Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/9B6A96F4A19011EFB1D56E4AC4F9AE02.roa
File: 9B6A96F4A19011EFB1D56E4AC4F9AE02.roa (raw, json)
Hash identifier: LN0I1yUY/Q0C5VzlfUMUDFNMiPmql8cDeuXjgegk/Yc=
Subject key identifier: F2:FD:93:80:13:B5:7B:F5:0E:9D:23:20:6B:6E:C7:6D:26:31:07:09
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 9D59
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/9B6A96F4A19011EFB1D56E4AC4F9AE02.roa
Signing time: Mon 18 Nov 2024 10:14:09 +0000
ROA not before: Mon 18 Nov 2024 10:14:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 133257
IP address blocks: 103.121.68.0/22 maxlen: 24
2400:9d60::/32 maxlen: 48
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 40281 (0x9d59)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Nov 18 10:14:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=673b1370-1889
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:bd:03:23:32:5a:d5:42:aa:bf:a5:39:97:92:
89:18:64:06:8b:18:e7:d4:39:dc:a7:23:43:17:d9:
48:eb:79:28:0c:7a:37:0f:cb:ce:28:37:fe:6f:04:
40:81:f0:02:50:c9:0e:64:b7:05:05:97:e9:6f:06:
8a:92:29:37:07:bd:dd:94:06:3c:a5:cd:ea:ed:f2:
0f:61:e9:96:0d:5f:49:a8:30:1a:68:b4:5d:31:53:
9e:d2:e8:75:a1:e3:55:bf:67:4b:8a:c2:93:f8:9d:
6b:de:18:10:94:bb:f5:6f:01:1d:81:5b:dd:43:8b:
f8:9c:b6:fd:25:37:e7:16:1b:74:d4:bd:fe:93:07:
8e:29:a6:fd:ba:ec:3a:ee:f9:be:cd:ec:02:57:4e:
57:15:72:ca:a5:75:cf:50:5f:25:64:73:dd:db:53:
3e:f7:c9:b4:44:4a:2d:38:a5:95:38:43:04:8e:aa:
30:70:e7:9a:03:b4:e6:30:bd:fd:94:b9:ea:91:c7:
c1:ce:01:3f:95:2c:49:a9:ea:b8:01:28:0f:95:97:
0a:f5:bf:3f:e8:65:a4:8c:4b:1b:c8:1b:fc:1e:f4:
70:cb:cc:04:c7:4a:9b:04:67:01:2d:2f:3d:ef:c7:
f1:ce:c6:74:43:c5:52:f6:43:e1:f3:a2:e3:9e:99:
58:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:FD:93:80:13:B5:7B:F5:0E:9D:23:20:6B:6E:C7:6D:26:31:07:09
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/9B6A96F4A19011EFB1D56E4AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.121.68.0/22
IPv6:
2400:9d60::/32
Signature Algorithm: sha256WithRSAEncryption
26:52:c1:c4:dc:fd:d7:3f:d7:4a:ac:f8:99:bb:fd:82:63:55:
a3:f6:d3:97:36:2e:12:6e:b5:08:5c:f8:ef:58:eb:66:4d:6c:
90:f0:30:bf:b4:b5:9b:56:a9:65:f8:64:70:7b:98:ef:6e:81:
cb:43:94:60:a5:89:d0:e6:1f:f3:ef:9c:d7:5f:0e:7b:32:a7:
16:00:e6:ce:6c:9a:bb:c0:f5:54:6e:c4:b9:55:95:30:f3:bf:
58:d8:81:dd:54:04:b3:41:56:14:5e:71:6b:dd:17:b6:fb:72:
2e:bb:51:f0:9b:8f:ca:fc:af:ab:e6:42:cc:51:74:90:9b:dd:
6b:02:f6:aa:0c:1b:1d:c3:a7:ef:53:9c:c8:8b:7f:d3:ff:b2:
5a:01:e9:24:a1:64:ff:58:92:7c:18:fb:63:1b:1d:72:ae:27:
12:05:10:d3:97:58:e8:38:ff:db:38:19:95:d9:a1:0f:ac:35:
e9:33:ca:09:68:7b:4b:86:21:95:e0:ea:ca:fb:73:ab:10:09:
22:e1:f6:cf:12:6c:c1:37:0c:05:e1:6f:17:f8:3d:1d:59:bb:
c9:6c:7e:16:78:88:fe:a3:ba:1c:97:6d:2a:9c:32:ea:87:3f:
14:90:37:ea:79:d0:dd:31:14:26:d9:5a:a9:3f:15:ec:8d:b1:
26:8b:35:74
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAJ1ZMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MTExODEwMTQwOFoXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjczYjEzNzAtMTg4OTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJe9AyMyWtVCqr+lOZeSiRhkBosY59Q53KcjQxfZSOt5KAx6Nw/Lzig3/m8E
QIHwAlDJDmS3BQWX6W8GipIpNwe93ZQGPKXN6u3yD2Hplg1fSagwGmi0XTFTntLo
daHjVb9nS4rCk/ida94YEJS79W8BHYFb3UOL+Jy2/SU35xYbdNS9/pMHjimm/brs
Ou75vs3sAldOVxVyyqV1z1BfJWRz3dtTPvfJtERKLTillThDBI6qMHDnmgO05jC9
/ZS56pHHwc4BP5UsSanquAEoD5WXCvW/P+hlpIxLG8gb/B70cMvMBMdKmwRnAS0v
Pe/H8c7GdEPFUvZD4fOi456ZWFMCAwEAAaOCAqQwggKgMB0GA1UdDgQWBBTy/ZOA
E7V79Q6dIyBrbsdtJjEHCTAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzlCNkE5NkY0
QTE5MDExRUZCMUQ1NkU0QUM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMC4GCCsGAQUFBwEHAQH/
BB8wHTAMBAIAATAGAwQCZ3lEMA0EAgACMAcDBQAkAJ1gMA0GCSqGSIb3DQEBCwUA
A4IBAQAmUsHE3P3XP9dKrPiZu/2CY1Wj9tOXNi4SbrUIXPjvWOtmTWyQ8DC/tLWb
Vqll+GRwe5jvboHLQ5RgpYnQ5h/z75zXXw57MqcWAObObJq7wPVUbsS5VZUw879Y
2IHdVASzQVYUXnFr3Re2+3Iuu1Hwm4/K/K+r5kLMUXSQm91rAvaqDBsdw6fvU5zI
i3/T/7JaAekkoWT/WJJ8GPtjGx1yricSBRDTl1joOP/bOBmV2aEPrDXpM8oJaHtL
hiGV4OrK+3OrEAki4fbPEmzBNwwF4W8X+D0dWbvJbH4WeIj+o7ocl20qnDLqhz8U
kDfqedDdMRQm2VqpPxXsjbEmizV0
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:30:11 2025 by rpki-client