Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/E0D45A16BDD011EA9702FC12C4F9AE02.roa
File: E0D45A16BDD011EA9702FC12C4F9AE02.roa (raw, json)
Hash identifier: F1+0MYiXRhZ0/MV8BOvnw8AnrJaUkjN3XdOGLyT2gaE=
Subject key identifier: 60:B0:6C:C0:71:3D:32:27:96:0C:DA:7D:78:0D:4F:AB:83:61:32:3A
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 97DA
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/E0D45A16BDD011EA9702FC12C4F9AE02.roa
Signing time: Fri 30 Aug 2024 07:06:54 +0000
ROA not before: Fri 30 Aug 2024 07:06:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 139549
IP address blocks: 103.124.172.0/24 maxlen: 24
103.146.110.0/23 maxlen: 24
103.160.199.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 38874 (0x97da)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Aug 30 07:06:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=66d16f8e-b296
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:aa:69:38:ce:42:96:89:3b:3a:a1:50:2f:5a:
93:ff:52:9a:16:f1:36:df:b8:8f:cb:f5:ca:28:9e:
22:e6:7b:32:5f:72:41:2f:58:db:76:19:cb:fc:f4:
2c:23:f8:ad:9d:95:4a:7f:88:6c:0a:d8:6b:93:02:
d4:f6:65:22:b8:ec:3f:ee:3b:bc:b6:8f:a7:a1:fb:
5f:8c:82:e8:00:85:b9:89:fc:ef:bd:03:c9:b2:bc:
24:1f:0d:32:f8:1e:2f:41:1c:5a:df:dc:3b:44:68:
ec:07:67:eb:e8:44:c6:10:3e:28:26:43:54:29:06:
cd:0d:e9:24:fc:ca:65:64:d8:71:57:d1:0b:86:ef:
0d:26:82:2a:b6:58:e0:cb:25:ee:a1:90:2d:17:ac:
5e:e1:a9:2e:b0:06:7c:eb:4e:e7:9b:3e:91:2b:ec:
e0:33:c8:46:51:49:cb:c6:50:15:38:cd:77:8b:bf:
11:b8:0f:56:f4:be:e6:b1:0b:ae:3d:13:b5:2b:08:
28:e1:24:3c:d9:07:8b:23:ad:0f:56:14:d3:4a:49:
a7:56:39:5a:70:52:f0:de:c2:ca:22:a5:7f:7f:12:
91:56:29:08:a2:61:08:9a:24:37:2f:2a:5e:df:3b:
39:7c:49:f1:27:b3:65:80:0d:54:17:64:e9:59:07:
84:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:B0:6C:C0:71:3D:32:27:96:0C:DA:7D:78:0D:4F:AB:83:61:32:3A
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/E0D45A16BDD011EA9702FC12C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.124.172.0/24
103.146.110.0/23
103.160.199.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:4b:4f:58:7f:0f:80:b1:b9:c5:92:f9:de:e0:e0:be:96:bd:
41:45:ef:82:8a:69:50:f1:d2:05:28:16:a2:b7:96:8a:48:f9:
f1:43:aa:c2:86:54:2a:ba:ca:23:01:ee:fd:3f:aa:d3:8e:28:
96:0d:e8:48:cf:e5:1d:b5:b0:a8:ee:07:59:82:a0:4e:62:a0:
b1:db:e8:59:93:88:e6:56:3f:1a:de:ac:d7:56:05:3d:20:9b:
b4:2f:18:ed:fc:16:ef:76:2a:cc:21:02:0a:90:cb:4d:11:7d:
d7:c0:01:64:f0:d8:17:b2:74:64:01:cd:5b:46:3f:a6:4d:7b:
08:37:70:6e:9e:da:e4:cc:b5:e0:0d:8f:42:73:be:e3:ca:fd:
b6:3b:eb:5d:7a:e6:82:7a:ea:6d:eb:db:53:b0:10:9a:fa:c7:
40:4e:23:a3:a7:4d:d5:12:b0:dd:46:1f:00:64:88:27:93:ee:
23:97:c3:c5:da:b0:8c:f9:49:96:c1:87:47:89:dc:13:f8:3e:
fd:07:37:11:0d:bd:39:b2:d2:0d:6c:fb:59:04:83:7c:a3:a6:
d2:a2:f5:45:bb:4e:10:b1:6b:de:ad:7a:a0:32:a8:3e:61:ed:
16:92:b4:00:85:85:93:18:0e:63:bb:16:58:b4:85:e0:fb:4c:
5f:47:19:0d
-----BEGIN CERTIFICATE-----
MIIFfjCCBGagAwIBAgIDAJfaMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MDgzMDA3MDY1NFoXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjZkMTZmOGUtYjI5NjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANqqaTjOQpaJOzqhUC9ak/9SmhbxNt+4j8v1yiieIuZ7Ml9yQS9Y23YZy/z0
LCP4rZ2VSn+IbArYa5MC1PZlIrjsP+47vLaPp6H7X4yC6ACFuYn8770DybK8JB8N
MvgeL0EcWt/cO0Ro7Adn6+hExhA+KCZDVCkGzQ3pJPzKZWTYcVfRC4bvDSaCKrZY
4Msl7qGQLResXuGpLrAGfOtO55s+kSvs4DPIRlFJy8ZQFTjNd4u/EbgPVvS+5rEL
rj0TtSsIKOEkPNkHiyOtD1YU00pJp1Y5WnBS8N7CyiKlf38SkVYpCKJhCJokNy8q
Xt87OXxJ8SezZYANVBdk6VkHhIUCAwEAAaOCAqEwggKdMB0GA1UdDgQWBBRgsGzA
cT0yJ5YM2n14DU+rg2EyOjAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0UwRDQ1QTE2
QkREMDExRUE5NzAyRkMxMkM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMCsGCCsGAQUFBwEHAQH/
BBwwGjAYBAIAATASAwQAZ3ysAwQBZ5JuAwQAZ6DHMA0GCSqGSIb3DQEBCwUAA4IB
AQBeS09Yfw+AsbnFkvne4OC+lr1BRe+CimlQ8dIFKBait5aKSPnxQ6rChlQqusoj
Ae79P6rTjiiWDehIz+UdtbCo7gdZgqBOYqCx2+hZk4jmVj8a3qzXVgU9IJu0Lxjt
/BbvdirMIQIKkMtNEX3XwAFk8NgXsnRkAc1bRj+mTXsIN3BuntrkzLXgDY9Cc77j
yv22O+tdeuaCeupt69tTsBCa+sdATiOjp03VErDdRh8AZIgnk+4jl8PF2rCM+UmW
wYdHidwT+D79BzcRDb05stINbPtZBIN8o6bSovVFu04QsWverXqgMqg+Ye0WkrQA
hYWTGA5juxZYtIXg+0xfRxkN
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:27:07 2025 by rpki-client