Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914275E/4DF7DB04911811E994793C4DC4F9AE02/50E999AA911911E9BEF5F94EC4F9AE02.roa
File: 50E999AA911911E9BEF5F94EC4F9AE02.roa (raw, json)
Hash identifier: oCjpYZp3Jq8v9CYytKf/Jy8pzYlTc/kezyUqPc+tK1E=
Subject key identifier: B2:B8:2A:D0:7A:60:2E:1B:00:65:87:3D:AD:33:48:38:17:9C:37:8E
Certificate issuer: /CN=A914275E/serialNumber=6284207D0D27A2E8BF4D2EB14FB129CAD4F6CC3F
Certificate serial: 0E73
Authority key identifier: 62:84:20:7D:0D:27:A2:E8:BF:4D:2E:B1:4F:B1:29:CA:D4:F6:CC:3F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YoQgfQ0noui_TS6xT7EpytT2zD8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914275E/4DF7DB04911811E994793C4DC4F9AE02/50E999AA911911E9BEF5F94EC4F9AE02.roa
Signing time: Fri 14 Feb 2025 18:36:38 +0000
ROA not before: Fri 14 Feb 2025 18:36:38 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 135063
IP address blocks: 103.208.24.0/24 maxlen: 24
103.208.25.0/24 maxlen: 24
103.208.26.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3699 (0xe73)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914275E
Validity
Not Before: Feb 14 18:36:38 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67af8d36-e382
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:30:ff:e8:59:6b:da:7f:1d:06:fb:f2:14:a1:
35:bd:8f:5a:af:aa:c3:cf:65:0e:07:e6:e3:a2:81:
96:d9:9b:0c:c0:1b:72:de:c0:9e:21:16:6d:4c:48:
0c:61:11:65:2b:6b:94:c1:88:58:ef:48:48:1c:1b:
6d:ec:8c:86:95:f5:42:e9:13:72:66:d7:4e:96:25:
4d:c8:c7:0e:94:9d:98:7c:fb:36:cc:85:16:ac:f2:
25:d8:f7:23:b2:99:10:e4:69:46:ca:01:c1:84:2d:
d5:aa:c2:f2:0a:31:2d:81:72:1d:38:29:74:e0:84:
50:3e:0a:9b:5c:de:78:11:33:bf:15:49:e9:7c:46:
c6:2e:d7:14:f5:15:91:58:2f:f8:14:aa:2e:a9:cb:
2e:37:ae:92:92:7b:37:28:24:d9:d0:fc:3f:66:a1:
70:54:14:78:ee:0c:36:26:f9:2a:93:4b:4c:db:72:
27:c5:43:de:8c:fd:a1:2d:3d:21:6d:5c:eb:4c:71:
27:64:ae:8d:da:8d:40:5a:de:c9:40:dd:18:fa:59:
c1:b2:6b:20:96:cd:46:ea:d5:51:9f:d1:58:b9:75:
1c:b1:3d:13:73:16:d1:40:76:6e:8d:20:9a:82:8f:
05:5c:68:53:20:5a:0e:da:88:62:e5:3b:c4:24:5c:
5a:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:B8:2A:D0:7A:60:2E:1B:00:65:87:3D:AD:33:48:38:17:9C:37:8E
X509v3 Authority Key Identifier:
keyid:62:84:20:7D:0D:27:A2:E8:BF:4D:2E:B1:4F:B1:29:CA:D4:F6:CC:3F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914275E/4DF7DB04911811E994793C4DC4F9AE02/YoQgfQ0noui_TS6xT7EpytT2zD8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YoQgfQ0noui_TS6xT7EpytT2zD8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914275E/4DF7DB04911811E994793C4DC4F9AE02/50E999AA911911E9BEF5F94EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.208.24.0-103.208.26.255
Signature Algorithm: sha256WithRSAEncryption
49:f3:d3:50:be:bb:20:bf:0c:34:a4:9c:17:67:ba:98:bb:f8:
84:ff:92:0d:98:2c:48:a0:c4:d1:0d:2a:b6:29:f1:91:de:39:
9b:92:92:95:c0:0c:8d:c6:90:5a:2a:b3:be:91:d6:0b:1f:a8:
6c:c5:b3:85:a8:e3:b1:65:79:18:54:05:53:bb:20:1f:ac:64:
ef:ef:13:04:09:ad:87:c9:5e:cd:62:c6:90:5a:b4:7d:4a:b6:
17:93:57:d3:2c:78:3d:fa:95:61:35:47:66:f5:69:86:d6:34:
40:34:23:bd:5a:8b:0f:7d:21:3a:b7:36:72:30:55:ab:40:fb:
8b:db:91:71:0a:25:2a:df:47:0d:73:be:aa:1b:9c:ba:8b:0a:
0d:24:6e:70:97:a4:f1:60:36:f6:2e:55:26:5a:da:ad:96:6d:
57:f5:5d:bb:26:72:68:5a:20:03:53:08:d6:46:fd:00:ac:23:
98:22:1a:01:f8:a3:53:52:de:92:9a:58:5d:87:5a:ec:b9:3e:
bb:fc:98:43:dd:ae:b2:f1:7c:cd:14:d4:f9:46:1e:77:08:b4:
50:01:81:e2:df:f4:1e:cc:2b:bc:98:b6:f8:6b:0e:55:f8:2d:
f3:1f:16:e7:e3:1a:e1:f2:d7:a6:c3:8b:ed:18:a4:96:35:95:
f4:72:f8:98
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgICDnMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDI3NUUxMTAvBgNVBAUTKDYyODQyMDdEMEQyN0EyRThCRjREMkVCMTRGQjEyOUNB
RDRGNkNDM0YwHhcNMjUwMjE0MTgzNjM4WhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2FmOGQzNi1lMzgyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1zD/6Flr2n8dBvvyFKE1vY9ar6rDz2UOB+bjooGW2ZsMwBty3sCeIRZtTEgM
YRFlK2uUwYhY70hIHBtt7IyGlfVC6RNyZtdOliVNyMcOlJ2YfPs2zIUWrPIl2Pcj
spkQ5GlGygHBhC3VqsLyCjEtgXIdOCl04IRQPgqbXN54ETO/FUnpfEbGLtcU9RWR
WC/4FKouqcsuN66Skns3KCTZ0Pw/ZqFwVBR47gw2Jvkqk0tM23InxUPejP2hLT0h
bVzrTHEnZK6N2o1AWt7JQN0Y+lnBsmsgls1G6tVRn9FYuXUcsT0TcxbRQHZujSCa
go8FXGhTIFoO2ohi5TvEJFxafQIDAQABo4ICnTCCApkwHQYDVR0OBBYEFLK4KtB6
YC4bAGWHPa0zSDgXnDeOMB8GA1UdIwQYMBaAFGKEIH0NJ6Lov00usU+xKcrU9sw/
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0Mjc1RS80REY3REIwNDkx
MTgxMUU5OTQ3OTNDNERDNEY5QUUwMi9Zb1FnZlEwbm91aV9UUzZ4VDdFcHl0VDJ6
RDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1lvUWdmUTBub3VpX1RTNnhUN0VweXRUMnpEOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDI3NUUvNERGN0RCMDQ5MTE4MTFFOTk0NzkzQzREQzRGOUFFMDIvNTBFOTk5QUE5
MTE5MTFFOUJFRjVGOTRFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJwYIKwYBBQUHAQcBAf8E
GDAWMBQEAgABMA4wDAMEA2fQGAMEAGfQGjANBgkqhkiG9w0BAQsFAAOCAQEASfPT
UL67IL8MNKScF2e6mLv4hP+SDZgsSKDE0Q0qtinxkd45m5KSlcAMjcaQWiqzvpHW
Cx+obMWzhajjsWV5GFQFU7sgH6xk7+8TBAmth8lezWLGkFq0fUq2F5NX0yx4PfqV
YTVHZvVphtY0QDQjvVqLD30hOrc2cjBVq0D7i9uRcQolKt9HDXO+qhucuosKDSRu
cJek8WA29i5VJlrarZZtV/VduyZyaFogA1MI1kb9AKwjmCIaAfijU1LekppYXYda
7Lk+u/yYQ92usvF8zRTU+UYedwi0UAGB4t/0HswrvJi2+GsOVfgt8x8W5+Ma4fLX
psOL7RikljWV9HL4mA==
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:22:45 2025 by rpki-client