Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B9F08/3090D914A14C11E98475A82DC4F9AE02/83DB466691CB11EA8212B15EC4F9AE02.roa
File: 83DB466691CB11EA8212B15EC4F9AE02.roa (raw, json)
Hash identifier: ymTD4LipHoeRHGeqlRWgHOP7NC3qxXEKEXqaY18B2Mg=
Subject key identifier: 83:17:DF:03:91:0E:61:E4:90:49:5A:AE:74:F0:15:73:7D:A5:1A:1C
Certificate issuer: /CN=A91B9F08/serialNumber=CE8CAD35621A9012C40B3637537CA40E3D07E8CF
Certificate serial: 0AC7
Authority key identifier: CE:8C:AD:35:62:1A:90:12:C4:0B:36:37:53:7C:A4:0E:3D:07:E8:CF
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zoytNWIakBLECzY3U3ykDj0H6M8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B9F08/3090D914A14C11E98475A82DC4F9AE02/83DB466691CB11EA8212B15EC4F9AE02.roa
Signing time: Mon 21 Mar 2022 03:09:07 +0000
ROA not before: Mon 21 Mar 2022 03:09:06 +0000
ROA not after: Sun 28 May 2023 00:00:00 +0000
asID: 133076
IP address blocks: 103.18.160.0/22 maxlen: 22
103.18.160.0/24 maxlen: 24
103.18.161.0/24 maxlen: 24
103.18.162.0/24 maxlen: 24
103.18.163.0/24 maxlen: 24
116.204.160.0/24 maxlen: 24
116.204.161.0/24 maxlen: 24
116.204.162.0/24 maxlen: 24
116.204.163.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2759 (0xac7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B9F08/serialNumber=CE8CAD35621A9012C40B3637537CA40E3D07E8CF
Validity
Not Before: Mar 21 03:09:06 2022 GMT
Not After : May 28 00:00:00 2023 GMT
Subject: CN=6237ec52-57fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:6d:85:9e:ea:d7:6f:3e:ca:f0:04:25:36:e7:
ba:45:36:3c:9c:54:99:8a:c5:08:a6:4d:0c:ef:58:
66:84:67:4b:05:2e:a5:0a:75:52:e8:8e:90:81:7b:
a5:91:4b:db:a8:7f:a2:38:4f:6d:95:df:2e:df:81:
fc:63:c6:2a:75:ea:79:ab:5e:64:75:5c:5c:e9:c6:
d1:e8:c0:de:c3:a2:0d:d6:cd:d3:c5:9c:49:82:32:
46:26:9c:77:ae:e9:6f:8c:37:79:b1:f5:f0:5d:88:
52:b7:01:ed:0b:be:83:56:21:e2:00:c4:77:3a:47:
2e:07:7a:07:ea:c8:8a:eb:81:d9:8a:54:d8:7f:d9:
aa:1e:71:42:8d:8e:42:0c:d0:84:78:c3:60:0b:65:
29:6f:85:a6:aa:2c:ea:68:d9:c2:1b:5f:50:f6:29:
1b:1d:3c:4a:4b:42:f9:b2:68:d5:13:68:6a:1a:2e:
29:5c:ab:89:52:57:ef:f0:43:8a:53:2b:ad:b0:97:
c7:55:a3:a3:9d:eb:b0:ed:ee:d0:0c:79:97:d8:55:
32:23:0c:2e:66:e6:cc:6b:e7:40:4b:49:28:66:c5:
e0:96:d9:ac:1d:c7:e0:0c:9e:96:46:ad:00:9d:fa:
83:f9:3e:20:bf:60:69:0e:35:87:b2:4c:66:9f:2f:
e3:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:17:DF:03:91:0E:61:E4:90:49:5A:AE:74:F0:15:73:7D:A5:1A:1C
X509v3 Authority Key Identifier:
keyid:CE:8C:AD:35:62:1A:90:12:C4:0B:36:37:53:7C:A4:0E:3D:07:E8:CF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B9F08/3090D914A14C11E98475A82DC4F9AE02/zoytNWIakBLECzY3U3ykDj0H6M8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zoytNWIakBLECzY3U3ykDj0H6M8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B9F08/3090D914A14C11E98475A82DC4F9AE02/83DB466691CB11EA8212B15EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.18.160.0/22
116.204.160.0/22
Signature Algorithm: sha256WithRSAEncryption
98:fd:89:81:c5:dc:e7:2e:f4:02:7c:02:c8:85:36:e5:3b:d3:
e6:e7:42:0a:1b:a5:9c:cc:fb:5c:b0:d3:bd:4f:77:21:c5:ed:
79:9b:99:62:82:86:fd:84:1d:58:75:f0:1b:7b:2e:ba:8d:55:
b4:9b:fe:f2:a9:15:ab:8c:4f:5e:ca:67:1e:4a:2a:29:08:5f:
b1:77:36:3a:ad:c7:e0:02:38:47:f6:4f:10:f4:4c:5c:8d:e3:
d9:0b:e1:4e:53:f4:4a:99:d4:ad:f9:de:3a:38:a0:81:88:e7:
81:60:e1:86:22:46:a8:4e:e2:69:18:fe:33:f3:9d:33:13:67:
43:6d:d0:59:b8:7c:d4:81:fa:7a:45:7b:45:f1:e1:16:81:86:
3f:37:35:b2:08:b4:90:c0:89:cd:c0:49:ad:5d:db:2e:56:e9:
00:41:67:b9:ff:f5:ea:a8:1d:21:0d:3d:91:3d:52:b9:ee:53:
dc:5d:ce:8b:77:fc:73:de:93:0c:19:5c:3a:a4:e3:fd:a8:77:
50:a6:d4:98:04:fe:e2:f1:91:ac:d9:bc:4d:9f:fc:68:ec:01:
2c:a6:61:17:ec:16:07:88:3b:b8:f5:3b:6d:4d:39:ad:ce:94:
24:d7:58:3a:6a:b8:be:1c:73:b4:6b:4f:bf:50:8e:03:90:9e:
24:84:e6:eb
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICCscwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjlGMDgxMTAvBgNVBAUTKENFOENBRDM1NjIxQTkwMTJDNDBCMzYzNzUzN0NBNDBF
M0QwN0U4Q0YwHhcNMjIwMzIxMDMwOTA2WhcNMjMwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02MjM3ZWM1Mi01N2ZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqW2FnurXbz7K8AQlNue6RTY8nFSZisUIpk0M71hmhGdLBS6lCnVS6I6QgXul
kUvbqH+iOE9tld8u34H8Y8Yqdep5q15kdVxc6cbR6MDew6IN1s3TxZxJgjJGJpx3
rulvjDd5sfXwXYhStwHtC76DViHiAMR3OkcuB3oH6siK64HZilTYf9mqHnFCjY5C
DNCEeMNgC2Upb4WmqizqaNnCG19Q9ikbHTxKS0L5smjVE2hqGi4pXKuJUlfv8EOK
UyutsJfHVaOjneuw7e7QDHmX2FUyIwwuZubMa+dAS0koZsXgltmsHcfgDJ6WRq0A
nfqD+T4gv2BpDjWHskxmny/jzwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFIMX3wOR
DmHkkElarnTwFXN9pRocMB8GA1UdIwQYMBaAFM6MrTViGpASxAs2N1N8pA49B+jP
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCOUYwOC8zMDkwRDkxNEEx
NEMxMUU5ODQ3NUE4MkRDNEY5QUUwMi96b3l0TldJYWtCTEVDelkzVTN5a0RqMEg2
TTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3pveXROV0lha0JMRUN6WTNVM3lrRGowSDZNOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjlGMDgvMzA5MEQ5MTRBMTRDMTFFOTg0NzVBODJEQzRGOUFFMDIvODNEQjQ2NjY5
MUNCMTFFQTgyMTJCMTVFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAJnEqADBAJ0zKAwDQYJKoZIhvcNAQELBQADggEBAJj9iYHF
3Ocu9AJ8AsiFNuU70+bnQgobpZzM+1yw071PdyHF7XmbmWKChv2EHVh18Bt7LrqN
VbSb/vKpFauMT17KZx5KKikIX7F3Njqtx+ACOEf2TxD0TFyN49kL4U5T9EqZ1K35
3jo4oIGI54Fg4YYiRqhO4mkY/jPznTMTZ0Nt0Fm4fNSB+npFe0Xx4RaBhj83NbII
tJDAic3ASa1d2y5W6QBBZ7n/9eqoHSENPZE9UrnuU9xdzot3/HPekwwZXDqk4/2o
d1Cm1JgE/uLxkazZvE2f/GjsASymYRfsFgeIO7j1O21NOa3OlCTXWDpquL4cc7Rr
T79QjgOQniSE5us=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:23:02 2023 by rpki-client on console-ams.rpki-client.org