Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/B3224502D7D711EBAF0EEC09C4F9AE02.roa
File: B3224502D7D711EBAF0EEC09C4F9AE02.roa (raw, json)
Hash identifier: SQEgG8W7DRe3OWwfHJpiVdq+kJAtxlBkx+fctg2rt6g=
Subject key identifier: 31:C9:B1:5B:18:B1:2B:E2:5A:1F:3E:BA:21:6D:ED:F5:9A:19:64:68
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 5E90
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/B3224502D7D711EBAF0EEC09C4F9AE02.roa
Signing time: Wed 12 Oct 2022 16:01:48 +0000
ROA not before: Wed 12 Oct 2022 16:01:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 141840
IP address blocks: 103.168.85.0/24 maxlen: 24
2001:df1:5dc0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 24208 (0x5e90)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Oct 12 16:01:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6346e4eb-4ef5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:5d:1e:b5:fe:99:1e:ee:8c:a1:8d:d7:ad:25:
67:01:ac:52:ac:7f:4d:66:88:cb:37:e8:fe:ce:42:
87:63:1c:df:63:9a:89:30:81:7f:aa:d4:5d:21:0a:
1d:a7:10:d8:5b:6c:65:8d:b7:4d:7c:8d:47:12:48:
62:5a:59:d1:4f:b1:81:ab:47:eb:91:a2:ad:12:4f:
d4:fe:ae:79:4f:4e:6a:6e:49:25:ad:c7:ba:5b:16:
3e:78:81:09:fd:cb:37:1f:49:81:a3:1e:80:54:43:
99:2e:a7:23:08:34:80:1d:1e:26:b2:8b:9c:1d:d3:
40:7e:3a:6e:8b:e4:21:95:f8:e9:b6:12:04:7e:80:
ec:9c:91:b1:d5:08:65:9b:9b:d2:45:e8:6c:d5:46:
87:2d:24:75:a8:f1:8a:fe:2c:0d:dd:95:f1:35:4b:
47:2c:6d:ea:aa:f9:49:75:fd:be:21:90:0b:81:91:
97:7e:41:34:ae:b6:72:40:8d:a7:cb:26:b4:dd:b6:
be:a8:1e:ae:4a:b8:7f:75:3d:fd:e6:a1:e5:93:3b:
07:fb:f6:00:75:08:c3:d0:e6:3a:6d:4f:25:bf:11:
8d:08:a8:22:a3:1a:9c:16:bc:b3:5a:a9:d8:41:5b:
04:b7:2f:1b:14:e2:7b:34:c3:61:4c:aa:b9:de:5f:
1b:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:C9:B1:5B:18:B1:2B:E2:5A:1F:3E:BA:21:6D:ED:F5:9A:19:64:68
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/B3224502D7D711EBAF0EEC09C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.168.85.0/24
IPv6:
2001:df1:5dc0::/48
Signature Algorithm: sha256WithRSAEncryption
10:47:2e:fc:c1:98:ef:11:22:07:5f:5e:5f:bb:11:1f:ab:89:
57:67:68:19:34:8a:51:a3:98:02:23:ad:7b:f4:68:d4:56:4a:
dc:d4:d5:46:3d:86:a1:8a:93:57:70:cb:0e:d9:3d:55:3a:40:
96:e8:90:20:4a:78:bf:16:fd:0d:67:14:07:9f:2b:df:f8:1a:
cd:99:02:dd:6e:b3:59:b4:3a:db:3a:22:f1:78:49:d2:a2:a5:
fa:89:e0:f9:f3:1e:f6:38:86:66:9c:cd:d8:47:eb:1f:ba:e3:
45:35:b4:a4:4d:ef:ef:98:40:8b:3d:ae:70:e4:5e:94:e1:bc:
43:af:95:70:3f:28:dd:08:f1:ad:3b:e0:a1:20:88:06:6e:4b:
14:5b:4b:26:75:c1:9f:5a:dd:37:b1:36:d2:c1:ee:96:aa:d7:
3d:46:8a:ad:65:80:b8:ad:d2:41:8a:53:46:d8:a0:a9:4c:97:
50:e7:c3:8f:46:33:b1:93:5e:cb:66:89:be:c3:e2:e6:94:de:
2f:b4:97:7c:e1:4a:83:3b:c6:8f:7b:79:3e:07:97:be:fd:ea:
c8:14:7c:e6:57:be:b4:e4:bb:fc:54:c6:da:59:73:42:03:89:
99:5f:db:c2:23:fc:41:b6:e7:c1:ca:8e:1b:b4:35:53:34:39:
86:23:3d:ba
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICXpAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjIxMDEyMTYwMTQ4WhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzQ2ZTRlYi00ZWY1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxl0etf6ZHu6MoY3XrSVnAaxSrH9NZojLN+j+zkKHYxzfY5qJMIF/qtRdIQod
pxDYW2xljbdNfI1HEkhiWlnRT7GBq0frkaKtEk/U/q55T05qbkklrce6WxY+eIEJ
/cs3H0mBox6AVEOZLqcjCDSAHR4msoucHdNAfjpui+QhlfjpthIEfoDsnJGx1Qhl
m5vSRehs1UaHLSR1qPGK/iwN3ZXxNUtHLG3qqvlJdf2+IZALgZGXfkE0rrZyQI2n
yya03ba+qB6uSrh/dT395qHlkzsH+/YAdQjD0OY6bU8lvxGNCKgioxqcFryzWqnY
QVsEty8bFOJ7NMNhTKq53l8bCQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFDHJsVsY
sSviWh8+uiFt7fWaGWRoMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvQjMyMjQ1MDJE
N0Q3MTFFQkFGMEVFQzA5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBABnqFUwDwQCAAIwCQMHACABDfFdwDANBgkqhkiG9w0BAQsF
AAOCAQEAEEcu/MGY7xEiB19eX7sRH6uJV2doGTSKUaOYAiOte/Ro1FZK3NTVRj2G
oYqTV3DLDtk9VTpAluiQIEp4vxb9DWcUB58r3/gazZkC3W6zWbQ62zoi8XhJ0qKl
+ong+fMe9jiGZpzN2EfrH7rjRTW0pE3v75hAiz2ucORelOG8Q6+VcD8o3QjxrTvg
oSCIBm5LFFtLJnXBn1rdN7E20sHulqrXPUaKrWWAuK3SQYpTRtigqUyXUOfDj0Yz
sZNey2aJvsPi5pTeL7SXfOFKgzvGj3t5PgeXvv3qyBR85le+tOS7/FTG2llzQgOJ
mV/bwiP8QbbnwcqOG7Q1UzQ5hiM9ug==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:57 2023 by rpki-client on console-fra.rpki-client.org