Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A913B7B2/40665008416F11EAB5C7CA65C4F9AE02/6808E6322F1C11EDA3E29B09C4F9AE02.roa
File: 6808E6322F1C11EDA3E29B09C4F9AE02.roa (raw, json)
Hash identifier: vqIiC5denoz8Yiz6UodWvD7t0BBX+gY3rEG+abpRC2o=
Subject key identifier: E8:A3:86:8D:71:28:1E:26:48:7C:51:BE:E3:EA:E5:32:FA:65:AC:A0
Certificate issuer: /CN=A913B7B2/serialNumber=09925DB67B4AB9DF6006E7BD2BC1D8EDC8CC7E19
Certificate serial: 0AC4
Authority key identifier: 09:92:5D:B6:7B:4A:B9:DF:60:06:E7:BD:2B:C1:D8:ED:C8:CC:7E:19
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CZJdtntKud9gBue9K8HY7cjMfhk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A913B7B2/40665008416F11EAB5C7CA65C4F9AE02/6808E6322F1C11EDA3E29B09C4F9AE02.roa
Signing time: Mon 02 Dec 2024 19:38:20 +0000
ROA not before: Mon 02 Dec 2024 19:38:20 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 15412
IP address blocks: 103.6.20.0/22 maxlen: 22
103.11.237.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2756 (0xac4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A913B7B2
Validity
Not Before: Dec 2 19:38:20 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=674e0cac-d5b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:61:4d:98:ca:ef:bc:da:2d:fb:d6:e2:32:03:
54:19:1f:af:27:5f:77:e6:52:63:3b:6d:43:e3:5c:
a8:de:77:5d:b3:21:f9:54:fd:a0:73:0d:89:59:b2:
e6:b3:5c:4e:c9:89:8a:1a:dd:e7:af:a7:ad:67:f2:
5f:8e:84:cd:e8:dc:4c:75:16:e2:44:50:79:e0:ad:
1c:79:df:a2:4d:cf:95:23:4c:14:46:4f:ce:86:98:
a5:18:c3:07:1d:6d:be:0d:67:31:ba:ca:23:a5:c6:
eb:e5:ec:05:d6:0f:e2:a0:1a:ce:15:d6:e4:85:d2:
37:c5:f1:08:b2:64:a3:7a:be:93:be:e7:4c:9d:75:
31:ab:dd:00:97:5d:a2:4a:ad:49:ec:ba:2a:05:cd:
c5:4c:be:83:cf:f1:1d:22:c5:bc:51:c5:6e:96:27:
87:40:44:e0:45:52:fd:8c:0a:3c:4f:c4:85:2f:0c:
40:87:33:82:5b:33:df:0d:fb:c0:b1:ef:69:24:98:
57:5b:52:2f:bf:40:8d:80:11:d5:8d:9b:02:1b:cf:
12:9a:10:80:3b:22:b3:ee:04:b7:3f:44:65:99:1b:
c3:b9:7b:af:bd:28:13:ce:31:a5:59:f8:4b:9a:10:
71:41:01:64:23:cd:01:21:7e:7b:f7:c4:d7:d5:d8:
65:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:A3:86:8D:71:28:1E:26:48:7C:51:BE:E3:EA:E5:32:FA:65:AC:A0
X509v3 Authority Key Identifier:
keyid:09:92:5D:B6:7B:4A:B9:DF:60:06:E7:BD:2B:C1:D8:ED:C8:CC:7E:19
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A913B7B2/40665008416F11EAB5C7CA65C4F9AE02/CZJdtntKud9gBue9K8HY7cjMfhk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CZJdtntKud9gBue9K8HY7cjMfhk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913B7B2/40665008416F11EAB5C7CA65C4F9AE02/6808E6322F1C11EDA3E29B09C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.6.20.0/22
103.11.237.0/24
Signature Algorithm: sha256WithRSAEncryption
c0:ab:1d:3a:13:0f:59:40:84:24:5c:74:40:80:62:37:e9:de:
44:e5:ef:d7:22:fa:0f:2e:0e:26:52:77:87:f0:cd:08:c0:b8:
f5:c7:6d:a8:ea:7e:2d:ba:08:c5:c2:5c:36:38:ca:0a:30:a3:
04:d8:b4:c5:d2:ef:9c:0b:4a:bf:5d:36:32:f5:02:91:fd:86:
cd:19:b0:b1:2d:4c:7c:56:35:b3:0f:6f:f5:17:3a:69:ca:cf:
9a:39:8e:bc:e9:36:a4:dc:55:f6:c3:b7:2f:64:b2:58:95:2a:
e1:1e:cd:07:00:15:c3:b5:3a:e0:ea:7e:71:d1:6e:16:e2:7f:
34:9f:9e:f1:17:87:2e:85:2a:76:14:b9:b3:27:d6:76:9e:ad:
82:13:c2:dd:ee:ff:5a:14:ec:26:3b:f1:bb:9a:28:b5:a5:9e:
e1:af:b7:dd:3a:fd:cd:d4:77:af:bb:51:ce:7a:b9:4e:8d:12:
09:9f:9d:eb:49:16:cf:72:01:df:62:08:ce:7e:0f:e0:23:7b:
7f:df:39:31:04:2b:cd:88:ec:6f:89:6f:54:c9:7a:99:9e:17:
d9:16:c5:16:49:9e:1b:12:33:93:54:3f:2f:8a:d9:3a:f9:9b:
86:c4:de:79:ab:4f:6c:bd:a5:29:e6:77:5c:b9:50:7b:3b:bd:
7c:ac:8f:5a
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICCsQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
M0I3QjIxMTAvBgNVBAUTKDA5OTI1REI2N0I0QUI5REY2MDA2RTdCRDJCQzFEOEVE
QzhDQzdFMTkwHhcNMjQxMjAyMTkzODIwWhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzRlMGNhYy1kNWIwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvmFNmMrvvNot+9biMgNUGR+vJ1935lJjO21D41yo3nddsyH5VP2gcw2JWbLm
s1xOyYmKGt3nr6etZ/JfjoTN6NxMdRbiRFB54K0ced+iTc+VI0wURk/OhpilGMMH
HW2+DWcxusojpcbr5ewF1g/ioBrOFdbkhdI3xfEIsmSjer6TvudMnXUxq90Al12i
Sq1J7LoqBc3FTL6Dz/EdIsW8UcVulieHQETgRVL9jAo8T8SFLwxAhzOCWzPfDfvA
se9pJJhXW1Ivv0CNgBHVjZsCG88SmhCAOyKz7gS3P0RlmRvDuXuvvSgTzjGlWfhL
mhBxQQFkI80BIX5798TX1dhlowIDAQABo4ICmzCCApcwHQYDVR0OBBYEFOijho1x
KB4mSHxRvuPq5TL6ZaygMB8GA1UdIwQYMBaAFAmSXbZ7SrnfYAbnvSvB2O3IzH4Z
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzQjdCMi80MDY2NTAwODQx
NkYxMUVBQjVDN0NBNjVDNEY5QUUwMi9DWkpkdG50S3VkOWdCdWU5SzhIWTdjak1m
aGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0NaSmR0bnRLdWQ5Z0J1ZTlLOEhZN2NqTWZoay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
M0I3QjIvNDA2NjUwMDg0MTZGMTFFQUI1QzdDQTY1QzRGOUFFMDIvNjgwOEU2MzIy
RjFDMTFFREEzRTI5QjA5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAJnBhQDBABnC+0wDQYJKoZIhvcNAQELBQADggEBAMCrHToT
D1lAhCRcdECAYjfp3kTl79ci+g8uDiZSd4fwzQjAuPXHbajqfi26CMXCXDY4ygow
owTYtMXS75wLSr9dNjL1ApH9hs0ZsLEtTHxWNbMPb/UXOmnKz5o5jrzpNqTcVfbD
ty9ksliVKuEezQcAFcO1OuDqfnHRbhbifzSfnvEXhy6FKnYUubMn1naerYITwt3u
/1oU7CY78buaKLWlnuGvt906/c3Ud6+7Uc56uU6NEgmfnetJFs9yAd9iCM5+D+Aj
e3/fOTEEK82I7G+Jb1TJepmeF9kWxRZJnhsSM5NUPy+K2Tr5m4bE3nmrT2y9pSnm
d1y5UHs7vXysj1o=
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:00:48 2025 by rpki-client