Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/F8F7C0B865B911ED80CC9874C4F9AE02.roa
File: F8F7C0B865B911ED80CC9874C4F9AE02.roa (raw, json)
Hash identifier: JZ6gz+50E0hzdsxeGwH5L53RHvkZOoTKLaItYZr6n7U=
Subject key identifier: D0:37:7B:E3:50:05:D3:40:F1:31:91:DC:FF:73:6D:DF:83:E6:9D:24
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 6045
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/F8F7C0B865B911ED80CC9874C4F9AE02.roa
Signing time: Wed 16 Nov 2022 14:21:34 +0000
ROA not before: Wed 16 Nov 2022 14:21:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 150104
IP address blocks: 103.38.52.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 24645 (0x6045)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Nov 16 14:21:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6374f1ee-7e05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:af:90:12:e1:2f:57:e8:d9:3b:32:0d:b8:92:
b9:72:8e:2f:17:14:7b:bd:d0:9e:29:48:c5:72:21:
38:d4:b7:ac:d7:10:1d:8f:67:5c:ea:76:5e:19:f9:
24:d6:0b:7e:6a:c8:33:05:7e:be:9c:b9:41:dd:22:
ff:48:63:19:39:a5:ae:db:3d:d9:a1:54:47:44:32:
9a:e9:f2:60:08:6c:2d:ef:64:c6:b7:f3:cd:da:3c:
a9:4c:56:84:da:ff:2e:4d:ad:b4:24:64:44:b2:98:
61:fd:b4:30:92:5d:ba:97:88:f6:fd:8e:cb:70:0c:
4d:87:82:f5:88:b0:fa:83:48:55:a2:dc:b5:98:78:
30:5c:43:69:71:66:ba:fc:c4:55:4f:87:cd:c0:53:
fe:d4:61:35:c1:a4:74:74:f7:d8:28:46:c0:22:71:
07:a2:28:03:ea:72:4a:f9:23:35:c4:8b:81:66:3d:
d5:c7:94:eb:a0:2f:d9:8d:81:00:38:e3:58:36:bb:
2c:c7:b4:f6:a4:a6:2c:ab:bf:ca:e7:46:96:18:c6:
f9:31:e3:66:8b:f8:0b:36:76:0a:8e:ef:c9:c5:84:
ac:f6:c3:d6:a8:fc:77:88:d2:17:d2:2b:de:ee:57:
0f:02:d4:29:3f:15:47:ab:2e:07:f2:bf:9e:14:db:
04:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:37:7B:E3:50:05:D3:40:F1:31:91:DC:FF:73:6D:DF:83:E6:9D:24
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/F8F7C0B865B911ED80CC9874C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.38.52.0/23
Signature Algorithm: sha256WithRSAEncryption
2b:cf:d2:5e:45:ab:42:58:38:8e:e8:99:41:8b:0e:b4:c4:20:
8c:1a:7a:ff:c5:b1:7a:4b:3e:ed:e3:65:b2:26:d1:29:80:c5:
6c:75:51:3f:97:cd:3c:46:ca:3f:b1:cc:cb:e3:e3:d6:f3:29:
91:c1:fd:05:26:c9:1b:0c:18:63:e6:8f:88:49:35:5d:dc:63:
f4:df:c0:da:70:19:db:22:9a:4b:aa:21:3d:5b:81:49:bc:27:
1f:c6:71:69:1f:1f:44:5e:a8:a6:1a:f3:4f:16:33:a1:14:15:
8b:af:ea:0f:b9:0a:75:5a:fa:0a:42:25:22:83:dc:4e:f5:bb:
22:32:62:42:e1:c1:a1:06:08:36:06:7d:ca:18:ae:2d:ec:41:
fc:0c:92:eb:3c:78:97:b3:a4:a5:c8:19:8a:b4:16:ee:91:1a:
6b:80:c4:f4:5b:59:2c:27:81:aa:94:e7:e5:34:0f:e9:0f:bb:
51:08:a9:9f:19:56:76:b3:22:98:17:e3:a6:c4:50:16:0a:76:
0d:2d:e3:ea:da:86:5f:ca:b9:de:ff:cb:ce:7e:77:42:73:90:
c2:31:9f:2d:aa:1c:b7:ec:91:3a:93:d2:fa:19:5d:66:c7:81:
d5:fd:14:25:02:28:8d:a0:41:93:9f:d6:87:be:17:0b:69:05:
f5:de:65:00
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICYEUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjIxMTE2MTQyMTM0WhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Mzc0ZjFlZS03ZTA1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA16+QEuEvV+jZOzINuJK5co4vFxR7vdCeKUjFciE41Les1xAdj2dc6nZeGfkk
1gt+asgzBX6+nLlB3SL/SGMZOaWu2z3ZoVRHRDKa6fJgCGwt72TGt/PN2jypTFaE
2v8uTa20JGREsphh/bQwkl26l4j2/Y7LcAxNh4L1iLD6g0hVoty1mHgwXENpcWa6
/MRVT4fNwFP+1GE1waR0dPfYKEbAInEHoigD6nJK+SM1xIuBZj3Vx5TroC/ZjYEA
OONYNrssx7T2pKYsq7/K50aWGMb5MeNmi/gLNnYKju/JxYSs9sPWqPx3iNIX0ive
7lcPAtQpPxVHqy4H8r+eFNsE/QIDAQABo4IClTCCApEwHQYDVR0OBBYEFNA3e+NQ
BdNA8TGR3P9zbd+D5p0kMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvRjhGN0MwQjg2
NUI5MTFFRDgwQ0M5ODc0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnJjQwDQYJKoZIhvcNAQELBQADggEBACvP0l5Fq0JYOI7o
mUGLDrTEIIwaev/FsXpLPu3jZbIm0SmAxWx1UT+XzTxGyj+xzMvj49bzKZHB/QUm
yRsMGGPmj4hJNV3cY/TfwNpwGdsimkuqIT1bgUm8Jx/GcWkfH0ReqKYa808WM6EU
FYuv6g+5CnVa+gpCJSKD3E71uyIyYkLhwaEGCDYGfcoYri3sQfwMkus8eJezpKXI
GYq0Fu6RGmuAxPRbWSwngaqU5+U0D+kPu1EIqZ8ZVnazIpgX46bEUBYKdg0t4+ra
hl/Kud7/y85+d0JzkMIxny2qHLfskTqT0voZXWbHgdX9FCUCKI2gQZOf1oe+Fwtp
BfXeZQA=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:55 2023 by rpki-client on console-ams.rpki-client.org