Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/D2E98AF4237011ED8FA7B550C4F9AE02.roa
File: D2E98AF4237011ED8FA7B550C4F9AE02.roa (raw, json)
Hash identifier: cH3EIADI09W8kjU42R6lWF69SQE7NslUu773GqsEu1U=
Subject key identifier: D9:E9:EA:6B:6F:44:9D:3D:21:71:42:51:96:C9:35:22:62:3C:1F:9B
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 5BE8
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/D2E98AF4237011ED8FA7B550C4F9AE02.roa
Signing time: Wed 24 Aug 2022 05:51:40 +0000
ROA not before: Wed 24 Aug 2022 05:51:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 140125
IP address blocks: 103.167.224.0/23 maxlen: 24
103.167.238.0/23 maxlen: 23
103.167.239.0/24 maxlen: 24
103.168.0.0/23 maxlen: 24
103.168.23.0/24 maxlen: 24
103.168.32.0/23 maxlen: 24
103.170.36.0/23 maxlen: 24
103.171.108.0/23 maxlen: 24
103.171.110.0/23 maxlen: 24
103.171.174.0/23 maxlen: 24
103.173.14.0/23 maxlen: 24
103.173.98.0/23 maxlen: 24
103.177.226.0/23 maxlen: 23
103.177.227.0/24 maxlen: 24
103.179.94.0/23 maxlen: 24
103.179.96.0/23 maxlen: 24
103.179.100.0/23 maxlen: 24
103.179.118.0/23 maxlen: 24
103.179.121.0/24 maxlen: 24
103.179.224.0/23 maxlen: 24
103.179.226.0/23 maxlen: 24
103.180.110.0/23 maxlen: 24
103.180.168.0/23 maxlen: 24
103.180.172.0/23 maxlen: 24
103.180.174.0/23 maxlen: 24
103.180.176.0/23 maxlen: 24
103.180.212.0/23 maxlen: 24
103.180.214.0/23 maxlen: 24
103.180.238.0/23 maxlen: 24
103.181.64.0/23 maxlen: 24
103.181.84.0/23 maxlen: 23
103.181.85.0/24 maxlen: 24
103.181.110.0/23 maxlen: 24
103.181.114.0/23 maxlen: 24
103.181.152.0/23 maxlen: 24
103.181.154.0/23 maxlen: 24
103.181.174.0/23 maxlen: 24
103.181.198.0/23 maxlen: 24
103.182.58.0/23 maxlen: 24
103.183.216.0/23 maxlen: 24
103.189.82.0/23 maxlen: 24
103.229.209.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 23528 (0x5be8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Aug 24 05:51:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6305bc6c-839f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:97:be:84:19:95:9e:2f:2a:9c:b1:97:a1:7a:
c4:75:2d:13:00:6e:86:82:88:10:65:b1:d5:4c:a4:
18:29:06:70:fd:47:00:28:ca:49:2e:f1:54:54:9f:
12:2b:df:43:42:78:8d:ba:10:ee:11:0d:7c:13:34:
7d:12:9a:6c:af:8b:8d:6e:b2:2e:fa:ae:72:0a:04:
83:b1:06:d8:e4:4f:80:05:aa:e7:1b:a8:e4:cd:e6:
95:5f:18:4f:de:41:be:b1:36:1c:86:b5:f9:d9:13:
f1:88:fb:8e:a3:ab:5c:ca:39:7b:d3:cc:08:da:b0:
74:a4:fa:1a:67:35:1a:d4:34:20:44:4b:b3:2b:5b:
d5:73:74:ea:af:6c:f4:e0:7d:97:ea:a7:33:6f:09:
d6:9a:55:42:89:71:5a:44:f0:02:94:00:39:52:a9:
28:2b:b7:9d:36:66:d3:17:44:c5:23:d2:e5:ae:0d:
1d:d7:b6:4d:d3:53:18:39:9e:3c:51:bd:c7:ea:7a:
fc:db:80:ed:65:69:e7:45:f4:04:1b:a6:0b:81:6b:
7b:dd:81:db:13:91:7e:f3:e2:34:3b:dd:b4:2a:83:
f7:c4:74:df:71:04:2d:c9:b6:11:5e:78:32:fd:38:
24:76:31:3e:da:ba:8f:ba:78:e8:55:fd:9d:17:a2:
34:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:E9:EA:6B:6F:44:9D:3D:21:71:42:51:96:C9:35:22:62:3C:1F:9B
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/D2E98AF4237011ED8FA7B550C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.167.224.0/23
103.167.238.0/23
103.168.0.0/23
103.168.23.0/24
103.168.32.0/23
103.170.36.0/23
103.171.108.0/22
103.171.174.0/23
103.173.14.0/23
103.173.98.0/23
103.177.226.0/23
103.179.94.0-103.179.97.255
103.179.100.0/23
103.179.118.0/23
103.179.121.0/24
103.179.224.0/22
103.180.110.0/23
103.180.168.0/23
103.180.172.0-103.180.177.255
103.180.212.0/22
103.180.238.0/23
103.181.64.0/23
103.181.84.0/23
103.181.110.0/23
103.181.114.0/23
103.181.152.0/22
103.181.174.0/23
103.181.198.0/23
103.182.58.0/23
103.183.216.0/23
103.189.82.0/23
103.229.209.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:70:90:c2:f7:14:a8:3b:ed:8a:ba:7e:3c:0e:63:60:fd:a2:
20:46:63:c7:02:02:fc:1c:79:f6:1a:d3:19:55:b5:6e:8a:21:
0f:55:3e:95:23:75:55:9b:8d:ad:ed:75:d9:e7:28:06:15:86:
73:64:8a:c5:48:f1:52:f3:fb:9e:96:13:5d:89:6a:38:ab:59:
db:37:9b:13:60:91:a6:32:cb:fe:74:cf:70:ca:c2:7f:db:a6:
af:8a:39:47:5b:53:ac:bc:d9:2b:47:22:c3:5d:a4:32:5f:bd:
91:00:23:5b:4e:5c:ae:50:43:87:1e:d3:35:e3:1d:16:ff:b5:
4c:c0:3b:6d:f4:2e:05:bf:1a:c7:7f:20:12:c5:6a:f8:04:3b:
ed:79:3f:ee:85:09:49:55:fe:7e:27:da:8f:1a:09:c8:33:bd:
62:01:77:16:9d:38:b4:08:b6:2e:47:e1:4d:63:28:65:00:b7:
ff:8c:6d:a7:51:ac:56:79:16:77:3d:7e:36:f7:a7:75:a2:15:
be:8f:c5:e7:fe:d9:50:49:ef:9b:20:9e:c1:97:95:44:17:ca:
78:cb:b6:77:62:33:4c:de:c5:88:12:a4:01:ae:4c:6c:66:f5:
cd:83:01:12:58:bf:07:5f:e5:7d:6f:6c:6f:ae:0a:55:e8:24:
6d:be:f7:b7
-----BEGIN CERTIFICATE-----
MIIGQDCCBSigAwIBAgICW+gwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjIwODI0MDU1MTQwWhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzA1YmM2Yy04MzlmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwZe+hBmVni8qnLGXoXrEdS0TAG6GgogQZbHVTKQYKQZw/UcAKMpJLvFUVJ8S
K99DQniNuhDuEQ18EzR9Eppsr4uNbrIu+q5yCgSDsQbY5E+ABarnG6jkzeaVXxhP
3kG+sTYchrX52RPxiPuOo6tcyjl708wI2rB0pPoaZzUa1DQgREuzK1vVc3Tqr2z0
4H2X6qczbwnWmlVCiXFaRPAClAA5UqkoK7edNmbTF0TFI9Llrg0d17ZN01MYOZ48
Ub3H6nr824DtZWnnRfQEG6YLgWt73YHbE5F+8+I0O920KoP3xHTfcQQtybYRXngy
/TgkdjE+2rqPunjoVf2dF6I0xwIDAQABo4IDZDCCA2AwHQYDVR0OBBYEFNnp6mtv
RJ09IXFCUZbJNSJiPB+bMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvRDJFOThBRjQy
MzcwMTFFRDhGQTdCNTUwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwge0GCCsGAQUFBwEHAQH/
BIHdMIHaMIHXBAIAATCB0AMEAWen4AMEAWen7gMEAWeoAAMEAGeoFwMEAWeoIAME
AWeqJAMEAmerbAMEAWerrgMEAWetDgMEAWetYgMEAWex4jAMAwQBZ7NeAwQBZ7Ng
AwQBZ7NkAwQBZ7N2AwQAZ7N5AwQCZ7PgAwQBZ7RuAwQBZ7SoMAwDBAJntKwDBAFn
tLADBAJntNQDBAFntO4DBAFntUADBAFntVQDBAFntW4DBAFntXIDBAJntZgDBAFn
ta4DBAFntcYDBAFntjoDBAFnt9gDBAFnvVIDBABn5dEwDQYJKoZIhvcNAQELBQAD
ggEBAKFwkML3FKg77Yq6fjwOY2D9oiBGY8cCAvwcefYa0xlVtW6KIQ9VPpUjdVWb
ja3tddnnKAYVhnNkisVI8VLz+56WE12JajirWds3mxNgkaYyy/50z3DKwn/bpq+K
OUdbU6y82StHIsNdpDJfvZEAI1tOXK5QQ4ce0zXjHRb/tUzAO230LgW/Gsd/IBLF
avgEO+15P+6FCUlV/n4n2o8aCcgzvWIBdxadOLQIti5H4U1jKGUAt/+MbadRrFZ5
Fnc9fjb3p3WiFb6Pxef+2VBJ75sgnsGXlUQXynjLtndiM0zexYgSpAGuTGxm9c2D
ARJYvwdf5X1vbG+uClXoJG2+97c=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:55 2023 by rpki-client on console-ams.rpki-client.org