Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/D6040A3AF7AF11EC88970214C4F9AE02.roa
File: D6040A3AF7AF11EC88970214C4F9AE02.roa (raw, json)
Hash identifier: 4eYCGcIm5iNRZuYGDAJtl/+RPqaaLaJBm9fpFkK5cYI=
Subject key identifier: 72:DD:6F:19:AC:43:12:33:FB:F1:65:F3:E5:2B:A5:AA:3A:D7:2F:EE
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 583B
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/D6040A3AF7AF11EC88970214C4F9AE02.roa
Signing time: Wed 29 Jun 2022 13:31:53 +0000
ROA not before: Wed 29 Jun 2022 13:31:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 137157
IP address blocks: 103.106.136.0/22 maxlen: 24
103.145.228.0/23 maxlen: 24
103.186.198.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22587 (0x583b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Jun 29 13:31:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=62bc5448-02a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:55:3a:b3:2b:1b:72:73:46:f5:d5:d9:8d:f1:
de:e0:b2:5b:ca:64:72:fb:ab:5b:e1:2d:f5:19:35:
5f:0a:f7:4f:a7:1c:69:43:ac:3a:5e:b4:e5:72:ea:
a6:d7:cf:c0:e4:85:22:44:35:95:5b:15:f9:c0:8a:
12:6f:95:a3:fb:a1:32:a8:ec:f8:c4:f8:76:83:bf:
5a:74:8b:db:7b:9f:8a:31:f0:c7:9b:a5:7a:2f:28:
ff:b5:5d:2e:f3:61:36:08:e6:5a:83:7b:3c:99:1a:
89:f9:59:9c:4c:00:fc:aa:4a:f5:41:de:1e:69:c1:
5a:7d:bc:4d:09:66:3b:05:25:ff:bf:18:96:51:71:
ed:76:b6:c4:a3:54:14:70:9f:28:6f:ac:5f:b0:83:
ae:03:c9:cc:ae:0a:c6:f4:55:48:bd:b2:23:10:e0:
dc:46:ae:0b:28:a2:75:13:70:1c:79:a8:b2:2f:93:
0d:35:a7:77:27:18:1c:f4:36:49:39:47:57:62:bb:
8a:eb:10:13:51:59:86:f7:37:44:db:41:7b:e3:5a:
2d:85:85:b1:40:e9:59:12:e4:00:2e:86:a2:7c:7b:
4e:5e:12:2e:80:2c:17:e4:28:60:b7:fd:50:51:28:
c7:f5:15:4c:ac:bc:d3:35:9b:9a:d1:46:09:f4:eb:
06:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:DD:6F:19:AC:43:12:33:FB:F1:65:F3:E5:2B:A5:AA:3A:D7:2F:EE
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/D6040A3AF7AF11EC88970214C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.106.136.0/22
103.145.228.0/23
103.186.198.0/23
Signature Algorithm: sha256WithRSAEncryption
1e:fd:31:f3:55:25:b4:7b:26:9b:5f:d7:c7:ef:59:6b:61:b3:
bf:79:c2:ef:4b:a4:e9:4a:26:9a:5e:83:13:40:86:2e:80:c0:
36:eb:74:85:f6:fb:44:73:80:59:01:f5:15:87:d5:0d:d4:99:
c1:26:8b:f2:53:86:30:a8:90:e8:8c:2c:33:09:e3:66:6b:47:
0c:92:71:c0:9b:43:53:38:50:cb:ce:c8:4b:4b:45:e5:6b:71:
ee:f6:f5:7e:d9:24:2a:4c:77:c6:89:2d:c2:a4:ce:93:4d:00:
28:dd:29:c4:95:61:8b:43:be:ca:ad:a5:17:b2:59:e9:ea:a6:
64:e2:3f:f3:be:06:39:6b:9a:ad:65:ff:4b:09:91:84:b8:2c:
1d:4e:4d:98:45:15:46:ef:88:7e:53:5e:51:a7:08:c3:fd:eb:
77:f7:3b:53:ec:75:7a:f6:9e:92:a7:8d:16:7b:f7:e7:33:51:
e6:40:f0:4e:fd:d0:f8:06:18:ef:16:2c:1f:22:39:05:c7:30:
66:f3:72:fd:b2:be:72:c3:6a:5a:89:4c:f1:7d:5b:eb:27:4e:
d9:1b:70:72:95:6d:8a:9e:ea:9d:bb:8f:ea:18:16:c6:3f:a4:
6a:7e:02:fc:59:ef:dd:13:73:5c:63:8d:7c:5a:df:6c:83:9a:
57:05:71:b5
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICWDswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjIwNjI5MTMzMTUzWhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmJjNTQ0OC0wMmE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuVU6sysbcnNG9dXZjfHe4LJbymRy+6tb4S31GTVfCvdPpxxpQ6w6XrTlcuqm
18/A5IUiRDWVWxX5wIoSb5Wj+6EyqOz4xPh2g79adIvbe5+KMfDHm6V6Lyj/tV0u
82E2COZag3s8mRqJ+VmcTAD8qkr1Qd4eacFafbxNCWY7BSX/vxiWUXHtdrbEo1QU
cJ8ob6xfsIOuA8nMrgrG9FVIvbIjEODcRq4LKKJ1E3AceaiyL5MNNad3Jxgc9DZJ
OUdXYruK6xATUVmG9zdE20F741othYWxQOlZEuQALoaifHtOXhIugCwX5Chgt/1Q
USjH9RVMrLzTNZua0UYJ9OsGSQIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFHLdbxms
QxIz+/Fl8+Urpao61y/uMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvRDYwNDBBM0FG
N0FGMTFFQzg4OTcwMjE0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAJnaogDBAFnkeQDBAFnusYwDQYJKoZIhvcNAQELBQADggEB
AB79MfNVJbR7Jptf18fvWWths795wu9LpOlKJppegxNAhi6AwDbrdIX2+0RzgFkB
9RWH1Q3UmcEmi/JThjCokOiMLDMJ42ZrRwySccCbQ1M4UMvOyEtLReVrce729X7Z
JCpMd8aJLcKkzpNNACjdKcSVYYtDvsqtpReyWenqpmTiP/O+Bjlrmq1l/0sJkYS4
LB1OTZhFFUbviH5TXlGnCMP963f3O1PsdXr2npKnjRZ79+czUeZA8E790PgGGO8W
LB8iOQXHMGbzcv2yvnLDalqJTPF9W+snTtkbcHKVbYqe6p27j+oYFsY/pGp+AvxZ
790Tc1xjjXxa32yDmlcFcbU=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:55 2023 by rpki-client on console-ams.rpki-client.org