Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9158877/F05858B8CA7011EBA9D2DC61C4F9AE02/931EBB586D6E11EE8AF4BF30C4F9AE02.roa
File: 931EBB586D6E11EE8AF4BF30C4F9AE02.roa (raw, json)
Hash identifier: 8IJ4hd5hgtTMjRCQeFaMZGfRaNHjTczEG5GeSYDk6qI=
Subject key identifier: 3F:85:4A:B9:C6:08:4D:41:2C:5F:9D:14:B1:14:CC:C4:79:30:39:CA
Certificate issuer: /CN=A9158877/serialNumber=A3B16481B5D6C179FC0B73AE1E0E53DE967641DC
Certificate serial: 0508
Authority key identifier: A3:B1:64:81:B5:D6:C1:79:FC:0B:73:AE:1E:0E:53:DE:96:76:41:DC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o7FkgbXWwXn8C3OuHg5T3pZ2Qdw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9158877/F05858B8CA7011EBA9D2DC61C4F9AE02/931EBB586D6E11EE8AF4BF30C4F9AE02.roa
Signing time: Sat 29 Jun 2024 01:31:33 +0000
ROA not before: Sat 29 Jun 2024 01:31:33 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 7545
IP address blocks: 103.167.81.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1288 (0x508)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9158877
Validity
Not Before: Jun 29 01:31:33 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=667f63f5-22d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:60:83:86:00:2d:a0:04:51:d9:8d:cb:f6:f3:
94:99:66:55:f0:13:e3:5f:4e:2c:8f:bf:dd:16:0c:
25:ef:5e:20:b3:8f:76:ad:8c:da:d7:bf:0e:25:ef:
f5:4a:39:a4:f6:0a:fd:fb:32:aa:cd:ea:9e:fd:85:
25:e0:19:58:dd:55:d5:6a:08:d9:af:87:f6:62:77:
6a:4e:23:3a:c4:8b:7e:08:88:38:80:7f:4c:9c:67:
f4:fb:29:dc:71:ff:cd:f7:f6:af:d3:a6:31:b1:1b:
f2:a5:f7:1f:94:4d:02:9d:f4:55:2a:d4:e6:b1:73:
1b:01:f2:cd:4b:0e:3a:2b:33:7c:49:50:9a:be:a0:
c1:38:86:99:22:ea:90:73:f8:75:76:29:23:11:5f:
eb:29:14:59:d8:9e:f5:f3:a0:fb:d7:e7:9f:f1:bb:
e1:ca:40:17:13:e4:e5:70:40:ec:77:c7:c7:14:2f:
5b:7b:fa:57:99:a6:20:dc:a7:4a:c8:56:ce:19:69:
7a:be:a3:e0:a3:51:b6:37:bb:72:45:68:8e:c5:31:
93:82:74:6e:f4:69:5e:cb:c8:9f:d7:fe:d0:ec:5c:
c9:ad:a0:d3:93:3c:a0:92:e6:00:6a:fe:21:9a:0d:
cd:de:fe:44:85:41:14:1a:62:36:49:09:7d:8f:e3:
8a:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:85:4A:B9:C6:08:4D:41:2C:5F:9D:14:B1:14:CC:C4:79:30:39:CA
X509v3 Authority Key Identifier:
keyid:A3:B1:64:81:B5:D6:C1:79:FC:0B:73:AE:1E:0E:53:DE:96:76:41:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9158877/F05858B8CA7011EBA9D2DC61C4F9AE02/o7FkgbXWwXn8C3OuHg5T3pZ2Qdw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o7FkgbXWwXn8C3OuHg5T3pZ2Qdw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9158877/F05858B8CA7011EBA9D2DC61C4F9AE02/931EBB586D6E11EE8AF4BF30C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.167.81.0/24
Signature Algorithm: sha256WithRSAEncryption
18:0e:5e:94:7d:cd:1b:c9:a9:ae:b4:17:52:56:5b:73:56:b7:
1a:90:ea:2c:05:83:37:4c:89:b8:fc:5b:ba:2a:5b:39:dc:5e:
3a:2a:cb:21:20:de:90:2e:36:ac:c3:8a:d0:be:19:93:38:4a:
41:67:35:ea:ff:04:9f:84:ea:2a:b7:2a:53:9e:ab:5b:5d:3d:
3b:57:67:c1:5b:86:76:4c:cc:49:6b:f6:ef:56:17:77:35:3f:
6a:94:10:f7:73:33:77:6e:3a:ae:71:6c:1b:db:dc:0d:81:11:
12:c3:a1:ca:c5:aa:63:dc:9d:b0:46:92:34:17:17:90:d4:e0:
2a:fc:71:c2:65:bd:f8:0e:51:b9:b4:7a:61:db:24:e4:1d:d8:
0f:9c:94:56:40:bd:5a:80:a3:73:60:d9:d0:7f:f5:fe:b2:96:
d4:40:38:93:3b:f9:bd:48:5c:ae:1d:45:25:ee:61:25:84:37:
dd:5a:d3:c4:ea:47:c3:f9:59:c3:83:21:bf:ed:b7:ab:8c:11:
fc:ca:24:f1:2d:08:3f:20:69:4a:98:13:5a:c6:60:23:5e:ac:
49:11:a6:e2:df:47:10:da:08:db:82:f4:0b:1a:e8:8c:ba:2b:
77:99:32:84:78:e1:0c:76:36:c1:9e:65:7b:54:19:01:f8:1e:
2d:11:76:31
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBQgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTg4NzcxMTAvBgNVBAUTKEEzQjE2NDgxQjVENkMxNzlGQzBCNzNBRTFFMEU1M0RF
OTY3NjQxREMwHhcNMjQwNjI5MDEzMTMzWhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjdmNjNmNS0yMmQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApWCDhgAtoARR2Y3L9vOUmWZV8BPjX04sj7/dFgwl714gs492rYza178OJe/1
Sjmk9gr9+zKqzeqe/YUl4BlY3VXVagjZr4f2YndqTiM6xIt+CIg4gH9MnGf0+ync
cf/N9/av06YxsRvypfcflE0CnfRVKtTmsXMbAfLNSw46KzN8SVCavqDBOIaZIuqQ
c/h1dikjEV/rKRRZ2J7186D71+ef8bvhykAXE+TlcEDsd8fHFC9be/pXmaYg3KdK
yFbOGWl6vqPgo1G2N7tyRWiOxTGTgnRu9Gley8if1/7Q7FzJraDTkzygkuYAav4h
mg3N3v5EhUEUGmI2SQl9j+OKmQIDAQABo4IClTCCApEwHQYDVR0OBBYEFD+FSrnG
CE1BLF+dFLEUzMR5MDnKMB8GA1UdIwQYMBaAFKOxZIG11sF5/Atzrh4OU96WdkHc
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1ODg3Ny9GMDU4NThCOENB
NzAxMUVCQTlEMkRDNjFDNEY5QUUwMi9vN0ZrZ2JYV3dYbjhDM091SGc1VDNwWjJR
ZHcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL283RmtnYlhXd1huOEMzT3VIZzVUM3BaMlFkdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTg4NzcvRjA1ODU4QjhDQTcwMTFFQkE5RDJEQzYxQzRGOUFFMDIvOTMxRUJCNTg2
RDZFMTFFRThBRjRCRjMwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnp1EwDQYJKoZIhvcNAQELBQADggEBABgOXpR9zRvJqa60
F1JWW3NWtxqQ6iwFgzdMibj8W7oqWzncXjoqyyEg3pAuNqzDitC+GZM4SkFnNer/
BJ+E6iq3KlOeq1tdPTtXZ8FbhnZMzElr9u9WF3c1P2qUEPdzM3duOq5xbBvb3A2B
ERLDocrFqmPcnbBGkjQXF5DU4Cr8ccJlvfgOUbm0emHbJOQd2A+clFZAvVqAo3Ng
2dB/9f6yltRAOJM7+b1IXK4dRSXuYSWEN91a08TqR8P5WcODIb/tt6uMEfzKJPEt
CD8gaUqYE1rGYCNerEkRpuLfRxDaCNuC9Asa6Iy6K3eZMoR44Qx2NsGeZXtUGQH4
Hi0RdjE=
-----END CERTIFICATE-----
Generated at Sat Apr 5 01:05:18 2025 by rpki-client