Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/FB278C78E40911EDA0416B1FC4F9AE02.roa
File: FB278C78E40911EDA0416B1FC4F9AE02.roa (raw, json)
Hash identifier: 31GD2AQs6DyM3UrFEvLFdVXJZxyb+5alDybpTsLSwaw=
Subject key identifier: CD:DE:D0:C0:6B:81:D5:36:A1:21:7E:31:5E:12:55:C5:0A:F8:18:47
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 6909
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/FB278C78E40911EDA0416B1FC4F9AE02.roa
Signing time: Wed 26 Apr 2023 08:11:44 +0000
ROA not before: Wed 26 Apr 2023 08:11:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 137119
IP address blocks: 103.171.50.0/23 maxlen: 24
2001:df7:4c00::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 26889 (0x6909)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Apr 26 08:11:44 2023 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6448dcc0-b0ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:e7:5f:1f:35:99:08:59:07:c3:7d:65:51:28:
28:56:7c:99:d1:45:12:5a:86:ef:05:60:b9:a0:7b:
88:a4:89:6d:b8:f4:7f:ee:33:53:31:08:c9:5e:f3:
12:76:f1:97:e1:00:a3:b1:05:ab:df:c3:23:f6:2a:
1b:6f:ae:78:89:8e:40:c4:e3:1c:5a:8e:cd:09:18:
6b:e3:56:f3:73:e8:2f:94:5a:44:78:65:83:14:61:
91:80:c7:38:23:61:96:38:e3:88:c3:ea:83:50:0d:
01:fe:77:ca:e1:4d:74:7b:83:9a:96:51:84:8d:5d:
ae:66:0d:1f:b2:ae:ea:1e:2a:58:02:53:d1:00:ff:
47:6b:ac:23:80:ca:dd:79:d3:3d:b8:96:36:b5:9a:
68:ca:9f:52:2b:83:84:f7:26:93:32:df:f2:1c:d2:
9a:b8:fb:5f:7b:23:4b:07:65:66:b4:91:04:43:5b:
e8:e0:32:da:65:d3:9e:a4:76:22:1f:2d:b3:3b:c3:
cc:0f:ce:d9:f9:2e:5d:fb:a2:57:9f:07:a3:da:e8:
2e:18:93:22:f3:38:6b:d0:2e:93:2b:44:d5:39:b5:
92:dd:8c:40:2a:2c:ed:84:8c:72:88:8f:a0:92:cc:
a8:74:0a:8d:33:ed:8c:7c:3f:b1:cd:5a:d3:a3:0e:
9d:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:DE:D0:C0:6B:81:D5:36:A1:21:7E:31:5E:12:55:C5:0A:F8:18:47
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/FB278C78E40911EDA0416B1FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.171.50.0/23
IPv6:
2001:df7:4c00::/48
Signature Algorithm: sha256WithRSAEncryption
35:b0:d0:e2:ec:d4:93:2e:38:a7:02:ee:10:41:cf:22:ae:1c:
d4:6d:41:f4:6b:06:f4:db:e2:0f:e4:e5:95:f2:02:58:a0:d7:
64:41:8a:bd:1b:f5:e4:14:ea:24:55:5c:b1:f6:34:9b:14:e3:
b1:42:dc:51:b1:55:c0:aa:8d:fc:43:37:a1:f5:5e:3c:d5:ea:
8f:af:6b:a3:c0:0e:fe:6a:e1:28:36:95:2b:71:f5:75:6c:0b:
06:3a:5f:3d:a8:91:2e:1a:59:f5:06:7c:3a:2a:02:e5:16:44:
29:b6:d7:b9:ae:ed:cd:ec:36:b7:aa:cd:0f:da:e7:54:35:d6:
96:27:82:fd:1e:a0:e9:e5:3d:21:f2:b8:82:50:4c:75:14:2e:
46:a3:1c:8a:c7:4f:35:83:e7:31:11:9c:ce:2a:0e:4c:8f:fc:
a0:c4:15:71:76:89:74:c4:65:d7:02:61:8a:22:e2:8c:2d:f3:
03:e8:ae:c8:fd:fb:73:a3:45:68:bf:b3:2a:e1:65:1a:79:ca:
4a:32:8f:5c:e7:90:0c:2b:06:38:e3:f1:78:54:28:1f:86:ff:
cb:46:ab:b2:8d:5d:fe:01:a4:0c:5f:a9:2c:4f:f1:7a:47:68:
26:06:da:be:6f:10:82:ef:fc:60:91:b7:6d:48:b5:3a:14:34:
c9:09:a5:f4
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICaQkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMwNDI2MDgxMTQ0WhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDQ4ZGNjMC1iMGVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvedfHzWZCFkHw31lUSgoVnyZ0UUSWobvBWC5oHuIpIltuPR/7jNTMQjJXvMS
dvGX4QCjsQWr38Mj9iobb654iY5AxOMcWo7NCRhr41bzc+gvlFpEeGWDFGGRgMc4
I2GWOOOIw+qDUA0B/nfK4U10e4OallGEjV2uZg0fsq7qHipYAlPRAP9Ha6wjgMrd
edM9uJY2tZpoyp9SK4OE9yaTMt/yHNKauPtfeyNLB2VmtJEEQ1vo4DLaZdOepHYi
Hy2zO8PMD87Z+S5d+6JXnwej2uguGJMi8zhr0C6TK0TVObWS3YxAKizthIxyiI+g
ksyodAqNM+2MfD+xzVrTow6dcwIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFM3e0MBr
gdU2oSF+MV4SVcUK+BhHMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvRkIyNzhDNzhF
NDA5MTFFREEwNDE2QjFGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnqzIwDwQCAAIwCQMHACABDfdMADANBgkqhkiG9w0BAQsF
AAOCAQEANbDQ4uzUky44pwLuEEHPIq4c1G1B9GsG9NviD+TllfICWKDXZEGKvRv1
5BTqJFVcsfY0mxTjsULcUbFVwKqN/EM3ofVePNXqj69ro8AO/mrhKDaVK3H1dWwL
BjpfPaiRLhpZ9QZ8OioC5RZEKbbXua7tzew2t6rND9rnVDXWlieC/R6g6eU9IfK4
glBMdRQuRqMcisdPNYPnMRGczioOTI/8oMQVcXaJdMRl1wJhiiLijC3zA+iuyP37
c6NFaL+zKuFlGnnKSjKPXOeQDCsGOOPxeFQoH4b/y0arso1d/gGkDF+pLE/xekdo
Jgbavm8Qgu/8YJG3bUi1OhQ0yQml9A==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:55 2023 by rpki-client on console-ams.rpki-client.org