Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/9F7E6866146B11EC97E7064EC4F9AE02.roa
File: 9F7E6866146B11EC97E7064EC4F9AE02.roa (raw, json)
Hash identifier: +auselpy/sPMBci8fxH0aE+Bn77qx1My9l+GjG6qsqw=
Subject key identifier: FC:47:75:5B:4F:0C:19:B6:41:92:07:B8:DF:A1:C2:6E:F0:EE:D9:40
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 9124
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/9F7E6866146B11EC97E7064EC4F9AE02.roa
Signing time: Thu 30 May 2024 16:30:55 +0000
ROA not before: Thu 30 May 2024 16:30:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58969
IP address blocks: 103.70.196.0/23 maxlen: 24
103.70.198.0/24 maxlen: 24
103.70.199.0/24 maxlen: 24
103.168.200.0/23 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 37156 (0x9124)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: May 30 16:30:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6658a9bf-6adf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:d8:fa:77:3f:15:27:9f:ef:5c:9b:cd:19:01:
06:0b:e9:c6:a0:93:cb:ed:5f:1d:97:2a:a4:dd:80:
37:c4:65:dc:3d:46:7e:05:fe:9d:ec:ae:d5:03:2d:
19:dd:78:7d:6d:13:29:8d:21:da:9e:22:c3:dd:de:
b2:cb:c2:2c:55:30:34:7d:a6:1a:bf:bb:c8:5d:0a:
3a:9e:58:0f:65:73:3c:84:93:9f:27:b3:1f:77:15:
a7:7d:92:dd:0d:27:5d:94:56:c6:72:47:19:96:b8:
1d:39:c4:4e:42:90:c3:12:80:fb:75:00:3e:52:6e:
a4:59:be:aa:f2:a9:eb:dd:3d:3c:39:86:1d:c2:fc:
58:5c:d6:db:be:bc:52:6d:63:4c:be:20:a2:6b:34:
fd:0a:e3:ea:46:88:66:45:24:d4:23:9c:9b:1e:ec:
63:a7:89:c1:ea:b0:22:1a:c5:c5:65:04:55:d3:2b:
ec:4a:1a:58:ab:ad:13:cb:47:91:86:59:f6:27:82:
c3:1b:8f:41:73:d7:99:c7:18:0b:1f:79:74:e6:fc:
30:7d:dc:c3:e1:2e:c5:6b:63:77:c9:f1:46:0a:08:
9b:b5:5e:70:42:12:94:f8:9b:4b:34:ee:87:be:1e:
5b:22:07:ad:b2:a6:89:16:63:95:fb:38:ee:05:ca:
bf:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:47:75:5B:4F:0C:19:B6:41:92:07:B8:DF:A1:C2:6E:F0:EE:D9:40
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/9F7E6866146B11EC97E7064EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.70.196.0/22
103.168.200.0/23
Signature Algorithm: sha256WithRSAEncryption
b1:db:86:c2:0e:b9:60:8d:d9:2d:59:dd:5d:63:67:e8:96:97:
6e:93:59:3d:63:70:0d:d5:87:46:fc:6d:48:73:e0:43:18:6e:
22:a1:78:cc:23:14:7c:69:dc:1c:00:02:9a:d9:60:b6:74:2a:
e0:21:1f:f1:91:bc:68:49:a9:aa:57:b8:09:74:fa:16:2f:0f:
70:df:37:dd:df:e9:1a:b8:45:49:1d:70:f6:e1:0b:50:6a:b6:
a0:d4:10:b6:a2:26:46:b9:a9:1f:e3:f4:bf:3c:49:1e:f1:fd:
48:d8:4c:eb:3f:35:84:bc:1b:e5:cb:a8:63:eb:9a:de:f0:ba:
5b:d5:70:08:a0:49:e4:d2:33:4f:ab:11:b0:5f:ae:b7:fb:bb:
15:55:e6:11:fd:d5:4c:b0:64:46:bc:63:02:83:eb:b7:86:c4:
a7:8d:90:c6:31:4f:c0:dc:d8:78:78:74:a7:5c:1c:b3:fe:b8:
ca:3b:49:db:2b:12:c6:d2:da:1d:f1:6c:c8:e4:f4:2a:f0:34:
1d:a1:df:33:76:3a:b7:16:59:d7:3c:98:9a:16:07:e7:ce:c9:
bb:fa:28:99:1b:f3:68:30:5b:c8:cb:e0:81:98:78:3f:3a:fe:
ec:a9:c7:d0:a1:1b:cc:59:17:4d:52:53:2d:be:32:d2:50:5d:
50:8f:e8:8f
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgIDAJEkMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MDUzMDE2MzA1NVoXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjY1OGE5YmYtNmFkZjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANHY+nc/FSef71ybzRkBBgvpxqCTy+1fHZcqpN2AN8Rl3D1GfgX+neyu1QMt
Gd14fW0TKY0h2p4iw93essvCLFUwNH2mGr+7yF0KOp5YD2VzPISTnyezH3cVp32S
3Q0nXZRWxnJHGZa4HTnETkKQwxKA+3UAPlJupFm+qvKp6909PDmGHcL8WFzW2768
Um1jTL4goms0/Qrj6kaIZkUk1COcmx7sY6eJweqwIhrFxWUEVdMr7EoaWKutE8tH
kYZZ9ieCwxuPQXPXmccYCx95dOb8MH3cw+EuxWtjd8nxRgoIm7VecEISlPibSzTu
h74eWyIHrbKmiRZjlfs47gXKv60CAwEAAaOCApswggKXMB0GA1UdDgQWBBT8R3Vb
TwwZtkGSB7jfocJu8O7ZQDAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzlGN0U2ODY2
MTQ2QjExRUM5N0U3MDY0RUM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMCUGCCsGAQUFBwEHAQH/
BBYwFDASBAIAATAMAwQCZ0bEAwQBZ6jIMA0GCSqGSIb3DQEBCwUAA4IBAQCx24bC
DrlgjdktWd1dY2folpduk1k9Y3AN1YdG/G1Ic+BDGG4ioXjMIxR8adwcAAKa2WC2
dCrgIR/xkbxoSamqV7gJdPoWLw9w3zfd3+kauEVJHXD24QtQarag1BC2oiZGuakf
4/S/PEke8f1I2EzrPzWEvBvly6hj65re8Lpb1XAIoEnk0jNPqxGwX663+7sVVeYR
/dVMsGRGvGMCg+u3hsSnjZDGMU/A3Nh4eHSnXByz/rjKO0nbKxLG0tod8WzI5PQq
8DQdod8zdjq3FlnXPJiaFgfnzsm7+iiZG/NoMFvIy+CBmHg/Ov7sqcfQoRvMWRdN
UlMtvjLSUF1Qj+iP
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:24:43 2025 by rpki-client