Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9114DDF/5B06FEF2A50A11ECB2778D5CC4F9AE02/FF46137EA51C11EC8394365BC4F9AE02.roa
File: FF46137EA51C11EC8394365BC4F9AE02.roa (raw, json)
Hash identifier: pjuKTxitr3okr7uU46xmlWjTNZ4Ce4fMa5LiHSn7lO8=
Subject key identifier: 87:34:37:ED:FB:38:DE:BB:A1:8A:35:EE:D4:3D:70:F8:9E:49:E1:8C
Certificate issuer: /CN=A9114DDF/serialNumber=E8671750344F18C2AF747FFAF255850EBC79D01F
Certificate serial: 030D
Authority key identifier: E8:67:17:50:34:4F:18:C2:AF:74:7F:FA:F2:55:85:0E:BC:79:D0:1F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6GcXUDRPGMKvdH_68lWFDrx50B8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9114DDF/5B06FEF2A50A11ECB2778D5CC4F9AE02/FF46137EA51C11EC8394365BC4F9AE02.roa
Signing time: Tue 01 Oct 2024 01:44:45 +0000
ROA not before: Tue 01 Oct 2024 01:44:45 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 134553
IP address blocks: 45.126.88.0/22 maxlen: 22
45.126.88.0/24 maxlen: 24
45.126.89.0/24 maxlen: 24
45.126.90.0/24 maxlen: 24
45.126.91.0/24 maxlen: 24
103.236.228.0/22 maxlen: 22
103.236.228.0/24 maxlen: 24
103.236.229.0/24 maxlen: 24
103.236.230.0/24 maxlen: 24
103.236.231.0/24 maxlen: 24
2001:df1:2a00::/48 maxlen: 48
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 781 (0x30d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9114DDF
Validity
Not Before: Oct 1 01:44:45 2024 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=66fb540c-b6fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:d2:4b:af:11:53:6c:4d:b7:3f:fd:f5:b0:04:
85:4f:05:34:9b:67:c6:e3:96:2a:b4:72:a0:13:87:
49:ee:4a:29:a8:11:fc:10:40:1f:fd:81:d7:2b:53:
1d:e9:b4:74:b8:58:ea:af:56:3f:08:3f:76:e8:99:
94:6f:e9:1b:a8:c8:19:be:fb:3c:5e:2b:40:32:cb:
57:fe:1d:5f:b1:1b:31:37:a9:b9:61:2b:35:49:74:
ba:30:92:f2:46:8a:c5:69:64:9d:f4:ab:d3:01:40:
17:48:4e:83:45:61:e5:23:44:04:90:d2:b1:f8:a5:
9d:d1:66:dc:3d:09:5d:16:87:43:03:45:4b:4b:68:
c5:66:e1:d2:56:09:80:bc:9b:4a:d5:47:76:6a:12:
44:5f:06:fd:c0:ca:ab:1b:6f:22:0d:aa:3e:a3:0c:
29:d9:07:51:61:0e:e5:9a:14:ca:e5:81:84:a9:71:
5d:46:a8:a1:86:db:e6:f9:29:1e:bd:3f:bf:56:a3:
da:72:4d:04:c8:6c:12:ce:ef:41:2f:f9:65:a5:9b:
90:cd:8e:d6:ab:72:ab:75:e6:71:fa:f4:9a:2b:7a:
ac:90:9a:05:b5:7d:be:8e:10:09:5b:78:c9:4b:66:
cd:4d:8e:be:f6:0a:5c:b8:69:03:19:28:68:f7:fe:
09:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:34:37:ED:FB:38:DE:BB:A1:8A:35:EE:D4:3D:70:F8:9E:49:E1:8C
X509v3 Authority Key Identifier:
keyid:E8:67:17:50:34:4F:18:C2:AF:74:7F:FA:F2:55:85:0E:BC:79:D0:1F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9114DDF/5B06FEF2A50A11ECB2778D5CC4F9AE02/6GcXUDRPGMKvdH_68lWFDrx50B8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6GcXUDRPGMKvdH_68lWFDrx50B8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9114DDF/5B06FEF2A50A11ECB2778D5CC4F9AE02/FF46137EA51C11EC8394365BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.126.88.0/22
103.236.228.0/22
IPv6:
2001:df1:2a00::/48
Signature Algorithm: sha256WithRSAEncryption
7c:f1:0b:f5:13:42:90:b1:2b:1f:e4:05:73:e3:30:87:d5:d2:
44:8d:e7:b5:82:0a:94:4c:87:74:6d:3b:88:a9:16:6f:cb:4a:
12:b6:7b:ad:3d:bf:2a:70:d5:91:3e:93:e2:e6:16:ac:44:51:
fc:ad:e0:d3:9d:26:71:05:4a:50:3c:83:f9:ae:61:9c:38:0c:
96:bc:b8:a0:8c:87:39:cd:27:eb:15:f3:48:1b:fc:f4:e4:f1:
23:18:86:d7:66:9a:99:18:84:a7:66:4d:ea:56:5e:51:df:45:
74:42:47:06:03:61:21:e5:7a:dc:2d:5f:2e:fe:c7:4a:59:6a:
0a:42:ae:ca:c7:fd:9f:b3:93:1a:d1:41:e9:35:7e:d8:24:94:
27:b2:66:67:8a:85:29:72:70:87:a6:c0:35:e1:7c:b4:03:c8:
ab:11:9f:de:57:49:cc:e4:19:5a:25:0f:69:37:c2:cf:0e:79:
0a:b3:26:25:21:7b:35:95:6a:b0:9c:43:d3:7b:29:b9:bf:39:
b8:fa:2e:8f:a2:0a:71:10:8d:3d:7d:ff:d9:81:4c:5e:17:36:
10:b9:b1:b2:e2:0d:c4:ff:ea:9a:da:a9:88:8e:1d:12:27:ac:
93:39:fb:e7:ac:f2:c5:0c:30:8e:62:97:38:1c:b5:7b:f1:62:
b8:01:03:03
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgICAw0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTREREYxMTAvBgNVBAUTKEU4NjcxNzUwMzQ0RjE4QzJBRjc0N0ZGQUYyNTU4NTBF
QkM3OUQwMUYwHhcNMjQxMDAxMDE0NDQ1WhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmZiNTQwYy1iNmZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAttJLrxFTbE23P/31sASFTwU0m2fG45YqtHKgE4dJ7kopqBH8EEAf/YHXK1Md
6bR0uFjqr1Y/CD926JmUb+kbqMgZvvs8XitAMstX/h1fsRsxN6m5YSs1SXS6MJLy
RorFaWSd9KvTAUAXSE6DRWHlI0QEkNKx+KWd0WbcPQldFodDA0VLS2jFZuHSVgmA
vJtK1Ud2ahJEXwb9wMqrG28iDao+owwp2QdRYQ7lmhTK5YGEqXFdRqihhtvm+Ske
vT+/VqPack0EyGwSzu9BL/llpZuQzY7Wq3KrdeZx+vSaK3qskJoFtX2+jhAJW3jJ
S2bNTY6+9gpcuGkDGSho9/4JSQIDAQABo4ICrDCCAqgwHQYDVR0OBBYEFIc0N+37
ON67oYo17tQ9cPieSeGMMB8GA1UdIwQYMBaAFOhnF1A0TxjCr3R/+vJVhQ68edAf
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExNERERi81QjA2RkVGMkE1
MEExMUVDQjI3NzhENUNDNEY5QUUwMi82R2NYVURSUEdNS3ZkSF82OGxXRkRyeDUw
QjguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzZHY1hVRFJQR01LdmRIXzY4bFdGRHJ4NTBCOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTREREYvNUIwNkZFRjJBNTBBMTFFQ0IyNzc4RDVDQzRGOUFFMDIvRkY0NjEzN0VB
NTFDMTFFQzgzOTQzNjVCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNgYIKwYBBQUHAQcBAf8E
JzAlMBIEAgABMAwDBAItflgDBAJn7OQwDwQCAAIwCQMHACABDfEqADANBgkqhkiG
9w0BAQsFAAOCAQEAfPEL9RNCkLErH+QFc+Mwh9XSRI3ntYIKlEyHdG07iKkWb8tK
ErZ7rT2/KnDVkT6T4uYWrERR/K3g050mcQVKUDyD+a5hnDgMlry4oIyHOc0n6xXz
SBv89OTxIxiG12aamRiEp2ZN6lZeUd9FdEJHBgNhIeV63C1fLv7HSllqCkKuysf9
n7OTGtFB6TV+2CSUJ7JmZ4qFKXJwh6bANeF8tAPIqxGf3ldJzOQZWiUPaTfCzw55
CrMmJSF7NZVqsJxD03spub85uPouj6IKcRCNPX3/2YFMXhc2ELmxsuINxP/qmtqp
iI4dEieskzn756zyxQwwjmKXOBy1e/FiuAEDAw==
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:18:09 2025 by rpki-client