Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9122D89/C6A4A5E2084411EB9C736514C4F9AE02/7E8114F414E611EB82C98471C4F9AE02.roa
File: 7E8114F414E611EB82C98471C4F9AE02.roa (raw, json)
Hash identifier: J9GQPP4a7clIhGgoBAM9KLX43lz+eBaMPakWPFWVHmk=
Subject key identifier: FD:32:6E:A3:54:49:76:A0:14:44:74:26:A3:34:98:9A:76:59:01:03
Certificate issuer: /CN=A9122D89/serialNumber=3CFE6F3EB1D892715E4136E9BA856B98F67147B0
Certificate serial: 0753
Authority key identifier: 3C:FE:6F:3E:B1:D8:92:71:5E:41:36:E9:BA:85:6B:98:F6:71:47:B0
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PP5vPrHYknFeQTbpuoVrmPZxR7A.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9122D89/C6A4A5E2084411EB9C736514C4F9AE02/7E8114F414E611EB82C98471C4F9AE02.roa
Signing time: Thu 02 Jan 2025 21:10:28 +0000
ROA not before: Thu 02 Jan 2025 21:10:28 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 55720
IP address blocks: 45.116.172.0/24 maxlen: 24
45.116.173.0/24 maxlen: 24
45.116.174.0/24 maxlen: 24
45.116.175.0/24 maxlen: 24
103.244.0.0/24 maxlen: 24
103.244.1.0/24 maxlen: 24
103.244.2.0/24 maxlen: 24
103.244.3.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1875 (0x753)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9122D89
Validity
Not Before: Jan 2 21:10:28 2025 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=677700c4-db4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:a2:ac:4b:b3:cf:bb:b1:9c:fe:a1:f5:56:62:
70:8b:bc:3d:82:79:06:62:af:df:9c:95:26:8d:e3:
88:75:47:6d:df:c2:ad:e2:4a:22:ad:4a:51:0a:c7:
6c:c6:62:71:ff:69:5f:fa:e2:66:28:f2:72:dc:e9:
07:f2:37:06:12:d4:f4:b0:14:f7:e7:a1:1c:1f:3d:
ad:bf:06:51:af:95:65:44:7e:91:21:30:d5:e6:07:
eb:8b:71:fe:dc:7c:92:9f:28:78:61:69:22:a5:0e:
a0:5c:15:9d:c9:d1:8c:b0:1c:99:be:a7:d4:47:9c:
7c:9f:85:9e:70:93:e0:71:f2:ec:af:f0:19:e6:17:
b9:ba:71:c4:99:a8:e8:cb:fa:32:3d:73:99:87:f3:
e2:a0:d1:14:43:78:50:99:be:ba:2b:10:41:88:bc:
09:75:f5:0f:4b:ab:f3:37:9f:71:08:7e:65:4b:37:
59:72:2c:6f:9e:cb:46:11:79:0b:88:db:62:84:b2:
eb:e9:03:0b:3a:eb:da:ac:ae:61:a2:7c:17:1f:d6:
5d:fc:66:21:ea:4a:19:bd:92:8b:09:2b:35:f7:d0:
7c:d4:92:f6:ad:d4:0f:76:d2:93:b8:db:cc:27:67:
52:ed:d2:0d:d9:1c:9c:08:20:83:36:14:c9:03:1b:
03:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:32:6E:A3:54:49:76:A0:14:44:74:26:A3:34:98:9A:76:59:01:03
X509v3 Authority Key Identifier:
keyid:3C:FE:6F:3E:B1:D8:92:71:5E:41:36:E9:BA:85:6B:98:F6:71:47:B0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9122D89/C6A4A5E2084411EB9C736514C4F9AE02/PP5vPrHYknFeQTbpuoVrmPZxR7A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PP5vPrHYknFeQTbpuoVrmPZxR7A.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9122D89/C6A4A5E2084411EB9C736514C4F9AE02/7E8114F414E611EB82C98471C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.116.172.0/22
103.244.0.0/22
Signature Algorithm: sha256WithRSAEncryption
c8:60:e3:97:c1:f2:4b:ff:5b:77:98:59:e8:2c:9b:85:f3:c2:
b9:3b:72:74:94:98:42:52:59:65:32:ae:55:65:21:e9:6f:e8:
49:f7:a8:c0:ba:76:d4:71:84:e2:49:c9:ba:ee:de:5f:16:7f:
c6:f1:a9:62:1b:26:c8:03:97:d1:d4:b7:90:4c:fe:c9:2b:8a:
68:d5:07:af:36:fe:13:76:2e:98:9c:64:15:36:6f:94:dc:34:
f8:61:2a:a9:68:cf:62:e4:d5:23:0c:02:5d:17:f6:99:2a:8c:
b7:d3:83:0b:3e:b5:0b:8f:c5:90:06:ce:73:e3:92:d5:7b:8a:
a0:f7:ce:a6:66:10:ab:d3:f5:1e:b7:30:65:60:b5:d1:56:1c:
cd:92:45:f6:a3:63:db:29:48:b9:dc:2f:ae:ef:a4:27:c0:43:
eb:2d:50:60:e7:e6:61:bc:b2:e5:f0:6a:f9:63:6b:7e:3b:ce:
26:3e:75:7b:bb:f0:5d:ab:47:51:a0:14:f7:9b:26:29:5c:e2:
16:ed:2d:cf:0a:e1:da:ef:0c:59:3b:9e:98:d1:ed:30:7f:6a:
d4:63:b2:29:ae:4b:4b:81:91:be:a8:15:e0:19:a7:a0:e8:d6:
93:63:9c:0c:31:55:f6:3b:a9:32:16:39:a6:a0:3b:f7:9c:c4:
05:1d:c0:32
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICB1MwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjJEODkxMTAvBgNVBAUTKDNDRkU2RjNFQjFEODkyNzE1RTQxMzZFOUJBODU2Qjk4
RjY3MTQ3QjAwHhcNMjUwMTAyMjExMDI4WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzc3MDBjNC1kYjRmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApKKsS7PPu7Gc/qH1VmJwi7w9gnkGYq/fnJUmjeOIdUdt38Kt4koirUpRCsds
xmJx/2lf+uJmKPJy3OkH8jcGEtT0sBT356EcHz2tvwZRr5VlRH6RITDV5gfri3H+
3HySnyh4YWkipQ6gXBWdydGMsByZvqfUR5x8n4WecJPgcfLsr/AZ5he5unHEmajo
y/oyPXOZh/PioNEUQ3hQmb66KxBBiLwJdfUPS6vzN59xCH5lSzdZcixvnstGEXkL
iNtihLLr6QMLOuvarK5honwXH9Zd/GYh6koZvZKLCSs199B81JL2rdQPdtKTuNvM
J2dS7dIN2RycCCCDNhTJAxsDFQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFP0ybqNU
SXagFER0JqM0mJp2WQEDMB8GA1UdIwQYMBaAFDz+bz6x2JJxXkE26bqFa5j2cUew
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyMkQ4OS9DNkE0QTVFMjA4
NDQxMUVCOUM3MzY1MTRDNEY5QUUwMi9QUDV2UHJIWWtuRmVRVGJwdW9Wcm1QWnhS
N0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1BQNXZQckhZa25GZVFUYnB1b1ZybVBaeFI3QS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjJEODkvQzZBNEE1RTIwODQ0MTFFQjlDNzM2NTE0QzRGOUFFMDIvN0U4MTE0RjQx
NEU2MTFFQjgyQzk4NDcxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAItdKwDBAJn9AAwDQYJKoZIhvcNAQELBQADggEBAMhg45fB
8kv/W3eYWegsm4Xzwrk7cnSUmEJSWWUyrlVlIelv6En3qMC6dtRxhOJJybru3l8W
f8bxqWIbJsgDl9HUt5BM/skrimjVB682/hN2LpicZBU2b5TcNPhhKqloz2Lk1SMM
Al0X9pkqjLfTgws+tQuPxZAGznPjktV7iqD3zqZmEKvT9R63MGVgtdFWHM2SRfaj
Y9spSLncL67vpCfAQ+stUGDn5mG8suXwavlja347ziY+dXu78F2rR1GgFPebJilc
4hbtLc8K4drvDFk7npjR7TB/atRjsimuS0uBkb6oFeAZp6Do1pNjnAwxVfY7qTIW
OaagO/ecxAUdwDI=
-----END CERTIFICATE-----
Generated at Sat Apr 5 01:52:51 2025 by rpki-client