Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9132742/0415D6FE84B711ECB5A71B42C4F9AE02/41A312C684BB11EC95CF1D6DC4F9AE02.roa
File: 41A312C684BB11EC95CF1D6DC4F9AE02.roa (raw, json)
Hash identifier: gOa0TpZKNAKtEp1z7Y7hA0Mkc96+IudmzfWq1Ab24PI=
Subject key identifier: 1E:8C:A9:28:83:2C:4E:D2:9A:80:4D:FC:B0:F0:EA:21:F1:93:24:7F
Certificate issuer: /CN=A9132742/serialNumber=0CEE0D96773D5DDAD4679E0E839A8DC12669E232
Certificate serial: 039F
Authority key identifier: 0C:EE:0D:96:77:3D:5D:DA:D4:67:9E:0E:83:9A:8D:C1:26:69:E2:32
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DO4Nlnc9XdrUZ54Og5qNwSZp4jI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9132742/0415D6FE84B711ECB5A71B42C4F9AE02/41A312C684BB11EC95CF1D6DC4F9AE02.roa
Signing time: Fri 07 Feb 2025 00:23:18 +0000
ROA not before: Fri 07 Feb 2025 00:23:17 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 149473
IP address blocks: 103.180.104.0/23 maxlen: 23
103.180.104.0/24 maxlen: 24
103.180.105.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 927 (0x39f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9132742
Validity
Not Before: Feb 7 00:23:17 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=67a55275-882b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:a0:27:a5:2d:18:d7:91:09:63:4e:8c:55:92:
d2:ce:56:f0:8c:e7:bc:87:84:e4:be:57:86:33:3a:
cc:30:b7:92:16:a6:1d:5b:59:22:ea:81:bc:df:9e:
44:84:9b:b3:dc:be:cc:6c:f3:8b:56:da:10:42:30:
9b:7d:8e:82:33:4c:df:c5:98:a5:51:73:7b:f0:f7:
0c:60:7b:d5:41:34:87:8e:47:fe:de:63:64:08:4b:
5a:1b:c5:c3:eb:fd:4e:68:81:be:6e:3c:e9:1f:33:
e8:6f:d4:fb:2d:b4:d6:c3:16:35:cc:fc:52:65:af:
03:c3:b8:ad:29:42:4e:a6:d3:45:2f:1e:ce:38:73:
98:09:b1:2c:68:c0:36:1f:30:7e:3e:f0:98:f0:36:
d0:63:17:2e:6a:a5:ed:ad:59:b9:d9:02:c5:e1:0a:
6e:b2:30:d3:a1:2e:f0:1f:1a:05:d7:ca:70:15:7f:
a0:69:da:66:e7:7a:e5:cc:ad:14:cd:56:d4:63:0a:
ae:c7:41:bc:28:6e:62:75:e3:24:44:d1:2c:06:ff:
c6:93:9f:a4:78:fe:ed:19:ae:e8:ee:f6:98:b2:41:
d0:5f:b8:b7:79:b5:da:0c:fb:25:da:09:98:5c:e5:
b4:48:52:c5:f6:c2:70:94:0a:3e:33:ef:c2:63:af:
1b:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:8C:A9:28:83:2C:4E:D2:9A:80:4D:FC:B0:F0:EA:21:F1:93:24:7F
X509v3 Authority Key Identifier:
keyid:0C:EE:0D:96:77:3D:5D:DA:D4:67:9E:0E:83:9A:8D:C1:26:69:E2:32
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9132742/0415D6FE84B711ECB5A71B42C4F9AE02/DO4Nlnc9XdrUZ54Og5qNwSZp4jI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DO4Nlnc9XdrUZ54Og5qNwSZp4jI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9132742/0415D6FE84B711ECB5A71B42C4F9AE02/41A312C684BB11EC95CF1D6DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.180.104.0/23
Signature Algorithm: sha256WithRSAEncryption
7f:88:67:0b:61:95:f5:c3:53:bf:98:3b:69:35:75:91:a4:cd:
ba:ff:a0:0d:86:39:25:5a:da:9f:1c:37:61:96:20:73:c0:60:
3a:3f:50:a8:d1:d4:c2:3f:90:dd:13:d2:73:4d:23:af:ea:21:
a9:a5:ed:40:38:d0:ea:d9:3b:10:cd:20:e0:71:3b:c5:cf:7c:
b0:5a:f7:33:fe:9b:d4:6b:c8:31:c8:32:9f:d7:d1:a3:0b:a0:
4e:e7:77:d5:97:22:5d:30:59:a5:fa:c9:40:32:a2:2a:3f:cf:
1b:70:8d:9f:7d:61:42:a8:34:7f:ad:00:9b:b3:e9:5f:e0:23:
17:31:60:eb:74:9c:59:fa:29:c3:4f:7e:4b:75:d3:5e:00:d8:
99:37:0f:eb:77:a7:6f:24:c2:df:bb:27:40:00:6a:02:77:da:
32:c8:4a:6e:a2:bf:99:6b:4a:b8:2a:65:3b:a0:78:86:c3:79:
58:a9:b1:97:c4:e0:3a:b1:16:a7:e7:29:14:0d:96:f8:5b:d5:
db:88:2b:a9:90:e1:26:b9:f9:99:2f:ab:7f:89:48:14:d7:89:
d7:72:9e:62:6d:dc:2b:7f:01:7d:6a:2d:21:4a:8d:cf:f6:7a:
c8:58:c3:44:11:48:bc:f9:1a:61:b2:54:ab:8a:ea:f3:ff:25:
cb:1b:4c:c4
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICA58wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzI3NDIxMTAvBgNVBAUTKDBDRUUwRDk2NzczRDVEREFENDY3OUUwRTgzOUE4REMx
MjY2OUUyMzIwHhcNMjUwMjA3MDAyMzE3WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2E1NTI3NS04ODJiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA+aAnpS0Y15EJY06MVZLSzlbwjOe8h4TkvleGMzrMMLeSFqYdW1ki6oG8355E
hJuz3L7MbPOLVtoQQjCbfY6CM0zfxZilUXN78PcMYHvVQTSHjkf+3mNkCEtaG8XD
6/1OaIG+bjzpHzPob9T7LbTWwxY1zPxSZa8Dw7itKUJOptNFLx7OOHOYCbEsaMA2
HzB+PvCY8DbQYxcuaqXtrVm52QLF4QpusjDToS7wHxoF18pwFX+gadpm53rlzK0U
zVbUYwqux0G8KG5ideMkRNEsBv/Gk5+keP7tGa7o7vaYskHQX7i3ebXaDPsl2gmY
XOW0SFLF9sJwlAo+M+/CY68bpQIDAQABo4IClTCCApEwHQYDVR0OBBYEFB6MqSiD
LE7SmoBN/LDw6iHxkyR/MB8GA1UdIwQYMBaAFAzuDZZ3PV3a1GeeDoOajcEmaeIy
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzMjc0Mi8wNDE1RDZGRTg0
QjcxMUVDQjVBNzFCNDJDNEY5QUUwMi9ETzRObG5jOVhkclVaNTRPZzVxTndTWnA0
akkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0RPNE5sbmM5WGRyVVo1NE9nNXFOd1NacDRqSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzI3NDIvMDQxNUQ2RkU4NEI3MTFFQ0I1QTcxQjQyQzRGOUFFMDIvNDFBMzEyQzY4
NEJCMTFFQzk1Q0YxRDZEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFntGgwDQYJKoZIhvcNAQELBQADggEBAH+IZwthlfXDU7+Y
O2k1dZGkzbr/oA2GOSVa2p8cN2GWIHPAYDo/UKjR1MI/kN0T0nNNI6/qIaml7UA4
0OrZOxDNIOBxO8XPfLBa9zP+m9RryDHIMp/X0aMLoE7nd9WXIl0wWaX6yUAyoio/
zxtwjZ99YUKoNH+tAJuz6V/gIxcxYOt0nFn6KcNPfkt1014A2Jk3D+t3p28kwt+7
J0AAagJ32jLISm6iv5lrSrgqZTugeIbDeVipsZfE4DqxFqfnKRQNlvhb1duIK6mQ
4Sa5+Zkvq3+JSBTXiddynmJt3Ct/AX1qLSFKjc/2eshYw0QRSLz5GmGyVKuK6vP/
JcsbTMQ=
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:10:10 2025 by rpki-client