Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/DB4855A206F511EB8EFF535EC4F9AE02.roa
File: DB4855A206F511EB8EFF535EC4F9AE02.roa (raw, json)
Hash identifier: 3ild0vWIhc+LmlOSz5kTnYflH+VD0IYvFn1Oqf36QPY=
Subject key identifier: 19:8F:0B:77:1B:63:F7:5B:0F:7E:CA:BF:63:8C:66:D4:B7:84:9A:4C
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 51E6
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/DB4855A206F511EB8EFF535EC4F9AE02.roa
Signing time: Mon 16 May 2022 04:18:04 +0000
ROA not before: Mon 16 May 2022 04:18:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 138708
IP address blocks: 103.135.230.0/24 maxlen: 24
2001:df5:2680::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20966 (0x51e6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: May 16 04:18:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6281d07c-68b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:e3:b4:0f:21:95:eb:5d:2b:86:61:02:17:8f:
b9:ce:50:ea:f9:c9:30:61:95:22:28:18:0c:b7:d1:
b6:3a:a8:81:bd:6f:59:97:57:9a:32:2b:cc:09:70:
93:3e:9f:6f:97:8b:3f:17:f3:49:cb:58:62:c5:9e:
81:25:99:1a:6b:ed:de:9b:9f:dc:4e:96:ec:c5:27:
97:17:00:51:bb:c0:3c:4d:b0:ab:3b:cc:40:55:df:
02:37:3e:17:b2:1b:46:88:aa:4e:62:13:2e:e6:2f:
2d:c4:dd:99:9b:05:73:bb:00:3b:e7:c8:20:6d:ac:
5f:2b:21:1f:3a:0b:51:9a:a9:cb:ba:09:83:47:50:
cc:d3:2b:6f:35:ab:be:d5:f8:1c:83:b7:7b:d3:e1:
02:ac:32:68:58:8b:7f:80:14:e5:89:12:c3:90:7b:
2e:a3:8b:9d:4e:c4:4f:3a:23:e4:df:e9:78:91:8a:
52:2b:f1:62:05:47:6f:39:7d:e0:a4:34:5a:76:c1:
56:17:5d:3b:4a:c2:d6:2e:ef:3b:26:58:5d:72:4c:
9f:dc:92:25:df:77:66:fc:03:d7:55:3d:47:c2:b8:
82:1b:52:0c:14:bb:9e:86:60:2a:1a:51:66:12:77:
32:69:52:ac:0e:6d:2c:a0:31:ba:c6:61:fc:a9:3b:
52:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:8F:0B:77:1B:63:F7:5B:0F:7E:CA:BF:63:8C:66:D4:B7:84:9A:4C
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/DB4855A206F511EB8EFF535EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.135.230.0/24
IPv6:
2001:df5:2680::/48
Signature Algorithm: sha256WithRSAEncryption
b7:30:f1:e7:7b:32:b2:cd:71:41:a3:af:f2:61:65:41:7e:34:
c7:44:14:25:e3:02:e7:56:a5:73:e7:07:ba:12:5e:a7:cd:4c:
67:7e:4b:1b:5d:4e:ec:30:3f:93:36:40:07:16:11:cd:32:76:
40:77:7d:1f:46:bc:02:15:5d:48:59:a9:e8:ec:7f:06:ba:70:
cb:11:5d:f2:75:ff:5e:f5:8d:4b:0b:55:e9:68:4d:79:36:ae:
af:0f:7e:63:17:cf:a4:02:22:40:d4:e1:59:99:a0:61:af:4b:
ec:66:ec:28:0e:61:f1:fe:8f:4e:40:87:b4:f5:d2:e9:fc:84:
36:2c:bc:6a:68:b4:b3:05:e2:5b:84:4c:93:f7:39:c2:32:50:
a1:b7:e4:a1:15:c3:16:91:39:d8:78:8b:f1:a4:8a:35:49:85:
e0:d8:74:32:74:6b:3f:4a:b3:51:44:80:5c:3a:fc:bb:1a:8b:
7b:0d:bf:93:69:10:77:b8:17:21:f7:22:5e:7c:f6:dd:fe:d8:
80:dc:90:eb:a5:ab:47:4f:79:d7:46:34:00:31:d9:55:fc:ac:
f5:50:6a:5d:34:0d:2e:96:37:f4:49:e0:a3:37:f8:57:79:c3:
bc:68:19:a8:58:2f:c2:b2:1a:ff:21:22:95:a7:c5:d5:ac:63:
ce:81:e0:d5
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICUeYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjIwNTE2MDQxODA0WhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjgxZDA3Yy02OGI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4OO0DyGV610rhmECF4+5zlDq+ckwYZUiKBgMt9G2OqiBvW9Zl1eaMivMCXCT
Pp9vl4s/F/NJy1hixZ6BJZkaa+3em5/cTpbsxSeXFwBRu8A8TbCrO8xAVd8CNz4X
shtGiKpOYhMu5i8txN2ZmwVzuwA758ggbaxfKyEfOgtRmqnLugmDR1DM0ytvNau+
1fgcg7d70+ECrDJoWIt/gBTliRLDkHsuo4udTsRPOiPk3+l4kYpSK/FiBUdvOX3g
pDRadsFWF107SsLWLu87Jlhdckyf3JIl33dm/APXVT1HwriCG1IMFLuehmAqGlFm
EncyaVKsDm0soDG6xmH8qTtSawIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFBmPC3cb
Y/dbD37Kv2OMZtS3hJpMMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvREI0ODU1QTIw
NkY1MTFFQjhFRkY1MzVFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBABnh+YwDwQCAAIwCQMHACABDfUmgDANBgkqhkiG9w0BAQsF
AAOCAQEAtzDx53syss1xQaOv8mFlQX40x0QUJeMC51alc+cHuhJep81MZ35LG11O
7DA/kzZABxYRzTJ2QHd9H0a8AhVdSFmp6Ox/BrpwyxFd8nX/XvWNSwtV6WhNeTau
rw9+YxfPpAIiQNThWZmgYa9L7GbsKA5h8f6PTkCHtPXS6fyENiy8ami0swXiW4RM
k/c5wjJQobfkoRXDFpE52HiL8aSKNUmF4Nh0MnRrP0qzUUSAXDr8uxqLew2/k2kQ
d7gXIfciXnz23f7YgNyQ66WrR09510Y0ADHZVfys9VBqXTQNLpY39Engozf4V3nD
vGgZqFgvwrIa/yEilafF1axjzoHg1Q==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:55 2023 by rpki-client on console-ams.rpki-client.org