Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/6347F98034E411ED8621260AC4F9AE02.roa
File: 6347F98034E411ED8621260AC4F9AE02.roa (raw, json)
Hash identifier: 5lX+IjMm1bJWUDkM6D9fmvyLL9ro91Snhi/BDokDgdY=
Subject key identifier: 0E:4E:FF:58:99:24:89:50:E6:CA:51:54:21:6A:93:10:D6:EF:F4:6E
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 5ECA
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/6347F98034E411ED8621260AC4F9AE02.roa
Signing time: Mon 17 Oct 2022 11:21:39 +0000
ROA not before: Mon 17 Oct 2022 11:21:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 139490
IP address blocks: 103.88.236.0/22 maxlen: 24
103.143.168.0/23 maxlen: 24
103.164.70.0/23 maxlen: 24
103.186.128.0/23 maxlen: 24
103.203.172.0/22 maxlen: 24
103.220.224.0/24 maxlen: 24
2001:df6:4180::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 24266 (0x5eca)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Oct 17 11:21:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=634d3ac2-7cb4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:69:87:72:7e:63:28:b2:f9:0a:ba:bc:35:49:
38:c2:84:41:e5:10:79:12:df:a8:76:a8:1b:f7:6f:
d6:f1:84:95:7e:27:13:09:f6:9b:35:46:1d:2b:6a:
b7:07:b3:1a:b1:95:8f:26:e5:1d:3d:46:1e:70:7c:
85:83:c0:6f:b3:3c:0c:14:4e:5d:65:66:76:fa:82:
5d:03:67:e3:af:60:e9:6f:47:04:89:29:fc:60:2c:
8e:44:06:25:da:c7:83:87:9c:2a:36:a9:ef:de:a0:
3f:fb:6f:b1:fd:10:c2:85:68:ed:dc:2f:e9:41:c2:
4f:b9:a5:f9:ab:03:75:62:2b:37:49:d7:e4:d0:7c:
60:5c:ed:4f:51:d1:57:22:3f:8a:f3:57:e7:57:b6:
23:85:f9:44:2c:ee:47:55:90:0b:b9:0f:de:51:b6:
39:2e:f6:b3:59:47:b0:47:f8:90:f2:36:fa:59:3f:
5a:c4:b8:99:ee:6a:2b:ac:46:c3:22:35:bf:a0:de:
85:03:ad:c3:47:ea:34:e2:51:64:cf:75:85:5c:68:
84:38:a7:8f:2a:9b:25:16:f6:25:71:b4:bb:df:0a:
94:98:1f:9d:6a:cc:3d:ab:bd:75:7d:54:9a:6f:ec:
62:fe:cc:e7:91:b6:79:75:53:66:01:85:87:84:ff:
d0:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:4E:FF:58:99:24:89:50:E6:CA:51:54:21:6A:93:10:D6:EF:F4:6E
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/6347F98034E411ED8621260AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.88.236.0/22
103.143.168.0/23
103.164.70.0/23
103.186.128.0/23
103.203.172.0/22
103.220.224.0/24
IPv6:
2001:df6:4180::/48
Signature Algorithm: sha256WithRSAEncryption
a9:ec:85:49:8a:2c:ea:4c:61:a4:3f:2d:c3:84:94:b7:c3:a3:
f1:e2:1a:71:f3:07:34:c4:44:93:2c:7a:d8:be:18:84:89:3e:
07:f6:7c:65:e5:69:2a:84:2e:91:fe:f4:e8:17:c3:b1:a6:d5:
0c:94:8b:c5:5d:a4:ab:95:f6:80:a7:a3:e4:19:ba:cc:0d:88:
23:41:98:ad:75:e4:3c:be:8d:5f:7d:8d:6b:5c:62:79:60:1b:
8e:d4:8f:ad:a9:97:11:11:bb:8a:43:ba:8f:e6:21:d7:d2:7f:
df:70:c6:4c:7d:fb:e9:4d:20:9f:bb:59:e1:19:3f:92:af:e2:
8e:fd:b2:e6:2c:9e:ae:b7:82:bf:6c:25:8b:14:42:ce:3e:82:
fe:24:cc:69:67:00:87:e4:52:97:c7:37:a0:0d:d5:24:6b:20:
8e:74:09:d3:80:9c:b2:70:50:5b:2c:2b:0d:42:21:d4:73:27:
2a:e2:b5:a4:c9:b2:5c:03:2d:22:2f:cc:1c:51:a9:73:59:26:
8b:6f:37:99:cd:23:79:60:45:f4:bf:41:5e:c9:09:0f:7e:ad:
1f:16:59:66:97:fb:19:0c:c9:41:ae:f2:19:6d:c0:bb:51:60:
e6:ae:d9:02:b8:98:ef:ea:4e:a8:ab:ca:a6:6e:f8:e4:dc:0e:
06:c4:7a:9d
-----BEGIN CERTIFICATE-----
MIIFoDCCBIigAwIBAgICXsowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjIxMDE3MTEyMTM5WhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzRkM2FjMi03Y2I0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3WmHcn5jKLL5Crq8NUk4woRB5RB5Et+odqgb92/W8YSVficTCfabNUYdK2q3
B7MasZWPJuUdPUYecHyFg8BvszwMFE5dZWZ2+oJdA2fjr2Dpb0cEiSn8YCyORAYl
2seDh5wqNqnv3qA/+2+x/RDChWjt3C/pQcJPuaX5qwN1Yis3Sdfk0HxgXO1PUdFX
Ij+K81fnV7YjhflELO5HVZALuQ/eUbY5LvazWUewR/iQ8jb6WT9axLiZ7morrEbD
IjW/oN6FA63DR+o04lFkz3WFXGiEOKePKpslFvYlcbS73wqUmB+dasw9q711fVSa
b+xi/sznkbZ5dVNmAYWHhP/QVQIDAQABo4ICxDCCAsAwHQYDVR0OBBYEFA5O/1iZ
JIlQ5spRVCFqkxDW7/RuMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvNjM0N0Y5ODAz
NEU0MTFFRDg2MjEyNjBBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwTgYIKwYBBQUHAQcBAf8E
PzA9MCoEAgABMCQDBAJnWOwDBAFnj6gDBAFnpEYDBAFnuoADBAJny6wDBABn3OAw
DwQCAAIwCQMHACABDfZBgDANBgkqhkiG9w0BAQsFAAOCAQEAqeyFSYos6kxhpD8t
w4SUt8Oj8eIacfMHNMREkyx62L4YhIk+B/Z8ZeVpKoQukf706BfDsabVDJSLxV2k
q5X2gKej5Bm6zA2II0GYrXXkPL6NX32Na1xieWAbjtSPramXERG7ikO6j+Yh19J/
33DGTH376U0gn7tZ4Rk/kq/ijv2y5iyerreCv2wlixRCzj6C/iTMaWcAh+RSl8c3
oA3VJGsgjnQJ04CcsnBQWywrDUIh1HMnKuK1pMmyXAMtIi/MHFGpc1kmi283mc0j
eWBF9L9BXskJD36tHxZZZpf7GQzJQa7yGW3Au1Fg5q7ZAriY7+pOqKvKpm745NwO
BsR6nQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:55 2023 by rpki-client on console-fra.rpki-client.org