Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917BEB0/18113D44615B11ECBD99D14CC4F9AE02/4AEAB70C615D11ECAC75D44DC4F9AE02.roa
File: 4AEAB70C615D11ECAC75D44DC4F9AE02.roa (raw, json)
Hash identifier: WnBbCr/LbqKLlPeho3+8ztfmsdCgc5oHEWwkG3+ywSQ=
Subject key identifier: A9:94:9E:B7:EE:5F:D0:43:BE:36:D3:5B:C6:83:62:DB:C3:40:AD:09
Certificate issuer: /CN=A917BEB0/serialNumber=BBA94EA910A3F232DF9FDF2CD4E3A27A34996B70
Certificate serial: 03F7
Authority key identifier: BB:A9:4E:A9:10:A3:F2:32:DF:9F:DF:2C:D4:E3:A2:7A:34:99:6B:70
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u6lOqRCj8jLfn98s1OOiejSZa3A.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917BEB0/18113D44615B11ECBD99D14CC4F9AE02/4AEAB70C615D11ECAC75D44DC4F9AE02.roa
Signing time: Mon 27 Jan 2025 00:13:26 +0000
ROA not before: Mon 27 Jan 2025 00:13:26 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 149293
IP address blocks: 103.178.32.0/23 maxlen: 23
103.178.32.0/24 maxlen: 24
103.178.33.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1015 (0x3f7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917BEB0
Validity
Not Before: Jan 27 00:13:26 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=6796cfa6-f72c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:a6:ba:52:21:cb:9d:12:ab:1c:1e:e1:4a:18:
3b:b2:5d:d0:01:a9:69:74:b6:0e:46:a0:9e:e9:f9:
e6:6a:eb:cd:b9:b8:05:65:f2:cc:dd:c8:8a:f5:75:
7b:e7:d7:2b:c0:d7:03:d2:c1:88:cc:a2:45:68:7d:
ee:ba:a0:bb:3c:ab:18:2c:ed:45:83:96:ea:d0:84:
95:78:06:3c:18:c8:8c:9c:cf:e7:22:dd:84:97:eb:
b9:5f:12:a5:78:7e:a2:bd:06:4e:62:47:c2:16:39:
79:df:c2:6f:17:e2:39:2b:ed:a5:c3:1e:73:3d:7a:
71:ff:b9:bb:5f:3c:45:a0:b3:49:ed:39:ae:2f:71:
4e:3d:17:89:ef:4e:33:5f:fc:44:7d:ad:ce:f9:e0:
c0:de:69:33:57:d3:df:bf:35:ef:fc:e4:7c:49:b7:
66:d1:cc:13:8c:42:2d:bf:6b:6d:9d:6e:8d:07:4e:
69:bb:7c:43:95:0e:f4:1e:8e:76:89:c7:4d:fc:91:
b9:99:37:a7:84:51:ec:e2:d3:52:3e:e2:22:91:12:
04:12:1f:46:36:83:ea:e9:b3:bb:77:7c:d1:e0:99:
d9:b2:3e:c2:8b:13:64:bf:e6:1c:3b:2d:79:0a:5b:
2b:dd:bb:d6:f9:eb:90:12:8f:b1:21:f2:db:7f:ae:
ab:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:94:9E:B7:EE:5F:D0:43:BE:36:D3:5B:C6:83:62:DB:C3:40:AD:09
X509v3 Authority Key Identifier:
keyid:BB:A9:4E:A9:10:A3:F2:32:DF:9F:DF:2C:D4:E3:A2:7A:34:99:6B:70
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917BEB0/18113D44615B11ECBD99D14CC4F9AE02/u6lOqRCj8jLfn98s1OOiejSZa3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u6lOqRCj8jLfn98s1OOiejSZa3A.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917BEB0/18113D44615B11ECBD99D14CC4F9AE02/4AEAB70C615D11ECAC75D44DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.178.32.0/23
Signature Algorithm: sha256WithRSAEncryption
54:1a:6c:bd:22:ab:7f:bc:ad:d0:8d:68:56:26:be:79:d0:09:
a6:ce:28:41:e6:0c:08:4a:6b:f6:41:7f:f2:df:8f:8a:ea:15:
bb:f6:64:fd:87:53:2b:45:28:c2:0f:ef:3d:a3:13:5d:98:ee:
11:66:6e:3b:90:d4:69:10:35:66:b6:d3:fa:d3:b6:05:6f:a7:
84:d2:bd:7c:5b:83:08:b7:9f:3e:b6:ee:43:45:69:50:e2:11:
2a:e4:17:64:28:2c:1f:7a:be:f5:fa:ae:d1:9e:1f:60:0b:cf:
35:14:5a:17:69:a4:89:f2:91:28:c6:04:1c:49:03:f2:a5:2e:
46:ae:90:12:68:28:a8:5a:4d:0b:8b:2c:23:30:be:88:b8:f8:
64:9c:33:ab:23:2a:d6:54:4e:51:6e:2d:35:8f:ec:56:56:6c:
61:3e:0d:b3:23:b0:a2:ef:a6:27:3b:1a:d6:2a:2a:e1:1a:8c:
33:02:63:47:92:a8:46:24:f6:db:7c:ee:eb:98:84:4c:b5:23:
89:d9:43:da:ef:c2:14:ad:f9:4b:0f:e0:0f:85:b8:9b:7f:44:
51:19:e5:fc:b1:8a:2f:98:e4:6d:83:30:32:e8:6b:37:20:04:
1d:4d:5f:66:6c:b8:05:30:7e:b0:97:da:c9:af:be:5f:96:1e:
12:1f:4f:a7
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICA/cwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0JFQjAxMTAvBgNVBAUTKEJCQTk0RUE5MTBBM0YyMzJERjlGREYyQ0Q0RTNBMjdB
MzQ5OTZCNzAwHhcNMjUwMTI3MDAxMzI2WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzk2Y2ZhNi1mNzJjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA6aa6UiHLnRKrHB7hShg7sl3QAalpdLYORqCe6fnmauvNubgFZfLM3ciK9XV7
59crwNcD0sGIzKJFaH3uuqC7PKsYLO1Fg5bq0ISVeAY8GMiMnM/nIt2El+u5XxKl
eH6ivQZOYkfCFjl538JvF+I5K+2lwx5zPXpx/7m7XzxFoLNJ7TmuL3FOPReJ704z
X/xEfa3O+eDA3mkzV9PfvzXv/OR8Sbdm0cwTjEItv2ttnW6NB05pu3xDlQ70Ho52
icdN/JG5mTenhFHs4tNSPuIikRIEEh9GNoPq6bO7d3zR4JnZsj7CixNkv+YcOy15
Clsr3bvW+euQEo+xIfLbf66rxwIDAQABo4IClTCCApEwHQYDVR0OBBYEFKmUnrfu
X9BDvjbTW8aDYtvDQK0JMB8GA1UdIwQYMBaAFLupTqkQo/Iy35/fLNTjono0mWtw
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QkVCMC8xODExM0Q0NDYx
NUIxMUVDQkQ5OUQxNENDNEY5QUUwMi91NmxPcVJDajhqTGZuOThzMU9PaWVqU1ph
M0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3U2bE9xUkNqOGpMZm45OHMxT09pZWpTWmEzQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0JFQjAvMTgxMTNENDQ2MTVCMTFFQ0JEOTlEMTRDQzRGOUFFMDIvNEFFQUI3MEM2
MTVEMTFFQ0FDNzVENDREQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnsiAwDQYJKoZIhvcNAQELBQADggEBAFQabL0iq3+8rdCN
aFYmvnnQCabOKEHmDAhKa/ZBf/Lfj4rqFbv2ZP2HUytFKMIP7z2jE12Y7hFmbjuQ
1GkQNWa20/rTtgVvp4TSvXxbgwi3nz627kNFaVDiESrkF2QoLB96vvX6rtGeH2AL
zzUUWhdppInykSjGBBxJA/KlLkaukBJoKKhaTQuLLCMwvoi4+GScM6sjKtZUTlFu
LTWP7FZWbGE+DbMjsKLvpic7GtYqKuEajDMCY0eSqEYk9tt87uuYhEy1I4nZQ9rv
whSt+UsP4A+FuJt/RFEZ5fyxii+Y5G2DMDLoazcgBB1NX2ZsuAUwfrCX2smvvl+W
HhIfT6c=
-----END CERTIFICATE-----
Generated at Sat Apr 5 01:42:39 2025 by rpki-client