Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/FBB21490CDC011EFAF01D463C4F9AE02.roa
File: FBB21490CDC011EFAF01D463C4F9AE02.roa (raw, json)
Hash identifier: cJvJi0uleyDoaVBt42e6NPiKkAa1PV3hpQ0csgKg6j0=
Subject key identifier: 75:55:4A:C8:5F:78:5D:6F:63:E9:EA:9C:2B:F7:D7:53:C6:3C:31:C1
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: A1D2
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/FBB21490CDC011EFAF01D463C4F9AE02.roa
Signing time: Thu 09 Jan 2025 05:22:39 +0000
ROA not before: Thu 09 Jan 2025 05:22:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 150644
IP address blocks: 103.98.79.0/24 maxlen: 24
103.174.254.0/23 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 41426 (0xa1d2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Jan 9 05:22:39 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=677f5d1e-592a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:4b:63:57:47:ef:c5:ca:43:36:4b:38:13:5f:
0f:08:6d:a4:53:21:23:88:71:d5:ff:1f:fb:44:45:
ee:8b:58:2b:97:77:61:fe:b4:1b:f3:e5:17:a9:2f:
d7:d4:66:de:91:fc:cd:e3:db:56:f1:dc:8f:a4:45:
1f:5d:22:4e:73:ca:37:81:97:63:75:7f:80:7c:f5:
43:23:79:cf:16:81:41:d2:27:ac:08:d7:dc:15:f5:
4b:db:bd:52:97:5a:f9:2a:6e:4a:86:c1:1f:cd:59:
d5:65:a9:02:38:89:16:dc:40:cc:f1:d7:05:32:24:
ae:5b:df:f5:46:73:a7:86:da:2d:81:e5:14:47:55:
09:12:82:de:6b:c3:d9:35:dd:8a:c0:28:1e:07:37:
0a:d1:61:c6:58:a0:44:44:e7:f5:42:67:d3:3c:95:
0f:ca:72:f1:f8:e3:16:4b:9a:e7:50:46:30:84:79:
04:95:ad:3a:6d:1b:5e:0e:85:de:c4:7e:9f:c4:8e:
0a:1a:eb:c5:ce:0d:d0:18:9c:c3:48:55:ff:e6:7d:
25:f9:03:44:46:b5:21:89:2d:c8:92:fc:dd:91:0f:
22:6a:3c:ca:25:73:92:47:92:61:f7:d0:dc:bb:08:
f4:83:a4:d8:a1:dd:b4:f4:bd:31:89:5a:ec:a5:9e:
12:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:55:4A:C8:5F:78:5D:6F:63:E9:EA:9C:2B:F7:D7:53:C6:3C:31:C1
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/FBB21490CDC011EFAF01D463C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.98.79.0/24
103.174.254.0/23
Signature Algorithm: sha256WithRSAEncryption
29:b5:24:3f:e6:e1:51:5d:14:c2:7f:ee:d7:39:e4:45:f7:18:
25:74:e0:45:8a:ea:5b:79:4e:cc:d7:97:99:77:80:c9:b4:03:
2e:b9:68:a5:e1:bb:d3:87:07:b8:09:0f:37:a4:96:02:5a:3b:
d6:06:2a:32:77:36:d7:8d:80:39:4b:1a:2a:aa:13:5e:4a:e6:
f7:3d:a2:80:cd:04:7c:3a:e6:77:ee:fb:30:fb:bb:4c:d1:e0:
18:0a:62:d4:b5:6e:ab:c3:d1:46:61:5d:24:73:bc:fe:74:cb:
5b:a2:0e:33:cb:04:ec:6a:9e:e4:b8:16:b6:54:5f:18:8f:78:
a9:76:c2:5b:24:cd:e7:0e:02:f2:c6:04:11:79:ad:19:be:1e:
12:db:15:e7:d6:cc:03:18:e2:7a:35:10:88:56:2a:48:33:2a:
03:c7:83:bd:d8:71:32:eb:d8:00:a7:af:44:3e:fb:9d:2a:c1:
4d:ca:08:bf:0a:98:42:1e:19:75:d6:0c:75:52:7a:10:ce:f7:
9c:5e:9c:f9:87:fb:55:40:a5:1b:60:b5:dd:59:d9:dc:51:8d:
58:e8:c1:41:77:b6:67:2d:36:3b:e6:36:63:8f:0b:58:09:dc:
26:bb:fc:45:1e:57:64:44:2b:c5:3c:34:f8:ce:e7:34:73:b8:
42:e1:a6:90
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgIDAKHSMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDEwOTA1MjIzOVoXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjc3ZjVkMWUtNTkyYTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKFLY1dH78XKQzZLOBNfDwhtpFMhI4hx1f8f+0RF7otYK5d3Yf60G/PlF6kv
19Rm3pH8zePbVvHcj6RFH10iTnPKN4GXY3V/gHz1QyN5zxaBQdInrAjX3BX1S9u9
Upda+SpuSobBH81Z1WWpAjiJFtxAzPHXBTIkrlvf9UZzp4baLYHlFEdVCRKC3mvD
2TXdisAoHgc3CtFhxligRETn9UJn0zyVD8py8fjjFkua51BGMIR5BJWtOm0bXg6F
3sR+n8SOChrrxc4N0Bicw0hV/+Z9JfkDREa1IYktyJL83ZEPImo8yiVzkkeSYffQ
3LsI9IOk2KHdtPS9MYla7KWeEhkCAwEAAaOCApswggKXMB0GA1UdDgQWBBR1VUrI
X3hdb2Pp6pwr99dTxjwxwTAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0ZCQjIxNDkw
Q0RDMDExRUZBRjAxRDQ2M0M0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMCUGCCsGAQUFBwEHAQH/
BBYwFDASBAIAATAMAwQAZ2JPAwQBZ67+MA0GCSqGSIb3DQEBCwUAA4IBAQAptSQ/
5uFRXRTCf+7XOeRF9xgldOBFiupbeU7M15eZd4DJtAMuuWil4bvThwe4CQ83pJYC
WjvWBioydzbXjYA5SxoqqhNeSub3PaKAzQR8OuZ37vsw+7tM0eAYCmLUtW6rw9FG
YV0kc7z+dMtbog4zywTsap7kuBa2VF8Yj3ipdsJbJM3nDgLyxgQRea0Zvh4S2xXn
1swDGOJ6NRCIVipIMyoDx4O92HEy69gAp69EPvudKsFNygi/CphCHhl11gx1UnoQ
zvecXpz5h/tVQKUbYLXdWdncUY1Y6MFBd7ZnLTY75jZjjwtYCdwmu/xFHldkRCvF
PDT4zuc0c7hC4aaQ
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:10:56 2025 by rpki-client