Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91308E4/130A1CB0650511EB9089F180C4F9AE02/801F61DCC1E111EBB27A0812C4F9AE02.roa
File: 801F61DCC1E111EBB27A0812C4F9AE02.roa (raw, json)
Hash identifier: ez5zyisrlhzGt4msn6K1G9iNl7wli7TiUZuA1FWHYm8=
Subject key identifier: 14:F2:35:AD:55:87:62:91:03:F3:FE:44:69:70:EE:DB:4B:91:80:C9
Certificate issuer: /CN=A91308E4/serialNumber=C63892FDAD943F25FA396841BB773DA15F700684
Certificate serial: 068B
Authority key identifier: C6:38:92:FD:AD:94:3F:25:FA:39:68:41:BB:77:3D:A1:5F:70:06:84
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xjiS_a2UPyX6OWhBu3c9oV9wBoQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91308E4/130A1CB0650511EB9089F180C4F9AE02/801F61DCC1E111EBB27A0812C4F9AE02.roa
Signing time: Wed 12 Feb 2025 23:32:03 +0000
ROA not before: Wed 12 Feb 2025 23:32:03 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 21859
IP address blocks: 45.251.136.0/24 maxlen: 24
45.251.137.0/24 maxlen: 24
45.251.138.0/24 maxlen: 24
45.251.139.0/24 maxlen: 24
103.225.84.0/24 maxlen: 24
103.225.85.0/24 maxlen: 24
103.225.86.0/24 maxlen: 24
103.225.87.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1675 (0x68b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91308E4
Validity
Not Before: Feb 12 23:32:03 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67ad2f73-c305
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:30:15:ba:80:06:d2:e0:a5:34:e4:f2:09:9d:
c7:ac:13:9c:62:ca:93:6e:5f:27:60:20:1b:5f:e5:
34:0f:1e:8f:98:bd:e8:7f:d3:33:17:c1:bd:a4:a3:
14:ab:d9:11:24:20:00:03:ef:f0:ce:54:cd:e2:1b:
07:c0:3d:57:46:47:48:a5:c4:2d:53:63:8b:9f:2a:
d6:6c:81:fd:c1:00:e2:ab:bd:db:fd:00:2c:63:69:
3a:35:14:82:a0:7f:e9:f7:c9:9a:72:92:af:ec:c6:
8a:59:06:64:c8:d6:f5:fb:4c:15:7c:c7:05:cf:cb:
e3:fc:7a:59:72:e4:ad:6b:ea:c5:71:10:12:e9:cd:
5c:bb:e2:d1:cc:5e:44:c0:b4:81:57:4f:2d:0b:9f:
7f:dd:4c:40:1d:b5:93:17:b7:1c:43:65:8e:52:d6:
c1:4d:e5:d6:8e:2a:a6:ff:53:46:24:be:a5:30:42:
ad:dd:80:88:6f:8e:83:23:8a:c8:b6:d7:83:dc:9e:
bc:8a:a8:b6:0a:0b:77:fe:c8:40:ac:48:38:9c:c5:
0b:5e:1a:77:50:8e:81:f3:bf:91:24:1e:c3:a6:b9:
37:89:f0:6f:15:43:31:5a:11:4e:66:22:0a:18:6f:
73:b0:af:11:7f:e4:97:6c:f6:39:91:06:bf:6a:52:
4d:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:F2:35:AD:55:87:62:91:03:F3:FE:44:69:70:EE:DB:4B:91:80:C9
X509v3 Authority Key Identifier:
keyid:C6:38:92:FD:AD:94:3F:25:FA:39:68:41:BB:77:3D:A1:5F:70:06:84
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91308E4/130A1CB0650511EB9089F180C4F9AE02/xjiS_a2UPyX6OWhBu3c9oV9wBoQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xjiS_a2UPyX6OWhBu3c9oV9wBoQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91308E4/130A1CB0650511EB9089F180C4F9AE02/801F61DCC1E111EBB27A0812C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.251.136.0/22
103.225.84.0/22
Signature Algorithm: sha256WithRSAEncryption
1b:3f:76:92:b1:d6:fc:82:a8:0a:74:49:2f:5d:2b:db:e6:61:
78:33:c5:50:2a:ac:3c:58:51:f2:3b:86:e1:e8:9b:a7:6e:e5:
a8:e3:3b:cc:43:20:5c:7f:aa:bc:1b:6a:20:52:26:a9:ab:73:
90:05:85:3c:fd:d2:1c:fa:9c:bd:f9:20:e5:36:ac:2d:27:d3:
6f:77:90:33:3b:b2:05:cf:01:32:c7:69:e3:81:2a:cb:95:7a:
98:bc:72:5b:75:87:e7:5e:96:61:4d:c4:92:6e:d3:f0:10:12:
1c:49:5c:9a:7d:9e:2e:63:63:b5:26:b8:de:33:31:ec:91:34:
43:16:6e:89:06:6d:f0:0e:e4:ce:0b:c2:d1:85:2d:01:94:3c:
25:f5:f2:2a:54:c8:e0:bc:93:94:5b:88:87:76:8a:d9:af:36:
75:5e:99:51:fd:c4:7c:f3:63:8d:80:ba:93:34:f0:01:4e:14:
dc:6c:04:8f:d6:5f:c3:5a:f9:84:31:bd:5f:ad:3b:3e:00:2b:
69:29:ba:c1:0f:f9:f2:81:7c:05:7f:f6:98:a7:22:d6:d3:a8:
1a:b0:68:3c:82:e2:e6:d6:bf:a5:86:85:fa:9b:bf:a9:b3:24:
00:71:06:70:23:2b:f7:f8:79:bd:59:6f:60:7a:27:7e:c0:6f:
e3:ef:29:41
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICBoswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzA4RTQxMTAvBgNVBAUTKEM2Mzg5MkZEQUQ5NDNGMjVGQTM5Njg0MUJCNzczREEx
NUY3MDA2ODQwHhcNMjUwMjEyMjMzMjAzWhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2FkMmY3My1jMzA1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3TAVuoAG0uClNOTyCZ3HrBOcYsqTbl8nYCAbX+U0Dx6PmL3of9MzF8G9pKMU
q9kRJCAAA+/wzlTN4hsHwD1XRkdIpcQtU2OLnyrWbIH9wQDiq73b/QAsY2k6NRSC
oH/p98macpKv7MaKWQZkyNb1+0wVfMcFz8vj/HpZcuSta+rFcRAS6c1cu+LRzF5E
wLSBV08tC59/3UxAHbWTF7ccQ2WOUtbBTeXWjiqm/1NGJL6lMEKt3YCIb46DI4rI
tteD3J68iqi2Cgt3/shArEg4nMULXhp3UI6B87+RJB7Dprk3ifBvFUMxWhFOZiIK
GG9zsK8Rf+SXbPY5kQa/alJNdwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFBTyNa1V
h2KRA/P+RGlw7ttLkYDJMB8GA1UdIwQYMBaAFMY4kv2tlD8l+jloQbt3PaFfcAaE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzMDhFNC8xMzBBMUNCMDY1
MDUxMUVCOTA4OUYxODBDNEY5QUUwMi94amlTX2EyVVB5WDZPV2hCdTNjOW9WOXdC
b1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3hqaVNfYTJVUHlYNk9XaEJ1M2M5b1Y5d0JvUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzA4RTQvMTMwQTFDQjA2NTA1MTFFQjkwODlGMTgwQzRGOUFFMDIvODAxRjYxREND
MUUxMTFFQkIyN0EwODEyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAIt+4gDBAJn4VQwDQYJKoZIhvcNAQELBQADggEBABs/dpKx
1vyCqAp0SS9dK9vmYXgzxVAqrDxYUfI7huHom6du5ajjO8xDIFx/qrwbaiBSJqmr
c5AFhTz90hz6nL35IOU2rC0n0293kDM7sgXPATLHaeOBKsuVepi8clt1h+delmFN
xJJu0/AQEhxJXJp9ni5jY7UmuN4zMeyRNEMWbokGbfAO5M4LwtGFLQGUPCX18ipU
yOC8k5RbiId2itmvNnVemVH9xHzzY42AupM08AFOFNxsBI/WX8Na+YQxvV+tOz4A
K2kpusEP+fKBfAV/9pinItbTqBqwaDyC4ubWv6WGhfqbv6mzJABxBnAjK/f4eb1Z
b2B6J37Ab+PvKUE=
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:20:39 2025 by rpki-client