Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/5002DB3ABDCF11EA8755D90DC4F9AE02.roa
File: 5002DB3ABDCF11EA8755D90DC4F9AE02.roa (raw, json)
Hash identifier: ckHJiU7HjOkvRRm+vwDmIPtVhoD2YMKjLw/JlDhcgaI=
Subject key identifier: 14:68:0A:D9:01:B7:3F:EF:06:C0:66:ED:E3:4C:F9:63:38:DB:27:63
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 8891
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/5002DB3ABDCF11EA8755D90DC4F9AE02.roa
Signing time: Thu 30 May 2024 15:55:08 +0000
ROA not before: Thu 30 May 2024 15:55:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 132935
IP address blocks: 103.143.212.0/23 maxlen: 24
103.170.224.0/23 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 34961 (0x8891)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: May 30 15:55:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6658a15b-4148
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:89:49:14:ce:61:86:ec:c0:40:d4:cb:f6:06:
35:02:52:ba:9d:5d:33:a5:18:43:02:37:fa:ed:46:
cc:63:a1:81:05:53:4a:16:41:bc:70:e5:7b:73:2b:
e8:55:cd:e1:72:6b:18:05:77:f7:af:b2:31:ca:23:
bb:06:10:8a:18:cf:2d:af:c0:3e:83:df:e8:33:bc:
2e:1a:66:27:ce:23:00:96:29:3d:ac:f0:fa:53:0c:
71:a5:11:b7:51:14:d8:17:bf:e9:42:0a:44:2e:3f:
07:de:7b:3b:cc:13:48:74:b3:43:f5:c8:49:7e:f1:
43:f2:b2:4e:f2:da:08:47:7c:14:a6:5d:be:9e:29:
88:99:b1:27:25:91:9c:b7:0f:86:c0:7b:7f:d7:73:
f2:a7:86:b5:75:df:03:fd:c4:0f:8c:a8:89:30:aa:
1b:a7:38:46:76:f6:db:50:48:47:3c:b2:01:67:5e:
69:33:3f:e0:91:dd:18:13:8c:e9:61:06:53:37:75:
f7:79:26:06:49:ad:ed:a2:d2:3b:cf:21:11:85:e1:
1b:37:53:5f:74:e1:16:c4:e7:9f:5f:79:1f:1e:c5:
39:37:07:06:f0:08:10:05:36:d5:25:08:20:68:75:
55:81:34:37:61:a5:52:1c:12:1c:64:96:7b:56:4a:
fd:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:68:0A:D9:01:B7:3F:EF:06:C0:66:ED:E3:4C:F9:63:38:DB:27:63
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/5002DB3ABDCF11EA8755D90DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.143.212.0/23
103.170.224.0/23
Signature Algorithm: sha256WithRSAEncryption
14:80:6a:5d:b7:a9:ac:43:3c:d8:ff:dc:de:a8:a3:cc:ba:b7:
c1:bc:38:0f:89:21:59:51:ce:ac:aa:bc:b1:3c:38:01:d8:68:
2a:31:66:fb:c4:49:b9:29:1a:5f:94:04:71:b6:a6:da:66:d4:
46:01:ba:30:e0:57:0e:bc:5a:47:57:50:75:5f:d6:56:82:94:
4b:b2:7f:37:23:aa:92:e8:b1:de:ee:f7:cd:aa:10:bd:b5:e8:
e3:0d:28:3b:7b:67:c2:38:83:f7:e3:2e:95:b2:9d:63:a7:fd:
1d:9a:c3:cc:7c:bf:c7:63:d4:d0:f3:05:10:16:0b:78:ba:2a:
78:0d:02:9c:64:09:cf:2d:35:52:68:c5:71:ae:0f:0f:f8:91:
33:0f:b4:54:44:96:80:26:c6:59:84:54:84:d1:27:b0:46:1f:
f7:d0:da:4a:e7:1b:50:69:b6:b7:6e:f1:ff:d4:43:4b:78:1d:
5d:4f:d5:30:d6:4e:96:b0:4d:cb:44:ca:8b:3b:70:97:0a:da:
34:7b:f3:a8:73:b3:06:22:15:05:c1:48:de:65:72:7b:44:1e:
0c:62:f2:02:e3:20:ca:54:e4:40:8d:94:4f:c9:8d:62:60:0c:
a2:7c:e8:76:48:9c:97:c1:27:ac:5a:4b:04:03:80:08:e3:90:
0e:7e:6a:a7
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgIDAIiRMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MDUzMDE1NTUwOFoXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjY1OGExNWItNDE0ODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAO6JSRTOYYbswEDUy/YGNQJSup1dM6UYQwI3+u1GzGOhgQVTShZBvHDle3Mr
6FXN4XJrGAV396+yMcojuwYQihjPLa/APoPf6DO8LhpmJ84jAJYpPazw+lMMcaUR
t1EU2Be/6UIKRC4/B957O8wTSHSzQ/XISX7xQ/KyTvLaCEd8FKZdvp4piJmxJyWR
nLcPhsB7f9dz8qeGtXXfA/3ED4yoiTCqG6c4Rnb221BIRzyyAWdeaTM/4JHdGBOM
6WEGUzd193kmBkmt7aLSO88hEYXhGzdTX3ThFsTnn195Hx7FOTcHBvAIEAU21SUI
IGh1VYE0N2GlUhwSHGSWe1ZK/ecCAwEAAaOCApswggKXMB0GA1UdDgQWBBQUaArZ
Abc/7wbAZu3jTPljONsnYzAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzUwMDJEQjNB
QkRDRjExRUE4NzU1RDkwREM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMCUGCCsGAQUFBwEHAQH/
BBYwFDASBAIAATAMAwQBZ4/UAwQBZ6rgMA0GCSqGSIb3DQEBCwUAA4IBAQAUgGpd
t6msQzzY/9zeqKPMurfBvDgPiSFZUc6sqryxPDgB2GgqMWb7xEm5KRpflARxtqba
ZtRGAbow4FcOvFpHV1B1X9ZWgpRLsn83I6qS6LHe7vfNqhC9tejjDSg7e2fCOIP3
4y6Vsp1jp/0dmsPMfL/HY9TQ8wUQFgt4uip4DQKcZAnPLTVSaMVxrg8P+JEzD7RU
RJaAJsZZhFSE0SewRh/30NpK5xtQaba3bvH/1ENLeB1dT9Uw1k6WsE3LRMqLO3CX
Cto0e/Ooc7MGIhUFwUjeZXJ7RB4MYvIC4yDKVORAjZRPyY1iYAyifOh2SJyXwSes
WksEA4AI45AOfmqn
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:34:16 2025 by rpki-client