Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/7DF39C3ABDCC11EAB486CA81C4F9AE02.roa
File: 7DF39C3ABDCC11EAB486CA81C4F9AE02.roa (raw, json)
Hash identifier: bYJAN0yfXxZ82X1oPkS35E2aV5mUaSg+1ycC1JglWB8=
Subject key identifier: 02:0D:55:11:91:FA:D6:94:B5:1E:72:61:05:BE:AE:F9:E5:74:A5:8C
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 4C73
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/7DF39C3ABDCC11EAB486CA81C4F9AE02.roa
Signing time: Tue 19 Apr 2022 07:21:31 +0000
ROA not before: Tue 19 Apr 2022 07:21:31 +0000
ROA not after: Fri 01 Jul 2022 00:00:00 +0000
asID: 134316
IP address blocks: 103.119.164.0/22 maxlen: 22
103.119.164.0/24 maxlen: 24
103.119.165.0/24 maxlen: 24
103.119.166.0/24 maxlen: 24
103.119.167.0/24 maxlen: 24
103.215.200.0/24 maxlen: 24
103.215.201.0/24 maxlen: 24
103.215.203.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19571 (0x4c73)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Apr 19 07:21:31 2022 GMT
Not After : Jul 1 00:00:00 2022 GMT
Subject: CN=625e62fa-8a5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:3b:af:cf:02:a3:83:fd:1b:60:22:39:05:e5:
45:58:7b:8c:d9:f9:0b:ac:90:22:3c:cc:27:97:87:
ee:84:74:fa:5f:d8:5b:45:b9:90:7f:8f:ea:83:83:
8c:96:b5:81:09:26:f0:45:20:32:22:f3:60:c7:28:
a4:62:6d:46:4c:3b:a4:4a:13:e5:87:13:35:9b:50:
f5:c9:9b:4c:15:9a:21:31:c6:e8:2b:9c:2c:3d:84:
8d:5a:7a:6b:f2:11:0a:c3:6f:54:f4:06:9d:47:27:
dc:f6:3e:3d:e0:cd:2a:ac:36:b7:e2:7c:ea:1d:46:
52:bb:5c:87:e2:d6:f8:20:6d:b2:fe:2d:75:89:61:
94:fe:41:f7:08:6d:19:15:e1:27:ea:6f:32:15:22:
d7:25:55:4e:23:e1:d0:3f:8b:43:4e:ec:8e:b9:5c:
3b:70:0c:f7:c0:e8:94:ea:58:d6:48:04:e4:57:5d:
36:55:e9:a8:5e:52:23:a5:74:85:d4:9c:ef:db:1d:
d3:cf:b2:6b:f2:8a:68:9c:be:8f:2b:4e:20:f0:0f:
55:05:ae:26:62:d8:fa:85:09:f8:83:91:1a:b1:20:
ae:09:13:39:ca:7d:47:3b:ca:78:4c:8a:1d:da:00:
de:c2:47:d7:51:0d:8f:77:b0:30:48:14:81:b4:ed:
9a:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:0D:55:11:91:FA:D6:94:B5:1E:72:61:05:BE:AE:F9:E5:74:A5:8C
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/7DF39C3ABDCC11EAB486CA81C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.119.164.0/22
103.215.200.0/23
103.215.203.0/24
Signature Algorithm: sha256WithRSAEncryption
44:2b:c5:1d:3e:83:90:82:26:32:5c:58:f2:83:91:f1:e9:4e:
33:b9:4e:d6:07:79:af:b5:48:36:4f:44:1f:ee:a5:4e:09:c9:
2c:9b:08:42:74:0a:26:7c:54:2f:57:fb:ce:21:65:2f:12:2e:
3a:bc:ac:8f:e7:08:cb:88:4c:45:24:65:ba:96:75:31:3e:47:
73:1d:9e:c1:43:80:07:44:5f:09:80:cb:08:cb:75:35:88:8e:
ec:8b:52:c4:5d:92:b1:07:c4:11:25:0f:79:20:1e:b3:7b:39:
7d:bf:60:31:e3:94:e0:c0:e9:c2:dd:d7:17:7d:62:84:7d:b6:
c5:60:bc:06:35:fa:35:c4:cd:0c:66:9b:ea:7f:d9:e7:c8:56:
03:55:3c:6f:22:27:a1:25:4e:e3:3f:3e:ce:16:73:67:cf:fc:
33:c5:82:f7:56:75:48:87:75:6b:cb:af:13:ff:78:fe:7b:72:
ca:1b:47:3a:31:bd:66:86:93:20:2d:c7:3a:04:ea:1c:35:d7:
be:19:12:6b:7e:f6:aa:c4:1c:96:54:39:17:1f:b6:7f:32:53:
4e:0f:98:df:3c:58:11:4b:85:4b:7f:6b:f5:43:27:dc:40:e4:
95:8a:e7:e0:66:a3:cf:dd:4c:83:57:b9:37:39:50:c4:01:13:
5c:95:78:a9
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICTHMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjIwNDE5MDcyMTMxWhcNMjIwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjVlNjJmYS04YTViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzDuvzwKjg/0bYCI5BeVFWHuM2fkLrJAiPMwnl4fuhHT6X9hbRbmQf4/qg4OM
lrWBCSbwRSAyIvNgxyikYm1GTDukShPlhxM1m1D1yZtMFZohMcboK5wsPYSNWnpr
8hEKw29U9AadRyfc9j494M0qrDa34nzqHUZSu1yH4tb4IG2y/i11iWGU/kH3CG0Z
FeEn6m8yFSLXJVVOI+HQP4tDTuyOuVw7cAz3wOiU6ljWSATkV102VemoXlIjpXSF
1Jzv2x3Tz7Jr8oponL6PK04g8A9VBa4mYtj6hQn4g5EasSCuCRM5yn1HO8p4TIod
2gDewkfXUQ2Pd7AwSBSBtO2aYQIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFAINVRGR
+taUtR5yYQW+rvnldKWMMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvN0RGMzlDM0FC
RENDMTFFQUI0ODZDQTgxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAJnd6QDBAFn18gDBABn18swDQYJKoZIhvcNAQELBQADggEB
AEQrxR0+g5CCJjJcWPKDkfHpTjO5TtYHea+1SDZPRB/upU4JySybCEJ0CiZ8VC9X
+84hZS8SLjq8rI/nCMuITEUkZbqWdTE+R3MdnsFDgAdEXwmAywjLdTWIjuyLUsRd
krEHxBElD3kgHrN7OX2/YDHjlODA6cLd1xd9YoR9tsVgvAY1+jXEzQxmm+p/2efI
VgNVPG8iJ6ElTuM/Ps4Wc2fP/DPFgvdWdUiHdWvLrxP/eP57csobRzoxvWaGkyAt
xzoE6hw1174ZEmt+9qrEHJZUORcftn8yU04PmN88WBFLhUt/a/VDJ9xA5JWK5+Bm
o8/dTINXuTc5UMQBE1yVeKk=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:56 2023 by rpki-client on console-fra.rpki-client.org