Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/7B30B3F2C1F011EFB0A88D47C4F9AE02.roa
File: 7B30B3F2C1F011EFB0A88D47C4F9AE02.roa (raw, json)
Hash identifier: 7w/XtzIibXMErLrV/TRWZ4Plm2+U+PDduu6ZOBVYiyM=
Subject key identifier: 25:D3:21:3D:0B:CF:AF:D9:F9:55:A0:4B:40:17:34:39:83:6B:DF:16
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: A0FB
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/7B30B3F2C1F011EFB0A88D47C4F9AE02.roa
Signing time: Tue 31 Dec 2024 07:40:33 +0000
ROA not before: Tue 31 Dec 2024 07:40:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 136288
IP address blocks: 103.87.28.0/22 maxlen: 24
103.154.26.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 41211 (0xa0fb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Dec 31 07:40:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67739ff0-435d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:d2:bb:7c:43:87:98:77:b1:7c:ca:38:1b:6c:
89:13:cb:3a:ea:ea:1d:91:09:d6:34:51:e3:20:45:
a0:02:3b:f9:bb:0e:97:f4:18:84:89:95:fe:69:fa:
3d:55:8b:b9:44:84:5b:c2:96:4f:0f:00:b3:cb:45:
96:24:37:d1:65:05:37:b7:8b:a8:d4:47:45:e8:53:
a8:44:e3:3f:e2:2b:f9:69:a1:d9:0f:ae:ea:5d:ef:
6b:8d:be:8a:35:c5:9f:48:7f:05:45:c5:0a:f8:57:
fe:fd:45:16:33:87:cd:43:60:6c:45:1c:9f:c9:1f:
5e:0d:b9:23:ba:c8:a4:89:1c:a6:cd:83:d7:6e:1b:
29:c4:b0:cc:48:31:2c:2a:99:52:62:f1:02:fe:ed:
1f:66:73:80:72:af:b8:0b:17:e5:77:fb:51:51:51:
38:4f:29:de:79:cc:32:71:19:ea:b2:bb:d0:2d:83:
bc:b1:62:91:ea:19:f0:08:04:28:7b:4c:54:25:f6:
2e:5c:42:25:5a:0a:24:1f:1a:78:14:fb:75:6b:7a:
ac:85:89:a0:04:f6:6e:e8:cc:6e:7e:24:2c:03:5f:
14:de:df:40:47:85:9b:27:3c:84:c6:43:57:39:c8:
cc:c8:7e:dc:14:43:26:1e:b5:b7:fc:46:f8:78:10:
dd:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:D3:21:3D:0B:CF:AF:D9:F9:55:A0:4B:40:17:34:39:83:6B:DF:16
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/7B30B3F2C1F011EFB0A88D47C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.87.28.0/22
103.154.26.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:35:54:fd:ec:10:57:f5:3a:b8:19:82:92:9e:58:ac:36:e4:
d3:48:f5:20:c4:fa:6c:26:a4:88:aa:53:a4:cc:56:74:15:33:
13:97:fb:a9:ba:44:49:ac:d7:a3:41:b8:12:97:b5:00:57:56:
4b:8b:b3:1c:0a:2b:21:57:a2:bd:6b:2f:43:8e:0c:ad:26:c6:
b9:26:b3:0c:1a:a7:43:07:94:00:f4:6d:10:ec:d3:4c:87:f5:
63:63:76:45:c9:08:2e:0d:09:30:e4:72:7a:14:60:fc:38:04:
98:2e:85:0e:9d:b1:cd:b8:8e:45:20:be:c8:c1:38:d6:e3:9e:
78:36:b0:27:5f:86:56:d6:70:a3:b1:12:d6:85:d2:5f:91:a5:
23:af:bd:be:13:6b:b4:84:91:2a:c4:17:85:38:7c:35:c0:18:
a6:eb:1f:89:b7:de:26:b1:5e:58:1c:a8:3b:33:12:49:c9:1b:
69:32:d5:0d:e7:ec:1e:d3:97:6f:ab:a5:f1:dc:f7:df:df:5c:
bc:ac:56:02:16:ca:e8:ec:28:56:ba:02:58:4d:12:64:c8:39:
3e:6e:ae:29:55:7b:e6:81:74:d9:5d:f3:d2:3e:4b:a3:f2:94:
f1:30:b9:fd:53:38:b5:e9:eb:f4:a3:8f:ba:18:1d:63:ac:b1:
bb:52:01:f6
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgIDAKD7MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MTIzMTA3NDAzM1oXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjc3MzlmZjAtNDM1ZDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOPSu3xDh5h3sXzKOBtsiRPLOurqHZEJ1jRR4yBFoAI7+bsOl/QYhImV/mn6
PVWLuUSEW8KWTw8As8tFliQ30WUFN7eLqNRHRehTqETjP+Ir+Wmh2Q+u6l3va42+
ijXFn0h/BUXFCvhX/v1FFjOHzUNgbEUcn8kfXg25I7rIpIkcps2D124bKcSwzEgx
LCqZUmLxAv7tH2ZzgHKvuAsX5Xf7UVFROE8p3nnMMnEZ6rK70C2DvLFikeoZ8AgE
KHtMVCX2LlxCJVoKJB8aeBT7dWt6rIWJoAT2bujMbn4kLANfFN7fQEeFmyc8hMZD
VznIzMh+3BRDJh61t/xG+HgQ3SMCAwEAAaOCApswggKXMB0GA1UdDgQWBBQl0yE9
C8+v2flVoEtAFzQ5g2vfFjAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzdCMzBCM0Yy
QzFGMDExRUZCMEE4OEQ0N0M0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMCUGCCsGAQUFBwEHAQH/
BBYwFDASBAIAATAMAwQCZ1ccAwQAZ5oaMA0GCSqGSIb3DQEBCwUAA4IBAQA/NVT9
7BBX9Tq4GYKSnlisNuTTSPUgxPpsJqSIqlOkzFZ0FTMTl/upukRJrNejQbgSl7UA
V1ZLi7McCishV6K9ay9DjgytJsa5JrMMGqdDB5QA9G0Q7NNMh/VjY3ZFyQguDQkw
5HJ6FGD8OASYLoUOnbHNuI5FIL7IwTjW4554NrAnX4ZW1nCjsRLWhdJfkaUjr72+
E2u0hJEqxBeFOHw1wBim6x+Jt94msV5YHKg7MxJJyRtpMtUN5+we05dvq6Xx3Pff
31y8rFYCFsro7ChWugJYTRJkyDk+bq4pVXvmgXTZXfPSPkuj8pTxMLn9Uzi16ev0
o4+6GB1jrLG7UgH2
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:36:58 2025 by rpki-client