Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/F6232C2A207A11EE9B9B1739C4F9AE02.roa
File: F6232C2A207A11EE9B9B1739C4F9AE02.roa (raw, json)
Hash identifier: ISUddVgQetBqGuhZlvim9D71uzwu+e3ZsrcyB2SwMs4=
Subject key identifier: F9:CC:3E:DD:6B:08:F3:63:70:D1:40:37:77:7D:5B:16:62:10:B5:8B
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 792F
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/F6232C2A207A11EE9B9B1739C4F9AE02.roa
Signing time: Fri 01 Sep 2023 12:14:16 +0000
ROA not before: Fri 01 Sep 2023 12:14:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 32787
IP address blocks: 103.167.152.0/24 maxlen: 24
103.167.153.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 31023 (0x792f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Sep 1 12:14:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=64f1d598-e97c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:8a:ea:48:c0:02:23:91:e1:51:d5:40:26:0f:
d2:24:f0:e7:6f:76:8d:3f:d4:fa:62:d8:fc:31:64:
d3:14:cd:aa:b6:c3:a5:53:06:b7:a4:e4:ea:86:2b:
c8:a2:15:8c:dd:a5:45:fd:a2:52:27:c0:34:d8:4a:
8c:3b:19:94:a7:3b:01:d7:5a:94:ac:e7:ac:8c:c6:
d0:83:f4:f4:d4:52:35:e9:60:4d:56:c8:db:76:04:
31:d0:17:18:85:04:e5:b8:a6:57:3e:14:67:1e:16:
53:91:cf:ea:4c:52:6a:79:73:6d:bd:90:e7:4d:2b:
73:49:31:a8:0e:95:4c:6d:20:d8:86:4b:04:ae:62:
75:f6:83:0c:d9:db:07:a1:2b:e0:1c:db:6c:85:71:
2e:4c:97:30:d5:2c:18:5d:1f:05:0c:c1:9b:ab:66:
b7:51:e9:61:2a:54:a1:01:16:1a:80:b9:a1:27:49:
39:75:b1:11:04:39:b9:b2:6e:ad:b7:c6:60:96:e7:
09:b3:01:72:06:b4:c4:95:27:71:7c:ed:d0:ed:75:
55:60:17:86:e8:bc:a9:28:be:45:07:6c:55:04:5a:
1f:16:32:02:fd:83:fe:a8:50:b3:17:51:e4:a7:c5:
10:be:3b:a2:12:3e:45:71:aa:44:e6:56:a5:a9:da:
ab:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:CC:3E:DD:6B:08:F3:63:70:D1:40:37:77:7D:5B:16:62:10:B5:8B
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/F6232C2A207A11EE9B9B1739C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.167.152.0/23
Signature Algorithm: sha256WithRSAEncryption
78:16:ea:df:3c:fd:ec:a3:50:3e:f0:e5:7f:6a:c3:13:60:5d:
a6:22:0d:c6:e3:15:75:33:21:e7:cb:41:23:05:e3:0a:ec:c8:
e0:f1:28:31:63:e0:bd:d2:c4:9d:42:ee:45:bd:8c:36:b0:4a:
78:09:6c:81:44:a6:74:b1:b5:c9:23:60:c5:7c:37:e8:e4:fd:
6c:fb:c3:c3:2c:5f:25:2b:5d:d9:e7:9a:82:a2:25:0a:2e:da:
39:23:70:fd:d9:61:d5:50:27:f2:51:1b:19:fc:c9:58:94:c0:
92:c2:4c:a6:b9:bf:40:3e:69:7a:45:0d:ca:99:f4:b0:ef:14:
02:91:7a:bf:d1:c7:d5:77:74:be:4e:58:40:ae:c1:49:6f:dc:
a6:47:67:8a:be:8c:a7:2b:e6:1b:b4:64:46:3d:e8:ea:d8:8b:
5b:a2:b4:a5:fb:b7:65:83:02:6f:76:58:6b:3d:a8:13:c2:b3:
f4:88:db:cf:d0:a0:82:9e:06:b7:20:49:4f:e6:23:e1:ba:22:
59:31:3b:b2:00:f8:6b:15:a7:f8:c4:be:c6:a8:fd:c2:85:2b:
db:3c:a4:a2:1e:f8:51:5a:5d:4a:cf:ba:36:79:48:b5:df:87:
61:65:f0:8b:61:01:94:66:67:8d:59:a1:60:cf:da:ff:f4:ee:
6e:57:3c:0d
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICeS8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMwOTAxMTIxNDE2WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGYxZDU5OC1lOTdjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAv4rqSMACI5HhUdVAJg/SJPDnb3aNP9T6Ytj8MWTTFM2qtsOlUwa3pOTqhivI
ohWM3aVF/aJSJ8A02EqMOxmUpzsB11qUrOesjMbQg/T01FI16WBNVsjbdgQx0BcY
hQTluKZXPhRnHhZTkc/qTFJqeXNtvZDnTStzSTGoDpVMbSDYhksErmJ19oMM2dsH
oSvgHNtshXEuTJcw1SwYXR8FDMGbq2a3UelhKlShARYagLmhJ0k5dbERBDm5sm6t
t8ZglucJswFyBrTElSdxfO3Q7XVVYBeG6LypKL5FB2xVBFofFjIC/YP+qFCzF1Hk
p8UQvjuiEj5FcapE5lalqdqr9QIDAQABo4IClTCCApEwHQYDVR0OBBYEFPnMPt1r
CPNjcNFAN3d9WxZiELWLMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvRjYyMzJDMkEy
MDdBMTFFRTlCOUIxNzM5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnp5gwDQYJKoZIhvcNAQELBQADggEBAHgW6t88/eyjUD7w
5X9qwxNgXaYiDcbjFXUzIefLQSMF4wrsyODxKDFj4L3SxJ1C7kW9jDawSngJbIFE
pnSxtckjYMV8N+jk/Wz7w8MsXyUrXdnnmoKiJQou2jkjcP3ZYdVQJ/JRGxn8yViU
wJLCTKa5v0A+aXpFDcqZ9LDvFAKRer/Rx9V3dL5OWECuwUlv3KZHZ4q+jKcr5hu0
ZEY96OrYi1uitKX7t2WDAm92WGs9qBPCs/SI28/QoIKeBrcgSU/mI+G6IlkxO7IA
+GsVp/jEvsao/cKFK9s8pKIe+FFaXUrPujZ5SLXfh2Fl8IthAZRmZ41ZoWDP2v/0
7m5XPA0=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:27:02 2025 by rpki-client