Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912859A/BACAB7EC9DFE11ECB87F5147C4F9AE02/5B639C667CEB11EDA3D10364C4F9AE02.roa
File: 5B639C667CEB11EDA3D10364C4F9AE02.roa (raw, json)
Hash identifier: 2RRu5OL1BYLyINn4BdcdcRIHzJRCaxx/gJ62D9F6Yd8=
Subject key identifier: 5F:C8:9D:4F:EA:14:82:20:53:80:B7:1F:84:C7:8D:9E:F5:B1:00:16
Certificate issuer: /CN=A912859A/serialNumber=68060AEFBBFCC07D73DB5D7278BC8F249C57F515
Certificate serial: 036F
Authority key identifier: 68:06:0A:EF:BB:FC:C0:7D:73:DB:5D:72:78:BC:8F:24:9C:57:F5:15
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aAYK77v8wH1z211yeLyPJJxX9RU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912859A/BACAB7EC9DFE11ECB87F5147C4F9AE02/5B639C667CEB11EDA3D10364C4F9AE02.roa
Signing time: Sat 01 Mar 2025 03:04:32 +0000
ROA not before: Sat 01 Mar 2025 03:04:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 136970
IP address blocks: 103.146.158.0/23 maxlen: 23
103.146.158.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 879 (0x36f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912859A
Validity
Not Before: Mar 1 03:04:32 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67c27940-e18e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:57:8e:21:4b:db:71:2b:c9:a7:b3:02:fd:07:
a6:73:55:c7:66:6d:c5:aa:ff:45:46:85:56:bf:f5:
37:c4:e2:bd:0d:63:b5:1c:cb:ac:cd:6e:7f:b5:10:
85:84:d6:dd:19:cc:46:cb:7f:b4:8f:ab:94:5c:88:
48:be:ca:59:3c:dc:ce:68:b5:2d:cf:6c:43:ed:42:
37:b6:9f:cb:7b:ae:3c:05:29:b0:5f:df:52:62:18:
91:72:85:3c:89:d6:82:59:3e:21:f5:dd:63:6e:5c:
23:e0:b2:30:e5:b4:b9:83:d2:c1:c1:c7:00:af:c7:
ef:f1:3b:13:3a:30:cc:14:66:71:49:be:8f:a2:4d:
e4:c0:c7:f8:94:26:f4:11:43:0d:48:22:7a:0d:aa:
cc:5d:83:da:85:49:5c:5f:2c:65:3f:c9:de:48:5d:
4a:64:6e:b0:87:94:f9:9d:86:d5:08:42:21:b6:8a:
02:87:b6:da:8e:08:2e:bc:55:01:1a:f5:b7:26:b8:
f2:3c:2b:b1:b6:b6:d6:a5:7a:d0:12:ce:cb:de:8b:
de:e2:3a:0c:6d:07:f1:e2:62:b0:9b:f4:10:71:80:
f3:b2:f5:6f:99:07:9c:be:0e:b5:0e:d1:08:20:7b:
09:fe:b1:fd:26:ea:68:ff:a1:51:d8:24:38:cc:a7:
a9:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:C8:9D:4F:EA:14:82:20:53:80:B7:1F:84:C7:8D:9E:F5:B1:00:16
X509v3 Authority Key Identifier:
keyid:68:06:0A:EF:BB:FC:C0:7D:73:DB:5D:72:78:BC:8F:24:9C:57:F5:15
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912859A/BACAB7EC9DFE11ECB87F5147C4F9AE02/aAYK77v8wH1z211yeLyPJJxX9RU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aAYK77v8wH1z211yeLyPJJxX9RU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912859A/BACAB7EC9DFE11ECB87F5147C4F9AE02/5B639C667CEB11EDA3D10364C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.146.158.0/23
Signature Algorithm: sha256WithRSAEncryption
0e:47:5a:82:5b:1a:eb:c6:97:d8:97:44:51:34:14:a5:21:62:
3e:b5:ee:b6:40:2b:ed:48:0e:93:54:76:9a:ea:30:90:ab:84:
30:18:89:31:1f:12:6d:cb:ea:c0:be:44:8e:ee:30:db:3c:ce:
ee:87:d8:13:4e:7d:ab:f6:54:c8:ab:f9:53:f2:63:89:51:50:
cf:a1:d0:3f:98:63:27:12:c9:26:44:e3:e9:48:ae:a4:cd:62:
6f:b7:f4:0d:11:ce:91:2f:a9:a7:41:32:06:a2:93:22:a8:3a:
75:07:5b:17:fa:3e:dd:14:ab:fe:03:e3:e5:cc:87:22:66:68:
a1:79:6f:aa:0c:6b:da:c5:8c:f5:a6:9c:2b:3c:e5:02:f8:46:
11:5b:f1:91:3b:a1:9b:e5:9d:62:cd:4a:72:76:72:d7:d8:86:
ab:91:cb:90:0e:20:37:b6:aa:fc:c1:25:07:55:9f:93:15:56:
38:fe:08:0a:f8:3a:d6:34:18:0b:04:d6:8d:5d:a7:d1:4e:c0:
3f:63:bb:93:b2:5b:c3:70:88:fd:ca:52:26:9e:29:87:14:bd:
9c:b5:74:75:09:c6:52:33:17:e1:02:1a:21:3f:60:e1:3f:58:
05:f6:04:80:07:b6:89:5c:43:42:fa:ff:cf:61:ef:4c:ce:19:
ec:77:1a:de
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICA28wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Mjg1OUExMTAvBgNVBAUTKDY4MDYwQUVGQkJGQ0MwN0Q3M0RCNUQ3Mjc4QkM4RjI0
OUM1N0Y1MTUwHhcNMjUwMzAxMDMwNDMyWhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2MyNzk0MC1lMThlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3VeOIUvbcSvJp7MC/Qemc1XHZm3Fqv9FRoVWv/U3xOK9DWO1HMuszW5/tRCF
hNbdGcxGy3+0j6uUXIhIvspZPNzOaLUtz2xD7UI3tp/Le648BSmwX99SYhiRcoU8
idaCWT4h9d1jblwj4LIw5bS5g9LBwccAr8fv8TsTOjDMFGZxSb6Pok3kwMf4lCb0
EUMNSCJ6DarMXYPahUlcXyxlP8neSF1KZG6wh5T5nYbVCEIhtooCh7bajgguvFUB
GvW3JrjyPCuxtrbWpXrQEs7L3ove4joMbQfx4mKwm/QQcYDzsvVvmQecvg61DtEI
IHsJ/rH9Jupo/6FR2CQ4zKepcwIDAQABo4IClTCCApEwHQYDVR0OBBYEFF/InU/q
FIIgU4C3H4THjZ71sQAWMB8GA1UdIwQYMBaAFGgGCu+7/MB9c9tdcni8jyScV/UV
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyODU5QS9CQUNBQjdFQzlE
RkUxMUVDQjg3RjUxNDdDNEY5QUUwMi9hQVlLNzd2OHdIMXoyMTF5ZUx5UEpKeFg5
UlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2FBWUs3N3Y4d0gxejIxMXllTHlQSkp4WDlSVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Mjg1OUEvQkFDQUI3RUM5REZFMTFFQ0I4N0Y1MTQ3QzRGOUFFMDIvNUI2MzlDNjY3
Q0VCMTFFREEzRDEwMzY0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnkp4wDQYJKoZIhvcNAQELBQADggEBAA5HWoJbGuvGl9iX
RFE0FKUhYj617rZAK+1IDpNUdprqMJCrhDAYiTEfEm3L6sC+RI7uMNs8zu6H2BNO
fav2VMir+VPyY4lRUM+h0D+YYycSySZE4+lIrqTNYm+39A0RzpEvqadBMgaikyKo
OnUHWxf6Pt0Uq/4D4+XMhyJmaKF5b6oMa9rFjPWmnCs85QL4RhFb8ZE7oZvlnWLN
SnJ2ctfYhquRy5AOIDe2qvzBJQdVn5MVVjj+CAr4OtY0GAsE1o1dp9FOwD9ju5Oy
W8NwiP3KUiaeKYcUvZy1dHUJxlIzF+ECGiE/YOE/WAX2BIAHtolcQ0L6/89h70zO
Gex3Gt4=
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:10:24 2025 by rpki-client