Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9161A5A/B8BB568E65E511EBA25F920BC4F9AE02/79D611D265E711EBB6FD8A0DC4F9AE02.roa
File: 79D611D265E711EBB6FD8A0DC4F9AE02.roa (raw, json)
Hash identifier: 8jITrnqODr3hbw+6QboJeBK8U7SJ4xuwPGHj3X5tTD4=
Subject key identifier: 1A:E4:09:3B:53:22:DB:49:EE:7E:40:18:E0:61:DA:5D:F6:87:27:3A
Certificate issuer: /CN=A9161A5A/serialNumber=2F369B448D2171596BA2C93CDBE258EAF3317594
Certificate serial: 0669
Authority key identifier: 2F:36:9B:44:8D:21:71:59:6B:A2:C9:3C:DB:E2:58:EA:F3:31:75:94
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LzabRI0hcVlrosk82-JY6vMxdZQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9161A5A/B8BB568E65E511EBA25F920BC4F9AE02/79D611D265E711EBB6FD8A0DC4F9AE02.roa
Signing time: Mon 30 Dec 2024 22:31:49 +0000
ROA not before: Mon 30 Dec 2024 22:31:49 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 141416
IP address blocks: 103.158.204.0/23 maxlen: 23
103.158.204.0/24 maxlen: 24
103.158.205.0/24 maxlen: 24
2001:df5:6480::/48 maxlen: 48
2001:df5:6480::/49 maxlen: 49
2001:df5:6480:8000::/49 maxlen: 49
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1641 (0x669)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9161A5A
Validity
Not Before: Dec 30 22:31:49 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=67731f55-d163
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:36:c8:61:79:dc:14:13:a5:a7:ca:5d:95:67:
1e:4b:ed:a4:ef:8a:c8:ad:5e:5d:ce:14:4e:68:e0:
21:c3:e0:fe:0a:89:86:0d:08:77:7e:11:eb:0a:ea:
c3:83:38:31:42:ab:83:db:0a:a0:5c:1b:ae:e2:e3:
67:3b:52:6a:be:d1:82:d2:da:c9:df:f6:d1:7c:84:
ef:b2:36:b0:99:15:c9:92:fb:f7:a8:52:64:c9:ce:
12:2f:44:3a:20:7e:d7:ac:74:09:64:12:c9:80:a2:
08:7d:7f:77:1f:27:91:7a:41:50:30:02:f1:63:bf:
36:6d:f8:45:13:3e:94:68:73:ed:76:55:2e:14:1d:
35:31:fd:c3:41:58:ac:bf:46:45:fb:c3:eb:58:6f:
5b:ee:2a:7f:b0:e9:03:68:c3:3e:40:c2:1b:c4:2d:
a3:fa:e2:75:4f:26:06:1b:63:35:39:c7:9a:b2:01:
52:29:1f:9c:bb:00:fd:d4:7f:35:50:49:18:37:45:
07:69:df:1e:5d:9f:50:e7:18:db:93:a3:90:98:92:
51:7d:e9:b9:39:e2:1a:55:fe:79:1d:4f:c4:81:00:
33:61:13:d1:85:8f:30:58:01:ce:7c:97:36:cc:08:
18:db:e2:51:00:1b:9b:13:9a:f9:75:75:70:d4:3d:
b3:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:E4:09:3B:53:22:DB:49:EE:7E:40:18:E0:61:DA:5D:F6:87:27:3A
X509v3 Authority Key Identifier:
keyid:2F:36:9B:44:8D:21:71:59:6B:A2:C9:3C:DB:E2:58:EA:F3:31:75:94
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9161A5A/B8BB568E65E511EBA25F920BC4F9AE02/LzabRI0hcVlrosk82-JY6vMxdZQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LzabRI0hcVlrosk82-JY6vMxdZQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9161A5A/B8BB568E65E511EBA25F920BC4F9AE02/79D611D265E711EBB6FD8A0DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.158.204.0/23
IPv6:
2001:df5:6480::/48
Signature Algorithm: sha256WithRSAEncryption
2b:62:79:15:a6:ab:dc:99:7e:ca:ba:20:b6:89:87:0e:80:6c:
a3:2c:ca:65:8c:0e:ab:b3:01:7e:30:ea:2a:36:c9:d6:6d:96:
e4:9d:1e:e0:ed:3b:27:ad:6d:70:1f:86:4f:3a:c7:9d:d9:5d:
4c:0c:5f:3c:ca:7a:9d:02:46:1e:f6:9a:53:5f:45:71:bf:0c:
50:3a:6f:d5:0f:d1:93:32:e4:9e:ac:5a:46:ce:e6:bd:3f:9e:
37:93:0e:8a:58:ee:fe:da:00:6f:c5:ad:78:f8:3d:05:93:d1:
68:a2:72:a7:af:3b:bd:7b:5b:bd:92:8b:cc:a2:e2:b6:fa:f9:
e1:7f:a2:83:59:bf:fb:5f:da:45:42:a3:25:25:87:a9:b2:8e:
97:e0:bd:86:1b:fa:d7:ee:c1:35:9e:b2:19:b9:bd:cd:93:2a:
ee:b7:51:6c:f8:25:b4:cb:3b:6c:d1:ae:53:e9:61:97:f9:aa:
31:78:ef:52:5a:57:4e:a8:e3:26:94:b7:02:b9:49:67:b4:13:
6b:ac:e1:11:62:10:3b:ac:18:20:e0:fe:1e:ca:8d:fe:2a:a5:
d8:28:fc:7d:49:2e:ff:93:ec:5c:2a:f7:23:56:2e:14:5b:cf:
30:d0:be:b1:76:12:93:88:f6:55:cf:54:7e:af:81:7d:8d:05:
05:52:d9:79
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICBmkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjFBNUExMTAvBgNVBAUTKDJGMzY5QjQ0OEQyMTcxNTk2QkEyQzkzQ0RCRTI1OEVB
RjMzMTc1OTQwHhcNMjQxMjMwMjIzMTQ5WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzczMWY1NS1kMTYzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxjbIYXncFBOlp8pdlWceS+2k74rIrV5dzhROaOAhw+D+ComGDQh3fhHrCurD
gzgxQquD2wqgXBuu4uNnO1JqvtGC0trJ3/bRfITvsjawmRXJkvv3qFJkyc4SL0Q6
IH7XrHQJZBLJgKIIfX93HyeRekFQMALxY782bfhFEz6UaHPtdlUuFB01Mf3DQVis
v0ZF+8PrWG9b7ip/sOkDaMM+QMIbxC2j+uJ1TyYGG2M1OceasgFSKR+cuwD91H81
UEkYN0UHad8eXZ9Q5xjbk6OQmJJRfem5OeIaVf55HU/EgQAzYRPRhY8wWAHOfJc2
zAgY2+JRABubE5r5dXVw1D2znwIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFBrkCTtT
IttJ7n5AGOBh2l32hyc6MB8GA1UdIwQYMBaAFC82m0SNIXFZa6LJPNviWOrzMXWU
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2MUE1QS9COEJCNTY4RTY1
RTUxMUVCQTI1RjkyMEJDNEY5QUUwMi9MemFiUkkwaGNWbHJvc2s4Mi1KWTZ2TXhk
WlEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0x6YWJSSTBoY1Zscm9zazgyLUpZNnZNeGRaUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjFBNUEvQjhCQjU2OEU2NUU1MTFFQkEyNUY5MjBCQzRGOUFFMDIvNzlENjExRDI2
NUU3MTFFQkI2RkQ4QTBEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnnswwDwQCAAIwCQMHACABDfVkgDANBgkqhkiG9w0BAQsF
AAOCAQEAK2J5Faar3Jl+yrogtomHDoBsoyzKZYwOq7MBfjDqKjbJ1m2W5J0e4O07
J61tcB+GTzrHndldTAxfPMp6nQJGHvaaU19Fcb8MUDpv1Q/RkzLknqxaRs7mvT+e
N5MOilju/toAb8WtePg9BZPRaKJyp687vXtbvZKLzKLitvr54X+ig1m/+1/aRUKj
JSWHqbKOl+C9hhv61+7BNZ6yGbm9zZMq7rdRbPgltMs7bNGuU+lhl/mqMXjvUlpX
TqjjJpS3ArlJZ7QTa6zhEWIQO6wYIOD+HsqN/iql2Cj8fUku/5PsXCr3I1YuFFvP
MNC+sXYSk4j2Vc9Ufq+BfY0FBVLZeQ==
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:10:28 2025 by rpki-client