Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918E319/868DD6568C2611E7BC06C44EC4F9AE02/4DFB5FE4B79211EFA70E7C4CC4F9AE02.roa
File: 4DFB5FE4B79211EFA70E7C4CC4F9AE02.roa (raw, json)
Hash identifier: KGkkFp4KuZbrS4UMQVmwy65r5TVI61drpHREZ3hTCys=
Subject key identifier: CE:B6:E3:6B:F1:18:9B:E5:B5:C1:BD:0B:E9:9A:1A:AF:22:6C:5C:82
Certificate issuer: /CN=A918E319/serialNumber=6CFD56A77EAD9E159BCB18EB6DE862735091B54A
Certificate serial: 1912
Authority key identifier: 6C:FD:56:A7:7E:AD:9E:15:9B:CB:18:EB:6D:E8:62:73:50:91:B5:4A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bP1Wp36tnhWbyxjrbehic1CRtUo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918E319/868DD6568C2611E7BC06C44EC4F9AE02/4DFB5FE4B79211EFA70E7C4CC4F9AE02.roa
Signing time: Sat 04 Jan 2025 16:34:17 +0000
ROA not before: Sat 04 Jan 2025 16:34:17 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 135523
IP address blocks: 103.70.251.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6418 (0x1912)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918E319
Validity
Not Before: Jan 4 16:34:17 2025 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=67796308-3aef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:b7:88:b3:6d:6a:0e:5e:88:86:74:aa:f9:47:
86:37:ee:27:df:ef:4d:08:54:98:00:d0:1c:74:89:
f4:a9:14:5d:55:42:1f:f7:b4:d0:20:50:71:54:32:
44:90:ee:de:b5:6f:3a:8f:d3:cc:d1:75:02:63:e5:
71:59:44:cc:91:67:6f:5c:e0:e7:ca:a8:ec:a5:95:
26:7e:9d:e0:78:97:ae:0b:b6:62:ec:58:85:36:e2:
f6:20:13:35:80:b6:63:99:df:71:4a:04:2a:a8:8b:
cb:e9:a5:a7:55:71:91:15:0a:2a:7c:f2:56:e7:6e:
ef:f5:ec:f0:16:5a:e0:9c:c0:92:87:ac:27:3b:ac:
a3:f2:88:e6:b5:46:7e:a4:80:40:5d:09:c9:fa:33:
c8:6f:5e:de:47:a4:38:28:e1:ea:09:3b:17:0d:1f:
0b:87:27:52:24:8d:5c:ec:ce:f1:90:7b:5d:08:b2:
c8:9d:f0:12:79:05:66:7b:3a:af:2d:7c:c0:01:eb:
01:81:c1:de:1c:91:99:18:1c:c0:e8:3e:26:ee:68:
70:0d:e1:43:53:84:43:6a:1a:14:5f:71:35:fa:4c:
3a:43:b3:0f:22:42:b8:e2:90:ba:e4:1f:eb:f5:39:
42:4f:ad:e0:27:cb:6e:82:16:66:14:b3:8d:69:17:
c7:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:B6:E3:6B:F1:18:9B:E5:B5:C1:BD:0B:E9:9A:1A:AF:22:6C:5C:82
X509v3 Authority Key Identifier:
keyid:6C:FD:56:A7:7E:AD:9E:15:9B:CB:18:EB:6D:E8:62:73:50:91:B5:4A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918E319/868DD6568C2611E7BC06C44EC4F9AE02/bP1Wp36tnhWbyxjrbehic1CRtUo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bP1Wp36tnhWbyxjrbehic1CRtUo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918E319/868DD6568C2611E7BC06C44EC4F9AE02/4DFB5FE4B79211EFA70E7C4CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.70.251.0/24
Signature Algorithm: sha256WithRSAEncryption
36:98:17:2e:6b:b2:45:61:28:5d:ff:71:e0:aa:af:c0:ff:45:
13:3f:88:7d:24:37:da:da:26:7e:bf:d5:60:5d:6e:97:e3:b3:
c4:1c:be:20:0a:c5:3b:87:69:aa:3f:cf:77:95:99:32:6d:2e:
96:51:09:14:02:22:a6:5f:25:cf:23:02:1b:8e:97:59:7b:ca:
5e:40:ea:ca:6a:c7:1e:fa:f9:0f:e8:b2:b1:08:a7:25:9e:3c:
0b:4b:75:cf:00:3b:aa:45:8d:cb:be:54:a0:4d:3a:2c:aa:3f:
b9:9d:d6:7b:20:da:b6:74:58:ac:b0:fc:2f:a1:6d:cc:36:e7:
7c:c2:01:25:71:3b:5f:16:3a:4b:75:0f:ad:d6:f4:ff:3c:0a:
c7:44:82:11:e6:b0:6b:a3:e7:21:db:13:de:44:67:7e:af:ce:
16:d5:41:84:80:4d:ac:ba:0c:17:d9:d9:10:74:3d:ba:f8:67:
35:d8:98:45:2a:b5:6a:1f:51:27:84:46:67:3a:4a:f0:19:65:
23:f6:9c:89:96:de:27:c4:7e:a1:a6:27:9e:63:2f:16:07:df:
c4:71:8e:82:92:a2:7b:6e:40:d1:0f:7d:5c:f1:da:c3:d3:12:
0a:49:a7:e5:00:ce:a9:9e:95:aa:6f:b6:d1:d8:45:3a:ce:f1:
0b:c7:49:d1
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICGRIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEUzMTkxMTAvBgNVBAUTKDZDRkQ1NkE3N0VBRDlFMTU5QkNCMThFQjZERTg2Mjcz
NTA5MUI1NEEwHhcNMjUwMTA0MTYzNDE3WhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzc5NjMwOC0zYWVmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAs7eIs21qDl6IhnSq+UeGN+4n3+9NCFSYANAcdIn0qRRdVUIf97TQIFBxVDJE
kO7etW86j9PM0XUCY+VxWUTMkWdvXODnyqjspZUmfp3geJeuC7Zi7FiFNuL2IBM1
gLZjmd9xSgQqqIvL6aWnVXGRFQoqfPJW527v9ezwFlrgnMCSh6wnO6yj8ojmtUZ+
pIBAXQnJ+jPIb17eR6Q4KOHqCTsXDR8LhydSJI1c7M7xkHtdCLLInfASeQVmezqv
LXzAAesBgcHeHJGZGBzA6D4m7mhwDeFDU4RDahoUX3E1+kw6Q7MPIkK44pC65B/r
9TlCT63gJ8tughZmFLONaRfHgQIDAQABo4IClTCCApEwHQYDVR0OBBYEFM6242vx
GJvltcG9C+maGq8ibFyCMB8GA1UdIwQYMBaAFGz9Vqd+rZ4Vm8sY623oYnNQkbVK
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RTMxOS84NjhERDY1NjhD
MjYxMUU3QkMwNkM0NEVDNEY5QUUwMi9iUDFXcDM2dG5oV2J5eGpyYmVoaWMxQ1J0
VW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2JQMVdwMzZ0bmhXYnl4anJiZWhpYzFDUnRVby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEUzMTkvODY4REQ2NTY4QzI2MTFFN0JDMDZDNDRFQzRGOUFFMDIvNERGQjVGRTRC
NzkyMTFFRkE3MEU3QzRDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnRvswDQYJKoZIhvcNAQELBQADggEBADaYFy5rskVhKF3/
ceCqr8D/RRM/iH0kN9raJn6/1WBdbpfjs8QcviAKxTuHaao/z3eVmTJtLpZRCRQC
IqZfJc8jAhuOl1l7yl5A6spqxx76+Q/osrEIpyWePAtLdc8AO6pFjcu+VKBNOiyq
P7md1nsg2rZ0WKyw/C+hbcw253zCASVxO18WOkt1D63W9P88CsdEghHmsGuj5yHb
E95EZ36vzhbVQYSATay6DBfZ2RB0Pbr4ZzXYmEUqtWofUSeERmc6SvAZZSP2nImW
3ifEfqGmJ55jLxYH38RxjoKSontuQNEPfVzx2sPTEgpJp+UAzqmelapvttHYRTrO
8QvHSdE=
-----END CERTIFICATE-----
Generated at Sat Apr 5 01:58:06 2025 by rpki-client