Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/5EAD83800A0811EB90807C71C4F9AE02.roa
File: 5EAD83800A0811EB90807C71C4F9AE02.roa (raw, json)
Hash identifier: b7CXF6gRqFdaPkpfXZ5s7Sndaxrexosiey5e00A+aSE=
Subject key identifier: F3:A6:41:98:E8:A9:17:18:5A:6B:C4:E3:F4:8D:8C:86:EF:59:8C:D0
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 6138
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/5EAD83800A0811EB90807C71C4F9AE02.roa
Signing time: Wed 07 Dec 2022 07:21:36 +0000
ROA not before: Wed 07 Dec 2022 07:21:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 135133
IP address blocks: 103.37.96.0/23 maxlen: 24
103.145.36.0/23 maxlen: 24
103.170.132.0/23 maxlen: 24
103.195.244.0/22 maxlen: 24
2407:b240::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 24888 (0x6138)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Dec 7 07:21:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=63903eff-d425
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:58:d3:7e:0e:3d:1d:ca:48:48:60:9f:fa:20:
e1:f2:bc:fc:82:07:09:e0:83:6a:c2:11:39:a4:c3:
53:6d:4b:e2:fc:7c:8d:f4:44:e0:56:c6:f3:3e:73:
e7:8c:93:b3:de:e3:e4:b3:c1:ec:21:33:64:84:b5:
75:18:61:a5:9c:49:e0:10:60:59:77:d7:0b:cf:d1:
d4:1c:4f:84:50:c3:29:6b:2a:77:d0:d4:7e:d7:78:
b7:e9:af:ed:46:1e:be:7e:41:4c:92:03:3d:1d:5c:
04:de:17:cb:89:7c:51:7e:ce:b8:25:15:ae:ce:23:
5c:fc:6f:95:0e:58:79:ee:81:43:90:41:77:17:15:
ec:6f:74:77:84:7d:72:6a:cc:2d:34:0a:fd:a9:52:
1c:74:34:28:42:e0:78:d2:67:1a:59:69:44:74:50:
6c:bc:a5:0c:b4:e0:b6:3b:e5:95:95:e3:ab:d3:0c:
b5:9f:9d:0f:76:e0:77:3f:b3:e3:fb:23:b4:3c:eb:
2b:48:be:ff:bd:c4:b2:43:10:3c:bd:46:22:42:fa:
d4:ef:68:e0:08:bf:92:53:3d:94:f2:f5:5f:93:19:
56:ee:0f:8c:c5:73:41:3d:aa:2c:c5:8b:4e:dd:3c:
d3:9b:18:0e:f9:f5:83:8b:30:9a:d0:a5:11:be:b8:
b8:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:A6:41:98:E8:A9:17:18:5A:6B:C4:E3:F4:8D:8C:86:EF:59:8C:D0
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/5EAD83800A0811EB90807C71C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.37.96.0/23
103.145.36.0/23
103.170.132.0/23
103.195.244.0/22
IPv6:
2407:b240::/32
Signature Algorithm: sha256WithRSAEncryption
46:10:66:9c:88:9a:1f:b5:25:c6:37:82:58:da:c2:aa:5d:a8:
4a:97:7c:3f:e1:d0:75:4c:49:fd:d7:cd:21:5b:4e:e8:10:fd:
8f:25:22:50:6b:57:3b:be:80:db:19:95:5e:89:02:b3:2f:33:
dd:d4:8f:d8:93:c2:28:46:5a:d6:0d:6c:a6:37:55:8c:01:86:
3c:0d:9b:64:ca:21:9d:3e:63:a6:db:b9:d5:49:e2:19:a3:a0:
79:1f:7f:21:cd:3f:15:98:a0:9a:d0:30:b1:45:c4:7e:be:de:
40:14:b1:9c:43:2e:e3:73:60:23:9d:77:5c:be:e4:2f:b8:87:
3b:da:60:91:9c:ea:9f:95:d8:ed:ce:90:45:67:e6:52:af:46:
29:7a:33:4c:c9:d1:29:37:d8:d0:ce:8f:f2:03:22:7d:9f:8e:
cb:a6:80:ed:fd:82:4b:00:b8:09:a2:fc:46:ad:88:a9:4f:77:
2c:69:15:f3:49:62:ac:51:c8:8a:db:16:2a:29:bf:8b:d7:e3:
0c:03:2b:fa:11:82:db:ba:f2:83:00:c1:23:86:bb:2f:85:5c:
73:eb:f3:6a:aa:69:10:8e:03:f3:3d:78:65:ea:0b:33:3c:52:
d0:12:ac:4d:a8:a3:54:35:2b:63:37:0e:aa:98:ea:33:6d:52:
bd:1b:10:34
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICYTgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjIxMjA3MDcyMTM1WhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzkwM2VmZi1kNDI1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuFjTfg49HcpISGCf+iDh8rz8ggcJ4INqwhE5pMNTbUvi/HyN9ETgVsbzPnPn
jJOz3uPks8HsITNkhLV1GGGlnEngEGBZd9cLz9HUHE+EUMMpayp30NR+13i36a/t
Rh6+fkFMkgM9HVwE3hfLiXxRfs64JRWuziNc/G+VDlh57oFDkEF3FxXsb3R3hH1y
aswtNAr9qVIcdDQoQuB40mcaWWlEdFBsvKUMtOC2O+WVleOr0wy1n50PduB3P7Pj
+yO0POsrSL7/vcSyQxA8vUYiQvrU72jgCL+SUz2U8vVfkxlW7g+MxXNBPaosxYtO
3TzTmxgO+fWDizCa0KURvri4pQIDAQABo4ICtjCCArIwHQYDVR0OBBYEFPOmQZjo
qRcYWmvE4/SNjIbvWYzQMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvNUVBRDgzODAw
QTA4MTFFQjkwODA3QzcxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQAYIKwYBBQUHAQcBAf8E
MTAvMB4EAgABMBgDBAFnJWADBAFnkSQDBAFnqoQDBAJnw/QwDQQCAAIwBwMFACQH
skAwDQYJKoZIhvcNAQELBQADggEBAEYQZpyImh+1JcY3gljawqpdqEqXfD/h0HVM
Sf3XzSFbTugQ/Y8lIlBrVzu+gNsZlV6JArMvM93Uj9iTwihGWtYNbKY3VYwBhjwN
m2TKIZ0+Y6bbudVJ4hmjoHkffyHNPxWYoJrQMLFFxH6+3kAUsZxDLuNzYCOdd1y+
5C+4hzvaYJGc6p+V2O3OkEVn5lKvRil6M0zJ0Sk32NDOj/IDIn2fjsumgO39gksA
uAmi/EatiKlPdyxpFfNJYqxRyIrbFiopv4vX4wwDK/oRgtu68oMAwSOGuy+FXHPr
82qqaRCOA/M9eGXqCzM8UtASrE2oo1Q1K2M3DqqY6jNtUr0bEDQ=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:55 2023 by rpki-client on console-fra.rpki-client.org