Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911C356/671B7DA6401D11EB8E0CCB5EC4F9AE02/86BED34677F011EB9E69B472C4F9AE02.roa
File: 86BED34677F011EB9E69B472C4F9AE02.roa (raw, json)
Hash identifier: j7nBCo//segTbSYNY1h0+pWssVZ/bx4SZszp4wl16ww=
Subject key identifier: 11:B1:B1:3F:A9:9E:F5:D1:3C:B5:F8:0F:45:7D:64:D9:D1:B9:8C:94
Certificate issuer: /CN=A911C356/serialNumber=6ADE0ED742D8C5AFA1333B90358C06B3FE876883
Certificate serial: 06CB
Authority key identifier: 6A:DE:0E:D7:42:D8:C5:AF:A1:33:3B:90:35:8C:06:B3:FE:87:68:83
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/at4O10LYxa-hMzuQNYwGs_6HaIM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911C356/671B7DA6401D11EB8E0CCB5EC4F9AE02/86BED34677F011EB9E69B472C4F9AE02.roa
Signing time: Tue 31 Dec 2024 21:51:06 +0000
ROA not before: Tue 31 Dec 2024 21:51:06 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 134847
IP address blocks: 103.204.8.0/22 maxlen: 22
103.204.8.0/24 maxlen: 24
103.204.9.0/24 maxlen: 24
103.204.10.0/24 maxlen: 24
103.204.11.0/24 maxlen: 24
202.133.80.0/22 maxlen: 22
202.133.80.0/24 maxlen: 24
202.133.83.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1739 (0x6cb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911C356
Validity
Not Before: Dec 31 21:51:06 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=67746749-ada9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:5b:f0:b1:41:7d:07:1c:20:a9:2e:12:22:fe:
13:05:0c:5a:57:3a:2c:ae:7c:9f:92:60:6c:87:df:
4e:41:8a:ea:90:61:f7:d0:fa:8d:0a:0e:6c:40:83:
87:45:dd:a6:d9:e9:12:f1:eb:85:65:49:b2:58:d7:
23:76:32:e1:c5:a0:81:3e:8e:ff:03:c3:69:3f:12:
6d:16:b7:d9:f7:0c:98:33:88:a9:6e:be:b1:be:87:
4a:5b:c4:32:3e:84:45:ca:e1:d8:61:cb:5e:55:a6:
56:01:1a:fa:1a:58:59:96:93:c9:3a:8b:61:6b:ad:
a0:17:63:b7:2d:23:62:5e:5c:bb:05:f9:4d:c0:30:
03:44:b0:93:ef:d5:ff:2a:d8:14:ef:dd:3c:ce:7e:
72:c8:86:66:93:d5:5b:a2:5f:35:5d:1a:28:aa:5e:
9e:1c:cd:54:34:05:4d:9e:82:68:19:60:bb:ba:38:
06:81:04:f0:b8:1a:72:36:7d:4f:b0:78:56:c9:08:
9e:dd:c6:9f:e5:ca:e6:c2:27:85:3b:50:3a:c6:05:
99:9c:16:70:9c:04:91:15:6b:94:40:5f:c8:f3:df:
0d:86:21:20:d9:54:8c:91:68:d4:4d:69:a9:22:f0:
b8:e6:80:e8:64:e2:8c:96:a5:a7:ae:e1:4b:91:f2:
a2:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:B1:B1:3F:A9:9E:F5:D1:3C:B5:F8:0F:45:7D:64:D9:D1:B9:8C:94
X509v3 Authority Key Identifier:
keyid:6A:DE:0E:D7:42:D8:C5:AF:A1:33:3B:90:35:8C:06:B3:FE:87:68:83
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911C356/671B7DA6401D11EB8E0CCB5EC4F9AE02/at4O10LYxa-hMzuQNYwGs_6HaIM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/at4O10LYxa-hMzuQNYwGs_6HaIM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911C356/671B7DA6401D11EB8E0CCB5EC4F9AE02/86BED34677F011EB9E69B472C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.204.8.0/22
202.133.80.0/22
Signature Algorithm: sha256WithRSAEncryption
cf:be:67:40:91:9c:9b:f5:f1:d8:f8:13:d6:13:c4:fc:50:7c:
e8:69:fc:27:cb:ad:33:bf:84:19:3c:6d:da:91:fe:57:d6:c7:
e8:03:ca:71:2a:64:3f:47:29:4c:fc:6b:dd:f0:dc:7e:d7:9d:
2f:cf:1e:73:de:06:bf:ac:56:c4:0e:c7:85:d7:96:85:19:4d:
2f:7d:91:5b:3b:1c:11:ba:7b:c1:33:85:0c:46:2f:d8:3b:d9:
b3:6e:51:6c:d0:47:ce:0c:6d:95:52:9c:88:d6:31:11:4a:53:
08:21:08:d6:63:90:01:d7:36:78:33:ef:64:44:f2:f7:ec:99:
d7:14:0d:85:65:cd:90:37:ae:3f:b5:1f:9d:e0:25:a9:86:93:
57:90:1a:0d:f3:a1:73:76:d1:97:e5:09:d7:fe:49:7a:59:d7:
5b:67:72:9b:bc:f1:ba:5a:8e:10:b8:dc:d4:fa:ce:d6:15:90:
7e:8a:5b:4d:40:04:ca:92:04:08:20:15:d7:a3:a1:32:26:5f:
0d:a5:f4:39:a1:0a:2b:2f:64:4a:83:2f:53:ed:05:13:bd:d2:
1f:4e:cd:96:b7:65:eb:b4:12:69:0f:56:15:2e:e2:d8:05:d3:
3b:0d:7a:0c:c7:25:2f:38:d5:72:ad:e1:2a:0a:d4:a6:c6:d3:
08:76:58:fb
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICBsswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUMzNTYxMTAvBgNVBAUTKDZBREUwRUQ3NDJEOEM1QUZBMTMzM0I5MDM1OEMwNkIz
RkU4NzY4ODMwHhcNMjQxMjMxMjE1MTA2WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzc0Njc0OS1hZGE5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAt1vwsUF9BxwgqS4SIv4TBQxaVzosrnyfkmBsh99OQYrqkGH30PqNCg5sQIOH
Rd2m2ekS8euFZUmyWNcjdjLhxaCBPo7/A8NpPxJtFrfZ9wyYM4ipbr6xvodKW8Qy
PoRFyuHYYcteVaZWARr6GlhZlpPJOotha62gF2O3LSNiXly7BflNwDADRLCT79X/
KtgU7908zn5yyIZmk9Vbol81XRooql6eHM1UNAVNnoJoGWC7ujgGgQTwuBpyNn1P
sHhWyQie3caf5crmwieFO1A6xgWZnBZwnASRFWuUQF/I898NhiEg2VSMkWjUTWmp
IvC45oDoZOKMlqWnruFLkfKibQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFBGxsT+p
nvXRPLX4D0V9ZNnRuYyUMB8GA1UdIwQYMBaAFGreDtdC2MWvoTM7kDWMBrP+h2iD
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQzM1Ni82NzFCN0RBNjQw
MUQxMUVCOEUwQ0NCNUVDNEY5QUUwMi9hdDRPMTBMWXhhLWhNenVRTll3R3NfNkhh
SU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2F0NE8xMExZeGEtaE16dVFOWXdHc182SGFJTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUMzNTYvNjcxQjdEQTY0MDFEMTFFQjhFMENDQjVFQzRGOUFFMDIvODZCRUQzNDY3
N0YwMTFFQjlFNjlCNDcyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAJnzAgDBALKhVAwDQYJKoZIhvcNAQELBQADggEBAM++Z0CR
nJv18dj4E9YTxPxQfOhp/CfLrTO/hBk8bdqR/lfWx+gDynEqZD9HKUz8a93w3H7X
nS/PHnPeBr+sVsQOx4XXloUZTS99kVs7HBG6e8EzhQxGL9g72bNuUWzQR84MbZVS
nIjWMRFKUwghCNZjkAHXNngz72RE8vfsmdcUDYVlzZA3rj+1H53gJamGk1eQGg3z
oXN20ZflCdf+SXpZ11tncpu88bpajhC43NT6ztYVkH6KW01ABMqSBAggFdejoTIm
Xw2l9DmhCisvZEqDL1PtBRO90h9OzZa3Zeu0EmkPVhUu4tgF0zsNegzHJS841XKt
4SoK1KbG0wh2WPs=
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:30:45 2025 by rpki-client