Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9160455/A55E4F9611F511EABAB82028C4F9AE02/AADE9E9C5B9511EEA8190143C4F9AE02.roa
File: AADE9E9C5B9511EEA8190143C4F9AE02.roa (raw, json)
Hash identifier: FO7phPYzfDla6aPOyvXALwSuyaWj8a9hgRlX/QWvNY4=
Subject key identifier: E1:89:92:32:72:CE:EA:0B:48:65:F5:13:34:90:24:23:60:85:4F:0B
Certificate issuer: /CN=A9160455/serialNumber=0FA9E533E85A183C14530008A8B9623F856D5DEB
Certificate serial: 0BE2
Authority key identifier: 0F:A9:E5:33:E8:5A:18:3C:14:53:00:08:A8:B9:62:3F:85:6D:5D:EB
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/D6nlM-haGDwUUwAIqLliP4VtXes.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9160455/A55E4F9611F511EABAB82028C4F9AE02/AADE9E9C5B9511EEA8190143C4F9AE02.roa
Signing time: Sun 12 Jan 2025 18:37:19 +0000
ROA not before: Sun 12 Jan 2025 18:37:19 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 137425
IP address blocks: 103.127.84.0/24 maxlen: 24
103.127.86.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3042 (0xbe2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9160455
Validity
Not Before: Jan 12 18:37:19 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=67840bdf-553c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:ee:6a:e5:d3:18:0b:99:23:4c:eb:55:98:1c:
4c:6e:e7:5b:97:d5:13:f0:ad:e8:ba:68:02:de:0f:
3b:38:b5:9d:14:c5:bb:f9:5d:46:5c:79:2f:2e:83:
2d:aa:7b:97:10:5f:e5:32:c7:3b:18:32:f3:a8:22:
25:bf:50:8c:b7:c2:f6:9a:f8:28:38:80:b8:1b:06:
66:7e:0f:c4:2f:06:26:08:30:73:dd:2a:4e:e7:f3:
1c:74:37:67:a3:02:13:25:68:ef:fd:88:ed:ff:c1:
12:88:e5:13:2c:bc:bd:4a:e1:1d:33:eb:47:44:41:
54:52:18:fd:1b:67:e8:75:bb:44:c3:0c:43:6b:d4:
20:f6:f9:ce:3b:8b:ea:3b:7f:e9:d5:c9:63:64:2d:
61:c9:05:fc:96:f6:0d:23:f5:da:86:a2:f2:58:75:
44:5f:46:aa:a0:f7:48:26:e4:d9:1b:ca:78:90:d7:
2e:c5:12:62:4d:03:0f:c5:85:fb:dd:b9:52:44:45:
5c:bd:5d:68:b3:f9:b1:9d:ae:c6:8d:60:99:98:9e:
8a:3c:e1:79:d0:a0:de:4d:dc:a8:2d:5e:16:2d:71:
67:09:79:16:d7:9c:86:a6:79:4f:53:e9:43:43:d6:
05:e0:de:86:f1:38:58:85:bb:03:9e:db:b0:bd:17:
cd:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:89:92:32:72:CE:EA:0B:48:65:F5:13:34:90:24:23:60:85:4F:0B
X509v3 Authority Key Identifier:
keyid:0F:A9:E5:33:E8:5A:18:3C:14:53:00:08:A8:B9:62:3F:85:6D:5D:EB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9160455/A55E4F9611F511EABAB82028C4F9AE02/D6nlM-haGDwUUwAIqLliP4VtXes.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/D6nlM-haGDwUUwAIqLliP4VtXes.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9160455/A55E4F9611F511EABAB82028C4F9AE02/AADE9E9C5B9511EEA8190143C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.127.84.0/24
103.127.86.0/24
Signature Algorithm: sha256WithRSAEncryption
18:9c:61:70:4d:60:3a:32:eb:46:bd:6c:02:bf:66:3b:77:a8:
d4:af:f8:45:e1:67:72:0f:52:19:bb:70:be:7e:70:70:05:6a:
38:ee:ec:51:e0:32:77:da:e9:66:9d:ba:43:a5:fd:93:ab:0f:
2e:dd:b4:91:a4:94:5c:55:d7:14:79:ab:43:5d:f4:ea:25:8a:
db:1f:5e:ec:d3:4b:eb:4d:f7:d1:1b:49:d3:17:f5:f0:c1:3a:
01:99:6d:f7:85:2b:ab:9a:19:8e:e2:c1:c5:04:d4:21:92:93:
f9:38:ac:5b:37:4b:f2:c5:9e:52:58:74:1a:10:06:c9:8c:19:
14:e8:5d:5e:9d:2c:2b:81:54:37:15:24:00:1b:f3:d1:59:b2:
dd:e3:f8:e7:d6:e4:94:5c:f9:f8:21:71:af:39:4d:22:e3:35:
29:b0:e7:e5:9a:d2:e4:0f:b8:55:73:2c:12:af:50:d1:5a:26:
16:4b:7b:70:7e:18:b3:0b:bc:41:c8:ce:81:07:98:cd:86:dc:
8e:ca:04:1b:82:fa:7f:43:18:7d:f5:b5:1e:ca:f1:79:40:64:
ff:ea:18:31:6e:a5:e2:c9:af:88:a5:3f:e9:c2:01:22:fd:e9:
be:70:88:b0:24:de:f0:d5:e0:79:d9:5d:a3:df:d4:47:bc:fb:
0e:bc:ff:b3
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICC+IwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjA0NTUxMTAvBgNVBAUTKDBGQTlFNTMzRTg1QTE4M0MxNDUzMDAwOEE4Qjk2MjNG
ODU2RDVERUIwHhcNMjUwMTEyMTgzNzE5WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzg0MGJkZi01NTNjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAoO5q5dMYC5kjTOtVmBxMbudbl9UT8K3oumgC3g87OLWdFMW7+V1GXHkvLoMt
qnuXEF/lMsc7GDLzqCIlv1CMt8L2mvgoOIC4GwZmfg/ELwYmCDBz3SpO5/McdDdn
owITJWjv/Yjt/8ESiOUTLLy9SuEdM+tHREFUUhj9G2fodbtEwwxDa9Qg9vnOO4vq
O3/p1cljZC1hyQX8lvYNI/XahqLyWHVEX0aqoPdIJuTZG8p4kNcuxRJiTQMPxYX7
3blSREVcvV1os/mxna7GjWCZmJ6KPOF50KDeTdyoLV4WLXFnCXkW15yGpnlPU+lD
Q9YF4N6G8ThYhbsDntuwvRfNdwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFOGJkjJy
zuoLSGX1EzSQJCNghU8LMB8GA1UdIwQYMBaAFA+p5TPoWhg8FFMACKi5Yj+FbV3r
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2MDQ1NS9BNTVFNEY5NjEx
RjUxMUVBQkFCODIwMjhDNEY5QUUwMi9ENm5sTS1oYUdEd1VVd0FJcUxsaVA0VnRY
ZXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0Q2bmxNLWhhR0R3VVV3QUlxTGxpUDRWdFhlcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjA0NTUvQTU1RTRGOTYxMUY1MTFFQUJBQjgyMDI4QzRGOUFFMDIvQUFERTlFOUM1
Qjk1MTFFRUE4MTkwMTQzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBABnf1QDBABnf1YwDQYJKoZIhvcNAQELBQADggEBABicYXBN
YDoy60a9bAK/Zjt3qNSv+EXhZ3IPUhm7cL5+cHAFajju7FHgMnfa6WadukOl/ZOr
Dy7dtJGklFxV1xR5q0Nd9OolitsfXuzTS+tN99EbSdMX9fDBOgGZbfeFK6uaGY7i
wcUE1CGSk/k4rFs3S/LFnlJYdBoQBsmMGRToXV6dLCuBVDcVJAAb89FZst3j+OfW
5JRc+fghca85TSLjNSmw5+Wa0uQPuFVzLBKvUNFaJhZLe3B+GLMLvEHIzoEHmM2G
3I7KBBuC+n9DGH31tR7K8XlAZP/qGDFupeLJr4ilP+nCASL96b5wiLAk3vDV4HnZ
XaPf1Ee8+w68/7M=
-----END CERTIFICATE-----
Generated at Sat Apr 5 01:55:12 2025 by rpki-client