Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/F74BA87E53FA11EBBFF64A0CC4F9AE02.roa
File: F74BA87E53FA11EBBFF64A0CC4F9AE02.roa (raw, json)
Hash identifier: 54DyWMaa5m/kAoINZvm4H+VY+Y5uaGe06A2JG0V+idw=
Subject key identifier: 1A:85:2F:2E:71:4A:11:F4:39:0A:EF:C6:FD:F7:3E:1D:CC:08:63:FD
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 5BB8
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/F74BA87E53FA11EBBFF64A0CC4F9AE02.roa
Signing time: Mon 22 Aug 2022 06:31:37 +0000
ROA not before: Mon 22 Aug 2022 06:31:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 137083
IP address blocks: 103.99.66.0/23 maxlen: 24
103.105.228.0/24 maxlen: 24
103.105.229.0/24 maxlen: 24
103.105.230.0/24 maxlen: 24
103.105.231.0/24 maxlen: 24
103.155.54.0/24 maxlen: 24
103.157.8.0/24 maxlen: 24
103.157.9.0/24 maxlen: 24
103.159.90.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 23480 (0x5bb8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Aug 22 06:31:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=630322c9-b747
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:a0:f2:7d:b5:73:2a:e0:f4:22:cc:43:6f:46:
0d:5d:80:73:30:0e:2a:1a:f6:20:08:22:d3:7b:6e:
43:f6:78:6a:5f:f5:ba:0e:fb:3c:e2:39:c4:5e:1e:
30:e7:c7:ab:9f:55:b6:32:78:6f:3c:f6:f2:7d:17:
dd:a0:bb:1c:6c:a8:2b:9c:05:0c:85:2c:68:90:e1:
ff:ba:a6:f8:3f:da:df:cd:1a:39:f2:3d:34:11:b2:
1c:3b:09:f0:52:ec:7e:19:29:eb:4a:db:da:ea:e9:
74:85:be:75:3f:73:67:2f:b3:07:ce:c5:06:0b:c7:
9d:c3:77:8c:d5:ab:54:dc:c3:94:43:4d:75:8c:70:
4e:b7:91:bf:d3:31:0a:2e:5a:c2:6c:9a:e2:21:99:
80:c3:cb:98:1a:ce:fc:2d:96:c6:0c:55:90:fa:08:
49:ff:3b:d2:e4:cb:0c:c8:d0:56:d0:e4:da:40:94:
2e:91:df:24:b9:ee:32:81:00:a6:2d:4c:8b:6a:cb:
83:71:db:29:81:02:af:81:e8:96:a3:1b:c9:7d:21:
84:51:74:96:c1:f0:b6:30:55:fc:f5:4c:7b:57:42:
47:fb:03:db:92:3e:12:e1:f4:e1:1f:6d:77:2a:6f:
7e:18:ef:65:78:b5:9c:fc:c5:6c:c5:71:e0:ce:09:
a5:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:85:2F:2E:71:4A:11:F4:39:0A:EF:C6:FD:F7:3E:1D:CC:08:63:FD
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/F74BA87E53FA11EBBFF64A0CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.99.66.0/23
103.105.228.0/22
103.155.54.0/24
103.157.8.0/23
103.159.90.0/24
Signature Algorithm: sha256WithRSAEncryption
91:50:50:ad:8b:fe:2e:9f:77:ec:62:0e:01:ee:d0:e0:2d:c2:
1e:73:36:7c:6f:2c:a0:bb:b3:c7:54:51:55:51:1d:cb:b3:91:
a3:e2:10:f7:72:05:72:2b:07:65:61:20:67:51:5f:b9:d4:a3:
39:96:f7:6f:4d:9c:cf:39:be:79:c4:80:3d:b8:ef:4f:1d:89:
ef:39:ee:9e:ca:0b:c1:c1:21:f9:17:48:c8:81:0a:8e:e7:8b:
e5:50:ce:e9:1d:e1:97:60:01:e0:f9:f3:ae:4a:e3:4a:00:f9:
41:58:6d:6b:ac:44:ec:28:ef:1f:1b:79:b8:04:7e:4a:48:62:
4d:67:cc:21:f5:47:5b:2f:b3:0d:81:8e:e2:ab:fe:54:6b:4d:
1e:cd:41:84:e9:95:41:dd:e7:94:b2:81:7a:37:aa:fd:b6:0e:
8a:e7:5e:ec:c3:f8:75:ef:30:ac:be:44:59:f2:87:dc:9e:6f:
1d:a4:4f:60:fd:a4:2d:8f:4e:16:c3:43:3f:7e:58:42:6e:aa:
0f:48:f4:d7:2c:bd:8c:92:d3:8e:6d:e3:80:a5:48:60:c2:18:
ef:1a:4c:37:9a:21:18:1f:3e:47:62:5c:55:b3:11:ef:4e:9a:
39:09:65:be:07:89:cd:73:f2:fc:00:6f:6d:29:01:57:da:fe:
d0:bb:bd:eb
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgICW7gwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjIwODIyMDYzMTM3WhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzAzMjJjOS1iNzQ3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArqDyfbVzKuD0IsxDb0YNXYBzMA4qGvYgCCLTe25D9nhqX/W6Dvs84jnEXh4w
58ern1W2MnhvPPbyfRfdoLscbKgrnAUMhSxokOH/uqb4P9rfzRo58j00EbIcOwnw
Uux+GSnrStva6ul0hb51P3NnL7MHzsUGC8edw3eM1atU3MOUQ011jHBOt5G/0zEK
LlrCbJriIZmAw8uYGs78LZbGDFWQ+ghJ/zvS5MsMyNBW0OTaQJQukd8kue4ygQCm
LUyLasuDcdspgQKvgeiWoxvJfSGEUXSWwfC2MFX89Ux7V0JH+wPbkj4S4fThH213
Km9+GO9leLWc/MVsxXHgzgmlWwIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFBqFLy5x
ShH0OQrvxv33Ph3MCGP9MB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvRjc0QkE4N0U1
M0ZBMTFFQkJGRjY0QTBDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNwYIKwYBBQUHAQcBAf8E
KDAmMCQEAgABMB4DBAFnY0IDBAJnaeQDBABnmzYDBAFnnQgDBABnn1owDQYJKoZI
hvcNAQELBQADggEBAJFQUK2L/i6fd+xiDgHu0OAtwh5zNnxvLKC7s8dUUVVRHcuz
kaPiEPdyBXIrB2VhIGdRX7nUozmW929NnM85vnnEgD24708die857p7KC8HBIfkX
SMiBCo7ni+VQzukd4ZdgAeD5865K40oA+UFYbWusROwo7x8bebgEfkpIYk1nzCH1
R1svsw2BjuKr/lRrTR7NQYTplUHd55SygXo3qv22DornXuzD+HXvMKy+RFnyh9ye
bx2kT2D9pC2PThbDQz9+WEJuqg9I9NcsvYyS045t44ClSGDCGO8aTDeaIRgfPkdi
XFWzEe9OmjkJZb4Hic1z8vwAb20pAVfa/tC7ves=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:55 2023 by rpki-client on console-ams.rpki-client.org