Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91555EA/7C60B9F63B6E11EAAE5F166BC4F9AE02/436398BA3B7011EAA14F566EC4F9AE02.roa
File: 436398BA3B7011EAA14F566EC4F9AE02.roa (raw, json)
Hash identifier: isFXn22manatugHafRu2hqpuY348jCwEcI/j4K+wcRU=
Subject key identifier: 06:67:B6:B2:A4:22:0B:94:D4:2D:47:0C:E6:C5:17:55:B7:36:F3:19
Certificate issuer: /CN=A91555EA/serialNumber=978DAE2C10A72ED04F94128FFC5E8CB7D102EACA
Certificate serial: 0A9C
Authority key identifier: 97:8D:AE:2C:10:A7:2E:D0:4F:94:12:8F:FC:5E:8C:B7:D1:02:EA:CA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l42uLBCnLtBPlBKP_F6Mt9EC6so.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91555EA/7C60B9F63B6E11EAAE5F166BC4F9AE02/436398BA3B7011EAA14F566EC4F9AE02.roa
Signing time: Sat 06 Jul 2024 20:08:05 +0000
ROA not before: Sat 06 Jul 2024 20:08:05 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 63967
IP address blocks: 103.9.185.0/24 maxlen: 24
103.9.187.0/24 maxlen: 24
103.244.162.0/24 maxlen: 24
117.104.186.0/24 maxlen: 24
117.104.187.0/24 maxlen: 24
2404:b780::/32 maxlen: 32
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2716 (0xa9c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91555EA
Validity
Not Before: Jul 6 20:08:05 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=6689a425-8644
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:99:3a:90:a9:bb:44:02:57:2b:5f:72:6c:bd:
61:bc:e2:9e:45:23:d9:47:e8:79:7a:63:f4:59:d2:
84:71:8a:3e:2e:56:b7:e3:84:99:a1:af:9f:60:8e:
20:60:ca:6f:b7:29:29:90:bc:ec:8f:ae:fb:5b:66:
fa:25:db:32:88:51:2e:0c:a6:ab:cd:18:76:63:3f:
18:83:a8:48:b8:97:08:2f:96:8e:5f:8a:c6:6e:53:
40:d4:6c:76:4b:99:4c:d2:1f:fa:b7:a6:e8:2c:b5:
42:f8:f0:1e:d3:ef:3e:6d:6a:f7:cd:39:8f:b9:c7:
f4:15:e0:06:a1:06:6d:77:c2:1c:34:e8:e0:47:b2:
ce:cb:2f:72:d4:2a:69:7a:07:da:d8:3d:29:bc:0f:
7b:7d:39:1e:86:1f:7f:03:ac:4f:09:4c:8f:8c:02:
aa:c7:4b:31:b5:71:8e:04:23:16:7b:21:19:1a:f3:
6c:4e:08:af:f6:3e:6c:dc:56:16:47:83:33:8e:c3:
f9:81:3d:58:ea:bd:b6:e4:26:9e:6a:6b:97:d8:d2:
c6:d7:26:71:59:3f:27:3d:4a:15:93:9e:be:14:da:
16:bb:f6:4e:ae:e3:70:8d:2d:fb:42:0b:b5:e8:a4:
f4:4d:04:ac:ed:4c:9a:6f:3e:22:09:04:ca:26:be:
ed:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:67:B6:B2:A4:22:0B:94:D4:2D:47:0C:E6:C5:17:55:B7:36:F3:19
X509v3 Authority Key Identifier:
keyid:97:8D:AE:2C:10:A7:2E:D0:4F:94:12:8F:FC:5E:8C:B7:D1:02:EA:CA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91555EA/7C60B9F63B6E11EAAE5F166BC4F9AE02/l42uLBCnLtBPlBKP_F6Mt9EC6so.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l42uLBCnLtBPlBKP_F6Mt9EC6so.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91555EA/7C60B9F63B6E11EAAE5F166BC4F9AE02/436398BA3B7011EAA14F566EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.9.185.0/24
103.9.187.0/24
103.244.162.0/24
117.104.186.0/23
IPv6:
2404:b780::/32
Signature Algorithm: sha256WithRSAEncryption
c0:15:fc:88:61:40:b1:42:0d:da:67:ac:c7:84:d8:5d:6a:97:
45:68:e4:54:8f:f0:b0:24:be:67:e2:c7:08:c1:e9:3f:9c:cc:
41:9c:b8:f2:75:9b:5a:c0:4a:d4:9d:2a:f0:a3:16:8a:09:6a:
ac:5a:b2:1d:b9:fc:14:00:4f:d9:74:4d:77:66:5e:87:49:fd:
83:73:89:ec:a0:89:52:09:b0:3f:05:d9:d8:c0:9f:e0:f2:22:
ab:5c:ab:1f:ac:00:68:a5:26:fe:1f:4b:01:61:be:39:45:6a:
95:1d:22:9a:af:66:4a:d3:ac:50:69:5d:49:34:29:05:e7:10:
d3:02:25:1d:0e:28:44:ff:74:3c:bd:f2:b6:2f:5e:b9:3c:3a:
06:90:af:c8:e6:b5:9a:1e:8a:c9:40:ca:37:97:c5:5f:fa:6b:
66:0f:6e:99:fd:73:fd:d1:ef:e9:cd:95:5d:62:63:e2:c8:e3:
d9:3a:49:c1:db:74:7a:2b:3e:17:82:0b:3f:f5:1f:a9:f2:97:
ce:1d:af:ba:27:2d:07:94:11:74:bd:e1:5d:7d:01:9c:70:17:
d1:d7:0c:40:ca:96:a3:52:fd:01:43:34:52:17:71:a3:23:a7:
f8:1e:4f:a4:48:7a:57:1b:bb:57:8d:83:7b:c4:80:2e:cf:dc:
4d:89:f3:b1
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICCpwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTU1RUExMTAvBgNVBAUTKDk3OERBRTJDMTBBNzJFRDA0Rjk0MTI4RkZDNUU4Q0I3
RDEwMkVBQ0EwHhcNMjQwNzA2MjAwODA1WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Njg5YTQyNS04NjQ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1Jk6kKm7RAJXK19ybL1hvOKeRSPZR+h5emP0WdKEcYo+Lla344SZoa+fYI4g
YMpvtykpkLzsj677W2b6JdsyiFEuDKarzRh2Yz8Yg6hIuJcIL5aOX4rGblNA1Gx2
S5lM0h/6t6boLLVC+PAe0+8+bWr3zTmPucf0FeAGoQZtd8IcNOjgR7LOyy9y1Cpp
egfa2D0pvA97fTkehh9/A6xPCUyPjAKqx0sxtXGOBCMWeyEZGvNsTgiv9j5s3FYW
R4MzjsP5gT1Y6r225CaeamuX2NLG1yZxWT8nPUoVk56+FNoWu/ZOruNwjS37Qgu1
6KT0TQSs7Uyabz4iCQTKJr7tWwIDAQABo4ICtjCCArIwHQYDVR0OBBYEFAZntrKk
IguU1C1HDObFF1W3NvMZMB8GA1UdIwQYMBaAFJeNriwQpy7QT5QSj/xejLfRAurK
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1NTVFQS83QzYwQjlGNjNC
NkUxMUVBQUU1RjE2NkJDNEY5QUUwMi9sNDJ1TEJDbkx0QlBsQktQX0Y2TXQ5RUM2
c28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2w0MnVMQkNuTHRCUGxCS1BfRjZNdDlFQzZzby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTU1RUEvN0M2MEI5RjYzQjZFMTFFQUFFNUYxNjZCQzRGOUFFMDIvNDM2Mzk4QkEz
QjcwMTFFQUExNEY1NjZFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQAYIKwYBBQUHAQcBAf8E
MTAvMB4EAgABMBgDBABnCbkDBABnCbsDBABn9KIDBAF1aLowDQQCAAIwBwMFACQE
t4AwDQYJKoZIhvcNAQELBQADggEBAMAV/IhhQLFCDdpnrMeE2F1ql0Vo5FSP8LAk
vmfixwjB6T+czEGcuPJ1m1rAStSdKvCjFooJaqxash25/BQAT9l0TXdmXodJ/YNz
ieygiVIJsD8F2djAn+DyIqtcqx+sAGilJv4fSwFhvjlFapUdIpqvZkrTrFBpXUk0
KQXnENMCJR0OKET/dDy98rYvXrk8OgaQr8jmtZoeislAyjeXxV/6a2YPbpn9c/3R
7+nNlV1iY+LI49k6ScHbdHorPheCCz/1H6nyl84dr7onLQeUEXS94V19AZxwF9HX
DEDKlqNS/QFDNFIXcaMjp/geT6RIelcbu1eNg3vEgC7P3E2J87E=
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:15:50 2025 by rpki-client