Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918BB4D/CA563BE8652211EB80F6E94BC4F9AE02/928CA88A586011EE8C13C32FC4F9AE02.roa
File: 928CA88A586011EE8C13C32FC4F9AE02.roa (raw, json)
Hash identifier: t4GFbhRcXV5rCaSrkO7PRxEXPtd94/27Wj/Zor1yc0c=
Subject key identifier: 93:7E:38:59:6C:D7:5A:F6:8E:AA:BE:DD:6B:AA:27:5F:AB:41:C6:27
Certificate issuer: /CN=A918BB4D/serialNumber=EF403643EA9820AE6D9D622F9AEFD7A4C9154F24
Certificate serial: 061E
Authority key identifier: EF:40:36:43:EA:98:20:AE:6D:9D:62:2F:9A:EF:D7:A4:C9:15:4F:24
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/70A2Q-qYIK5tnWIvmu_XpMkVTyQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918BB4D/CA563BE8652211EB80F6E94BC4F9AE02/928CA88A586011EE8C13C32FC4F9AE02.roa
Signing time: Tue 06 Aug 2024 23:11:51 +0000
ROA not before: Tue 06 Aug 2024 23:11:51 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 932
IP address blocks: 103.244.88.0/22 maxlen: 24
116.206.176.0/22 maxlen: 24
2001:df5:8300::/48 maxlen: 48
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1566 (0x61e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918BB4D
Validity
Not Before: Aug 6 23:11:51 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=66b2adb7-1533
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:55:fe:f0:cb:7c:b4:d2:56:d5:21:cf:70:f5:
34:ec:aa:f1:ac:3d:bb:0f:cd:9b:95:41:ba:98:a3:
cb:6d:db:f2:0e:1d:32:17:ec:52:28:38:f4:86:4c:
87:4b:cb:ca:ca:ef:f6:68:6d:70:4f:30:a9:bc:65:
63:e4:41:6b:b2:de:3b:1b:b9:d9:1c:ce:f4:40:4e:
a0:06:76:c2:44:68:d0:e4:75:52:59:e0:dd:71:ac:
81:9d:fe:76:7e:fa:1b:1e:5a:02:cc:67:39:69:0e:
a1:e2:e2:84:61:88:c2:6e:c3:57:2e:1b:00:9c:c2:
b3:98:40:5a:0c:c4:f7:5f:9f:16:12:53:7a:50:c4:
a5:89:c3:d0:7d:19:e4:a7:29:25:4c:57:1a:c3:25:
f8:73:3a:fb:7c:a0:8a:c4:fd:86:71:25:47:5b:66:
0d:8a:13:2d:ee:fd:b0:ca:c6:ef:96:ab:3d:78:e8:
fc:c4:b2:06:83:8c:21:df:31:f1:25:65:4a:bc:90:
46:62:6c:da:3d:69:1f:c9:50:22:f2:e4:c8:eb:1e:
f8:9a:07:d5:38:a1:87:ed:b5:94:ce:b9:7e:2c:17:
46:9d:72:19:56:0f:04:6c:df:87:e7:c1:42:45:bd:
1a:4e:1f:e1:85:cd:c0:e9:a2:44:85:b5:2d:0c:80:
65:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:7E:38:59:6C:D7:5A:F6:8E:AA:BE:DD:6B:AA:27:5F:AB:41:C6:27
X509v3 Authority Key Identifier:
keyid:EF:40:36:43:EA:98:20:AE:6D:9D:62:2F:9A:EF:D7:A4:C9:15:4F:24
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918BB4D/CA563BE8652211EB80F6E94BC4F9AE02/70A2Q-qYIK5tnWIvmu_XpMkVTyQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/70A2Q-qYIK5tnWIvmu_XpMkVTyQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918BB4D/CA563BE8652211EB80F6E94BC4F9AE02/928CA88A586011EE8C13C32FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.244.88.0/22
116.206.176.0/22
IPv6:
2001:df5:8300::/48
Signature Algorithm: sha256WithRSAEncryption
8b:31:eb:04:b6:1f:ac:68:0a:01:84:9d:ab:cd:d2:ac:87:34:
f8:64:a5:85:d6:83:2c:30:93:a1:71:ba:17:53:02:fc:72:a0:
fc:0e:45:cd:55:bc:e8:25:e3:0c:14:a8:ca:4f:5c:9e:ac:21:
63:96:74:3e:11:91:11:9f:fc:be:29:43:70:25:69:54:2e:a2:
35:67:69:16:07:fe:0c:df:2f:1d:3f:b0:11:3c:4e:d9:20:2e:
d0:c2:81:8a:ea:b6:b7:27:0e:0f:ff:19:5b:89:1a:48:f4:e6:
b1:43:0a:c9:28:12:1b:9d:33:fd:8a:ad:a5:63:49:cd:19:a4:
33:9e:30:9c:2f:f6:dc:7e:69:66:10:98:a3:79:c6:6f:14:34:
2c:10:a4:e3:88:dd:28:88:f7:47:12:df:a9:33:d7:11:bf:b1:
a0:85:2b:55:07:5b:44:dd:58:db:ce:37:20:c5:21:1d:d5:39:
8d:ed:f5:0c:c6:b5:5e:4e:a3:78:f1:78:d5:4e:98:b5:47:7e:
3e:7e:4a:84:e4:93:e8:24:b6:e3:72:76:e8:3a:b9:5f:2f:34:
cf:10:d5:44:2e:28:4b:40:a9:9a:b2:dc:09:e5:83:24:07:4f:
a4:1e:94:f2:1d:56:20:ad:96:c9:0d:f9:be:af:d0:e5:e1:62:
4d:44:11:df
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgICBh4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEJCNEQxMTAvBgNVBAUTKEVGNDAzNjQzRUE5ODIwQUU2RDlENjIyRjlBRUZEN0E0
QzkxNTRGMjQwHhcNMjQwODA2MjMxMTUxWhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmIyYWRiNy0xNTMzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAylX+8Mt8tNJW1SHPcPU07KrxrD27D82blUG6mKPLbdvyDh0yF+xSKDj0hkyH
S8vKyu/2aG1wTzCpvGVj5EFrst47G7nZHM70QE6gBnbCRGjQ5HVSWeDdcayBnf52
fvobHloCzGc5aQ6h4uKEYYjCbsNXLhsAnMKzmEBaDMT3X58WElN6UMSlicPQfRnk
pyklTFcawyX4czr7fKCKxP2GcSVHW2YNihMt7v2wysbvlqs9eOj8xLIGg4wh3zHx
JWVKvJBGYmzaPWkfyVAi8uTI6x74mgfVOKGH7bWUzrl+LBdGnXIZVg8EbN+H58FC
Rb0aTh/hhc3A6aJEhbUtDIBlZQIDAQABo4ICrDCCAqgwHQYDVR0OBBYEFJN+OFls
11r2jqq+3WuqJ1+rQcYnMB8GA1UdIwQYMBaAFO9ANkPqmCCubZ1iL5rv16TJFU8k
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4QkI0RC9DQTU2M0JFODY1
MjIxMUVCODBGNkU5NEJDNEY5QUUwMi83MEEyUS1xWUlLNXRuV0l2bXVfWHBNa1ZU
eVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzcwQTJRLXFZSUs1dG5XSXZtdV9YcE1rVlR5US5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEJCNEQvQ0E1NjNCRTg2NTIyMTFFQjgwRjZFOTRCQzRGOUFFMDIvOTI4Q0E4OEE1
ODYwMTFFRThDMTNDMzJGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNgYIKwYBBQUHAQcBAf8E
JzAlMBIEAgABMAwDBAJn9FgDBAJ0zrAwDwQCAAIwCQMHACABDfWDADANBgkqhkiG
9w0BAQsFAAOCAQEAizHrBLYfrGgKAYSdq83SrIc0+GSlhdaDLDCToXG6F1MC/HKg
/A5FzVW86CXjDBSoyk9cnqwhY5Z0PhGREZ/8vilDcCVpVC6iNWdpFgf+DN8vHT+w
ETxO2SAu0MKBiuq2tycOD/8ZW4kaSPTmsUMKySgSG50z/YqtpWNJzRmkM54wnC/2
3H5pZhCYo3nGbxQ0LBCk44jdKIj3RxLfqTPXEb+xoIUrVQdbRN1Y2843IMUhHdU5
je31DMa1Xk6jePF41U6YtUd+Pn5KhOST6CS243J26Dq5Xy80zxDVRC4oS0CpmrLc
CeWDJAdPpB6U8h1WIK2WyQ35vq/Q5eFiTUQR3w==
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:07:46 2025 by rpki-client