Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91618BC/ED7B62AC5D8711EC9C1D702CC4F9AE02/A880F416819311ECB7B48D5EC4F9AE02.roa
File: A880F416819311ECB7B48D5EC4F9AE02.roa (raw, json)
Hash identifier: aB3/PZRviqMI1UasxK3HBIncJPU2Y+t7Df9xEhhUmZw=
Subject key identifier: 8C:2F:AD:55:F8:30:E9:76:80:06:40:F0:34:E5:70:46:61:6B:04:9E
Certificate issuer: /CN=A91618BC/serialNumber=1AEBCD82D7028343B745AD406739CDB92D4DFB77
Certificate serial: 0470
Authority key identifier: 1A:EB:CD:82:D7:02:83:43:B7:45:AD:40:67:39:CD:B9:2D:4D:FB:77
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GuvNgtcCg0O3Ra1AZznNuS1N-3c.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91618BC/ED7B62AC5D8711EC9C1D702CC4F9AE02/A880F416819311ECB7B48D5EC4F9AE02.roa
Signing time: Sat 25 Jan 2025 00:13:29 +0000
ROA not before: Sat 25 Jan 2025 00:13:29 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 138997
IP address blocks: 103.168.154.0/24 maxlen: 24
103.168.155.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1136 (0x470)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91618BC
Validity
Not Before: Jan 25 00:13:29 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=67942ca9-28f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:b0:d7:34:55:e6:21:10:15:a5:aa:fb:aa:0e:
1a:19:05:1a:46:0a:fe:2a:45:2a:85:38:58:92:ec:
a5:c6:90:0d:7f:33:75:a2:59:8e:5d:5e:c9:8a:16:
32:7d:ec:04:0f:b4:67:fa:03:f5:40:13:ff:4f:77:
00:9a:b1:6c:3c:fd:29:80:c2:15:7a:cd:87:30:c3:
fc:33:08:5e:c0:85:56:47:b3:f2:3c:fa:cf:2d:f1:
9e:a4:80:0c:5a:cf:79:f3:30:19:33:9f:0b:4f:e7:
d5:0d:0d:75:36:be:ab:56:51:57:7e:3c:bb:11:a9:
d7:0b:15:3b:65:3d:7c:47:e2:72:e5:95:72:53:a7:
00:e0:24:0f:8e:61:b2:ff:2d:22:53:9f:93:7e:7c:
be:ea:df:e2:a7:15:7a:4e:7e:a5:fd:5e:dc:17:16:
80:31:fc:f6:3f:d6:17:89:91:0e:7c:3a:4d:fe:91:
e4:de:ea:89:a5:5e:92:c4:8c:fb:42:b8:f1:81:7d:
88:d2:a1:b7:92:0a:bc:de:a5:bf:1a:12:e8:ee:15:
7e:61:ee:da:68:0e:8b:1d:39:d3:69:b1:74:15:2d:
ad:cf:ae:3d:69:b8:21:7f:ad:80:98:2e:f3:0c:31:
19:bb:70:5e:d4:30:60:f3:be:e1:9e:fd:5d:44:c2:
ad:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:2F:AD:55:F8:30:E9:76:80:06:40:F0:34:E5:70:46:61:6B:04:9E
X509v3 Authority Key Identifier:
keyid:1A:EB:CD:82:D7:02:83:43:B7:45:AD:40:67:39:CD:B9:2D:4D:FB:77
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91618BC/ED7B62AC5D8711EC9C1D702CC4F9AE02/GuvNgtcCg0O3Ra1AZznNuS1N-3c.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GuvNgtcCg0O3Ra1AZznNuS1N-3c.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91618BC/ED7B62AC5D8711EC9C1D702CC4F9AE02/A880F416819311ECB7B48D5EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.168.154.0/23
Signature Algorithm: sha256WithRSAEncryption
33:70:df:f2:d5:e8:62:b6:8a:cf:54:2c:12:2a:50:9f:f9:5f:
c1:20:cc:3c:d0:a2:1a:1c:28:30:54:53:35:d7:6a:67:69:cd:
6d:59:31:19:26:79:bb:7f:79:f9:fe:7d:c0:74:bb:0d:91:9e:
5b:da:8c:7d:50:b9:68:3c:d3:93:e4:62:ea:fb:4d:54:1d:b5:
bc:1b:ff:75:84:06:bd:0a:d4:b0:38:8f:0c:40:b2:13:87:fc:
6e:71:0a:7c:3a:77:64:c6:5d:ac:13:29:47:dc:09:82:5a:9d:
c6:34:d9:88:91:0c:c4:52:64:ab:10:99:2c:6c:1c:6e:7d:75:
ca:70:d1:2a:8b:22:fb:4e:51:01:3d:0c:8d:97:a8:24:94:11:
93:5a:53:c2:fe:34:99:0c:96:65:d7:e3:48:41:5c:de:63:05:
d5:a5:0e:61:d4:40:42:96:9d:be:91:9e:2a:ca:86:56:79:15:
1f:6f:79:b6:aa:09:2d:10:20:6d:9e:e3:cb:b0:5d:02:a1:01:
bd:91:96:76:7e:bf:98:25:93:aa:32:b6:94:10:a1:48:d2:2b:
2f:4f:48:9e:3f:da:2b:1e:1e:4e:25:cf:8f:61:81:f6:4b:6c:
08:3b:d8:40:90:bc:13:c7:48:28:66:f9:c6:38:cb:24:5d:e6:
1d:66:47:6d
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBHAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjE4QkMxMTAvBgNVBAUTKDFBRUJDRDgyRDcwMjgzNDNCNzQ1QUQ0MDY3MzlDREI5
MkQ0REZCNzcwHhcNMjUwMTI1MDAxMzI5WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzk0MmNhOS0yOGYwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0rDXNFXmIRAVpar7qg4aGQUaRgr+KkUqhThYkuylxpANfzN1olmOXV7JihYy
fewED7Rn+gP1QBP/T3cAmrFsPP0pgMIVes2HMMP8MwhewIVWR7PyPPrPLfGepIAM
Ws958zAZM58LT+fVDQ11Nr6rVlFXfjy7EanXCxU7ZT18R+Jy5ZVyU6cA4CQPjmGy
/y0iU5+Tfny+6t/ipxV6Tn6l/V7cFxaAMfz2P9YXiZEOfDpN/pHk3uqJpV6SxIz7
QrjxgX2I0qG3kgq83qW/GhLo7hV+Ye7aaA6LHTnTabF0FS2tz649abghf62AmC7z
DDEZu3Be1DBg877hnv1dRMKt+QIDAQABo4IClTCCApEwHQYDVR0OBBYEFIwvrVX4
MOl2gAZA8DTlcEZhawSeMB8GA1UdIwQYMBaAFBrrzYLXAoNDt0WtQGc5zbktTft3
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2MThCQy9FRDdCNjJBQzVE
ODcxMUVDOUMxRDcwMkNDNEY5QUUwMi9HdXZOZ3RjQ2cwTzNSYTFBWnpuTnVTMU4t
M2MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0d1dk5ndGNDZzBPM1JhMUFaem5OdVMxTi0zYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjE4QkMvRUQ3QjYyQUM1RDg3MTFFQzlDMUQ3MDJDQzRGOUFFMDIvQTg4MEY0MTY4
MTkzMTFFQ0I3QjQ4RDVFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnqJowDQYJKoZIhvcNAQELBQADggEBADNw3/LV6GK2is9U
LBIqUJ/5X8EgzDzQohocKDBUUzXXamdpzW1ZMRkmebt/efn+fcB0uw2RnlvajH1Q
uWg805PkYur7TVQdtbwb/3WEBr0K1LA4jwxAshOH/G5xCnw6d2TGXawTKUfcCYJa
ncY02YiRDMRSZKsQmSxsHG59dcpw0SqLIvtOUQE9DI2XqCSUEZNaU8L+NJkMlmXX
40hBXN5jBdWlDmHUQEKWnb6RnirKhlZ5FR9vebaqCS0QIG2e48uwXQKhAb2RlnZ+
v5glk6oytpQQoUjSKy9PSJ4/2iseHk4lz49hgfZLbAg72ECQvBPHSChm+cY4yyRd
5h1mR20=
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:02:57 2025 by rpki-client