Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9119F89/D35AA5AA7BE111EB8FF5F752C4F9AE02/F2ADEDFCF41111EFBE1C0431C4F9AE02.roa
File: F2ADEDFCF41111EFBE1C0431C4F9AE02.roa (raw, json)
Hash identifier: ey9B/Q8c85v1bGDlGnPg9HoDgp++CoFZENAFpAYZhjk=
Subject key identifier: 24:EA:97:91:F6:36:3B:15:1E:F9:3B:18:FB:7E:EA:3C:7A:91:B9:6D
Certificate issuer: /CN=A9119F89/serialNumber=55088A315BCB5098BEEF665AA9CBDFD32A205820
Certificate serial: 0656
Authority key identifier: 55:08:8A:31:5B:CB:50:98:BE:EF:66:5A:A9:CB:DF:D3:2A:20:58:20
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VQiKMVvLUJi-72Zaqcvf0yogWCA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9119F89/D35AA5AA7BE111EB8FF5F752C4F9AE02/F2ADEDFCF41111EFBE1C0431C4F9AE02.roa
Signing time: Wed 26 Feb 2025 07:19:00 +0000
ROA not before: Wed 26 Feb 2025 07:19:00 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 51847
IP address blocks: 103.100.156.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1622 (0x656)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9119F89
Validity
Not Before: Feb 26 07:19:00 2025 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=67bec063-c5db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:21:79:08:46:70:ed:83:63:73:04:f4:89:61:
51:e7:17:97:1f:2b:2f:4b:52:b7:17:9c:23:fd:75:
b8:b1:c9:a5:78:f9:98:20:de:a2:49:10:c6:f8:6b:
78:0b:64:25:44:1d:d1:21:69:30:a4:6f:a5:22:5f:
5f:33:b6:87:91:02:db:86:5b:15:4e:a6:f4:2e:56:
0d:b4:1f:03:4f:75:42:1b:98:e4:e1:86:f5:e6:2c:
f5:01:06:e7:ff:c6:6a:0c:ff:51:51:27:74:02:a0:
92:47:c6:e2:2c:c8:47:75:e6:e4:68:a6:0f:86:43:
7e:3a:4f:a3:5e:36:95:7e:fe:e2:6f:f5:54:ca:e0:
89:d4:7f:b2:8e:0a:b7:32:c3:be:85:88:f5:a8:7f:
e3:79:7e:2e:b8:49:87:51:c1:e6:82:24:8d:32:0b:
ba:1f:32:7c:6a:b1:fe:af:0a:82:44:6b:83:57:f8:
eb:90:b1:32:33:1a:1f:76:04:a1:c0:82:70:d1:e8:
94:ca:52:9f:69:11:9e:71:6c:b2:20:c9:0d:3e:4c:
22:18:f9:5e:e7:5b:ef:3c:17:1c:e5:0a:ba:7f:15:
91:1a:b3:4e:e1:c5:de:c7:a7:bd:5a:5c:6b:41:5b:
e9:0a:cf:c1:72:5d:d5:53:53:2e:c3:2d:94:1f:40:
14:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:EA:97:91:F6:36:3B:15:1E:F9:3B:18:FB:7E:EA:3C:7A:91:B9:6D
X509v3 Authority Key Identifier:
keyid:55:08:8A:31:5B:CB:50:98:BE:EF:66:5A:A9:CB:DF:D3:2A:20:58:20
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9119F89/D35AA5AA7BE111EB8FF5F752C4F9AE02/VQiKMVvLUJi-72Zaqcvf0yogWCA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VQiKMVvLUJi-72Zaqcvf0yogWCA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9119F89/D35AA5AA7BE111EB8FF5F752C4F9AE02/F2ADEDFCF41111EFBE1C0431C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.100.156.0/24
Signature Algorithm: sha256WithRSAEncryption
51:69:d4:1a:4d:99:8c:fa:df:3c:d3:3a:74:27:47:7d:74:ad:
66:ac:3a:32:ec:58:37:9d:97:bc:d7:8f:d8:42:0b:05:ab:bf:
c1:73:9f:66:24:d1:d1:3a:01:b9:dc:46:b5:12:c7:9d:6f:78:
cc:3d:98:2f:78:ca:5c:4f:d4:e6:06:88:d8:95:18:da:d4:ee:
8d:33:1b:48:49:fd:34:06:6d:8a:c4:55:b8:46:7c:2d:83:f1:
29:0f:52:ec:f5:74:9c:41:d4:05:f7:65:d9:3c:a2:b0:6b:6a:
16:37:cd:a1:dc:9a:fb:b0:8b:df:a5:8c:c5:9c:2d:82:5f:0c:
5b:0f:a1:71:d8:83:f5:fa:17:66:a6:75:28:9d:62:a9:88:18:
1d:b6:94:87:81:4f:47:3c:7b:c1:87:0a:9e:73:a3:ab:c7:fc:
20:58:7d:56:e3:75:cc:2f:b4:45:db:3b:02:7e:6d:48:45:ef:
2b:f3:0e:ff:ee:b0:d6:b2:a5:3b:05:5b:8c:5a:7a:2f:5a:29:
41:3d:60:ab:d4:2a:c4:f4:6c:8a:5f:10:63:b6:06:a8:c8:af:
4f:c4:d8:d8:61:aa:df:02:02:3c:38:37:87:1a:13:71:09:54:
11:72:85:65:fa:8c:66:a3:ae:52:c4:78:08:a1:5e:ba:d0:80:
f9:66:e9:24
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBlYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTlGODkxMTAvBgNVBAUTKDU1MDg4QTMxNUJDQjUwOThCRUVGNjY1QUE5Q0JERkQz
MkEyMDU4MjAwHhcNMjUwMjI2MDcxOTAwWhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2JlYzA2My1jNWRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxiF5CEZw7YNjcwT0iWFR5xeXHysvS1K3F5wj/XW4scmlePmYIN6iSRDG+Gt4
C2QlRB3RIWkwpG+lIl9fM7aHkQLbhlsVTqb0LlYNtB8DT3VCG5jk4Yb15iz1AQbn
/8ZqDP9RUSd0AqCSR8biLMhHdebkaKYPhkN+Ok+jXjaVfv7ib/VUyuCJ1H+yjgq3
MsO+hYj1qH/jeX4uuEmHUcHmgiSNMgu6HzJ8arH+rwqCRGuDV/jrkLEyMxofdgSh
wIJw0eiUylKfaRGecWyyIMkNPkwiGPle51vvPBcc5Qq6fxWRGrNO4cXex6e9Wlxr
QVvpCs/Bcl3VU1Muwy2UH0AUQwIDAQABo4IClTCCApEwHQYDVR0OBBYEFCTql5H2
NjsVHvk7GPt+6jx6kbltMB8GA1UdIwQYMBaAFFUIijFby1CYvu9mWqnL39MqIFgg
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExOUY4OS9EMzVBQTVBQTdC
RTExMUVCOEZGNUY3NTJDNEY5QUUwMi9WUWlLTVZ2TFVKaS03MlphcWN2ZjB5b2dX
Q0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1ZRaUtNVnZMVUppLTcyWmFxY3ZmMHlvZ1dDQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTlGODkvRDM1QUE1QUE3QkUxMTFFQjhGRjVGNzUyQzRGOUFFMDIvRjJBREVERkNG
NDExMTFFRkJFMUMwNDMxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnZJwwDQYJKoZIhvcNAQELBQADggEBAFFp1BpNmYz63zzT
OnQnR310rWasOjLsWDedl7zXj9hCCwWrv8Fzn2Yk0dE6AbncRrUSx51veMw9mC94
ylxP1OYGiNiVGNrU7o0zG0hJ/TQGbYrEVbhGfC2D8SkPUuz1dJxB1AX3Zdk8orBr
ahY3zaHcmvuwi9+ljMWcLYJfDFsPoXHYg/X6F2amdSidYqmIGB22lIeBT0c8e8GH
Cp5zo6vH/CBYfVbjdcwvtEXbOwJ+bUhF7yvzDv/usNaypTsFW4xaei9aKUE9YKvU
KsT0bIpfEGO2BqjIr0/E2Nhhqt8CAjw4N4caE3EJVBFyhWX6jGajrlLEeAihXrrQ
gPlm6SQ=
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:08:11 2025 by rpki-client