Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/B0D33082BDC911EA9D52577AC4F9AE02.roa
File: B0D33082BDC911EA9D52577AC4F9AE02.roa (raw, json)
Hash identifier: QoH3oNQoYUdGnw10VRQQUWU8g3R5ON6zHepHhYUKeuE=
Subject key identifier: 65:E9:17:10:4F:76:02:07:AB:BE:B7:90:B8:AF:62:D9:8E:4B:B8:56
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 5124
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/B0D33082BDC911EA9D52577AC4F9AE02.roa
Signing time: Mon 16 May 2022 04:14:25 +0000
ROA not before: Mon 16 May 2022 04:14:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 136704
IP address blocks: 103.103.28.0/24 maxlen: 24
103.119.120.0/22 maxlen: 24
103.127.104.0/23 maxlen: 24
103.147.94.0/23 maxlen: 24
103.147.132.0/23 maxlen: 24
103.183.238.0/23 maxlen: 24
103.184.168.0/23 maxlen: 24
2001:df3:5880::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20772 (0x5124)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: May 16 04:14:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6281cfa1-9135
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:0d:33:43:c8:e3:93:cf:be:45:89:8d:54:88:
a1:b4:24:33:d6:f6:46:8b:bd:29:23:92:3d:20:1e:
6f:6d:d7:4e:b9:82:46:7e:c4:94:46:e8:29:f5:9b:
9f:3f:7a:5a:23:47:0b:47:2b:0b:a9:2b:e9:35:6a:
49:49:5b:eb:94:9e:dd:7c:1e:ef:6e:4b:3f:3b:34:
13:06:eb:d1:88:1f:99:87:a2:30:ea:a3:51:38:9e:
6c:9b:e8:e8:ac:f1:c5:dc:d5:1f:cc:3b:f0:f2:6b:
cd:1f:0b:f7:d6:86:6c:77:c7:b1:f7:bc:b8:64:58:
21:02:63:99:58:c9:70:35:51:f4:ce:38:92:56:9a:
e0:34:70:19:0b:5d:36:26:ac:67:83:e4:e7:30:5b:
68:7b:89:84:06:55:44:ed:2f:2c:93:8a:05:63:66:
bc:d9:15:13:f4:df:b7:db:f0:65:de:48:a5:75:4e:
f7:bf:d0:63:52:78:fe:b4:b8:5e:1e:78:77:a2:1c:
5f:69:d5:38:18:bd:bc:3d:cd:33:11:01:32:ca:a9:
b0:0d:da:00:89:05:07:46:1e:cd:0e:ad:fc:41:c0:
0c:bb:9d:f0:f6:00:40:3a:80:3a:cb:fe:35:af:ed:
86:f7:da:29:37:67:5f:54:4b:55:38:ca:ec:ec:16:
c2:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:E9:17:10:4F:76:02:07:AB:BE:B7:90:B8:AF:62:D9:8E:4B:B8:56
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/B0D33082BDC911EA9D52577AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.103.28.0/24
103.119.120.0/22
103.127.104.0/23
103.147.94.0/23
103.147.132.0/23
103.183.238.0/23
103.184.168.0/23
IPv6:
2001:df3:5880::/48
Signature Algorithm: sha256WithRSAEncryption
6b:e8:b8:16:c8:7f:03:bc:bd:1f:e3:1d:b7:4c:d7:42:30:d4:
96:f3:67:bd:1c:84:95:7f:49:8c:0b:aa:92:b7:a6:0d:ec:a9:
5e:87:a1:a7:6c:ae:c1:16:45:47:48:c0:19:0c:8d:f6:6e:f0:
de:27:7d:f5:cd:1e:37:31:41:6f:82:15:0f:ba:3e:6b:81:dc:
a5:5b:c7:fa:a7:ba:a4:6a:a0:a9:8d:be:85:7b:0b:fa:02:34:
60:e1:42:68:bc:31:31:f0:9e:e8:8f:0e:fe:17:d8:c9:f2:27:
5c:98:84:92:0f:c5:51:bc:68:bc:4b:2d:1c:71:4e:2e:9f:79:
7f:4e:99:12:9b:a4:be:b7:18:6a:c5:c9:8a:97:84:46:56:54:
53:49:e0:73:b9:58:51:19:f1:83:4c:5b:3a:4a:fc:10:22:65:
18:b6:9a:78:af:17:35:17:67:a3:83:fe:60:45:9f:d3:30:3f:
9b:6f:af:11:c0:88:47:c2:c2:6f:e8:b9:14:8a:87:53:c2:04:
17:12:0f:2c:45:53:da:9d:9d:0b:17:be:6d:69:c7:bd:55:6f:
d5:83:ff:24:df:a9:97:5c:26:75:02:16:a5:c8:09:fe:ca:65:
12:89:44:5b:0d:8d:41:45:9c:2f:30:cf:24:ea:db:13:e6:a5:
bd:30:31:3a
-----BEGIN CERTIFICATE-----
MIIFpjCCBI6gAwIBAgICUSQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjIwNTE2MDQxNDI1WhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjgxY2ZhMS05MTM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAow0zQ8jjk8++RYmNVIihtCQz1vZGi70pI5I9IB5vbddOuYJGfsSURugp9Zuf
P3paI0cLRysLqSvpNWpJSVvrlJ7dfB7vbks/OzQTBuvRiB+Zh6Iw6qNROJ5sm+jo
rPHF3NUfzDvw8mvNHwv31oZsd8ex97y4ZFghAmOZWMlwNVH0zjiSVprgNHAZC102
Jqxng+TnMFtoe4mEBlVE7S8sk4oFY2a82RUT9N+32/Bl3kildU73v9BjUnj+tLhe
Hnh3ohxfadU4GL28Pc0zEQEyyqmwDdoAiQUHRh7NDq38QcAMu53w9gBAOoA6y/41
r+2G99opN2dfVEtVOMrs7BbCMQIDAQABo4ICyjCCAsYwHQYDVR0OBBYEFGXpFxBP
dgIHq763kLivYtmOS7hWMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvQjBEMzMwODJC
REM5MTFFQTlENTI1NzdBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwVAYIKwYBBQUHAQcBAf8E
RTBDMDAEAgABMCoDBABnZxwDBAJnd3gDBAFnf2gDBAFnk14DBAFnk4QDBAFnt+4D
BAFnuKgwDwQCAAIwCQMHACABDfNYgDANBgkqhkiG9w0BAQsFAAOCAQEAa+i4Fsh/
A7y9H+Mdt0zXQjDUlvNnvRyElX9JjAuqkremDeypXoehp2yuwRZFR0jAGQyN9m7w
3id99c0eNzFBb4IVD7o+a4HcpVvH+qe6pGqgqY2+hXsL+gI0YOFCaLwxMfCe6I8O
/hfYyfInXJiEkg/FUbxovEstHHFOLp95f06ZEpukvrcYasXJipeERlZUU0ngc7lY
URnxg0xbOkr8ECJlGLaaeK8XNRdno4P+YEWf0zA/m2+vEcCIR8LCb+i5FIqHU8IE
FxIPLEVT2p2dCxe+bWnHvVVv1YP/JN+pl1wmdQIWpcgJ/splEolEWw2NQUWcLzDP
JOrbE+alvTAxOg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:54 2023 by rpki-client on console-ams.rpki-client.org