Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/F46EFF84BDCD11EA8E393E09C4F9AE02.roa
File: F46EFF84BDCD11EA8E393E09C4F9AE02.roa (raw, json)
Hash identifier: NJsoSNCgHkl8V4hFqSJu11w0/1pNrEYUSYfyDPI+9NQ=
Subject key identifier: 1A:46:E5:19:21:1E:77:CC:2D:32:62:D8:48:B6:AE:96:5E:DB:19:FC
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 50EF
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/F46EFF84BDCD11EA8E393E09C4F9AE02.roa
Signing time: Mon 16 May 2022 04:13:24 +0000
ROA not before: Mon 16 May 2022 04:13:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 136366
IP address blocks: 103.89.252.0/23 maxlen: 24
103.89.254.0/23 maxlen: 24
103.123.86.0/24 maxlen: 24
103.123.87.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20719 (0x50ef)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: May 16 04:13:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6281cf63-8f7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:b9:7a:9f:f6:09:59:f7:1c:bc:2e:7d:9c:0d:
c4:26:d6:66:4d:22:9e:14:1c:9e:5a:4f:a7:38:27:
c9:d4:4d:9b:d0:91:28:08:41:6a:20:8b:05:0e:13:
44:ce:1c:84:41:ee:8c:40:7b:2f:d8:f8:23:3b:15:
49:92:b2:6e:f9:be:be:1b:64:05:6e:0e:67:cd:de:
cd:d9:24:9f:20:f2:11:bc:35:0d:88:ec:1b:f4:b9:
90:85:09:6c:64:55:6f:06:cb:a3:26:13:c7:dd:5d:
d7:6c:4a:2c:d3:d3:dd:c8:34:12:05:34:09:40:3c:
6a:28:43:b0:cd:5a:32:c7:05:f1:a4:08:95:0c:d7:
09:f7:e7:19:e4:fb:e8:6d:14:39:a7:6a:d6:eb:81:
bd:85:34:03:45:78:f9:f6:ed:91:35:9c:0e:5a:b3:
32:c2:78:48:be:c3:ba:2d:4a:67:2a:c7:95:55:9a:
6f:62:89:57:bd:23:6f:c4:70:ba:e6:b7:5d:3b:6e:
f2:c5:ed:e0:da:0e:45:b9:b0:0b:fc:45:67:75:af:
ff:3e:28:b9:3c:99:13:6f:2f:ba:45:8b:ad:a4:96:
ff:59:a5:3e:88:43:15:ad:f9:69:e0:0b:a2:6d:3f:
5f:09:21:ee:92:b6:20:91:04:b0:45:f9:66:cd:68:
72:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:46:E5:19:21:1E:77:CC:2D:32:62:D8:48:B6:AE:96:5E:DB:19:FC
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/F46EFF84BDCD11EA8E393E09C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.89.252.0/22
103.123.86.0/23
Signature Algorithm: sha256WithRSAEncryption
2b:fe:13:01:24:4d:80:b9:b4:77:1a:12:51:d3:28:b8:90:2f:
93:5f:a6:59:92:26:83:c3:29:3e:10:da:24:68:e9:13:03:fd:
82:69:c5:5a:d7:3e:17:ab:65:46:72:b4:dc:db:ac:24:f1:ce:
3d:01:89:56:62:9f:2a:c2:88:04:a0:f6:47:86:6c:91:53:82:
8c:6f:56:be:86:19:18:7d:1c:46:79:c7:11:61:79:cc:e6:ab:
42:2b:30:25:a6:bb:54:09:3a:4c:8d:38:ea:5c:83:f9:26:5e:
88:57:4f:07:e3:c8:d7:c7:3d:f0:cf:e2:2f:9b:07:eb:81:49:
e2:13:8f:0f:34:71:2b:49:c7:c0:10:5e:54:32:5e:52:42:5e:
95:48:72:55:82:d5:32:32:ac:ff:3e:19:35:1e:26:47:5e:0b:
c9:76:54:6c:c1:fb:39:21:c2:38:f3:e1:c3:f2:29:65:69:3e:
96:d1:e2:34:c5:62:29:98:ad:ae:24:ec:b3:66:53:c0:04:d2:
40:1c:d3:6d:27:e3:67:22:03:f7:1f:5f:d5:0f:3b:e6:93:bc:
c8:91:6e:e1:fc:06:81:a1:87:94:48:71:0d:22:a1:6b:17:35:
8d:ff:26:21:20:c7:90:c0:6a:67:80:6e:26:df:a6:c3:ea:91:
cb:45:41:6a
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICUO8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjIwNTE2MDQxMzI0WhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjgxY2Y2My04ZjdhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvLl6n/YJWfccvC59nA3EJtZmTSKeFByeWk+nOCfJ1E2b0JEoCEFqIIsFDhNE
zhyEQe6MQHsv2PgjOxVJkrJu+b6+G2QFbg5nzd7N2SSfIPIRvDUNiOwb9LmQhQls
ZFVvBsujJhPH3V3XbEos09PdyDQSBTQJQDxqKEOwzVoyxwXxpAiVDNcJ9+cZ5Pvo
bRQ5p2rW64G9hTQDRXj59u2RNZwOWrMywnhIvsO6LUpnKseVVZpvYolXvSNvxHC6
5rddO27yxe3g2g5FubAL/EVnda//Pii5PJkTby+6RYutpJb/WaU+iEMVrflp4Aui
bT9fCSHukrYgkQSwRflmzWhyTwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFBpG5Rkh
HnfMLTJi2Ei2rpZe2xn8MB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvRjQ2RUZGODRC
RENEMTFFQThFMzkzRTA5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAJnWfwDBAFne1YwDQYJKoZIhvcNAQELBQADggEBACv+EwEk
TYC5tHcaElHTKLiQL5NfplmSJoPDKT4Q2iRo6RMD/YJpxVrXPherZUZytNzbrCTx
zj0BiVZinyrCiASg9keGbJFTgoxvVr6GGRh9HEZ5xxFheczmq0IrMCWmu1QJOkyN
OOpcg/kmXohXTwfjyNfHPfDP4i+bB+uBSeITjw80cStJx8AQXlQyXlJCXpVIclWC
1TIyrP8+GTUeJkdeC8l2VGzB+zkhwjjz4cPyKWVpPpbR4jTFYimYra4k7LNmU8AE
0kAc020n42ciA/cfX9UPO+aTvMiRbuH8BoGhh5RIcQ0ioWsXNY3/JiEgx5DAameA
bibfpsPqkctFQWo=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:55 2023 by rpki-client on console-ams.rpki-client.org