Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/9DBEAB7250A311EF80EE776AC4F9AE02.roa
File: 9DBEAB7250A311EF80EE776AC4F9AE02.roa (raw, json)
Hash identifier: SsSB1mXDo5MpEkGuP+OkNB3cxd1yqXFsZN9lvN39TrA=
Subject key identifier: AB:8A:B1:57:B7:8D:D6:81:13:1B:AA:B7:C3:BE:87:4F:77:D8:CF:BB
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 9600
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/9DBEAB7250A311EF80EE776AC4F9AE02.roa
Signing time: Fri 02 Aug 2024 07:48:33 +0000
ROA not before: Fri 02 Aug 2024 07:48:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204765
IP address blocks: 103.79.48.0/23 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 38400 (0x9600)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Aug 2 07:48:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=66ac8f51-404a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:73:50:53:30:87:4c:a8:13:73:3d:c0:32:0d:
20:c2:e1:1d:85:43:36:08:09:61:d3:96:ad:47:21:
aa:93:a0:61:70:6e:90:14:7d:39:06:6e:f4:71:e9:
f7:99:5b:af:ba:83:dd:0d:97:91:70:eb:cf:0a:d3:
41:16:71:ef:4d:2a:43:b8:1a:04:b1:e2:21:b0:80:
1b:25:03:66:a1:e0:21:ac:04:54:bf:5e:91:06:de:
f5:5e:00:72:5c:a0:96:d9:80:01:27:86:0b:97:73:
a3:91:4b:e0:03:cd:e0:0e:a1:ad:54:2a:dd:e3:cb:
e6:c2:bc:ef:8c:55:04:4b:f8:a5:a6:2e:24:29:e9:
b6:a6:19:11:34:4f:48:e7:da:76:32:53:9d:f8:9d:
bc:83:fa:8d:5f:49:93:d0:08:8a:a2:2e:1b:10:49:
6a:0a:ad:dc:a4:2d:54:2a:33:ca:71:cd:e4:de:0f:
8a:0d:be:6a:6c:45:7c:10:ab:11:79:ea:61:77:26:
bc:69:6f:71:80:84:23:0c:77:2d:62:f2:73:cf:89:
2c:b3:63:0d:a7:ee:b3:68:20:ff:f1:6e:9c:ba:bc:
e1:6a:eb:c9:ce:15:d6:2a:0b:5a:3a:01:65:fb:9f:
c5:66:0e:ab:c1:26:5f:67:0a:6d:57:fe:3a:fc:56:
21:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:8A:B1:57:B7:8D:D6:81:13:1B:AA:B7:C3:BE:87:4F:77:D8:CF:BB
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/9DBEAB7250A311EF80EE776AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.79.48.0/23
Signature Algorithm: sha256WithRSAEncryption
76:d4:c3:d1:34:c6:91:43:ee:83:0e:9d:10:06:3f:d9:08:ce:
3d:91:6a:d4:c8:5e:48:54:41:6d:5e:3e:e4:55:8a:d0:5c:46:
1f:12:b7:d9:d9:b5:4b:3b:c6:e4:0e:11:68:78:ac:09:6b:c3:
cb:77:3e:fe:c8:f3:56:1a:40:d5:a0:e8:52:f7:46:62:3b:6d:
4c:63:f9:8e:5f:ab:37:a3:10:30:0a:a2:e3:a1:ca:fa:7c:f7:
b1:7c:88:13:57:90:db:c6:96:2d:38:e6:9f:51:6e:0e:8e:14:
91:8e:71:2a:03:f1:63:d5:7a:23:07:7c:7c:ab:21:50:59:ca:
c7:e1:e5:24:27:59:e5:f5:0f:ef:e5:f9:a4:2a:81:dd:15:87:
00:78:c8:d0:38:1e:57:6e:37:dc:7c:05:58:0d:fd:41:e3:d3:
f3:1e:09:c3:6c:e4:9c:fa:bb:fa:50:d5:dd:7f:80:b3:46:9f:
61:d8:6b:c7:47:11:ec:a3:bb:59:88:ff:9a:ec:cb:9e:4e:a2:
17:54:d5:94:0c:a7:6d:a4:ec:a2:72:40:98:23:de:47:ac:a8:
40:be:ee:10:22:e7:a0:3e:0f:b9:80:5d:e6:63:e2:ab:7b:8e:
04:ce:79:54:26:f2:bd:2f:0d:b4:67:94:69:a9:7c:f2:b6:7f:
2f:11:b0:98
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgIDAJYAMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MDgwMjA3NDgzM1oXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjZhYzhmNTEtNDA0YTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANNzUFMwh0yoE3M9wDINIMLhHYVDNggJYdOWrUchqpOgYXBukBR9OQZu9HHp
95lbr7qD3Q2XkXDrzwrTQRZx700qQ7gaBLHiIbCAGyUDZqHgIawEVL9ekQbe9V4A
clygltmAASeGC5dzo5FL4APN4A6hrVQq3ePL5sK874xVBEv4paYuJCnptqYZETRP
SOfadjJTnfidvIP6jV9Jk9AIiqIuGxBJagqt3KQtVCozynHN5N4Pig2+amxFfBCr
EXnqYXcmvGlvcYCEIwx3LWLyc8+JLLNjDafus2gg//FunLq84Wrryc4V1ioLWjoB
ZfufxWYOq8EmX2cKbVf+OvxWIdECAwEAAaOCApUwggKRMB0GA1UdDgQWBBSrirFX
t43WgRMbqrfDvodPd9jPuzAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzlEQkVBQjcy
NTBBMzExRUY4MEVFNzc2QUM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMB8GCCsGAQUFBwEHAQH/
BBAwDjAMBAIAATAGAwQBZ08wMA0GCSqGSIb3DQEBCwUAA4IBAQB21MPRNMaRQ+6D
Dp0QBj/ZCM49kWrUyF5IVEFtXj7kVYrQXEYfErfZ2bVLO8bkDhFoeKwJa8PLdz7+
yPNWGkDVoOhS90ZiO21MY/mOX6s3oxAwCqLjocr6fPexfIgTV5DbxpYtOOafUW4O
jhSRjnEqA/Fj1XojB3x8qyFQWcrH4eUkJ1nl9Q/v5fmkKoHdFYcAeMjQOB5Xbjfc
fAVYDf1B49PzHgnDbOSc+rv6UNXdf4CzRp9h2GvHRxHso7tZiP+a7MueTqIXVNWU
DKdtpOyickCYI95HrKhAvu4QIuegPg+5gF3mY+Kre44EznlUJvK9Lw20Z5RpqXzy
tn8vEbCY
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:04:19 2025 by rpki-client