Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9143FE9/F9E65E20443811EBAD443F74C4F9AE02/A6864ACE7BA911EDB41A851EC4F9AE02.roa
File: A6864ACE7BA911EDB41A851EC4F9AE02.roa (raw, json)
Hash identifier: in5sPndy+m94d5TFTDzmLk0rnuoauLzhEu9bOOaeDaw=
Subject key identifier: 26:EA:F3:5B:F4:AB:39:5F:2B:76:1C:37:7C:B4:99:4D:43:18:C0:C5
Certificate issuer: /CN=A9143FE9/serialNumber=1520F2B34ABDDCAE94FA922EF4757CD36140F254
Certificate serial: 06D1
Authority key identifier: 15:20:F2:B3:4A:BD:DC:AE:94:FA:92:2E:F4:75:7C:D3:61:40:F2:54
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FSDys0q93K6U-pIu9HV802FA8lQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9143FE9/F9E65E20443811EBAD443F74C4F9AE02/A6864ACE7BA911EDB41A851EC4F9AE02.roa
Signing time: Wed 22 Jan 2025 22:00:31 +0000
ROA not before: Wed 22 Jan 2025 22:00:31 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 134465
IP address blocks: 103.160.144.0/23 maxlen: 23
103.160.144.0/24 maxlen: 24
2001:df5:a380::/48 maxlen: 48
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1745 (0x6d1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9143FE9
Validity
Not Before: Jan 22 22:00:31 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=67916a7f-f913
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:b2:7e:59:c0:fe:39:d8:1e:a5:9a:de:a7:96:
bb:0c:ee:88:a2:cc:15:ed:52:dd:92:3b:0b:56:36:
70:a8:a6:c2:43:fe:19:6a:20:c2:83:29:35:8c:2c:
81:7b:38:72:b0:fa:0e:f4:ef:68:de:55:67:6e:cd:
41:42:af:61:db:c2:c8:d9:fd:cb:25:0e:73:4c:a0:
28:07:5c:bf:04:9a:07:d7:60:fd:9c:e4:2b:1a:ae:
5a:fd:1a:de:36:8c:f2:56:5c:d5:1f:53:11:d1:68:
a7:f7:5c:64:b9:ac:88:a2:6b:a6:92:03:66:78:0d:
0b:74:b2:69:36:5f:9a:a5:4e:fc:83:2f:15:33:c6:
1f:67:f3:2b:21:e3:b1:26:ce:88:ee:b2:f0:11:ed:
dd:de:17:f9:e1:55:58:a8:b5:ec:c9:55:ba:95:cf:
67:de:83:ac:a7:10:1b:cd:cf:fc:b8:b0:31:a4:29:
b9:b4:73:4a:ab:53:83:a4:c3:08:27:b6:25:b7:14:
8d:f6:73:71:49:99:e3:3e:04:aa:d4:7b:47:e5:15:
65:d3:28:f9:d6:41:ab:d9:c0:06:36:22:2b:c1:62:
22:af:73:96:c7:4f:4e:47:35:80:66:7e:09:ef:25:
50:ce:9e:cf:c4:61:98:95:53:1b:d9:2f:f2:ce:f6:
0d:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:EA:F3:5B:F4:AB:39:5F:2B:76:1C:37:7C:B4:99:4D:43:18:C0:C5
X509v3 Authority Key Identifier:
keyid:15:20:F2:B3:4A:BD:DC:AE:94:FA:92:2E:F4:75:7C:D3:61:40:F2:54
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9143FE9/F9E65E20443811EBAD443F74C4F9AE02/FSDys0q93K6U-pIu9HV802FA8lQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FSDys0q93K6U-pIu9HV802FA8lQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9143FE9/F9E65E20443811EBAD443F74C4F9AE02/A6864ACE7BA911EDB41A851EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.160.144.0/23
IPv6:
2001:df5:a380::/48
Signature Algorithm: sha256WithRSAEncryption
54:1e:9d:63:f8:23:5e:e1:b9:ef:3b:dc:bb:f4:50:d3:b4:03:
df:30:69:af:34:f8:77:11:02:4c:a4:df:72:57:5e:98:8c:98:
da:93:37:6e:c7:a5:05:61:b9:b7:b6:6b:d7:d8:b5:40:b2:46:
03:82:01:cc:63:60:41:f3:d0:7a:0d:b9:81:6a:d3:45:03:7e:
fb:41:36:4e:e8:a6:54:7f:7b:b3:ec:40:fb:be:21:bf:46:59:
3f:60:03:ce:09:c9:f9:9d:fe:22:3b:da:c9:aa:a9:4f:4f:9c:
d7:55:c2:41:5a:d9:8d:06:69:80:4c:ed:96:86:43:f3:e7:5c:
5e:16:e3:55:c0:58:26:74:1c:0e:fc:14:df:c6:12:f9:f7:20:
86:9d:a0:27:8b:d1:ac:8f:c8:ce:39:c2:b2:be:60:cc:69:76:
4e:74:eb:f4:a7:04:0f:57:51:cc:64:c4:34:a5:30:5c:4d:c9:
61:3f:32:e4:b2:0c:e1:b1:77:0d:48:13:c2:7c:e0:1f:5e:08:
ec:af:d8:88:c1:4e:d8:35:b1:b9:8f:bc:bf:c0:20:5d:50:d8:
00:a1:91:85:c2:96:e6:17:2b:e9:d4:ec:4e:34:e9:31:5e:72:
0a:fd:d6:eb:1c:ce:04:db:c4:c2:a5:92:69:48:0a:1e:e5:7f:
63:9f:6e:9a
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICBtEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDNGRTkxMTAvBgNVBAUTKDE1MjBGMkIzNEFCRERDQUU5NEZBOTIyRUY0NzU3Q0Qz
NjE0MEYyNTQwHhcNMjUwMTIyMjIwMDMxWhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzkxNmE3Zi1mOTEzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvbJ+WcD+OdgepZrep5a7DO6IoswV7VLdkjsLVjZwqKbCQ/4ZaiDCgyk1jCyB
ezhysPoO9O9o3lVnbs1BQq9h28LI2f3LJQ5zTKAoB1y/BJoH12D9nOQrGq5a/Rre
NozyVlzVH1MR0Win91xkuayIomumkgNmeA0LdLJpNl+apU78gy8VM8YfZ/MrIeOx
Js6I7rLwEe3d3hf54VVYqLXsyVW6lc9n3oOspxAbzc/8uLAxpCm5tHNKq1ODpMMI
J7YltxSN9nNxSZnjPgSq1HtH5RVl0yj51kGr2cAGNiIrwWIir3OWx09ORzWAZn4J
7yVQzp7PxGGYlVMb2S/yzvYNaQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFCbq81v0
qzlfK3YcN3y0mU1DGMDFMB8GA1UdIwQYMBaAFBUg8rNKvdyulPqSLvR1fNNhQPJU
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0M0ZFOS9GOUU2NUUyMDQ0
MzgxMUVCQUQ0NDNGNzRDNEY5QUUwMi9GU0R5czBxOTNLNlUtcEl1OUhWODAyRkE4
bFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZTRHlzMHE5M0s2VS1wSXU5SFY4MDJGQThsUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDNGRTkvRjlFNjVFMjA0NDM4MTFFQkFENDQzRjc0QzRGOUFFMDIvQTY4NjRBQ0U3
QkE5MTFFREI0MUE4NTFFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnoJAwDwQCAAIwCQMHACABDfWjgDANBgkqhkiG9w0BAQsF
AAOCAQEAVB6dY/gjXuG57zvcu/RQ07QD3zBprzT4dxECTKTfcldemIyY2pM3bsel
BWG5t7Zr19i1QLJGA4IBzGNgQfPQeg25gWrTRQN++0E2TuimVH97s+xA+74hv0ZZ
P2ADzgnJ+Z3+IjvayaqpT0+c11XCQVrZjQZpgEztloZD8+dcXhbjVcBYJnQcDvwU
38YS+fcghp2gJ4vRrI/IzjnCsr5gzGl2TnTr9KcED1dRzGTENKUwXE3JYT8y5LIM
4bF3DUgTwnzgH14I7K/YiMFO2DWxuY+8v8AgXVDYAKGRhcKW5hcr6dTsTjTpMV5y
Cv3W6xzOBNvEwqWSaUgKHuV/Y59umg==
-----END CERTIFICATE-----
Generated at Sat Apr 5 01:47:55 2025 by rpki-client