Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9157A68/4B36B9B8DBDA11EA9A8D2840C4F9AE02/E228BE42DBDB11EA9D395E41C4F9AE02.roa
File: E228BE42DBDB11EA9D395E41C4F9AE02.roa (raw, json)
Hash identifier: iklcKY1p6cUV63DgFPNd0VTuCZO3jzabdmCYH2W3rsU=
Subject key identifier: 55:E8:66:D1:D7:CD:8D:92:B0:D8:77:8D:FE:42:72:42:20:24:C9:1C
Certificate issuer: /CN=A9157A68/serialNumber=65B7AD9675B3809ECE04AF301C2EB7037FF02BBB
Certificate serial: 0762
Authority key identifier: 65:B7:AD:96:75:B3:80:9E:CE:04:AF:30:1C:2E:B7:03:7F:F0:2B:BB
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZbetlnWzgJ7OBK8wHC63A3_wK7s.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9157A68/4B36B9B8DBDA11EA9A8D2840C4F9AE02/E228BE42DBDB11EA9D395E41C4F9AE02.roa
Signing time: Wed 12 Jun 2024 23:00:15 +0000
ROA not before: Wed 12 Jun 2024 23:00:15 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 137386
IP address blocks: 103.218.4.0/24 maxlen: 24
103.218.7.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1890 (0x762)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9157A68
Validity
Not Before: Jun 12 23:00:15 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=666a287f-6dff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:e4:37:c3:4c:1b:95:8c:6f:c0:03:70:de:75:
7c:46:7a:61:b4:19:24:57:b9:49:03:49:f1:19:13:
cc:fe:c3:9b:3a:92:24:c5:18:10:5b:ba:16:20:73:
19:70:f2:db:17:5d:c4:6b:75:8b:ba:73:cb:33:c0:
20:18:78:ab:e8:19:e7:5e:29:02:09:20:c0:43:f2:
3a:ac:58:b8:b4:b8:05:bd:9c:51:28:fc:09:06:f8:
d2:9b:ea:af:e9:d3:45:72:0f:b8:60:df:5c:44:6b:
64:2f:88:b7:f5:ca:2d:d2:30:56:b1:ba:88:3e:e6:
f7:21:0d:18:3a:52:57:4f:88:c4:05:93:32:02:d1:
9d:aa:7f:86:5b:fa:b4:f5:c4:af:6a:9a:c8:41:e2:
82:3c:84:1f:c2:04:5b:68:b9:36:2e:b4:de:c9:ae:
52:7d:75:e4:5e:51:2d:51:79:fc:85:ed:ed:9d:f8:
5b:cf:a9:58:32:30:86:22:ed:89:25:e1:0b:8c:0e:
2d:62:15:cc:db:3b:cc:09:a7:ae:dc:e6:4d:85:3e:
4d:76:6a:55:47:89:09:86:a8:d3:39:22:b0:33:d4:
c3:7d:b7:bd:eb:72:ff:99:09:33:bd:37:2c:a6:31:
a4:49:83:6c:ab:61:af:5e:97:2d:af:7f:5b:a6:4b:
d7:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:E8:66:D1:D7:CD:8D:92:B0:D8:77:8D:FE:42:72:42:20:24:C9:1C
X509v3 Authority Key Identifier:
keyid:65:B7:AD:96:75:B3:80:9E:CE:04:AF:30:1C:2E:B7:03:7F:F0:2B:BB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9157A68/4B36B9B8DBDA11EA9A8D2840C4F9AE02/ZbetlnWzgJ7OBK8wHC63A3_wK7s.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZbetlnWzgJ7OBK8wHC63A3_wK7s.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9157A68/4B36B9B8DBDA11EA9A8D2840C4F9AE02/E228BE42DBDB11EA9D395E41C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.218.4.0/24
103.218.7.0/24
Signature Algorithm: sha256WithRSAEncryption
11:86:2c:ce:bc:31:42:69:34:a6:11:51:f8:0f:a0:6f:61:b5:
1f:50:d3:4a:04:5b:fe:12:55:d7:a7:9f:59:c2:9e:d4:9c:e4:
85:66:74:69:0c:88:ba:5e:14:e0:a0:ee:bb:c5:06:a4:d7:5c:
6b:83:75:24:29:6e:45:42:c2:26:c6:a7:66:b6:f8:ab:99:e7:
aa:56:56:45:2f:a0:6e:e4:52:c6:3f:99:80:0f:41:ce:e6:8f:
b8:88:12:b6:05:04:f8:93:b8:5a:68:cc:7b:7e:df:e4:8b:e9:
3b:b0:8b:dc:19:d3:c3:93:b6:47:27:06:35:97:0d:e1:8f:04:
c5:3e:58:5e:25:62:d6:0b:f6:c5:cd:a2:13:94:e0:ed:b2:f6:
7c:54:98:56:75:0a:d8:34:c7:1e:e9:b6:ee:f9:1e:9c:23:3d:
c4:99:16:58:20:2e:40:9e:57:3a:9b:ad:b2:e0:7e:3c:69:a7:
d3:a8:1b:46:d4:dc:8f:05:2e:34:0a:8c:26:81:88:73:aa:5e:
1f:31:be:25:9c:c7:5c:4c:b0:5b:aa:30:6a:41:17:3f:2e:92:
61:9d:1e:86:71:61:a3:fa:13:7f:4b:86:a5:6c:b2:15:4c:03:
c6:35:bd:7c:94:86:d4:ac:4d:6f:38:22:8d:95:6e:a1:1b:80:
98:8d:a4:90
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICB2IwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTdBNjgxMTAvBgNVBAUTKDY1QjdBRDk2NzVCMzgwOUVDRTA0QUYzMDFDMkVCNzAz
N0ZGMDJCQkIwHhcNMjQwNjEyMjMwMDE1WhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjZhMjg3Zi02ZGZmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAteQ3w0wblYxvwANw3nV8RnphtBkkV7lJA0nxGRPM/sObOpIkxRgQW7oWIHMZ
cPLbF13Ea3WLunPLM8AgGHir6BnnXikCCSDAQ/I6rFi4tLgFvZxRKPwJBvjSm+qv
6dNFcg+4YN9cRGtkL4i39cot0jBWsbqIPub3IQ0YOlJXT4jEBZMyAtGdqn+GW/q0
9cSvaprIQeKCPIQfwgRbaLk2LrTeya5SfXXkXlEtUXn8he3tnfhbz6lYMjCGIu2J
JeELjA4tYhXM2zvMCaeu3OZNhT5NdmpVR4kJhqjTOSKwM9TDfbe963L/mQkzvTcs
pjGkSYNsq2GvXpctr39bpkvX8wIDAQABo4ICmzCCApcwHQYDVR0OBBYEFFXoZtHX
zY2SsNh3jf5CckIgJMkcMB8GA1UdIwQYMBaAFGW3rZZ1s4CezgSvMBwutwN/8Cu7
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1N0E2OC80QjM2QjlCOERC
REExMUVBOUE4RDI4NDBDNEY5QUUwMi9aYmV0bG5XemdKN09CSzh3SEM2M0EzX3dL
N3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1piZXRsbld6Z0o3T0JLOHdIQzYzQTNfd0s3cy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTdBNjgvNEIzNkI5QjhEQkRBMTFFQTlBOEQyODQwQzRGOUFFMDIvRTIyOEJFNDJE
QkRCMTFFQTlEMzk1RTQxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBABn2gQDBABn2gcwDQYJKoZIhvcNAQELBQADggEBABGGLM68
MUJpNKYRUfgPoG9htR9Q00oEW/4SVdenn1nCntSc5IVmdGkMiLpeFOCg7rvFBqTX
XGuDdSQpbkVCwibGp2a2+KuZ56pWVkUvoG7kUsY/mYAPQc7mj7iIErYFBPiTuFpo
zHt+3+SL6Tuwi9wZ08OTtkcnBjWXDeGPBMU+WF4lYtYL9sXNohOU4O2y9nxUmFZ1
Ctg0xx7ptu75HpwjPcSZFlggLkCeVzqbrbLgfjxpp9OoG0bU3I8FLjQKjCaBiHOq
Xh8xviWcx1xMsFuqMGpBFz8ukmGdHoZxYaP6E39LhqVsshVMA8Y1vXyUhtSsTW84
Io2VbqEbgJiNpJA=
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:02:57 2025 by rpki-client