Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/ECA9AFA28FDE11EDA9919C57C4F9AE02.roa
File: ECA9AFA28FDE11EDA9919C57C4F9AE02.roa (raw, json)
Hash identifier: WQPprprXyiID0gvzl4H6403i8gNwJz+BI2tjcCLpxRU=
Subject key identifier: 52:26:53:66:8A:BE:3F:D0:C5:C9:71:CE:0F:00:B1:36:F6:5F:9C:EC
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: A509
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/ECA9AFA28FDE11EDA9919C57C4F9AE02.roa
Signing time: Thu 06 Feb 2025 11:56:12 +0000
ROA not before: Thu 06 Feb 2025 11:56:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 133252
IP address blocks: 103.38.150.0/24 maxlen: 24
103.97.103.0/24 maxlen: 24
103.233.120.0/24 maxlen: 24
103.235.64.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 42249 (0xa509)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Feb 6 11:56:12 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67a4a35c-bfd2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:7a:16:e2:8e:e0:49:a2:72:e0:33:b5:89:08:
30:a0:2d:dc:7a:85:ea:ac:c9:25:da:36:48:9a:f8:
9b:3a:64:c7:3a:8b:b3:0b:6d:e8:57:36:17:63:80:
36:1b:88:41:fc:aa:78:bb:ae:1e:c6:f2:99:77:99:
af:54:f0:5d:5b:19:e1:e9:5e:1e:49:ba:4b:a9:d5:
d1:46:3d:f0:b1:ff:43:47:b9:6b:19:ef:2f:41:42:
01:11:d4:56:f3:53:ed:c3:11:cf:9d:0d:4a:53:05:
6a:2b:bd:e5:56:09:79:21:e4:4e:00:c4:9b:67:4b:
06:26:9c:74:86:13:09:2c:a8:ea:b5:5a:7c:b8:94:
5b:4e:20:3f:44:17:a8:32:e5:92:a1:64:42:fc:e0:
5e:c0:e8:1d:06:c4:15:b7:8a:0c:05:45:80:52:d4:
20:aa:54:1b:2c:00:18:66:ac:98:30:20:c6:c2:48:
e9:71:9d:5e:fd:2a:84:ff:e8:2a:99:87:41:40:46:
9e:96:f6:43:fb:82:a3:6c:b1:72:58:4f:06:52:e3:
24:1d:90:32:82:5e:d6:ab:56:08:b8:4b:a2:e6:04:
ff:2f:d5:b4:dd:8d:f9:46:0d:7e:9b:c2:2a:4f:93:
5f:6b:67:9a:bf:c2:6b:93:8c:b6:f5:1a:87:c6:60:
26:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:26:53:66:8A:BE:3F:D0:C5:C9:71:CE:0F:00:B1:36:F6:5F:9C:EC
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/ECA9AFA28FDE11EDA9919C57C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.38.150.0/24
103.97.103.0/24
103.233.120.0/24
103.235.64.0/24
Signature Algorithm: sha256WithRSAEncryption
17:17:51:6f:eb:16:79:f8:73:c0:85:3c:f4:48:3d:c4:60:7a:
67:70:1e:4f:67:c1:b2:44:7e:77:22:3a:54:b4:05:8d:46:f1:
8c:b4:2d:27:12:8f:39:16:48:96:5b:e6:70:02:04:ec:11:68:
19:a9:5b:1e:32:9a:a3:8d:1c:95:c8:cb:63:cd:26:95:7f:df:
5e:c8:e9:bb:34:5c:a8:06:e5:e6:db:ac:31:24:20:46:f3:74:
fd:0b:0d:36:e6:3d:16:f2:12:9c:14:c0:ff:41:8c:27:30:80:
1c:98:c5:74:f0:16:7e:1b:24:bf:f5:39:b7:80:e4:19:bf:35:
ee:81:3c:69:76:e2:d2:fc:9f:92:a9:ab:cf:bf:66:f5:fd:a9:
0e:0c:05:ec:9f:c9:79:2f:5a:a7:23:0d:67:b2:40:3e:b5:33:
92:dc:47:be:ea:ec:dd:d4:52:7c:c8:a2:29:a4:e0:2d:5b:18:
84:60:93:5f:2c:8c:44:06:a8:c3:58:8f:46:66:64:03:c7:91:
db:ed:3d:3a:e1:a5:d8:03:bb:86:c2:61:e1:c8:be:b0:b8:87:
43:fa:4d:37:d7:dc:08:8a:b9:c4:36:99:54:b7:d5:a6:b3:0b:
b0:e1:c3:a6:32:7a:ac:aa:03:1d:10:18:0f:31:1b:52:35:4a:
46:c9:b9:59
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgIDAKUJMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDIwNjExNTYxMloXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjdhNGEzNWMtYmZkMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANZ6FuKO4EmicuAztYkIMKAt3HqF6qzJJdo2SJr4mzpkxzqLswtt6Fc2F2OA
NhuIQfyqeLuuHsbymXeZr1TwXVsZ4eleHkm6S6nV0UY98LH/Q0e5axnvL0FCARHU
VvNT7cMRz50NSlMFaiu95VYJeSHkTgDEm2dLBiacdIYTCSyo6rVafLiUW04gP0QX
qDLlkqFkQvzgXsDoHQbEFbeKDAVFgFLUIKpUGywAGGasmDAgxsJI6XGdXv0qhP/o
KpmHQUBGnpb2Q/uCo2yxclhPBlLjJB2QMoJe1qtWCLhLouYE/y/VtN2N+UYNfpvC
Kk+TX2tnmr/Ca5OMtvUah8ZgJscCAwEAAaOCAqcwggKjMB0GA1UdDgQWBBRSJlNm
ir4/0MXJcc4PALE29l+c7DAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0VDQTlBRkEy
OEZERTExRURBOTkxOUM1N0M0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMDEGCCsGAQUFBwEHAQH/
BCIwIDAeBAIAATAYAwQAZyaWAwQAZ2FnAwQAZ+l4AwQAZ+tAMA0GCSqGSIb3DQEB
CwUAA4IBAQAXF1Fv6xZ5+HPAhTz0SD3EYHpncB5PZ8GyRH53IjpUtAWNRvGMtC0n
Eo85FkiWW+ZwAgTsEWgZqVseMpqjjRyVyMtjzSaVf99eyOm7NFyoBuXm26wxJCBG
83T9Cw025j0W8hKcFMD/QYwnMIAcmMV08BZ+GyS/9Tm3gOQZvzXugTxpduLS/J+S
qavPv2b1/akODAXsn8l5L1qnIw1nskA+tTOS3Ee+6uzd1FJ8yKIppOAtWxiEYJNf
LIxEBqjDWI9GZmQDx5Hb7T064aXYA7uGwmHhyL6wuIdD+k0319wIirnENplUt9Wm
swuw4cOmMnqsqgMdEBgPMRtSNUpGyblZ
-----END CERTIFICATE-----
Generated at Fri Apr 4 21:58:01 2025 by rpki-client