a:d8:19:bc:b0:bd:18:23:86:11:5d:1f:
e3:d0:1a:a7:45:e0:f4:5f:ce:6b:47:f9:42:d0:a2:
ef:37:4f:0f:f1:e3:2f:f5:d5:49:da:34:12:89:ac:
9d:4d:fb:3e:9c:09:89:31:32:95:94:31:43:33:65:
14:68:0c:3d:ab:74:5f:90:43:4d:f8:58:10:be:83:
29:59:db:95:f4:a9:21:be:56:ba:50:22:31:83:f1:
df:1c:7e:4d:35:8e:1c:30:c1:31:ee:fd:83:91:13:
c9:b5:c3:97:60:09:df:23:97:ce:84:0a:87:4e:ee:
43:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:25:A4:F4:53:31:F5:7D:74:83:0C:A5:CE:B4:06:06:3D:30:01:85
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/E41D1886455D11EDB72F0127C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.179.100.0/23
103.180.110.0/23
103.180.176.0/23
103.181.198.0/23
103.183.216.0/23
Signature Algorithm: sha256WithRSAEncryption
a4:7c:42:ba:e7:fd:45:97:72:40:19:76:5f:e7:7e:fa:6e:6d:
7e:29:45:fd:14:ce:0e:38:e3:73:1c:cc:e1:18:a0:e8:11:76:
e5:a2:07:44:d1:58:44:f2:44:b5:2a:dc:29:37:26:45:42:be:
65:bf:01:0d:d8:02:a8:ad:93:04:cf:7a:09:07:14:5d:58:77:
26:ea:93:90:bf:1c:5b:4c:82:e2:28:1d:7e:d4:18:80:b8:07:
ee:be:59:91:6a:3c:7b:0e:0a:8e:bc:72:bb:84:26:f3:b3:19:
3e:35:85:d7:13:42:e7:ed:48:92:dd:c8:4c:9e:14:91:2d:47:
6f:53:68:41:70:28:30:38:cf:fd:71:27:1c:c5:d8:aa:d9:86:
5d:47:58:b0:5f:0d:a2:52:bf:41:58:e1:44:25:63:b9:ab:7a:
11:a9:7e:12:fd:c9:6e:93:42:e0:89:ce:b2:31:be:d7:53:d3:
89:c3:8c:05:59:24:45:6b:cc:7d:71:33:11:7d:ea:c4:61:00:
a1:f7:95:44:6e:17:ea:93:f1:ed:63:6d:f9:2d:c0:8d:4b:e3:
9e:c8:0f:65:f4:65:39:25:86:bf:65:ea:a3:72:1d:24:80:4b:
5f:a0:e0:7c:44:8f:dd:64:fc:cf:f8:3d:56:b3:a2:2f:5f:b4:
40:d4:3d:2f
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgICXmcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjIxMDEwMDc0MTQxWhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzQzY2NiNS00MzlmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvyz3g5phVefW+vZXUfu/n4Js9B1aVydj54PZZ9S5MuTgcQ2mTLe1dlUKNAAy
I5h3yqvmguuY5CTTHUDbpPtpVu9AXHeklIm0aXqXZPO0hRzr2rCBUpXRN/1b/QS+
yAZBm3dz6g9JUTuWIBxawcx9+MQaXPBLKIkvKG4q9tGLuw3HkoPBc72/PhWa2Bm8
sL0YI4YRXR/j0BqnReD0X85rR/lC0KLvN08P8eMv9dVJ2jQSiaydTfs+nAmJMTKV
lDFDM2UUaAw9q3RfkENN+FgQvoMpWduV9Kkhvla6UCIxg/HfHH5NNY4cMMEx7v2D
kRPJtcOXYAnfI5fOhAqHTu5DmQIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFF8lpPRT
MfV9dIMMpc60BgY9MAGFMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvRTQxRDE4ODY0
NTVEMTFFREI3MkYwMTI3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNwYIKwYBBQUHAQcBAf8E
KDAmMCQEAgABMB4DBAFns2QDBAFntG4DBAFntLADBAFntcYDBAFnt9gwDQYJKoZI
hvcNAQELBQADggEBAKR8Qrrn/UWXckAZdl/nfvpubX4pRf0Uzg4443MczOEYoOgR
duWiB0TRWETyRLUq3Ck3JkVCvmW/AQ3YAqitkwTPegkHFF1Ydybqk5C/HFtMguIo
HX7UGIC4B+6+WZFqPHsOCo68cruEJvOzGT41hdcTQuftSJLdyEyeFJEtR29TaEFw
KDA4z/1xJxzF2KrZhl1HWLBfDaJSv0FY4UQlY7mrehGpfhL9yW6TQuCJzrIxvtdT
04nDjAVZJEVrzH1xMxF96sRhAKH3lURuF+qT8e1jbfktwI1L457ID2X0ZTklhr9l
6qNyHSSAS1+g4HxEj91k/M/4PVazoi9ftEDUPS8=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:55 2023 by rpki-client on console-ams.rpki-client.org