Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/ADBC09E2F6AC11EB94BDDC67C4F9AE02.roa
File: ADBC09E2F6AC11EB94BDDC67C4F9AE02.roa (raw, json)
Hash identifier: 6QeIua3xDNwi3BPQVCmpd4QnDJr6cdBQXy4nc7WQnbk=
Subject key identifier: A0:83:85:3B:5A:74:FA:29:D0:E5:55:04:20:2E:5E:81:9F:39:6E:5F
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 4F86
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/ADBC09E2F6AC11EB94BDDC67C4F9AE02.roa
Signing time: Mon 16 May 2022 04:06:32 +0000
ROA not before: Mon 16 May 2022 04:06:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 134009
IP address blocks: 103.51.137.0/24 maxlen: 24
103.159.212.0/24 maxlen: 24
103.169.157.0/24 maxlen: 24
103.174.158.0/24 maxlen: 24
103.179.38.0/23 maxlen: 24
103.200.74.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20358 (0x4f86)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: May 16 04:06:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6281cdc7-7b4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:ed:e4:6f:bf:5f:d0:1c:4b:6e:92:58:48:fd:
39:da:35:57:2e:cf:c8:d6:9a:b6:44:b8:e9:b7:a3:
45:b5:a4:6a:8e:3e:12:4d:cb:b9:f4:0e:0f:f2:23:
89:54:27:45:bd:1c:04:57:ce:dc:a1:63:9f:11:79:
96:4f:72:96:13:ca:69:d9:fe:c6:72:ff:71:18:ae:
56:8c:05:3a:d2:ab:ed:45:ad:d6:fa:b9:fb:fe:11:
01:83:ee:77:f0:7a:08:cb:95:85:74:2b:17:64:c5:
48:62:06:af:52:a3:da:15:82:9f:6c:05:df:a0:58:
98:78:13:96:86:95:fb:cf:8b:75:c1:ce:c9:d8:da:
f1:ad:78:2d:10:fd:af:fd:3b:97:83:cb:63:ed:57:
6e:a9:fb:2a:bd:41:5c:b7:75:08:5e:af:93:e3:0b:
c4:2a:f2:0a:a2:f6:43:95:52:06:1f:6c:c4:98:14:
d6:20:b1:76:03:bb:14:1a:b8:f2:59:9f:96:b3:31:
4b:a6:61:88:99:99:7e:2f:c0:f4:74:5b:5a:69:bc:
a4:13:3e:c5:9a:55:55:49:c0:2b:99:69:02:44:38:
e9:26:ee:48:41:e7:92:8a:78:f5:1e:ef:be:5c:59:
84:e3:eb:48:1a:53:1d:d7:96:97:15:19:03:46:a1:
d2:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:83:85:3B:5A:74:FA:29:D0:E5:55:04:20:2E:5E:81:9F:39:6E:5F
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/ADBC09E2F6AC11EB94BDDC67C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.51.137.0/24
103.159.212.0/24
103.169.157.0/24
103.174.158.0/24
103.179.38.0/23
103.200.74.0/24
Signature Algorithm: sha256WithRSAEncryption
b5:98:0f:b8:b1:d2:18:61:71:a4:6e:aa:11:ef:cb:d4:b1:9e:
54:c5:65:ed:5b:a7:3b:4d:05:4a:4d:45:e9:b9:e3:fc:cc:0d:
29:fd:30:ea:62:d6:42:d8:04:71:3e:50:d0:35:14:5f:83:a1:
af:e2:60:f6:1b:9e:04:b4:6b:bb:dc:62:e0:b2:ef:80:3a:98:
40:40:ca:2d:d4:b3:91:43:ca:ea:8f:80:e6:3b:a2:6c:23:41:
3d:13:66:f1:56:e6:56:dc:bc:4d:09:09:8f:2a:7e:ad:c6:3f:
5a:c6:c9:70:02:9c:ac:51:74:fa:05:a8:66:b9:bc:82:eb:4a:
5a:0c:78:0c:e3:db:9f:3e:ef:04:a6:b4:6c:23:0a:a2:87:a8:
fa:32:de:0e:8d:aa:d6:ea:a1:f0:b4:48:18:b1:4b:8d:fc:2b:
24:f3:f5:33:f3:7a:96:bc:54:a8:5c:67:9f:45:fc:04:11:6f:
e5:63:4a:d0:dd:3d:ee:ba:4b:97:0f:2d:26:80:55:06:35:36:
e1:2f:e6:eb:5a:02:47:9a:b3:e3:25:eb:42:61:23:e3:c6:0f:
d2:f1:10:9e:ee:f6:45:f0:9b:7f:84:ac:f8:47:bb:a4:94:0f:
1e:59:32:93:ec:27:b0:9e:f2:f6:17:01:3a:76:21:72:4d:1e:
6b:f2:b1:ae
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgICT4YwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjIwNTE2MDQwNjMyWhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjgxY2RjNy03YjRjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzu3kb79f0BxLbpJYSP052jVXLs/I1pq2RLjpt6NFtaRqjj4STcu59A4P8iOJ
VCdFvRwEV87coWOfEXmWT3KWE8pp2f7Gcv9xGK5WjAU60qvtRa3W+rn7/hEBg+53
8HoIy5WFdCsXZMVIYgavUqPaFYKfbAXfoFiYeBOWhpX7z4t1wc7J2NrxrXgtEP2v
/TuXg8tj7VduqfsqvUFct3UIXq+T4wvEKvIKovZDlVIGH2zEmBTWILF2A7sUGrjy
WZ+WszFLpmGImZl+L8D0dFtaabykEz7FmlVVScArmWkCRDjpJu5IQeeSinj1Hu++
XFmE4+tIGlMd15aXFRkDRqHSUwIDAQABo4ICszCCAq8wHQYDVR0OBBYEFKCDhTta
dPop0OVVBCAuXoGfOW5fMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvQURCQzA5RTJG
NkFDMTFFQjk0QkREQzY3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPQYIKwYBBQUHAQcBAf8E
LjAsMCoEAgABMCQDBABnM4kDBABnn9QDBABnqZ0DBABnrp4DBAFnsyYDBABnyEow
DQYJKoZIhvcNAQELBQADggEBALWYD7ix0hhhcaRuqhHvy9SxnlTFZe1bpztNBUpN
Rem54/zMDSn9MOpi1kLYBHE+UNA1FF+Doa/iYPYbngS0a7vcYuCy74A6mEBAyi3U
s5FDyuqPgOY7omwjQT0TZvFW5lbcvE0JCY8qfq3GP1rGyXACnKxRdPoFqGa5vILr
SloMeAzj258+7wSmtGwjCqKHqPoy3g6NqtbqofC0SBixS438KyTz9TPzepa8VKhc
Z59F/AQRb+VjStDdPe66S5cPLSaAVQY1NuEv5utaAkeas+Ml60JhI+PGD9LxEJ7u
9kXwm3+ErPhHu6SUDx5ZMpPsJ7Ce8vYXATp2IXJNHmvysa4=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:57 2023 by rpki-client on console-fra.rpki-client.org