Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916BC97/A0B1E44CBCE711EA9EDF3E6DC4F9AE02/50998080BCE911EAA0114B70C4F9AE02.roa
File: 50998080BCE911EAA0114B70C4F9AE02.roa (raw, json)
Hash identifier: O/NO2IfdBXfSyfMwGAkT+IgbQvZgtu7lJ1dsaQhj82E=
Subject key identifier: CD:1C:03:E9:28:82:56:56:84:83:F2:94:7E:EE:86:8D:6C:4C:6F:74
Certificate issuer: /CN=A916BC97/serialNumber=818B81229546F64A980C3D86EC52F31194F2FD8E
Certificate serial: 083F
Authority key identifier: 81:8B:81:22:95:46:F6:4A:98:0C:3D:86:EC:52:F3:11:94:F2:FD:8E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gYuBIpVG9kqYDD2G7FLzEZTy_Y4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916BC97/A0B1E44CBCE711EA9EDF3E6DC4F9AE02/50998080BCE911EAA0114B70C4F9AE02.roa
Signing time: Wed 06 Nov 2024 20:39:54 +0000
ROA not before: Wed 06 Nov 2024 20:39:54 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 132827
IP address blocks: 43.229.240.0/22 maxlen: 22
103.5.249.0/24 maxlen: 24
103.13.45.0/24 maxlen: 24
103.13.46.0/24 maxlen: 24
103.30.52.0/22 maxlen: 22
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2111 (0x83f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916BC97
Validity
Not Before: Nov 6 20:39:54 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=672bd419-47ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:c2:77:d2:1b:62:5a:ab:c3:16:12:96:17:48:
bb:34:73:0f:0e:30:99:80:af:59:7c:fb:0c:b6:3f:
8d:05:ab:93:b8:4c:8d:7d:06:91:6d:57:21:a8:4c:
7d:cf:53:9f:11:0c:ba:28:67:ed:bf:b1:c3:da:ea:
c8:3e:93:90:70:66:5b:eb:1d:e3:98:f2:aa:c6:58:
a4:8b:94:7e:60:7e:01:5f:3e:29:1e:d7:c4:ec:36:
c6:38:2f:07:81:52:16:33:1e:ff:5c:de:fa:a7:3a:
d7:4a:1c:e5:d8:eb:ba:b6:6f:f6:c7:bd:e5:8d:e1:
bb:e2:91:a1:6a:11:d0:6a:bf:0d:98:64:bc:fe:83:
f9:b9:95:bb:07:10:04:bf:8b:69:c0:87:1e:47:91:
fb:18:cd:24:7c:c1:98:96:d6:52:e0:b0:ef:78:f5:
5a:77:db:e2:0e:1b:ed:95:a9:64:95:37:c1:0f:c9:
47:5c:6d:99:e2:ab:1e:58:ae:f7:e0:22:25:19:f9:
11:58:e7:02:d1:c0:46:26:35:eb:87:3b:a3:93:bb:
56:3a:2e:2d:f9:ab:8d:af:22:c9:05:be:94:fe:fc:
33:c1:c8:49:2d:c6:a8:f9:c5:a7:36:04:37:d0:e5:
58:e7:29:85:b4:a8:5e:6b:68:1b:5d:0f:01:04:81:
f0:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:1C:03:E9:28:82:56:56:84:83:F2:94:7E:EE:86:8D:6C:4C:6F:74
X509v3 Authority Key Identifier:
keyid:81:8B:81:22:95:46:F6:4A:98:0C:3D:86:EC:52:F3:11:94:F2:FD:8E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916BC97/A0B1E44CBCE711EA9EDF3E6DC4F9AE02/gYuBIpVG9kqYDD2G7FLzEZTy_Y4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gYuBIpVG9kqYDD2G7FLzEZTy_Y4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916BC97/A0B1E44CBCE711EA9EDF3E6DC4F9AE02/50998080BCE911EAA0114B70C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.229.240.0/22
103.5.249.0/24
103.13.45.0-103.13.46.255
103.30.52.0/22
Signature Algorithm: sha256WithRSAEncryption
d4:0c:3f:5c:d3:cd:ea:21:8a:6b:4a:1e:0a:7a:0f:ef:f1:cd:
7e:ec:b6:a5:3b:3d:64:25:f2:12:0f:4f:97:13:2c:7f:5f:91:
48:fd:09:2a:4d:8c:ba:24:86:63:97:d9:4b:44:a8:07:5c:37:
78:93:a9:48:ea:09:8b:47:07:8c:6b:6d:31:22:62:73:17:c3:
17:cc:a1:d8:09:bb:98:97:88:f0:22:a4:c4:c3:65:94:66:42:
a8:26:95:84:37:e3:ae:91:3c:53:80:9f:9d:f2:0e:86:40:6e:
02:75:73:37:c8:85:d2:81:f1:0f:dd:21:7b:06:73:f4:80:33:
8c:ac:34:2a:d0:33:75:31:9a:7c:c8:5c:e3:99:0c:5f:29:7a:
1d:78:01:54:96:ab:90:fa:c0:31:86:0f:6f:04:ad:12:f8:31:
a9:b8:bf:28:75:25:80:f1:85:b2:8c:67:ea:a4:8c:e9:38:dc:
cf:93:89:61:3a:41:b7:44:0a:1a:6b:a4:ca:c0:56:0f:73:68:
bf:fb:0f:bf:30:5e:be:bc:cd:60:20:2e:2a:81:07:91:df:90:
af:8e:de:cf:d8:ca:32:1a:80:0a:87:b2:df:9d:7e:76:46:69:
fa:de:65:4e:bb:94:5d:6e:12:f7:cc:47:71:c6:64:de:36:78:
fd:4b:28:7f
-----BEGIN CERTIFICATE-----
MIIFizCCBHOgAwIBAgICCD8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkJDOTcxMTAvBgNVBAUTKDgxOEI4MTIyOTU0NkY2NEE5ODBDM0Q4NkVDNTJGMzEx
OTRGMkZEOEUwHhcNMjQxMTA2MjAzOTU0WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzJiZDQxOS00N2VmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtcJ30htiWqvDFhKWF0i7NHMPDjCZgK9ZfPsMtj+NBauTuEyNfQaRbVchqEx9
z1OfEQy6KGftv7HD2urIPpOQcGZb6x3jmPKqxliki5R+YH4BXz4pHtfE7DbGOC8H
gVIWMx7/XN76pzrXShzl2Ou6tm/2x73ljeG74pGhahHQar8NmGS8/oP5uZW7BxAE
v4tpwIceR5H7GM0kfMGYltZS4LDvePVad9viDhvtlalklTfBD8lHXG2Z4qseWK73
4CIlGfkRWOcC0cBGJjXrhzujk7tWOi4t+auNryLJBb6U/vwzwchJLcao+cWnNgQ3
0OVY5ymFtKhea2gbXQ8BBIHwUQIDAQABo4ICrzCCAqswHQYDVR0OBBYEFM0cA+ko
glZWhIPylH7uho1sTG90MB8GA1UdIwQYMBaAFIGLgSKVRvZKmAw9huxS8xGU8v2O
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2QkM5Ny9BMEIxRTQ0Q0JD
RTcxMUVBOUVERjNFNkRDNEY5QUUwMi9nWXVCSXBWRzlrcVlERDJHN0ZMekVaVHlf
WTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2dZdUJJcFZHOWtxWUREMkc3Rkx6RVpUeV9ZNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkJDOTcvQTBCMUU0NENCQ0U3MTFFQTlFREYzRTZEQzRGOUFFMDIvNTA5OTgwODBC
Q0U5MTFFQUEwMTE0QjcwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOQYIKwYBBQUHAQcBAf8E
KjAoMCYEAgABMCADBAIr5fADBABnBfkwDAMEAGcNLQMEAGcNLgMEAmceNDANBgkq
hkiG9w0BAQsFAAOCAQEA1Aw/XNPN6iGKa0oeCnoP7/HNfuy2pTs9ZCXyEg9PlxMs
f1+RSP0JKk2MuiSGY5fZS0SoB1w3eJOpSOoJi0cHjGttMSJicxfDF8yh2Am7mJeI
8CKkxMNllGZCqCaVhDfjrpE8U4CfnfIOhkBuAnVzN8iF0oHxD90hewZz9IAzjKw0
KtAzdTGafMhc45kMXyl6HXgBVJarkPrAMYYPbwStEvgxqbi/KHUlgPGFsoxn6qSM
6Tjcz5OJYTpBt0QKGmukysBWD3Nov/sPvzBevrzNYCAuKoEHkd+Qr47ez9jKMhqA
Coey351+dkZp+t5lTruUXW4S98xHccZk3jZ4/Usofw==
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:13:26 2025 by rpki-client