Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91365B9/745D77029EB411ECBF0E1477C4F9AE02/AFF4E1F89EB711EC8210607DC4F9AE02.roa
File: AFF4E1F89EB711EC8210607DC4F9AE02.roa (raw, json)
Hash identifier: l4NiEiTB+02p0Uj+cCqIOLwgHYhCmg6R+xhxmoCEOiY=
Subject key identifier: AB:26:81:AF:C7:E6:DB:99:32:FE:52:54:FA:54:00:75:16:8C:71:FF
Certificate issuer: /CN=A91365B9/serialNumber=C2A2EB4CF9102778A42E15CCD20A584EDCEDC272
Certificate serial: 033A
Authority key identifier: C2:A2:EB:4C:F9:10:27:78:A4:2E:15:CC:D2:0A:58:4E:DC:ED:C2:72
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wqLrTPkQJ3ikLhXM0gpYTtztwnI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91365B9/745D77029EB411ECBF0E1477C4F9AE02/AFF4E1F89EB711EC8210607DC4F9AE02.roa
Signing time: Tue 03 Dec 2024 01:04:19 +0000
ROA not before: Tue 03 Dec 2024 01:04:19 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 138678
IP address blocks: 103.144.0.0/24 maxlen: 24
103.144.1.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 826 (0x33a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91365B9
Validity
Not Before: Dec 3 01:04:19 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=674e5913-1ecd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:15:4b:3b:25:c6:5b:72:04:b6:b3:77:c2:8b:
7b:04:69:82:9d:4b:bf:78:f2:0e:4d:da:ab:07:89:
a0:61:08:f0:51:4e:c5:9d:4f:0d:9a:ba:9d:f5:c5:
d0:9c:ba:6c:14:d9:e1:d5:06:05:f8:32:c2:8d:39:
0a:ce:0d:97:e1:a2:00:25:f9:bb:d9:e8:f7:32:e0:
20:16:b8:e4:ac:2c:91:93:e5:5e:9f:9d:83:31:78:
eb:a3:65:33:f4:1b:e7:90:23:ba:14:1f:9f:94:43:
0c:e3:a1:65:d3:ca:d1:0a:80:5e:a9:42:2b:f3:80:
4d:12:0a:60:3d:24:45:fc:48:8f:b2:71:eb:11:4e:
44:cd:6e:84:98:e1:f2:1f:fa:e3:a8:05:b4:d4:53:
61:16:42:b2:6d:72:0e:00:9d:3b:68:93:4a:42:d0:
d3:15:ae:b3:5c:a2:0c:2c:2b:f4:db:e9:98:2a:5b:
06:7f:33:74:69:05:41:9a:8d:e6:b0:6d:83:40:d0:
74:2e:5b:2d:26:8f:2e:10:52:05:59:fa:0b:4a:82:
74:d0:a6:94:dc:1f:0b:c1:05:8a:f1:1f:c3:7a:47:
e4:d5:16:19:dc:f5:1a:d5:24:3f:71:14:f3:87:60:
97:b8:99:fd:f4:5a:c4:74:1d:84:b6:c0:a1:5c:bc:
85:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:26:81:AF:C7:E6:DB:99:32:FE:52:54:FA:54:00:75:16:8C:71:FF
X509v3 Authority Key Identifier:
keyid:C2:A2:EB:4C:F9:10:27:78:A4:2E:15:CC:D2:0A:58:4E:DC:ED:C2:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91365B9/745D77029EB411ECBF0E1477C4F9AE02/wqLrTPkQJ3ikLhXM0gpYTtztwnI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wqLrTPkQJ3ikLhXM0gpYTtztwnI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91365B9/745D77029EB411ECBF0E1477C4F9AE02/AFF4E1F89EB711EC8210607DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.144.0.0/23
Signature Algorithm: sha256WithRSAEncryption
de:eb:30:ef:8f:39:ec:15:25:1a:11:46:35:19:e3:4d:92:69:
d8:8a:9c:04:aa:f1:e6:b1:7c:08:77:e3:1a:af:4c:48:03:09:
4b:bf:70:09:27:9a:3f:2b:e8:5f:22:f9:a5:a9:e1:6b:4f:3e:
f0:0f:ab:bc:d5:64:00:07:59:f6:d4:4c:cc:84:36:a8:79:e6:
4f:86:fe:ca:79:2b:41:54:83:0a:11:06:08:51:b0:1d:f2:eb:
2f:4a:c7:cd:aa:76:a4:96:c9:74:51:21:88:05:b3:f4:33:eb:
bb:8b:27:9f:14:85:e2:8e:4b:26:df:1a:25:54:58:40:00:f1:
78:a5:71:b7:1b:34:9d:62:1e:b7:1a:d9:15:01:98:fb:86:40:
bf:d9:ad:63:99:b2:99:f1:cc:9c:a2:be:aa:2b:aa:7e:6d:24:
44:32:4b:59:e5:32:df:65:92:cb:bd:fb:40:9f:64:e8:d0:b5:
3d:56:ce:9e:e0:f3:83:4c:76:1d:0e:57:49:5e:35:66:1e:e1:
95:78:ab:a5:96:f9:f4:c6:bc:5c:de:68:fa:3b:b9:77:c2:2d:
57:ce:f6:a0:19:ec:ec:3c:95:52:ec:2f:e3:60:d3:2c:1f:22:
ab:24:f1:bf:d6:ba:6b:fb:34:7d:53:fe:52:c7:3d:b0:a9:14:
70:98:83:18
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAzowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzY1QjkxMTAvBgNVBAUTKEMyQTJFQjRDRjkxMDI3NzhBNDJFMTVDQ0QyMEE1ODRF
RENFREMyNzIwHhcNMjQxMjAzMDEwNDE5WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzRlNTkxMy0xZWNkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1hVLOyXGW3IEtrN3wot7BGmCnUu/ePIOTdqrB4mgYQjwUU7FnU8Nmrqd9cXQ
nLpsFNnh1QYF+DLCjTkKzg2X4aIAJfm72ej3MuAgFrjkrCyRk+Ven52DMXjro2Uz
9BvnkCO6FB+flEMM46Fl08rRCoBeqUIr84BNEgpgPSRF/EiPsnHrEU5EzW6EmOHy
H/rjqAW01FNhFkKybXIOAJ07aJNKQtDTFa6zXKIMLCv02+mYKlsGfzN0aQVBmo3m
sG2DQNB0LlstJo8uEFIFWfoLSoJ00KaU3B8LwQWK8R/Dekfk1RYZ3PUa1SQ/cRTz
h2CXuJn99FrEdB2EtsChXLyF1wIDAQABo4IClTCCApEwHQYDVR0OBBYEFKsmga/H
5tuZMv5SVPpUAHUWjHH/MB8GA1UdIwQYMBaAFMKi60z5ECd4pC4VzNIKWE7c7cJy
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzNjVCOS83NDVENzcwMjlF
QjQxMUVDQkYwRTE0NzdDNEY5QUUwMi93cUxyVFBrUUozaWtMaFhNMGdwWVR0enR3
bkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3dxTHJUUGtRSjNpa0xoWE0wZ3BZVHR6dHduSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzY1QjkvNzQ1RDc3MDI5RUI0MTFFQ0JGMEUxNDc3QzRGOUFFMDIvQUZGNEUxRjg5
RUI3MTFFQzgyMTA2MDdEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnkAAwDQYJKoZIhvcNAQELBQADggEBAN7rMO+POewVJRoR
RjUZ402SadiKnASq8eaxfAh34xqvTEgDCUu/cAknmj8r6F8i+aWp4WtPPvAPq7zV
ZAAHWfbUTMyENqh55k+G/sp5K0FUgwoRBghRsB3y6y9Kx82qdqSWyXRRIYgFs/Qz
67uLJ58UheKOSybfGiVUWEAA8XilcbcbNJ1iHrca2RUBmPuGQL/ZrWOZspnxzJyi
vqorqn5tJEQyS1nlMt9lksu9+0CfZOjQtT1Wzp7g84NMdh0OV0leNWYe4ZV4q6WW
+fTGvFzeaPo7uXfCLVfO9qAZ7Ow8lVLsL+Ng0ywfIqsk8b/Wumv7NH1T/lLHPbCp
FHCYgxg=
-----END CERTIFICATE-----
Generated at Sat Apr 5 01:57:52 2025 by rpki-client