Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/CD022BCCE77811EF9FEECE58C4F9AE02.roa
File: CD022BCCE77811EF9FEECE58C4F9AE02.roa (raw, json)
Hash identifier: bBBZ5vWA8TX708petdBRQhYb8WyMeF3iP4rI5zAyw/M=
Subject key identifier: 5F:2D:58:09:C8:65:8F:9C:22:59:77:62:27:A7:6A:B6:69:B7:2E:63
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: A5BF
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/CD022BCCE77811EF9FEECE58C4F9AE02.roa
Signing time: Mon 10 Feb 2025 12:55:06 +0000
ROA not before: Mon 10 Feb 2025 12:55:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 138243
IP address blocks: 103.157.2.0/24 maxlen: 24
103.157.3.0/24 maxlen: 24
2001:df5:580::/48 maxlen: 48
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 42431 (0xa5bf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Feb 10 12:55:06 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67a9f729-1999
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:c5:be:8a:96:f6:23:27:29:a6:de:59:2e:f9:
7a:98:10:30:8f:55:fa:38:59:50:cb:a5:01:06:b7:
d5:b6:15:d5:b7:c5:09:a0:25:a2:b0:69:d9:18:c8:
2f:b0:66:42:0c:d8:59:b5:8d:b5:6f:4c:9f:8b:ce:
d1:bd:a6:11:87:c6:d0:54:ed:ae:da:8b:6b:23:a0:
3d:4c:0e:41:79:8d:8a:ef:1d:7a:02:39:5c:48:e5:
0e:5d:39:15:22:c2:92:ac:2d:2a:d4:be:0b:19:ad:
53:9c:c1:e5:48:f3:ad:9e:8e:22:d3:0c:d0:12:fe:
70:dd:b0:51:c9:b8:ec:b4:61:fe:eb:8a:72:c2:4c:
d5:38:6d:16:f0:f7:e7:96:1c:c4:0f:fd:f1:05:51:
74:90:6e:64:2b:ca:57:a7:e9:73:46:5e:ce:b5:d4:
84:43:0d:24:28:1a:51:95:14:2d:19:fe:e7:41:60:
d4:49:2d:29:d0:18:4e:a2:6f:92:ae:c4:c9:a0:08:
7d:43:87:d0:1b:b1:43:58:df:03:93:c3:d5:34:41:
58:99:1f:9f:9d:ef:78:7a:f4:2d:0f:10:7a:55:38:
14:fd:6d:f5:1e:f3:78:08:36:4d:d8:af:20:6a:c1:
64:fe:11:40:8b:f1:fb:2f:b8:fd:8f:39:c4:9f:9a:
3e:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:2D:58:09:C8:65:8F:9C:22:59:77:62:27:A7:6A:B6:69:B7:2E:63
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/CD022BCCE77811EF9FEECE58C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.157.2.0/23
IPv6:
2001:df5:580::/48
Signature Algorithm: sha256WithRSAEncryption
93:70:f2:6e:78:21:63:15:03:03:71:e9:2b:8e:28:8d:06:2f:
7f:4e:92:86:31:82:99:c0:ef:7d:fa:96:66:8d:bc:23:95:d4:
04:9f:96:84:60:94:ef:8f:3f:6e:5f:57:c6:fb:c3:0c:77:1c:
1a:eb:8d:f9:86:d6:e9:57:6e:f9:ef:37:94:48:46:ec:6c:b0:
d6:dd:cb:8a:84:52:30:02:59:83:7b:a5:69:4c:d5:d6:58:05:
0e:af:c5:66:d3:78:0d:ad:7f:5a:03:9c:06:7c:6c:6b:99:f4:
d0:68:ed:c0:55:7e:4a:e0:5f:e7:b4:b6:57:1a:9c:8b:4a:79:
50:f5:7b:ef:4a:c5:7b:de:26:82:cb:80:88:fa:1b:b9:05:9f:
34:c9:6d:4d:fc:2b:7a:34:ed:a3:2c:cf:16:47:bd:87:80:6b:
86:f9:23:7e:c3:72:af:54:91:ca:54:c9:ff:00:8e:b9:93:88:
12:7a:7a:23:ff:01:1d:cb:42:0b:96:94:de:85:06:a4:dc:e4:
50:99:21:70:34:ea:41:01:d7:3c:e7:ef:2e:6e:09:58:fc:7e:
35:2c:0e:f9:33:2a:d9:9b:44:4a:b7:79:59:48:75:e9:1c:11:
db:fe:03:86:12:6b:6c:24:5b:13:c7:c2:ad:5f:72:f1:f4:3d:
30:c9:71:2d
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgIDAKW/MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDIxMDEyNTUwNloXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjdhOWY3MjktMTk5OTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANPFvoqW9iMnKabeWS75epgQMI9V+jhZUMulAQa31bYV1bfFCaAlorBp2RjI
L7BmQgzYWbWNtW9Mn4vO0b2mEYfG0FTtrtqLayOgPUwOQXmNiu8degI5XEjlDl05
FSLCkqwtKtS+CxmtU5zB5UjzrZ6OItMM0BL+cN2wUcm47LRh/uuKcsJM1ThtFvD3
55YcxA/98QVRdJBuZCvKV6fpc0ZezrXUhEMNJCgaUZUULRn+50Fg1EktKdAYTqJv
kq7EyaAIfUOH0BuxQ1jfA5PD1TRBWJkfn53veHr0LQ8QelU4FP1t9R7zeAg2Tdiv
IGrBZP4RQIvx+y+4/Y85xJ+aPnECAwEAAaOCAqYwggKiMB0GA1UdDgQWBBRfLVgJ
yGWPnCJZd2Inp2q2abcuYzAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0NEMDIyQkND
RTc3ODExRUY5RkVFQ0U1OEM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMDAGCCsGAQUFBwEHAQH/
BCEwHzAMBAIAATAGAwQBZ50CMA8EAgACMAkDBwAgAQ31BYAwDQYJKoZIhvcNAQEL
BQADggEBAJNw8m54IWMVAwNx6SuOKI0GL39OkoYxgpnA7336lmaNvCOV1ASfloRg
lO+PP25fV8b7wwx3HBrrjfmG1ulXbvnvN5RIRuxssNbdy4qEUjACWYN7pWlM1dZY
BQ6vxWbTeA2tf1oDnAZ8bGuZ9NBo7cBVfkrgX+e0tlcanItKeVD1e+9KxXveJoLL
gIj6G7kFnzTJbU38K3o07aMszxZHvYeAa4b5I37Dcq9UkcpUyf8AjrmTiBJ6eiP/
AR3LQguWlN6FBqTc5FCZIXA06kEB1zzn7y5uCVj8fjUsDvkzKtmbREq3eVlIdekc
Edv+A4YSa2wkWxPHwq1fcvH0PTDJcS0=
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:21:35 2025 by rpki-client