Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919C47E/BCEDF442B0BF11E886392237C4F9AE02/E26D2E4803CE11ED949DFE3EC4F9AE02.roa
File: E26D2E4803CE11ED949DFE3EC4F9AE02.roa (raw, json)
Hash identifier: ecbyGVR29uiekX9/EJM+TdfNUx22Zkkmmcb3hAZ26yM=
Subject key identifier: 22:FE:10:01:6E:84:E9:75:89:CF:A5:8B:60:2F:A6:C5:D6:28:64:BC
Certificate issuer: /CN=A919C47E/serialNumber=894FE11398B679AEB1B118B1BDE673E18CF6E934
Certificate serial: 1327
Authority key identifier: 89:4F:E1:13:98:B6:79:AE:B1:B1:18:B1:BD:E6:73:E1:8C:F6:E9:34
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iU_hE5i2ea6xsRixveZz4Yz26TQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919C47E/BCEDF442B0BF11E886392237C4F9AE02/E26D2E4803CE11ED949DFE3EC4F9AE02.roa
Signing time: Fri 07 Feb 2025 06:49:56 +0000
ROA not before: Fri 07 Feb 2025 06:49:56 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 138398
IP address blocks: 103.121.34.0/23 maxlen: 23
103.121.34.0/24 maxlen: 24
103.121.35.0/24 maxlen: 24
103.130.68.0/24 maxlen: 24
103.130.69.0/24 maxlen: 24
103.139.78.0/24 maxlen: 24
103.139.79.0/24 maxlen: 24
2403:b4c0::/36 maxlen: 36
2403:b4c0:1000::/36 maxlen: 36
2403:b4c0:2000::/36 maxlen: 36
2403:b4c0:3000::/36 maxlen: 36
2403:b4c0:5000::/36 maxlen: 36
2403:b4c0:6000::/36 maxlen: 36
2403:b4c0:7000::/36 maxlen: 36
2403:b4c0:8000::/48 maxlen: 48
2403:b4c0:8001::/48 maxlen: 48
2403:b4c0:8002::/48 maxlen: 48
2403:b4c0:8003::/48 maxlen: 48
2403:b4c0:8004::/48 maxlen: 48
2403:b4c0:8005::/48 maxlen: 48
2403:b4c0:9000::/36 maxlen: 36
2403:b4c0:aa00::/40 maxlen: 40
2403:b4c0:ae00::/40 maxlen: 40
2403:b4c0:af00::/40 maxlen: 40
2403:b4c0:f000::/36 maxlen: 36
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4903 (0x1327)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919C47E
Validity
Not Before: Feb 7 06:49:56 2025 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=67a5ad14-1dd9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:c2:7e:27:2a:df:b8:a5:69:62:c4:78:18:da:
a7:a3:ef:6c:fd:55:7e:b6:12:60:9e:62:32:6b:80:
53:60:83:c5:77:cf:06:0a:c1:eb:00:05:df:48:27:
66:c4:e3:f8:59:b0:cc:b0:1b:5b:2f:04:c0:5e:3d:
b4:f6:6a:59:db:ef:c0:e2:45:06:1d:22:3f:4e:d4:
2a:60:00:d0:77:01:03:e8:5b:70:b3:06:b7:67:70:
47:ca:6f:c2:83:79:cf:73:44:3f:ed:e1:4e:d2:29:
51:08:ab:a4:30:2a:82:bc:ea:72:a7:98:60:88:6d:
95:3a:96:7e:ec:c1:56:19:ab:a4:61:64:7b:b0:90:
73:55:99:78:24:2f:01:a1:19:7d:45:c3:78:07:9c:
6d:10:9e:0a:18:c4:ac:a5:9f:aa:b5:3e:0c:53:be:
fc:31:05:e8:67:d0:45:1e:42:0c:5d:2f:87:c2:02:
bd:51:36:38:4d:7b:1c:de:1b:5d:7b:a5:34:34:e5:
e4:04:35:dd:68:af:db:a9:46:ea:65:6f:0d:8d:08:
bf:5e:71:dd:1b:1c:e5:dc:42:4f:6e:c8:02:1f:f2:
f0:59:e3:e3:70:d0:e7:2a:82:7b:1f:81:9b:8e:6a:
fb:9f:95:e9:34:11:4a:8c:3a:3c:4c:23:02:3b:0a:
58:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:FE:10:01:6E:84:E9:75:89:CF:A5:8B:60:2F:A6:C5:D6:28:64:BC
X509v3 Authority Key Identifier:
keyid:89:4F:E1:13:98:B6:79:AE:B1:B1:18:B1:BD:E6:73:E1:8C:F6:E9:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919C47E/BCEDF442B0BF11E886392237C4F9AE02/iU_hE5i2ea6xsRixveZz4Yz26TQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iU_hE5i2ea6xsRixveZz4Yz26TQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919C47E/BCEDF442B0BF11E886392237C4F9AE02/E26D2E4803CE11ED949DFE3EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.121.34.0/23
103.130.68.0/23
103.139.78.0/23
IPv6:
2403:b4c0::/34
2403:b4c0:5000::-2403:b4c0:8005:ffff:ffff:ffff:ffff:ffff
2403:b4c0:9000::/36
2403:b4c0:aa00::/40
2403:b4c0:ae00::/39
2403:b4c0:f000::/36
Signature Algorithm: sha256WithRSAEncryption
74:41:c4:13:a6:e4:90:c3:4a:3d:8f:d1:36:8b:ad:3e:86:fc:
ac:70:2c:55:3a:55:cd:7c:59:f1:d1:20:fa:7f:ee:4d:1b:93:
45:e4:96:ed:43:e9:df:08:af:30:47:06:93:df:dd:ee:0c:08:
61:87:49:48:7a:32:60:5d:8c:41:c3:6a:30:43:d4:42:c7:c9:
ed:41:b1:2d:ac:b2:46:0a:4f:89:0b:64:40:df:8f:73:45:2a:
99:96:48:5b:79:d8:30:de:a5:8b:a7:32:09:53:10:ed:55:d2:
f9:6a:49:d2:30:d7:80:27:37:33:ca:b4:3a:b0:dc:26:5c:da:
a5:57:d4:c1:03:d0:fa:5f:e3:9c:ae:c7:a5:ab:8d:2d:53:d9:
bc:6d:36:55:9d:f9:4e:8d:62:de:18:37:78:69:9d:4b:2f:45:
6a:60:21:94:86:e9:69:4e:b4:5c:0d:35:40:d2:36:48:04:a8:
1f:40:eb:4f:71:f6:ed:82:bb:b6:09:d0:80:fc:38:64:e1:f1:
39:5b:8c:25:72:be:3e:ee:ad:ef:17:da:b5:41:12:cd:27:21:
3b:73:ae:66:6d:ed:20:37:25:a9:ad:cf:fd:98:b4:20:16:ab:
08:5b:b6:42:09:59:0c:f3:8f:fb:e2:af:43:9f:88:fc:db:4c:
dc:19:a8:c7
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgICEycwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OUM0N0UxMTAvBgNVBAUTKDg5NEZFMTEzOThCNjc5QUVCMUIxMThCMUJERTY3M0Ux
OENGNkU5MzQwHhcNMjUwMjA3MDY0OTU2WhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2E1YWQxNC0xZGQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAusJ+JyrfuKVpYsR4GNqno+9s/VV+thJgnmIya4BTYIPFd88GCsHrAAXfSCdm
xOP4WbDMsBtbLwTAXj209mpZ2+/A4kUGHSI/TtQqYADQdwED6Ftwswa3Z3BHym/C
g3nPc0Q/7eFO0ilRCKukMCqCvOpyp5hgiG2VOpZ+7MFWGaukYWR7sJBzVZl4JC8B
oRl9RcN4B5xtEJ4KGMSspZ+qtT4MU778MQXoZ9BFHkIMXS+HwgK9UTY4TXsc3htd
e6U0NOXkBDXdaK/bqUbqZW8NjQi/XnHdGxzl3EJPbsgCH/LwWePjcNDnKoJ7H4Gb
jmr7n5XpNBFKjDo8TCMCOwpYZwIDAQABo4IC5DCCAuAwHQYDVR0OBBYEFCL+EAFu
hOl1ic+li2AvpsXWKGS8MB8GA1UdIwQYMBaAFIlP4ROYtnmusbEYsb3mc+GM9uk0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5QzQ3RS9CQ0VERjQ0MkIw
QkYxMUU4ODYzOTIyMzdDNEY5QUUwMi9pVV9oRTVpMmVhNnhzUml4dmVaejRZejI2
VFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2lVX2hFNWkyZWE2eHNSaXh2ZVp6NFl6MjZUUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OUM0N0UvQkNFREY0NDJCMEJGMTFFODg2MzkyMjM3QzRGOUFFMDIvRTI2RDJFNDgw
M0NFMTFFRDk0OURGRTNFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwbgYIKwYBBQUHAQcBAf8E
XzBdMBgEAgABMBIDBAFneSIDBAFngkQDBAFni04wQQQCAAIwOwMGBiQDtMAAMBED
BgQkA7TAUAMHASQDtMCABAMGBCQDtMCQAwYAJAO0wKoDBgEkA7TArgMGBCQDtMDw
MA0GCSqGSIb3DQEBCwUAA4IBAQB0QcQTpuSQw0o9j9E2i60+hvyscCxVOlXNfFnx
0SD6f+5NG5NF5JbtQ+nfCK8wRwaT393uDAhhh0lIejJgXYxBw2owQ9RCx8ntQbEt
rLJGCk+JC2RA349zRSqZlkhbedgw3qWLpzIJUxDtVdL5aknSMNeAJzczyrQ6sNwm
XNqlV9TBA9D6X+Ocrselq40tU9m8bTZVnflOjWLeGDd4aZ1LL0VqYCGUhulpTrRc
DTVA0jZIBKgfQOtPcfbtgru2CdCA/Dhk4fE5W4wlcr4+7q3vF9q1QRLNJyE7c65m
be0gNyWprc/9mLQgFqsIW7ZCCVkM84/74q9Dn4j820zcGajH
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:03:09 2025 by rpki-client