Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/2ABB5B1C5BF811ED86017D0EC4F9AE02.roa
File: 2ABB5B1C5BF811ED86017D0EC4F9AE02.roa (raw, json)
Hash identifier: B4f5Hn76nloiOrNIMEgy0QAA81M/JoKpKQSjKbC0cJ4=
Subject key identifier: 66:CF:F3:B0:43:ED:E5:AE:AD:C3:A1:78:3F:78:D8:14:62:DC:42:33
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 5FAA
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/2ABB5B1C5BF811ED86017D0EC4F9AE02.roa
Signing time: Fri 04 Nov 2022 04:21:35 +0000
ROA not before: Fri 04 Nov 2022 04:21:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 150030
IP address blocks: 103.165.72.0/23 maxlen: 24
103.171.110.0/23 maxlen: 23
103.171.110.0/24 maxlen: 24
103.178.160.0/23 maxlen: 24
103.178.166.0/23 maxlen: 24
103.178.202.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 24490 (0x5faa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Nov 4 04:21:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6364934e-f8b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:36:f8:1d:50:11:03:f4:c0:5e:94:bf:2d:92:
23:a2:bf:73:4c:f2:5e:c2:71:b8:3c:8c:d9:7e:57:
fc:ae:42:e8:51:af:be:1a:de:db:19:aa:85:a2:fd:
07:fa:2c:41:69:25:3a:71:bd:a5:be:9b:2c:c6:61:
2b:8d:fa:31:d8:f3:e3:c7:4a:90:7d:54:8e:8a:2e:
03:04:80:c6:b8:3b:e8:2c:a2:83:cc:df:07:76:c6:
a9:73:75:38:f0:44:97:18:c2:d4:3f:95:c9:da:59:
dc:68:5b:45:48:0f:92:8e:b6:15:4d:ad:ac:ae:80:
06:cf:4d:f5:dd:5f:33:ec:eb:d0:50:d3:b1:e1:38:
20:3b:32:e9:8a:63:a9:44:66:ba:18:82:3f:c3:a3:
b5:0b:57:ff:15:4f:1e:88:ef:28:84:7e:86:25:03:
4b:aa:06:a5:d9:55:2e:d2:d8:15:28:92:09:9f:8b:
5a:fb:52:c8:05:0d:49:30:da:9d:d5:0a:b8:3d:3b:
20:8c:33:8f:7b:9f:b8:63:4e:af:15:45:dd:96:69:
a7:98:27:fb:38:8f:b5:b8:ae:c7:4c:f0:a8:44:49:
f5:d6:6d:9f:f7:5b:43:c8:46:9f:0f:15:37:1f:41:
cb:f5:41:e0:e4:e0:ba:19:88:f0:d8:86:95:8c:c2:
82:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:CF:F3:B0:43:ED:E5:AE:AD:C3:A1:78:3F:78:D8:14:62:DC:42:33
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/2ABB5B1C5BF811ED86017D0EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.165.72.0/23
103.171.110.0/23
103.178.160.0/23
103.178.166.0/23
103.178.202.0/23
Signature Algorithm: sha256WithRSAEncryption
71:af:a5:2c:74:14:8e:0a:29:87:1a:70:4b:5c:b2:75:c3:1a:
ec:20:f1:d7:21:ba:84:05:03:92:fa:02:e4:cd:b4:f3:89:6c:
1f:14:37:8b:86:e9:f1:3c:c3:47:bb:82:1e:19:58:27:a4:f6:
4d:95:e2:5f:4f:6d:00:2a:5b:09:75:11:77:8b:1f:90:3e:12:
53:cb:d4:c1:ca:97:79:69:ad:7e:65:ba:a1:0e:4a:90:c0:a6:
84:64:66:1c:1f:bc:d7:07:57:c3:0c:62:58:c6:01:75:36:71:
68:24:61:90:55:91:e7:83:02:ca:0b:14:06:23:ac:7f:11:1d:
a3:1e:61:ed:ac:97:36:2e:09:e7:a5:e3:83:cb:82:87:7a:ba:
97:a0:71:1c:e9:3e:d4:c8:5b:0a:cc:16:1d:bc:b4:25:1a:4a:
1a:ab:e6:80:d9:00:b7:9e:de:0c:28:cc:a9:51:26:14:41:88:
e1:f3:aa:f7:c6:4c:2e:57:78:3d:2f:a1:e1:b5:09:17:6b:f0:
cc:2e:a6:6f:06:36:a1:99:98:a9:e8:ee:e5:ea:66:75:13:13:
94:c7:7c:ff:18:4b:3e:28:29:78:51:4f:2b:d1:c3:28:d8:2c:
e6:72:51:9f:7d:d5:19:de:0a:76:3f:fe:17:0d:c3:24:b0:4f:
0a:0b:3c:aa
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgICX6owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjIxMTA0MDQyMTM1WhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzY0OTM0ZS1mOGIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApjb4HVARA/TAXpS/LZIjor9zTPJewnG4PIzZflf8rkLoUa++Gt7bGaqFov0H
+ixBaSU6cb2lvpssxmErjfox2PPjx0qQfVSOii4DBIDGuDvoLKKDzN8Hdsapc3U4
8ESXGMLUP5XJ2lncaFtFSA+SjrYVTa2sroAGz0313V8z7OvQUNOx4TggOzLpimOp
RGa6GII/w6O1C1f/FU8eiO8ohH6GJQNLqgal2VUu0tgVKJIJn4ta+1LIBQ1JMNqd
1Qq4PTsgjDOPe5+4Y06vFUXdlmmnmCf7OI+1uK7HTPCoREn11m2f91tDyEafDxU3
H0HL9UHg5OC6GYjw2IaVjMKCmQIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFGbP87BD
7eWurcOheD942BRi3EIzMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvMkFCQjVCMUM1
QkY4MTFFRDg2MDE3RDBFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNwYIKwYBBQUHAQcBAf8E
KDAmMCQEAgABMB4DBAFnpUgDBAFnq24DBAFnsqADBAFnsqYDBAFnssowDQYJKoZI
hvcNAQELBQADggEBAHGvpSx0FI4KKYcacEtcsnXDGuwg8dchuoQFA5L6AuTNtPOJ
bB8UN4uG6fE8w0e7gh4ZWCek9k2V4l9PbQAqWwl1EXeLH5A+ElPL1MHKl3lprX5l
uqEOSpDApoRkZhwfvNcHV8MMYljGAXU2cWgkYZBVkeeDAsoLFAYjrH8RHaMeYe2s
lzYuCeel44PLgod6upegcRzpPtTIWwrMFh28tCUaShqr5oDZALee3gwozKlRJhRB
iOHzqvfGTC5XeD0voeG1CRdr8Mwupm8GNqGZmKno7uXqZnUTE5THfP8YSz4oKXhR
TyvRwyjYLOZyUZ991RneCnY//hcNwySwTwoLPKo=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:51 2023 by rpki-client on console-fra.rpki-client.org