Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91545AC/8A568A82121811EBB1852C79C4F9AE02/B546148C121911EB82F65F7AC4F9AE02.roa
File: B546148C121911EB82F65F7AC4F9AE02.roa (raw, json)
Hash identifier: guFQzr4GMuotnLN4g29mwWKV8rRpZXge3ak3JTxYZDo=
Subject key identifier: B3:BB:5A:2B:48:FB:12:EA:5A:71:77:9D:CB:5A:FE:8E:A3:AA:FA:4E
Certificate issuer: /CN=A91545AC/serialNumber=B336D686E1ADDF2D5C78D2D0E0128D0F287E078E
Certificate serial: 0754
Authority key identifier: B3:36:D6:86:E1:AD:DF:2D:5C:78:D2:D0:E0:12:8D:0F:28:7E:07:8E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/szbWhuGt3y1ceNLQ4BKNDyh-B44.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91545AC/8A568A82121811EBB1852C79C4F9AE02/B546148C121911EB82F65F7AC4F9AE02.roa
Signing time: Mon 10 Feb 2025 21:30:00 +0000
ROA not before: Mon 10 Feb 2025 21:30:00 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 141341
IP address blocks: 103.157.38.0/24 maxlen: 24
103.157.39.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1876 (0x754)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91545AC
Validity
Not Before: Feb 10 21:30:00 2025 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=67aa6fd8-e0f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:a7:01:dc:e4:4e:57:4c:89:54:2e:89:de:ec:
7b:77:9b:63:3f:37:0d:8e:cc:36:09:69:a7:8c:9e:
c3:a4:b7:f9:29:90:cc:7a:90:de:cc:43:d6:1b:b2:
44:61:cc:fa:90:5c:13:07:d0:a0:43:a0:7c:1a:e1:
8b:5f:63:4b:fe:0b:64:66:9c:2f:e7:fd:ab:96:e9:
05:4a:e2:72:2b:98:5e:51:94:0a:3c:17:e3:86:3d:
0c:5a:74:0b:29:26:b4:40:e1:7b:07:01:b0:2a:9a:
12:f8:f3:b1:36:04:78:50:d8:fa:2a:b2:96:96:37:
cf:88:c6:40:ed:a4:50:b9:ce:1c:9c:e7:18:89:c4:
28:ce:33:31:01:35:e0:22:d5:fb:64:a8:c5:53:48:
01:29:62:88:00:ea:37:ea:0f:d2:30:f3:01:c1:ed:
00:fa:6b:0b:7b:1e:c9:97:21:4f:7d:1d:27:53:cc:
9d:6a:8e:a0:92:54:b6:4f:03:5f:b6:08:5e:d4:db:
c0:68:3a:95:fb:a6:0c:45:2c:f2:cc:d0:e9:34:25:
65:a7:61:f5:60:dc:4a:e5:d1:00:03:ed:1a:11:8e:
63:32:4d:48:5b:0a:a9:0c:dc:18:53:22:be:a1:82:
9b:0b:86:9c:f0:b7:a5:1e:7c:0e:a0:48:9f:95:83:
c4:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:BB:5A:2B:48:FB:12:EA:5A:71:77:9D:CB:5A:FE:8E:A3:AA:FA:4E
X509v3 Authority Key Identifier:
keyid:B3:36:D6:86:E1:AD:DF:2D:5C:78:D2:D0:E0:12:8D:0F:28:7E:07:8E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91545AC/8A568A82121811EBB1852C79C4F9AE02/szbWhuGt3y1ceNLQ4BKNDyh-B44.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/szbWhuGt3y1ceNLQ4BKNDyh-B44.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91545AC/8A568A82121811EBB1852C79C4F9AE02/B546148C121911EB82F65F7AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.157.38.0/23
Signature Algorithm: sha256WithRSAEncryption
2d:fe:1e:22:b4:5c:0e:0a:03:64:0a:63:48:d8:03:22:bd:ff:
57:af:86:e2:bf:0c:55:6b:7e:1c:aa:ec:30:31:19:6d:68:6b:
39:d6:54:65:77:86:fb:91:03:bd:49:cf:01:a3:2d:5f:e1:ed:
79:05:9a:1a:70:95:c1:a0:d1:9d:14:1a:c5:d0:df:3f:19:aa:
e0:2b:2c:ad:82:3a:8e:ed:02:36:74:db:99:f2:02:9b:e9:74:
1d:64:6d:9e:04:6f:ed:1b:d2:a5:11:40:d9:88:ee:47:0c:2c:
08:b7:35:b5:2d:77:53:55:44:76:83:e6:fe:3d:e1:73:8f:3c:
1d:f4:b3:65:02:86:83:77:c5:dd:e2:42:d4:35:46:04:ca:07:
51:d9:38:18:fb:1f:4f:1e:44:06:ee:c1:10:b4:57:c1:91:ae:
bf:c9:a4:e3:0f:b1:bc:64:33:82:c3:c0:63:04:7a:8c:b2:a7:
c7:c3:34:66:7f:5c:71:4b:b6:f5:a8:14:4c:7b:80:51:fe:42:
6f:19:59:8f:45:8f:54:dc:86:96:60:b3:86:cd:07:56:96:00:
2c:e6:9b:4d:10:73:a0:8f:02:a4:6c:06:4b:9b:ef:86:9a:25:
11:ca:6a:10:bd:b1:a5:6a:49:cd:ff:a1:be:42:2b:34:fb:b6:
5a:03:dc:d5
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICB1QwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTQ1QUMxMTAvBgNVBAUTKEIzMzZENjg2RTFBRERGMkQ1Qzc4RDJEMEUwMTI4RDBG
Mjg3RTA3OEUwHhcNMjUwMjEwMjEzMDAwWhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2FhNmZkOC1lMGY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAw6cB3OROV0yJVC6J3ux7d5tjPzcNjsw2CWmnjJ7DpLf5KZDMepDezEPWG7JE
Ycz6kFwTB9CgQ6B8GuGLX2NL/gtkZpwv5/2rlukFSuJyK5heUZQKPBfjhj0MWnQL
KSa0QOF7BwGwKpoS+POxNgR4UNj6KrKWljfPiMZA7aRQuc4cnOcYicQozjMxATXg
ItX7ZKjFU0gBKWKIAOo36g/SMPMBwe0A+msLex7JlyFPfR0nU8ydao6gklS2TwNf
tghe1NvAaDqV+6YMRSzyzNDpNCVlp2H1YNxK5dEAA+0aEY5jMk1IWwqpDNwYUyK+
oYKbC4ac8LelHnwOoEiflYPE+QIDAQABo4IClTCCApEwHQYDVR0OBBYEFLO7WitI
+xLqWnF3ncta/o6jqvpOMB8GA1UdIwQYMBaAFLM21obhrd8tXHjS0OASjQ8ofgeO
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1NDVBQy84QTU2OEE4MjEy
MTgxMUVCQjE4NTJDNzlDNEY5QUUwMi9zemJXaHVHdDN5MWNlTkxRNEJLTkR5aC1C
NDQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3N6YldodUd0M3kxY2VOTFE0QktORHloLUI0NC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTQ1QUMvOEE1NjhBODIxMjE4MTFFQkIxODUyQzc5QzRGOUFFMDIvQjU0NjE0OEMx
MjE5MTFFQjgyRjY1RjdBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnnSYwDQYJKoZIhvcNAQELBQADggEBAC3+HiK0XA4KA2QK
Y0jYAyK9/1evhuK/DFVrfhyq7DAxGW1oaznWVGV3hvuRA71JzwGjLV/h7XkFmhpw
lcGg0Z0UGsXQ3z8ZquArLK2COo7tAjZ025nyApvpdB1kbZ4Eb+0b0qURQNmI7kcM
LAi3NbUtd1NVRHaD5v494XOPPB30s2UChoN3xd3iQtQ1RgTKB1HZOBj7H08eRAbu
wRC0V8GRrr/JpOMPsbxkM4LDwGMEeoyyp8fDNGZ/XHFLtvWoFEx7gFH+Qm8ZWY9F
j1TchpZgs4bNB1aWACzmm00Qc6CPAqRsBkub74aaJRHKahC9saVqSc3/ob5CKzT7
tloD3NU=
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:32:45 2025 by rpki-client