Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9128E00/8991EB9EE02011E982B37A3AC4F9AE02/D23C5270E02111E9B4A3923FC4F9AE02.roa
File: D23C5270E02111E9B4A3923FC4F9AE02.roa (raw, json)
Hash identifier: zkAhSZ57x5i2z1ecY4hViVs+riusX3XK2gSVsFUEBsM=
Subject key identifier: F6:6D:B1:53:62:A1:F8:98:CE:9B:47:92:63:F4:74:A1:8C:92:EA:75
Certificate issuer: /CN=A9128E00/serialNumber=CFE3F31E4F337AD381201BF33A01A685FB016A5E
Certificate serial: 0CE8
Authority key identifier: CF:E3:F3:1E:4F:33:7A:D3:81:20:1B:F3:3A:01:A6:85:FB:01:6A:5E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z-PzHk8zetOBIBvzOgGmhfsBal4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9128E00/8991EB9EE02011E982B37A3AC4F9AE02/D23C5270E02111E9B4A3923FC4F9AE02.roa
Signing time: Wed 26 Mar 2025 18:26:23 +0000
ROA not before: Wed 26 Mar 2025 18:26:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 136439
IP address blocks: 103.138.77.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3304 (0xce8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9128E00
Validity
Not Before: Mar 26 18:26:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=67e446ce-d22f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:a6:05:8e:82:18:ad:7b:3b:14:ed:c0:fb:76:
3f:29:5e:0c:92:4c:5d:15:8c:87:ba:25:4f:f4:50:
cd:f6:d2:01:d7:ac:be:60:e1:da:36:7d:83:a8:e0:
ee:db:29:60:0c:fc:d5:5b:7f:c2:f5:8e:6e:59:d5:
40:62:d7:10:4a:3c:ca:88:a2:b3:72:80:25:f1:56:
12:66:93:e9:93:dd:fb:35:2c:0c:ac:e3:7d:a8:a1:
c1:0a:18:a7:c2:c6:05:bc:51:08:ff:48:4d:fc:b6:
6b:36:34:2a:66:31:74:c8:eb:e9:1d:f7:f7:4b:f7:
d0:a4:81:6a:b6:56:24:25:c6:62:ab:96:de:ce:b3:
27:e9:fc:c8:98:60:c9:7b:06:59:dc:63:28:98:ed:
d7:fd:54:3c:39:87:1b:7b:55:18:fd:a7:f5:6d:9a:
67:c9:d8:18:ed:05:42:5e:f1:dd:34:63:ae:b3:e7:
18:fe:da:d0:1b:3f:c7:c7:29:de:ce:26:31:bc:05:
f5:91:75:0b:3c:63:3a:2e:c2:20:42:5b:ae:4f:cb:
94:36:46:b0:d5:ef:08:39:f1:0c:72:a9:ba:0c:c8:
46:74:06:e2:1f:35:1f:0a:d8:40:cc:e8:f6:5a:53:
7f:b2:79:64:30:b3:33:02:81:cc:37:02:e5:a2:02:
62:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:6D:B1:53:62:A1:F8:98:CE:9B:47:92:63:F4:74:A1:8C:92:EA:75
X509v3 Authority Key Identifier:
keyid:CF:E3:F3:1E:4F:33:7A:D3:81:20:1B:F3:3A:01:A6:85:FB:01:6A:5E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9128E00/8991EB9EE02011E982B37A3AC4F9AE02/z-PzHk8zetOBIBvzOgGmhfsBal4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z-PzHk8zetOBIBvzOgGmhfsBal4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9128E00/8991EB9EE02011E982B37A3AC4F9AE02/D23C5270E02111E9B4A3923FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.138.77.0/24
Signature Algorithm: sha256WithRSAEncryption
04:7f:1b:cb:c4:df:23:af:86:bc:8a:fe:71:ae:5e:79:3c:6d:
a5:42:aa:98:67:42:f9:c0:a2:e6:61:b8:e8:f4:20:e8:59:90:
76:19:9a:a7:e8:a8:38:73:30:b7:9c:b2:5f:be:d1:e3:e9:14:
81:45:58:d0:58:4e:b7:82:72:bc:f2:f6:29:d5:7d:77:d9:64:
ca:77:25:e9:78:c1:eb:59:79:76:42:bb:e3:df:3a:59:e1:3f:
36:54:74:c1:a2:ee:63:d5:39:e4:e7:05:87:26:eb:3c:81:6a:
e5:6b:78:6f:f7:f9:d0:dc:bb:40:98:d2:4a:07:97:12:78:ef:
b3:fe:91:4d:c9:32:da:af:f7:3b:85:ee:a4:71:cf:6c:0a:be:
8a:f5:53:8c:71:17:55:62:ca:a9:da:68:19:fe:71:8c:3e:d5:
8a:4c:db:a1:ca:44:d7:89:5b:84:63:06:28:e2:3e:b9:78:3a:
47:63:e6:7a:61:b8:06:c8:5b:2e:bb:fc:f2:17:ad:9b:23:0c:
0b:3b:7b:e5:8f:2b:a1:4a:43:e3:82:b2:cb:f6:37:78:49:fe:
aa:14:89:fe:98:70:42:0a:ff:3c:50:49:2a:71:c8:92:ed:9b:
e0:4e:53:84:45:db:17:a6:c6:ca:f8:55:72:fe:b7:33:59:7f:
e8:0a:b4:3f
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICDOgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjhFMDAxMTAvBgNVBAUTKENGRTNGMzFFNEYzMzdBRDM4MTIwMUJGMzNBMDFBNjg1
RkIwMTZBNUUwHhcNMjUwMzI2MTgyNjIzWhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2U0NDZjZS1kMjJmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAkKYFjoIYrXs7FO3A+3Y/KV4MkkxdFYyHuiVP9FDN9tIB16y+YOHaNn2DqODu
2ylgDPzVW3/C9Y5uWdVAYtcQSjzKiKKzcoAl8VYSZpPpk937NSwMrON9qKHBChin
wsYFvFEI/0hN/LZrNjQqZjF0yOvpHff3S/fQpIFqtlYkJcZiq5bezrMn6fzImGDJ
ewZZ3GMomO3X/VQ8OYcbe1UY/af1bZpnydgY7QVCXvHdNGOus+cY/trQGz/Hxyne
ziYxvAX1kXULPGM6LsIgQluuT8uUNkaw1e8IOfEMcqm6DMhGdAbiHzUfCthAzOj2
WlN/snlkMLMzAoHMNwLlogJi+QIDAQABo4IClTCCApEwHQYDVR0OBBYEFPZtsVNi
ofiYzptHkmP0dKGMkup1MB8GA1UdIwQYMBaAFM/j8x5PM3rTgSAb8zoBpoX7AWpe
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyOEUwMC84OTkxRUI5RUUw
MjAxMUU5ODJCMzdBM0FDNEY5QUUwMi96LVB6SGs4emV0T0JJQnZ6T2dHbWhmc0Jh
bDQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3otUHpIazh6ZXRPQklCdnpPZ0dtaGZzQmFsNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjhFMDAvODk5MUVCOUVFMDIwMTFFOTgyQjM3QTNBQzRGOUFFMDIvRDIzQzUyNzBF
MDIxMTFFOUI0QTM5MjNGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnik0wDQYJKoZIhvcNAQELBQADggEBAAR/G8vE3yOvhryK
/nGuXnk8baVCqphnQvnAouZhuOj0IOhZkHYZmqfoqDhzMLecsl++0ePpFIFFWNBY
TreCcrzy9inVfXfZZMp3Jel4wetZeXZCu+PfOlnhPzZUdMGi7mPVOeTnBYcm6zyB
auVreG/3+dDcu0CY0koHlxJ477P+kU3JMtqv9zuF7qRxz2wKvor1U4xxF1Viyqna
aBn+cYw+1YpM26HKRNeJW4RjBijiPrl4Okdj5nphuAbIWy67/PIXrZsjDAs7e+WP
K6FKQ+OCssv2N3hJ/qoUif6YcEIK/zxQSSpxyJLtm+BOU4RF2xemxsr4VXL+tzNZ
f+gKtD8=
-----END CERTIFICATE-----
Generated at Sat Apr 5 01:06:18 2025 by rpki-client