Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/B5E9C4266A3011EDBEA1DE81C4F9AE02.roa
File: B5E9C4266A3011EDBEA1DE81C4F9AE02.roa (raw, json)
Hash identifier: Js3nxtcItgXUrBa1UK3cxp44xkKZa9mcvrJEb2dKmSI=
Subject key identifier: EC:A4:D5:C4:3F:63:8F:33:62:16:AF:57:D8:B3:2C:DB:B9:EB:D8:EF
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 6271
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/B5E9C4266A3011EDBEA1DE81C4F9AE02.roa
Signing time: Tue 03 Jan 2023 12:51:35 +0000
ROA not before: Tue 03 Jan 2023 12:51:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 0
IP address blocks: 103.27.168.0/24 maxlen: 24
103.27.170.0/23 maxlen: 23
103.181.88.0/23 maxlen: 24
103.181.148.0/23 maxlen: 24
103.181.202.0/23 maxlen: 24
103.182.12.0/23 maxlen: 24
103.182.158.0/23 maxlen: 24
103.183.28.0/23 maxlen: 24
103.185.102.0/23 maxlen: 24
103.186.40.0/23 maxlen: 24
103.186.44.0/23 maxlen: 24
103.186.48.0/23 maxlen: 24
103.186.124.0/23 maxlen: 24
103.186.246.0/23 maxlen: 24
103.187.36.0/23 maxlen: 24
103.228.172.0/24 maxlen: 24
103.228.173.0/24 maxlen: 24
103.228.174.0/24 maxlen: 24
103.228.175.0/24 maxlen: 24
2400:d180:66::/48 maxlen: 48
2400:d180:67::/48 maxlen: 48
2400:d180:68::/48 maxlen: 48
2400:d180:69::/48 maxlen: 48
2400:d180:70::/48 maxlen: 48
2400:d180:71::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25201 (0x6271)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Jan 3 12:51:35 2023 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=63b424d7-b7f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:0c:9b:80:19:57:2a:24:fc:b0:4b:5c:04:c4:
1a:09:49:a4:cc:19:e0:b9:4c:c8:09:40:38:2f:ae:
91:db:fb:d7:42:df:37:ba:df:e4:35:94:26:b1:d8:
1b:51:26:97:48:a1:8d:ca:f7:ae:1d:53:43:de:12:
66:9a:b4:b9:49:fe:9a:6d:12:0f:69:3c:74:15:52:
94:3e:d0:14:ae:d4:79:e8:bb:ad:e3:70:4a:22:2f:
0b:18:16:17:03:2e:c4:fc:7b:23:bb:aa:0c:ae:d5:
ef:e1:d3:25:e5:25:9c:12:9c:d1:d4:5a:71:11:97:
b5:88:2f:44:55:b5:7a:5f:7b:12:0a:02:b3:d1:96:
d1:c9:11:11:51:5e:1f:d3:a8:02:8c:76:d1:e7:7f:
80:f3:56:51:2e:0c:98:57:e1:2b:0b:61:a3:6e:34:
8a:59:52:e9:ea:b3:a1:76:84:76:92:a5:7e:63:5b:
4e:5d:22:fd:50:52:5b:21:2c:40:d3:29:b8:9a:e0:
ab:c3:f2:f8:0f:6d:13:b3:1d:e7:41:a0:9b:80:a8:
7f:ab:3a:08:40:8e:d5:eb:f8:ad:64:c9:c1:43:c8:
f1:e1:ff:64:ef:10:f1:68:be:4d:fb:e2:49:07:46:
bf:d9:88:00:f5:a7:50:68:a1:a9:54:71:4c:94:94:
9a:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:A4:D5:C4:3F:63:8F:33:62:16:AF:57:D8:B3:2C:DB:B9:EB:D8:EF
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/B5E9C4266A3011EDBEA1DE81C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.27.168.0/24
103.27.170.0/23
103.181.88.0/23
103.181.148.0/23
103.181.202.0/23
103.182.12.0/23
103.182.158.0/23
103.183.28.0/23
103.185.102.0/23
103.186.40.0/23
103.186.44.0/23
103.186.48.0/23
103.186.124.0/23
103.186.246.0/23
103.187.36.0/23
103.228.172.0/22
IPv6:
2400:d180:66::-2400:d180:69:ffff:ffff:ffff:ffff:ffff
2400:d180:70::/47
Signature Algorithm: sha256WithRSAEncryption
1f:f5:2a:7a:24:e2:d6:5b:b4:b2:db:5b:16:85:3e:47:63:d2:
b1:b5:b6:ba:02:af:a2:35:ed:66:8f:5d:c3:bf:ae:7a:19:d7:
06:ad:76:33:9a:05:ad:66:2a:84:a6:b5:52:8b:0a:79:4d:6e:
9f:28:0b:d0:77:26:58:1b:8c:24:27:d5:9f:2c:28:a7:66:84:
04:05:b7:65:79:02:be:4d:5c:78:72:94:13:da:dc:90:bd:a0:
27:be:4d:1e:31:e7:68:c8:6d:ce:9e:04:e6:9e:d9:c1:81:f4:
26:2f:85:74:70:1e:ad:32:f0:10:f9:da:70:bc:9d:b2:31:97:
d6:fa:e7:94:81:cd:50:96:41:d8:61:e0:ef:45:e2:a2:8e:47:
ee:db:5d:7b:ea:d7:26:b5:2a:0c:e8:3e:8b:82:42:9d:c8:94:
9a:0f:64:87:bc:9e:a5:86:93:42:57:1f:a2:fc:63:10:09:3e:
74:17:46:fb:04:8f:86:c9:b7:95:5d:07:31:7d:d2:db:6f:3d:
89:f6:d1:c4:70:cf:47:04:9b:00:e4:ae:02:77:88:d9:6c:70:
07:b6:18:37:97:54:b9:24:d0:c5:a5:ee:7f:e5:d8:b9:75:0f:
52:2d:37:4f:81:dd:2b:7b:43:f2:13:26:d1:a6:2f:99:04:02:
de:be:b3:91
-----BEGIN CERTIFICATE-----
MIIF8zCCBNugAwIBAgICYnEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMwMTAzMTI1MTM1WhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2I0MjRkNy1iN2YyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwwybgBlXKiT8sEtcBMQaCUmkzBnguUzICUA4L66R2/vXQt83ut/kNZQmsdgb
USaXSKGNyveuHVND3hJmmrS5Sf6abRIPaTx0FVKUPtAUrtR56Lut43BKIi8LGBYX
Ay7E/Hsju6oMrtXv4dMl5SWcEpzR1FpxEZe1iC9EVbV6X3sSCgKz0ZbRyRERUV4f
06gCjHbR53+A81ZRLgyYV+ErC2GjbjSKWVLp6rOhdoR2kqV+Y1tOXSL9UFJbISxA
0ym4muCrw/L4D20Tsx3nQaCbgKh/qzoIQI7V6/itZMnBQ8jx4f9k7xDxaL5N++JJ
B0a/2YgA9adQaKGpVHFMlJSanwIDAQABo4IDFzCCAxMwHQYDVR0OBBYEFOyk1cQ/
Y48zYhavV9izLNu569jvMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvQjVFOUM0MjY2
QTMwMTFFREJFQTFERTgxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgaAGCCsGAQUFBwEHAQH/
BIGQMIGNMGYEAgABMGADBABnG6gDBAFnG6oDBAFntVgDBAFntZQDBAFntcoDBAFn
tgwDBAFntp4DBAFntxwDBAFnuWYDBAFnuigDBAFnuiwDBAFnujADBAFnunwDBAFn
uvYDBAFnuyQDBAJn5KwwIwQCAAIwHTASAwcBJADRgABmAwcBJADRgABoAwcBJADR
gABwMA0GCSqGSIb3DQEBCwUAA4IBAQAf9Sp6JOLWW7Sy21sWhT5HY9Kxtba6Aq+i
Ne1mj13Dv656GdcGrXYzmgWtZiqEprVSiwp5TW6fKAvQdyZYG4wkJ9WfLCinZoQE
BbdleQK+TVx4cpQT2tyQvaAnvk0eMedoyG3OngTmntnBgfQmL4V0cB6tMvAQ+dpw
vJ2yMZfW+ueUgc1QlkHYYeDvReKijkfu21176tcmtSoM6D6LgkKdyJSaD2SHvJ6l
hpNCVx+i/GMQCT50F0b7BI+GybeVXQcxfdLbbz2J9tHEcM9HBJsA5K4Cd4jZbHAH
thg3l1S5JNDFpe5/5di5dQ9SLTdPgd0re0PyEybRpi+ZBALevrOR
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:57 2023 by rpki-client on console-fra.rpki-client.org