Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9167CC5/2AC4D33E46B111EC945B4F57C4F9AE02/6337963E4C3D11ECB5FF844FC4F9AE02.roa
File: 6337963E4C3D11ECB5FF844FC4F9AE02.roa (raw, json)
Hash identifier: 3KTOI3tChJ1EuHHkZIxY0+a6WeVb+6nR6Jk3wwfwMHU=
Subject key identifier: 23:2D:FD:16:BD:16:F6:BD:BB:23:5C:2D:E6:AC:19:AE:CD:CD:C9:BD
Certificate issuer: /CN=A9167CC5/serialNumber=5D2785B54D163ED01EA5418BCFA34F1B7456B713
Certificate serial: 0438
Authority key identifier: 5D:27:85:B5:4D:16:3E:D0:1E:A5:41:8B:CF:A3:4F:1B:74:56:B7:13
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XSeFtU0WPtAepUGLz6NPG3RWtxM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9167CC5/2AC4D33E46B111EC945B4F57C4F9AE02/6337963E4C3D11ECB5FF844FC4F9AE02.roa
Signing time: Sun 01 Dec 2024 00:33:48 +0000
ROA not before: Sun 01 Dec 2024 00:33:48 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 6453
IP address blocks: 103.23.24.0/24 maxlen: 24
103.23.25.0/24 maxlen: 24
103.23.26.0/24 maxlen: 24
103.23.27.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1080 (0x438)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9167CC5
Validity
Not Before: Dec 1 00:33:48 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=674baeec-c2ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:7d:60:f1:11:e4:de:a1:08:10:fe:12:09:40:
69:9d:0c:f9:89:99:e7:33:af:5d:70:e9:8e:ce:7a:
ac:4b:96:38:8f:6e:71:b9:ca:cd:a3:d8:02:31:e8:
7f:ed:e1:5b:d4:b8:f2:6d:ad:98:1c:5e:4c:59:fc:
00:4e:90:a0:65:9e:14:d4:eb:ef:0d:1c:0b:d4:ba:
51:d5:ef:4c:5a:f4:33:f4:6e:64:77:7c:21:ac:54:
61:99:f0:70:77:f4:54:e4:87:31:77:8c:d5:26:91:
08:90:55:76:94:c3:65:d1:6f:82:4c:db:33:cc:4d:
6b:a7:44:64:3c:8f:bc:1b:f0:2f:bb:49:49:fd:fc:
a8:7a:e4:1f:f8:28:ce:50:2b:2b:3f:71:da:0e:1c:
87:91:32:3c:7f:f0:42:48:c2:01:2e:d4:a5:b9:6e:
1b:6e:e0:71:29:fb:0e:b6:54:f4:03:bc:57:ed:1d:
07:9f:17:d8:09:46:c5:19:34:19:5b:2d:a5:a6:64:
38:a7:dd:cd:d2:e9:a5:fe:d5:2e:bb:7a:2d:b8:86:
82:e6:a4:1b:ab:59:4b:9a:ff:94:f3:d6:24:0c:5f:
d2:cd:13:d4:bb:81:70:9b:a2:d3:ee:2c:44:84:8d:
3c:2d:11:83:0e:c1:55:9a:79:0b:2b:48:1a:1b:8e:
d3:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:2D:FD:16:BD:16:F6:BD:BB:23:5C:2D:E6:AC:19:AE:CD:CD:C9:BD
X509v3 Authority Key Identifier:
keyid:5D:27:85:B5:4D:16:3E:D0:1E:A5:41:8B:CF:A3:4F:1B:74:56:B7:13
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9167CC5/2AC4D33E46B111EC945B4F57C4F9AE02/XSeFtU0WPtAepUGLz6NPG3RWtxM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XSeFtU0WPtAepUGLz6NPG3RWtxM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9167CC5/2AC4D33E46B111EC945B4F57C4F9AE02/6337963E4C3D11ECB5FF844FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.23.24.0/22
Signature Algorithm: sha256WithRSAEncryption
06:50:09:4c:88:0b:4e:3b:4a:57:2b:c6:d5:5f:2a:e5:6b:fc:
6f:6b:ca:dd:b8:b8:80:78:74:b8:ed:7b:2c:54:a3:14:81:9b:
a4:e7:12:81:7b:d7:23:92:2f:ec:81:a7:ee:04:85:e4:92:f7:
cf:0d:2e:30:5d:59:97:47:83:f9:5b:f4:2b:25:5b:30:31:e9:
29:2e:14:2b:97:8c:cb:42:c3:a0:88:e6:cb:e2:43:60:b8:b0:
06:21:b3:aa:45:d6:6f:b3:ef:ae:e5:d7:bc:10:91:b8:12:87:
72:f8:60:f2:02:e8:bf:4f:e8:86:32:b1:31:b5:d7:56:5a:3d:
ab:fe:14:c1:66:56:3f:e7:e8:a9:7a:fb:eb:c9:d7:46:c5:3f:
b2:5b:76:58:1b:2f:50:1f:18:e4:dd:33:8b:6d:8a:21:04:a3:
59:8f:23:d3:32:dd:8b:82:c3:71:55:ff:8f:f9:02:13:3f:d3:
50:cb:39:c1:97:a9:03:4a:27:2f:e2:6c:e0:f4:01:0d:b0:43:
56:95:fc:b5:94:14:22:90:b9:f6:f6:8d:55:11:35:31:bc:a0:
b3:f0:e6:85:9a:9c:9d:28:69:af:7f:13:67:bd:ef:bd:80:3a:
75:64:af:5e:d8:8e:7d:bd:b5:b5:d2:ff:42:5c:57:05:82:b9:
6d:53:76:70
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBDgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjdDQzUxMTAvBgNVBAUTKDVEMjc4NUI1NEQxNjNFRDAxRUE1NDE4QkNGQTM0RjFC
NzQ1NkI3MTMwHhcNMjQxMjAxMDAzMzQ4WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzRiYWVlYy1jMmZmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwH1g8RHk3qEIEP4SCUBpnQz5iZnnM69dcOmOznqsS5Y4j25xucrNo9gCMeh/
7eFb1Ljyba2YHF5MWfwATpCgZZ4U1OvvDRwL1LpR1e9MWvQz9G5kd3whrFRhmfBw
d/RU5Icxd4zVJpEIkFV2lMNl0W+CTNszzE1rp0RkPI+8G/Avu0lJ/fyoeuQf+CjO
UCsrP3HaDhyHkTI8f/BCSMIBLtSluW4bbuBxKfsOtlT0A7xX7R0HnxfYCUbFGTQZ
Wy2lpmQ4p93N0uml/tUuu3otuIaC5qQbq1lLmv+U89YkDF/SzRPUu4Fwm6LT7ixE
hI08LRGDDsFVmnkLK0gaG47TkQIDAQABo4IClTCCApEwHQYDVR0OBBYEFCMt/Ra9
Fva9uyNcLeasGa7Nzcm9MB8GA1UdIwQYMBaAFF0nhbVNFj7QHqVBi8+jTxt0VrcT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2N0NDNS8yQUM0RDMzRTQ2
QjExMUVDOTQ1QjRGNTdDNEY5QUUwMi9YU2VGdFUwV1B0QWVwVUdMejZOUEczUld0
eE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1hTZUZ0VTBXUHRBZXBVR0x6Nk5QRzNSV3R4TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjdDQzUvMkFDNEQzM0U0NkIxMTFFQzk0NUI0RjU3QzRGOUFFMDIvNjMzNzk2M0U0
QzNEMTFFQ0I1RkY4NDRGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJnFxgwDQYJKoZIhvcNAQELBQADggEBAAZQCUyIC047Slcr
xtVfKuVr/G9ryt24uIB4dLjteyxUoxSBm6TnEoF71yOSL+yBp+4EheSS988NLjBd
WZdHg/lb9CslWzAx6SkuFCuXjMtCw6CI5sviQ2C4sAYhs6pF1m+z767l17wQkbgS
h3L4YPIC6L9P6IYysTG111ZaPav+FMFmVj/n6Kl6++vJ10bFP7JbdlgbL1AfGOTd
M4ttiiEEo1mPI9My3YuCw3FV/4/5AhM/01DLOcGXqQNKJy/ibOD0AQ2wQ1aV/LWU
FCKQufb2jVURNTG8oLPw5oWanJ0oaa9/E2e9772AOnVkr17Yjn29tbXS/0JcVwWC
uW1TdnA=
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:02:45 2025 by rpki-client