Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917315B/D735A3B4ED4B11ECA9553778C4F9AE02/A461D7D2C44E11EFA9A9FC20C4F9AE02.roa
File: A461D7D2C44E11EFA9A9FC20C4F9AE02.roa (raw, json)
Hash identifier: mPwNrs2kCM5usozrXVHJk8iSGsHy8S2NOPnOhqCtiZg=
Subject key identifier: E7:A9:EA:40:2A:86:E9:09:60:ED:AD:49:82:38:11:FB:10:06:C1:AA
Certificate issuer: /CN=A917315B/serialNumber=196F92773293E4954B4D97A5D37AC820A745C2E0
Certificate serial: 02BD
Authority key identifier: 19:6F:92:77:32:93:E4:95:4B:4D:97:A5:D3:7A:C8:20:A7:45:C2:E0
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GW-SdzKT5JVLTZel03rIIKdFwuA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917315B/D735A3B4ED4B11ECA9553778C4F9AE02/A461D7D2C44E11EFA9A9FC20C4F9AE02.roa
Signing time: Fri 27 Dec 2024 22:02:10 +0000
ROA not before: Fri 27 Dec 2024 22:02:10 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 208171
IP address blocks: 103.189.191.0/24 maxlen: 24
2001:df0:d840::/48 maxlen: 48
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 701 (0x2bd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917315B
Validity
Not Before: Dec 27 22:02:10 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=676f23e2-f43d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:5d:00:17:96:2a:d4:05:09:ed:62:e7:28:d8:
4c:25:16:54:55:6c:80:f1:5f:2e:e7:6c:ae:16:8d:
db:98:5e:e1:2a:d1:26:ee:23:f5:cb:eb:67:ad:5f:
2b:48:33:0e:2e:3c:20:48:57:dd:93:66:43:13:27:
33:01:7e:14:5b:5b:f2:6e:df:1d:a0:b8:b8:90:ca:
ba:94:69:20:58:d9:fe:8e:67:ee:e1:19:c6:fc:06:
fa:5c:32:e1:21:a4:19:31:16:ac:0c:e1:9f:5d:1b:
07:ab:71:3b:ee:41:88:2c:d0:c0:9c:35:fe:62:c9:
ea:37:cc:f6:cf:98:6e:71:cb:b5:5c:95:ca:eb:83:
bf:47:d0:7e:bf:bd:4a:90:24:77:af:70:76:1c:0e:
7e:0a:15:5b:27:7d:dd:26:b6:ce:b3:bf:a3:07:15:
c0:dc:e9:a8:3a:6d:fb:7e:34:09:36:5c:5d:09:f1:
55:50:14:46:b8:b5:e5:8f:0d:12:af:31:ac:04:94:
c2:e9:1c:13:04:e0:1d:fa:25:31:39:e7:8a:5b:30:
05:00:d6:31:76:95:ac:70:71:ec:4c:cf:00:b5:25:
4e:84:61:2c:1d:32:a2:9e:e4:62:c3:66:c6:c5:13:
3b:00:c9:d4:da:45:a3:67:8e:db:b5:dc:83:8e:ed:
6a:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:A9:EA:40:2A:86:E9:09:60:ED:AD:49:82:38:11:FB:10:06:C1:AA
X509v3 Authority Key Identifier:
keyid:19:6F:92:77:32:93:E4:95:4B:4D:97:A5:D3:7A:C8:20:A7:45:C2:E0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917315B/D735A3B4ED4B11ECA9553778C4F9AE02/GW-SdzKT5JVLTZel03rIIKdFwuA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GW-SdzKT5JVLTZel03rIIKdFwuA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917315B/D735A3B4ED4B11ECA9553778C4F9AE02/A461D7D2C44E11EFA9A9FC20C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.189.191.0/24
IPv6:
2001:df0:d840::/48
Signature Algorithm: sha256WithRSAEncryption
31:d8:e6:2a:ad:34:21:95:a3:fc:07:30:e6:6d:99:43:32:39:
28:ee:da:41:99:54:5e:98:f5:61:15:28:cc:d1:8b:ad:7c:d1:
17:a6:47:59:b8:10:29:85:de:0a:59:91:39:82:19:1a:18:f0:
90:ce:4b:3a:fc:f2:62:be:3c:d9:a6:d9:fd:cd:ee:a4:82:d5:
21:46:37:d2:74:3e:74:48:f1:40:46:22:15:93:1f:32:3a:fb:
ad:91:70:5d:a7:55:70:26:93:a4:9b:69:21:1a:65:78:37:ad:
fc:da:6a:69:9a:89:9d:ed:f1:7c:64:29:0d:90:f5:dc:80:f0:
69:ce:9d:3f:df:4e:3f:d9:5f:bb:0e:cf:96:5b:41:8e:4f:3b:
64:25:3c:62:9d:aa:95:30:fc:1f:32:be:a2:b5:37:e6:35:bb:
ee:3f:22:46:be:d8:c8:9b:f7:db:98:38:65:ae:b1:52:12:b2:
ae:52:0e:61:ab:94:0b:f4:fd:61:92:6e:e3:8d:5b:2f:9d:58:
52:6f:ea:07:5c:ac:f0:62:db:b3:c2:7b:5d:0e:33:7a:50:3d:
a0:bf:13:45:ff:8e:8d:62:33:52:bd:c4:f1:ba:07:d3:60:87:
8b:ba:35:38:cd:da:a2:29:4c:0c:72:2e:6d:8f:ce:a5:2e:d5:
02:7a:d7:06
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICAr0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzMxNUIxMTAvBgNVBAUTKDE5NkY5Mjc3MzI5M0U0OTU0QjREOTdBNUQzN0FDODIw
QTc0NUMyRTAwHhcNMjQxMjI3MjIwMjEwWhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzZmMjNlMi1mNDNkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuV0AF5Yq1AUJ7WLnKNhMJRZUVWyA8V8u52yuFo3bmF7hKtEm7iP1y+tnrV8r
SDMOLjwgSFfdk2ZDEyczAX4UW1vybt8doLi4kMq6lGkgWNn+jmfu4RnG/Ab6XDLh
IaQZMRasDOGfXRsHq3E77kGILNDAnDX+YsnqN8z2z5huccu1XJXK64O/R9B+v71K
kCR3r3B2HA5+ChVbJ33dJrbOs7+jBxXA3OmoOm37fjQJNlxdCfFVUBRGuLXljw0S
rzGsBJTC6RwTBOAd+iUxOeeKWzAFANYxdpWscHHsTM8AtSVOhGEsHTKinuRiw2bG
xRM7AMnU2kWjZ47btdyDju1qnQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFOep6kAq
hukJYO2tSYI4EfsQBsGqMB8GA1UdIwQYMBaAFBlvkncyk+SVS02XpdN6yCCnRcLg
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MzE1Qi9ENzM1QTNCNEVE
NEIxMUVDQTk1NTM3NzhDNEY5QUUwMi9HVy1TZHpLVDVKVkxUWmVsMDNySUlLZEZ3
dUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0dXLVNkektUNUpWTFRaZWwwM3JJSUtkRnd1QS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzMxNUIvRDczNUEzQjRFRDRCMTFFQ0E5NTUzNzc4QzRGOUFFMDIvQTQ2MUQ3RDJD
NDRFMTFFRkE5QTlGQzIwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBABnvb8wDwQCAAIwCQMHACABDfDYQDANBgkqhkiG9w0BAQsF
AAOCAQEAMdjmKq00IZWj/Acw5m2ZQzI5KO7aQZlUXpj1YRUozNGLrXzRF6ZHWbgQ
KYXeClmROYIZGhjwkM5LOvzyYr482abZ/c3upILVIUY30nQ+dEjxQEYiFZMfMjr7
rZFwXadVcCaTpJtpIRpleDet/NpqaZqJne3xfGQpDZD13IDwac6dP99OP9lfuw7P
lltBjk87ZCU8Yp2qlTD8HzK+orU35jW77j8iRr7YyJv325g4Za6xUhKyrlIOYauU
C/T9YZJu441bL51YUm/qB1ys8GLbs8J7XQ4zelA9oL8TRf+OjWIzUr3E8boH02CH
i7o1OM3aoilMDHIubY/OpS7VAnrXBg==
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:36:43 2025 by rpki-client