Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918E319/868DD6568C2611E7BC06C44EC4F9AE02/CFBF1B6AB71A11EF83064061C4F9AE02.roa
File: CFBF1B6AB71A11EF83064061C4F9AE02.roa (raw, json)
Hash identifier: p0d70mdphuSDLgor0/oRglmlxbFolNXQ59Na0EXLsZo=
Subject key identifier: A8:EA:86:45:23:29:9C:B9:93:D5:23:51:FB:A5:38:A3:FA:EF:9A:5A
Certificate issuer: /CN=A918E319/serialNumber=6CFD56A77EAD9E159BCB18EB6DE862735091B54A
Certificate serial: 18F6
Authority key identifier: 6C:FD:56:A7:7E:AD:9E:15:9B:CB:18:EB:6D:E8:62:73:50:91:B5:4A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bP1Wp36tnhWbyxjrbehic1CRtUo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918E319/868DD6568C2611E7BC06C44EC4F9AE02/CFBF1B6AB71A11EF83064061C4F9AE02.roa
Signing time: Tue 10 Dec 2024 17:18:46 +0000
ROA not before: Tue 10 Dec 2024 17:18:46 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 135523
IP address blocks: 103.70.251.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6390 (0x18f6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918E319
Validity
Not Before: Dec 10 17:18:46 2024 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=675877f5-d2e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:88:44:e6:78:f7:a2:4c:14:bc:65:cc:20:4e:
75:a9:93:ac:1e:c6:ea:45:a6:9e:9d:7e:b9:42:be:
1f:cb:a8:0e:29:62:24:fd:02:b3:0f:9e:57:8c:e8:
ad:cf:68:e9:7c:cb:d7:6f:a8:b4:5f:46:63:55:b7:
7f:4f:2e:94:19:92:ae:b1:b9:c4:34:5f:02:79:0a:
c8:7e:a4:95:18:79:a0:f3:47:c8:43:07:89:80:0a:
d1:3f:e2:24:62:1c:4f:44:24:14:84:b2:e0:6b:6b:
7c:88:94:d6:6d:ee:17:8d:b7:a1:07:09:fb:8d:be:
ed:de:a2:76:7b:88:76:11:2f:5a:b0:9f:c1:76:51:
4c:eb:0a:4c:65:57:62:46:41:45:2f:06:7c:e4:a7:
9c:a1:38:65:19:cf:36:32:7c:83:94:69:90:e5:cc:
44:a2:13:7b:2d:4f:49:80:1b:2f:2d:c5:ac:10:ae:
c0:0c:77:55:8d:ab:cb:a1:5b:24:f8:cf:9e:02:cb:
1b:fa:df:8b:5d:a3:41:3d:9b:4e:f9:a0:c1:d8:1e:
a4:91:af:7f:64:0c:21:bd:34:24:8d:8e:27:1d:95:
99:f3:82:13:c2:75:94:6c:5c:5d:9b:83:11:cf:cc:
85:06:c3:3c:29:9f:39:c8:76:b7:78:e4:14:e3:f3:
85:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:EA:86:45:23:29:9C:B9:93:D5:23:51:FB:A5:38:A3:FA:EF:9A:5A
X509v3 Authority Key Identifier:
keyid:6C:FD:56:A7:7E:AD:9E:15:9B:CB:18:EB:6D:E8:62:73:50:91:B5:4A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918E319/868DD6568C2611E7BC06C44EC4F9AE02/bP1Wp36tnhWbyxjrbehic1CRtUo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bP1Wp36tnhWbyxjrbehic1CRtUo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918E319/868DD6568C2611E7BC06C44EC4F9AE02/CFBF1B6AB71A11EF83064061C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.70.251.0/24
Signature Algorithm: sha256WithRSAEncryption
18:9d:fb:68:9b:55:d1:7e:61:ba:f9:ce:f2:19:fb:f9:77:97:
88:9a:87:1d:dd:27:cd:c0:8e:ed:87:a7:b8:8f:33:fb:b8:0f:
ad:6c:87:09:e4:5d:53:2e:c8:1d:b4:e0:3f:3c:16:f0:b3:8d:
cb:f2:68:74:17:92:5d:62:44:34:34:a2:0c:a5:62:51:04:92:
29:4e:db:cf:74:3c:e7:23:0e:a2:7e:4f:dd:cb:53:3b:b1:9a:
30:09:69:1f:42:f2:27:67:bb:9b:0b:c6:7f:cc:de:92:5d:07:
76:dc:18:ca:4c:4d:98:04:cd:6f:2a:c5:f3:02:fd:6b:76:28:
d1:05:0d:a4:0c:9d:21:c5:29:81:f5:c0:84:80:3d:e9:af:6a:
8d:67:e7:9e:f6:52:12:14:90:b9:9c:e9:46:5f:dd:cd:e0:6a:
73:94:ad:bf:23:96:1a:38:6d:29:44:e0:e4:e4:e5:de:b9:1c:
6f:c2:39:e2:66:a1:a0:cd:63:0d:96:6f:44:94:a4:30:e8:a7:
67:d1:8f:b8:7b:9c:32:21:67:20:f1:fa:95:13:92:54:4b:57:
18:96:53:0d:b9:55:cc:c8:9d:69:ef:e1:69:b4:18:b1:e8:4f:
04:7a:89:7b:0d:a7:ee:56:42:91:4d:35:27:5f:13:1d:55:fd:
ff:0e:79:a7
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICGPYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEUzMTkxMTAvBgNVBAUTKDZDRkQ1NkE3N0VBRDlFMTU5QkNCMThFQjZERTg2Mjcz
NTA5MUI1NEEwHhcNMjQxMjEwMTcxODQ2WhcNMjUwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzU4NzdmNS1kMmUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAo4hE5nj3okwUvGXMIE51qZOsHsbqRaaenX65Qr4fy6gOKWIk/QKzD55XjOit
z2jpfMvXb6i0X0ZjVbd/Ty6UGZKusbnENF8CeQrIfqSVGHmg80fIQweJgArRP+Ik
YhxPRCQUhLLga2t8iJTWbe4XjbehBwn7jb7t3qJ2e4h2ES9asJ/BdlFM6wpMZVdi
RkFFLwZ85KecoThlGc82MnyDlGmQ5cxEohN7LU9JgBsvLcWsEK7ADHdVjavLoVsk
+M+eAssb+t+LXaNBPZtO+aDB2B6kka9/ZAwhvTQkjY4nHZWZ84ITwnWUbFxdm4MR
z8yFBsM8KZ85yHa3eOQU4/OFdQIDAQABo4IClTCCApEwHQYDVR0OBBYEFKjqhkUj
KZy5k9UjUfulOKP675paMB8GA1UdIwQYMBaAFGz9Vqd+rZ4Vm8sY623oYnNQkbVK
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RTMxOS84NjhERDY1NjhD
MjYxMUU3QkMwNkM0NEVDNEY5QUUwMi9iUDFXcDM2dG5oV2J5eGpyYmVoaWMxQ1J0
VW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2JQMVdwMzZ0bmhXYnl4anJiZWhpYzFDUnRVby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEUzMTkvODY4REQ2NTY4QzI2MTFFN0JDMDZDNDRFQzRGOUFFMDIvQ0ZCRjFCNkFC
NzFBMTFFRjgzMDY0MDYxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnRvswDQYJKoZIhvcNAQELBQADggEBABid+2ibVdF+Ybr5
zvIZ+/l3l4iahx3dJ83Aju2Hp7iPM/u4D61shwnkXVMuyB204D88FvCzjcvyaHQX
kl1iRDQ0ogylYlEEkilO2890POcjDqJ+T93LUzuxmjAJaR9C8idnu5sLxn/M3pJd
B3bcGMpMTZgEzW8qxfMC/Wt2KNEFDaQMnSHFKYH1wISAPemvao1n5572UhIUkLmc
6UZf3c3ganOUrb8jlho4bSlE4OTk5d65HG/COeJmoaDNYw2Wb0SUpDDop2fRj7h7
nDIhZyDx+pUTklRLVxiWUw25VczInWnv4Wm0GLHoTwR6iXsNp+5WQpFNNSdfEx1V
/f8Oeac=
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:08:03 2025 by rpki-client