Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9121865/76B6A0D2650811EB8F26150DC4F9AE02/602D049AC1DE11EB98E1AD43C4F9AE02.roa
File: 602D049AC1DE11EB98E1AD43C4F9AE02.roa (raw, json)
Hash identifier: tOvzYrsalWJNmj9WItm2EeNfbIzeiJCLx/kwvWJGmiM=
Subject key identifier: 03:F6:B0:0B:9B:C3:A7:C3:66:81:FB:87:BA:E0:AC:AE:04:82:25:39
Certificate issuer: /CN=A9121865/serialNumber=63E37CE0D00C20D86870A73FD6ECBC899C1B9E0B
Certificate serial: 066A
Authority key identifier: 63:E3:7C:E0:D0:0C:20:D8:68:70:A7:3F:D6:EC:BC:89:9C:1B:9E:0B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Y-N84NAMINhocKc_1uy8iZwbngs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9121865/76B6A0D2650811EB8F26150DC4F9AE02/602D049AC1DE11EB98E1AD43C4F9AE02.roa
Signing time: Thu 12 Dec 2024 22:11:52 +0000
ROA not before: Thu 12 Dec 2024 22:11:52 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 21859
IP address blocks: 103.122.176.0/24 maxlen: 24
103.122.177.0/24 maxlen: 24
103.122.178.0/24 maxlen: 24
103.122.179.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1642 (0x66a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9121865
Validity
Not Before: Dec 12 22:11:52 2024 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=675b5fa7-849b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:c4:57:58:50:79:34:3d:31:18:b1:bd:21:cd:
7f:ae:af:40:6b:4d:a7:32:94:34:0b:ef:f1:0b:11:
19:81:9c:55:38:78:8c:9e:6f:df:ca:26:bd:41:dd:
b5:7f:79:df:39:5b:f9:5e:74:cc:41:4b:7a:85:4e:
ae:ab:55:39:4e:d1:32:cd:ff:c5:ff:9b:5c:d9:ea:
b7:1f:e4:7f:4d:bf:45:a2:91:ce:46:df:0a:30:3c:
51:6e:30:03:b3:12:53:f4:8d:5b:05:3f:6c:fb:1b:
ff:5d:aa:53:72:52:47:42:3d:ea:15:31:1c:7e:73:
d8:89:14:67:19:02:be:36:f3:ce:69:fc:e0:ea:6c:
a2:4a:83:a7:a9:b7:5c:5d:34:3f:21:c4:7b:54:64:
32:2a:c2:b9:be:0f:6a:07:95:06:1e:52:e3:59:2a:
74:34:69:3e:6b:48:17:6c:a8:59:e1:15:00:e3:a1:
09:14:0b:48:b6:06:5e:8e:54:d0:9e:d1:70:48:42:
58:3c:a5:f7:f0:69:46:d4:4e:05:f4:a2:67:55:a2:
68:96:e6:20:42:2b:5a:99:29:18:6a:9b:ec:9b:15:
43:53:f0:39:e1:89:eb:15:47:9b:56:2c:d6:94:f8:
6b:2e:7e:f0:b9:c7:82:c7:6b:85:75:1e:13:f3:76:
28:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:F6:B0:0B:9B:C3:A7:C3:66:81:FB:87:BA:E0:AC:AE:04:82:25:39
X509v3 Authority Key Identifier:
keyid:63:E3:7C:E0:D0:0C:20:D8:68:70:A7:3F:D6:EC:BC:89:9C:1B:9E:0B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9121865/76B6A0D2650811EB8F26150DC4F9AE02/Y-N84NAMINhocKc_1uy8iZwbngs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Y-N84NAMINhocKc_1uy8iZwbngs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9121865/76B6A0D2650811EB8F26150DC4F9AE02/602D049AC1DE11EB98E1AD43C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.122.176.0/22
Signature Algorithm: sha256WithRSAEncryption
31:ea:b6:e9:98:da:61:fa:88:b2:00:88:ba:f9:d9:77:8b:cf:
ee:14:f2:11:e2:56:18:be:79:84:87:19:07:ef:b8:dc:cb:a6:
b1:24:9f:f2:a2:f6:72:44:8a:09:90:64:ad:20:11:90:73:78:
ef:a1:22:db:2a:88:c4:01:77:1c:c5:94:40:b8:97:5e:98:58:
8b:6c:ad:df:71:8b:ac:d1:31:1e:c9:25:8e:6c:7c:d5:3d:67:
4e:d8:12:78:21:ca:69:42:9f:d4:35:e5:52:7c:5a:80:01:34:
f5:1c:ac:06:e7:5c:7b:e6:da:55:22:2d:d9:a1:b3:22:23:03:
19:f6:8c:6a:7a:91:89:75:1b:8c:56:4e:16:40:f9:ed:bc:31:
49:66:f2:43:64:88:93:53:a5:0a:3b:e3:f5:b9:d4:df:60:d1:
a1:40:64:51:11:95:b0:6c:4e:fd:f2:aa:c2:92:05:5c:d4:d6:
d6:26:20:91:bd:5a:14:6f:56:e8:f4:f1:b2:c2:ca:7d:b1:64:
2d:24:61:e6:1e:b7:a8:84:52:be:e6:0e:21:20:87:ed:a7:7d:
8f:71:bc:08:4c:2c:cf:1f:52:17:1e:95:b6:70:9b:2c:cd:a9:
7b:0c:80:54:94:7f:1e:5f:59:8b:a2:ad:ee:d9:78:4b:a9:2b:
94:4a:07:04
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBmowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjE4NjUxMTAvBgNVBAUTKDYzRTM3Q0UwRDAwQzIwRDg2ODcwQTczRkQ2RUNCQzg5
OUMxQjlFMEIwHhcNMjQxMjEyMjIxMTUyWhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzViNWZhNy04NDliMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAu8RXWFB5ND0xGLG9Ic1/rq9Aa02nMpQ0C+/xCxEZgZxVOHiMnm/fyia9Qd21
f3nfOVv5XnTMQUt6hU6uq1U5TtEyzf/F/5tc2eq3H+R/Tb9FopHORt8KMDxRbjAD
sxJT9I1bBT9s+xv/XapTclJHQj3qFTEcfnPYiRRnGQK+NvPOafzg6myiSoOnqbdc
XTQ/IcR7VGQyKsK5vg9qB5UGHlLjWSp0NGk+a0gXbKhZ4RUA46EJFAtItgZejlTQ
ntFwSEJYPKX38GlG1E4F9KJnVaJoluYgQitamSkYapvsmxVDU/A54YnrFUebVizW
lPhrLn7wuceCx2uFdR4T83YoBwIDAQABo4IClTCCApEwHQYDVR0OBBYEFAP2sAub
w6fDZoH7h7rgrK4EgiU5MB8GA1UdIwQYMBaAFGPjfODQDCDYaHCnP9bsvImcG54L
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyMTg2NS83NkI2QTBEMjY1
MDgxMUVCOEYyNjE1MERDNEY5QUUwMi9ZLU44NE5BTUlOaG9jS2NfMXV5OGlad2Ju
Z3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1ktTjg0TkFNSU5ob2NLY18xdXk4aVp3Ym5ncy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjE4NjUvNzZCNkEwRDI2NTA4MTFFQjhGMjYxNTBEQzRGOUFFMDIvNjAyRDA0OUFD
MURFMTFFQjk4RTFBRDQzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJnerAwDQYJKoZIhvcNAQELBQADggEBADHqtumY2mH6iLIA
iLr52XeLz+4U8hHiVhi+eYSHGQfvuNzLprEkn/Ki9nJEigmQZK0gEZBzeO+hItsq
iMQBdxzFlEC4l16YWItsrd9xi6zRMR7JJY5sfNU9Z07YEnghymlCn9Q15VJ8WoAB
NPUcrAbnXHvm2lUiLdmhsyIjAxn2jGp6kYl1G4xWThZA+e28MUlm8kNkiJNTpQo7
4/W51N9g0aFAZFERlbBsTv3yqsKSBVzU1tYmIJG9WhRvVuj08bLCyn2xZC0kYeYe
t6iEUr7mDiEgh+2nfY9xvAhMLM8fUhcelbZwmyzNqXsMgFSUfx5fWYuire7ZeEup
K5RKBwQ=
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:22:52 2025 by rpki-client