Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/F8FE1474CB9311EC87C24075C4F9AE02.roa
File: F8FE1474CB9311EC87C24075C4F9AE02.roa (raw, json)
Hash identifier: xALbILQAbH25xFeLQJmkueF1kc8jYCp+Y4x1Ei2gzoI=
Subject key identifier: 88:DF:41:06:CC:96:19:8B:03:20:66:76:30:CB:91:81:75:AB:7F:75
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 4F3D
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/F8FE1474CB9311EC87C24075C4F9AE02.roa
Signing time: Mon 16 May 2022 04:05:07 +0000
ROA not before: Mon 16 May 2022 04:05:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 133597
IP address blocks: 103.195.252.0/24 maxlen: 24
103.195.254.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20285 (0x4f3d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: May 16 04:05:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6281cd72-7fc6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:c1:b7:6a:91:0e:b0:e5:64:ca:ff:ef:1a:01:
47:d6:be:f1:52:41:ab:4e:16:76:3e:1f:2c:4d:79:
d8:0b:77:14:3e:bc:1e:2c:f2:3d:56:6e:9f:53:b2:
a9:ba:f4:d1:cc:54:2f:e1:0b:49:86:91:71:3f:f0:
4a:eb:a4:b6:a9:a4:b4:db:b1:7f:37:f6:28:8c:2a:
92:57:10:43:35:3e:e6:16:b4:87:d3:a8:28:96:22:
8a:05:1c:e8:bf:62:51:f6:9f:37:b1:ee:92:76:13:
4d:a8:5e:32:eb:0d:c8:96:33:d6:39:ce:c0:bd:97:
1a:8f:c1:67:72:61:24:cf:63:2a:aa:d0:ef:36:88:
58:73:b4:56:ac:31:9d:28:4b:07:5d:85:b6:18:d2:
81:34:73:a3:eb:5d:b3:24:11:97:b0:bb:80:0f:1b:
82:f7:80:7e:e3:c0:11:db:5c:4b:24:1c:91:9c:c1:
83:9e:c8:62:0f:52:b3:69:57:4e:a6:54:17:66:4b:
b2:30:1b:a6:24:a5:1e:72:9b:30:4a:70:3b:d7:d9:
26:18:84:fb:86:5d:93:ee:3e:f0:d6:e3:b6:1c:77:
c0:ff:86:35:79:ef:8c:c3:55:0d:d4:18:4f:3f:1c:
66:7b:79:aa:64:ad:30:42:18:fc:bb:18:6a:63:2d:
82:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:DF:41:06:CC:96:19:8B:03:20:66:76:30:CB:91:81:75:AB:7F:75
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/F8FE1474CB9311EC87C24075C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.195.252.0/24
103.195.254.0/23
Signature Algorithm: sha256WithRSAEncryption
47:a4:81:80:c8:6d:d0:84:35:b6:be:59:e7:73:41:56:51:b7:
1f:00:0c:53:70:f0:68:47:37:65:5a:74:97:44:45:b9:ca:91:
c4:86:b3:48:a1:0f:21:ea:53:ff:3b:46:be:7f:a3:ae:d4:db:
64:d0:a0:97:85:1a:0c:fd:f8:d3:ec:82:61:6d:3b:98:46:ff:
fa:e4:85:7e:71:1f:ca:f9:9c:79:64:25:b0:b6:80:44:e6:3a:
b5:6b:6c:05:e2:3e:e9:1f:f3:cd:f2:0b:a2:37:1b:27:cf:54:
49:1d:15:cc:70:58:4a:a6:28:57:b1:07:8f:fc:59:dd:5c:92:
8f:0c:1a:0c:39:27:7e:f1:fb:fd:32:6b:11:66:d0:af:ed:d4:
1d:f5:fc:8a:59:21:b3:b6:fd:30:14:f9:3f:1f:82:94:96:b8:
9c:1b:d9:a9:27:4c:bb:04:c8:0c:38:08:f7:28:b6:4f:63:4b:
50:3f:d6:39:cb:3f:b8:2d:a1:8e:8d:2a:e7:bd:ed:27:aa:44:
7a:24:2a:50:54:31:57:e7:2a:86:6b:03:81:48:36:d8:cd:38:
1a:0d:96:70:3a:35:3d:35:e7:e5:2f:ef:ab:2b:4d:28:c8:3f:
46:67:8c:53:e4:c3:4e:29:6d:a4:b7:56:eb:46:41:c5:70:d0:
29:a5:db:b1
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICTz0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjIwNTE2MDQwNTA3WhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjgxY2Q3Mi03ZmM2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAx8G3apEOsOVkyv/vGgFH1r7xUkGrThZ2Ph8sTXnYC3cUPrweLPI9Vm6fU7Kp
uvTRzFQv4QtJhpFxP/BK66S2qaS027F/N/YojCqSVxBDNT7mFrSH06goliKKBRzo
v2JR9p83se6SdhNNqF4y6w3IljPWOc7AvZcaj8FncmEkz2MqqtDvNohYc7RWrDGd
KEsHXYW2GNKBNHOj612zJBGXsLuADxuC94B+48AR21xLJByRnMGDnshiD1KzaVdO
plQXZkuyMBumJKUecpswSnA719kmGIT7hl2T7j7w1uO2HHfA/4Y1ee+Mw1UN1BhP
Pxxme3mqZK0wQhj8uxhqYy2CswIDAQABo4ICmzCCApcwHQYDVR0OBBYEFIjfQQbM
lhmLAyBmdjDLkYF1q391MB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvRjhGRTE0NzRD
QjkzMTFFQzg3QzI0MDc1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBABnw/wDBAFnw/4wDQYJKoZIhvcNAQELBQADggEBAEekgYDI
bdCENba+WedzQVZRtx8ADFNw8GhHN2VadJdERbnKkcSGs0ihDyHqU/87Rr5/o67U
22TQoJeFGgz9+NPsgmFtO5hG//rkhX5xH8r5nHlkJbC2gETmOrVrbAXiPukf883y
C6I3GyfPVEkdFcxwWEqmKFexB4/8Wd1cko8MGgw5J37x+/0yaxFm0K/t1B31/IpZ
IbO2/TAU+T8fgpSWuJwb2aknTLsEyAw4CPcotk9jS1A/1jnLP7gtoY6NKue97Seq
RHokKlBUMVfnKoZrA4FINtjNOBoNlnA6NT015+Uv76srTSjIP0ZnjFPkw04pbaS3
VutGQcVw0Cml27E=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:55 2023 by rpki-client on console-ams.rpki-client.org