Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/FA41076ACB9311EC87C24075C4F9AE02.roa
File: FA41076ACB9311EC87C24075C4F9AE02.roa (raw, json)
Hash identifier: DzVyNwiaijORlI0CWzZ87PunXtQ/SEf7Rz51r21CB0k=
Subject key identifier: B2:8E:C6:0F:A9:5F:BC:A6:15:5A:2E:1A:FA:B4:40:94:D2:FE:F9:EA
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 4D8B
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/FA41076ACB9311EC87C24075C4F9AE02.roa
Signing time: Wed 04 May 2022 10:21:36 +0000
ROA not before: Wed 04 May 2022 10:21:36 +0000
ROA not after: Fri 01 Jul 2022 00:00:00 +0000
asID: 134316
IP address blocks: 103.119.164.0/22 maxlen: 22
103.119.164.0/24 maxlen: 24
103.119.165.0/24 maxlen: 24
103.119.166.0/24 maxlen: 24
103.119.167.0/24 maxlen: 24
103.215.201.0/24 maxlen: 24
103.215.203.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19851 (0x4d8b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: May 4 10:21:36 2022 GMT
Not After : Jul 1 00:00:00 2022 GMT
Subject: CN=627253b0-513b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:05:c4:44:2b:c9:3a:6f:9d:39:0c:0d:72:b2:
de:49:38:37:17:23:76:bb:3c:48:81:6d:7a:e9:fa:
41:54:37:a1:ff:1b:98:c6:cf:29:16:de:dc:5b:f3:
5c:f5:b5:8b:04:80:ad:ce:f1:67:69:8f:d8:7f:7c:
9b:9d:81:6d:7c:20:a4:6f:01:98:91:ba:89:0f:a2:
85:c1:e9:61:3f:07:85:8c:5a:72:6b:96:83:5d:af:
ba:28:a0:f6:1a:25:4b:62:1d:0c:a3:90:d9:bd:e0:
a3:47:29:f2:e8:17:a6:34:1e:1c:86:0f:aa:0c:fb:
9b:f1:d6:4d:87:0d:28:cb:7d:af:f1:05:03:c3:d9:
21:04:ee:b9:a9:a0:4e:20:1f:19:0f:85:6c:10:c0:
d0:09:af:b0:1a:3c:13:b8:c4:91:18:20:69:00:d0:
24:28:6c:98:c8:f0:9e:55:4a:a1:72:80:5f:cd:77:
ae:a3:35:4e:d2:9f:6d:73:3b:b6:56:f3:39:c5:b4:
fa:83:fe:81:f6:f6:9c:78:4f:0e:98:68:ce:36:f9:
44:c9:b9:e6:29:bb:65:c6:b5:b6:80:f8:7f:72:f5:
e0:c8:35:ca:21:f3:7b:0e:02:9e:2f:c4:e8:26:aa:
0b:07:e5:2a:13:33:d8:fa:62:36:f7:7d:01:3b:cd:
cd:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:8E:C6:0F:A9:5F:BC:A6:15:5A:2E:1A:FA:B4:40:94:D2:FE:F9:EA
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/FA41076ACB9311EC87C24075C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.119.164.0/22
103.215.201.0/24
103.215.203.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:b7:02:ed:00:cb:12:60:b8:83:28:d1:56:e0:dd:7a:49:ac:
52:5d:83:3d:c9:62:04:ae:74:8c:00:f9:0e:fe:ac:56:32:01:
f1:ba:0a:01:98:9e:10:ae:b2:67:b3:e5:4e:f2:59:f9:7c:49:
b6:a4:5a:51:48:31:9d:15:71:d1:d5:b8:14:25:43:98:9d:0b:
d9:56:8f:d9:74:cc:80:87:0f:25:b8:ee:cd:1c:ad:43:ce:e9:
d6:b4:7d:dd:5f:d4:bb:dd:f1:9d:31:83:0d:1b:df:69:f8:34:
8b:57:3a:a8:2a:9c:fc:51:cf:f7:3c:2f:9d:d7:cd:53:3a:4c:
27:44:8d:52:13:03:11:c4:95:bd:79:4c:e5:54:17:29:4a:8a:
3d:87:2c:0e:d4:fb:ad:76:58:79:d9:05:ca:c0:90:05:34:14:
14:7d:51:5f:2f:da:82:cc:d4:8c:e1:eb:93:07:23:0d:2d:1d:
2f:0d:67:d3:25:11:43:cb:19:ad:91:c9:fb:5a:cf:3d:ea:b0:
07:e2:44:84:9b:0b:b5:12:d4:12:2c:31:3b:90:63:74:88:d9:
98:57:3d:30:c6:0c:15:36:03:28:b9:88:67:01:c9:af:4e:e1:
ac:2a:3e:e1:5b:d7:05:90:bb:3a:99:e6:88:05:76:a1:32:55:
b5:b6:2a:5c
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICTYswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjIwNTA0MTAyMTM2WhcNMjIwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjcyNTNiMC01MTNiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA6gXERCvJOm+dOQwNcrLeSTg3FyN2uzxIgW166fpBVDeh/xuYxs8pFt7cW/Nc
9bWLBICtzvFnaY/Yf3ybnYFtfCCkbwGYkbqJD6KFwelhPweFjFpya5aDXa+6KKD2
GiVLYh0Mo5DZveCjRyny6BemNB4chg+qDPub8dZNhw0oy32v8QUDw9khBO65qaBO
IB8ZD4VsEMDQCa+wGjwTuMSRGCBpANAkKGyYyPCeVUqhcoBfzXeuozVO0p9tczu2
VvM5xbT6g/6B9vaceE8OmGjONvlEybnmKbtlxrW2gPh/cvXgyDXKIfN7DgKeL8To
JqoLB+UqEzPY+mI2930BO83NuwIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFLKOxg+p
X7ymFVouGvq0QJTS/vnqMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvRkE0MTA3NkFD
QjkzMTFFQzg3QzI0MDc1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAJnd6QDBABn18kDBABn18swDQYJKoZIhvcNAQELBQADggEB
AH63Au0AyxJguIMo0Vbg3XpJrFJdgz3JYgSudIwA+Q7+rFYyAfG6CgGYnhCusmez
5U7yWfl8SbakWlFIMZ0VcdHVuBQlQ5idC9lWj9l0zICHDyW47s0crUPO6da0fd1f
1Lvd8Z0xgw0b32n4NItXOqgqnPxRz/c8L53XzVM6TCdEjVITAxHElb15TOVUFylK
ij2HLA7U+612WHnZBcrAkAU0FBR9UV8v2oLM1Izh65MHIw0tHS8NZ9MlEUPLGa2R
yftazz3qsAfiRISbC7US1BIsMTuQY3SI2ZhXPTDGDBU2Ayi5iGcBya9O4awqPuFb
1wWQuzqZ5ogFdqEyVbW2Klw=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:58 2023 by rpki-client on console-fra.rpki-client.org