Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917C185/202276BA9BFF11EA8436FC45C4F9AE02/CB91083CA63511EA900DB923C4F9AE02.roa
File: CB91083CA63511EA900DB923C4F9AE02.roa (raw, json)
Hash identifier: 1guI2gXzSQT5STi81CKAucU8Uim1y9wn0ld7tOI9/tM=
Subject key identifier: 20:42:D3:F9:D3:27:30:2E:19:84:EF:35:DD:CC:2F:E3:00:71:61:B3
Certificate issuer: /CN=A917C185/serialNumber=AE4718E5F32F004A0312FEB869ADCBBCC4EEE516
Certificate serial: 0901
Authority key identifier: AE:47:18:E5:F3:2F:00:4A:03:12:FE:B8:69:AD:CB:BC:C4:EE:E5:16
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rkcY5fMvAEoDEv64aa3LvMTu5RY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917C185/202276BA9BFF11EA8436FC45C4F9AE02/CB91083CA63511EA900DB923C4F9AE02.roa
Signing time: Thu 16 Jan 2025 20:19:24 +0000
ROA not before: Thu 16 Jan 2025 20:19:24 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 45559
IP address blocks: 103.10.200.0/22 maxlen: 24
116.206.108.0/22 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2305 (0x901)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917C185
Validity
Not Before: Jan 16 20:19:24 2025 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=678969cc-bf84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:28:a5:c5:99:c1:6a:1b:7f:2b:1c:46:31:f4:
7a:bc:48:b4:e6:24:40:8e:2c:69:b6:1f:0f:3b:4d:
2f:eb:f8:28:80:f9:da:17:8f:26:54:1d:ad:98:96:
f0:ae:1e:26:d2:63:53:86:6c:5a:3a:3f:ad:43:27:
8c:46:90:7f:a8:9b:98:af:ce:f2:9f:5e:da:1c:c0:
7d:e8:ce:e7:b9:0a:ea:47:f2:4b:5c:2b:57:12:7e:
c7:b8:aa:14:84:70:4f:91:46:92:13:16:e6:f4:99:
46:9f:cc:1f:d1:e6:30:34:b5:ef:b2:ad:be:5c:6a:
25:a3:38:d6:63:84:c1:17:af:ca:88:3c:f4:dd:d0:
dc:9d:6b:c8:42:d5:65:69:97:ec:79:cf:ce:09:48:
84:34:8a:10:34:c9:dd:58:5c:3a:91:e4:96:01:fd:
65:1d:02:f5:a6:a1:a4:a7:c8:52:6c:49:08:95:35:
07:29:d1:9a:0a:38:00:2a:f7:94:b6:69:9f:07:19:
cb:38:1e:0c:b0:d0:c4:18:ca:79:91:93:a9:e5:97:
d3:67:8e:4e:fd:ba:0a:9e:b1:db:4d:60:18:05:c4:
d1:86:b5:29:48:fe:57:d4:2d:3c:51:e3:0c:b0:85:
8f:4f:99:d8:77:be:7f:b0:cc:7b:38:ec:ad:01:2c:
62:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:42:D3:F9:D3:27:30:2E:19:84:EF:35:DD:CC:2F:E3:00:71:61:B3
X509v3 Authority Key Identifier:
keyid:AE:47:18:E5:F3:2F:00:4A:03:12:FE:B8:69:AD:CB:BC:C4:EE:E5:16
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917C185/202276BA9BFF11EA8436FC45C4F9AE02/rkcY5fMvAEoDEv64aa3LvMTu5RY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rkcY5fMvAEoDEv64aa3LvMTu5RY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917C185/202276BA9BFF11EA8436FC45C4F9AE02/CB91083CA63511EA900DB923C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.10.200.0/22
116.206.108.0/22
Signature Algorithm: sha256WithRSAEncryption
52:09:6c:68:54:cf:d5:06:32:ef:41:2a:19:f6:27:71:61:51:
ca:32:18:4c:ab:34:20:a3:1a:0b:40:94:5e:92:16:94:bd:89:
ca:f3:ca:17:b7:a7:d5:2d:23:fd:1d:e7:d9:e7:2e:cd:7d:e8:
ba:7b:bb:82:c3:41:53:f7:70:29:8b:93:79:37:6a:6e:cb:9d:
f3:97:a9:78:f2:24:a9:4e:ed:04:b4:c3:77:41:ce:b1:78:83:
b2:db:49:66:23:7d:82:d3:ef:87:0f:03:d0:b8:39:ce:dd:b9:
a3:7c:ee:16:f2:9f:33:d8:3c:1b:03:ce:2a:5b:41:36:56:34:
f7:5f:17:5d:a9:ac:b7:48:31:d6:d7:dd:ea:5d:0e:71:0c:6b:
22:2a:08:7d:42:c9:f5:a9:98:77:50:c7:56:6e:d6:26:2a:d0:
c9:75:2d:58:24:4b:f4:4d:77:b3:7b:38:9e:85:31:0d:f5:c0:
1b:1e:be:d2:1b:b8:0a:e6:70:00:0e:7e:fc:50:3e:a4:47:c1:
fc:71:20:fc:e1:7f:2b:e7:99:33:9c:3a:45:6b:2f:da:ce:1e:
54:c1:8c:55:04:99:1a:57:4a:8d:07:2e:11:8f:4b:52:7b:71:
bf:17:10:5e:41:01:b6:19:b4:8d:79:a8:95:82:28:a2:23:64:
bf:71:37:4e
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICCQEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0MxODUxMTAvBgNVBAUTKEFFNDcxOEU1RjMyRjAwNEEwMzEyRkVCODY5QURDQkJD
QzRFRUU1MTYwHhcNMjUwMTE2MjAxOTI0WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzg5NjljYy1iZjg0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAniilxZnBaht/KxxGMfR6vEi05iRAjixpth8PO00v6/gogPnaF48mVB2tmJbw
rh4m0mNThmxaOj+tQyeMRpB/qJuYr87yn17aHMB96M7nuQrqR/JLXCtXEn7HuKoU
hHBPkUaSExbm9JlGn8wf0eYwNLXvsq2+XGolozjWY4TBF6/KiDz03dDcnWvIQtVl
aZfsec/OCUiENIoQNMndWFw6keSWAf1lHQL1pqGkp8hSbEkIlTUHKdGaCjgAKveU
tmmfBxnLOB4MsNDEGMp5kZOp5ZfTZ45O/boKnrHbTWAYBcTRhrUpSP5X1C08UeMM
sIWPT5nYd75/sMx7OOytASxiDwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFCBC0/nT
JzAuGYTvNd3ML+MAcWGzMB8GA1UdIwQYMBaAFK5HGOXzLwBKAxL+uGmty7zE7uUW
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QzE4NS8yMDIyNzZCQTlC
RkYxMUVBODQzNkZDNDVDNEY5QUUwMi9ya2NZNWZNdkFFb0RFdjY0YWEzTHZNVHU1
UlkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3JrY1k1Zk12QUVvREV2NjRhYTNMdk1UdTVSWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0MxODUvMjAyMjc2QkE5QkZGMTFFQTg0MzZGQzQ1QzRGOUFFMDIvQ0I5MTA4M0NB
NjM1MTFFQTkwMERCOTIzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAJnCsgDBAJ0zmwwDQYJKoZIhvcNAQELBQADggEBAFIJbGhU
z9UGMu9BKhn2J3FhUcoyGEyrNCCjGgtAlF6SFpS9icrzyhe3p9UtI/0d59nnLs19
6Lp7u4LDQVP3cCmLk3k3am7LnfOXqXjyJKlO7QS0w3dBzrF4g7LbSWYjfYLT74cP
A9C4Oc7duaN87hbynzPYPBsDzipbQTZWNPdfF12prLdIMdbX3epdDnEMayIqCH1C
yfWpmHdQx1Zu1iYq0Ml1LVgkS/RNd7N7OJ6FMQ31wBsevtIbuArmcAAOfvxQPqRH
wfxxIPzhfyvnmTOcOkVrL9rOHlTBjFUEmRpXSo0HLhGPS1J7cb8XEF5BAbYZtI15
qJWCKKIjZL9xN04=
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:17:56 2025 by rpki-client