Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A3078/8630B1C84C8C11EAB9E27057C4F9AE02/CDD62642854E11EBA2CFDC87C4F9AE02.roa
File: CDD62642854E11EBA2CFDC87C4F9AE02.roa (raw, json)
Hash identifier: EMIkCzah8q7OcQkgGcb8CJSovHyJ1MV1+D6g6V84DdU=
Subject key identifier: F0:70:72:F2:58:85:73:8D:16:CA:89:D0:38:1E:5B:C1:FB:B7:EA:0F
Certificate issuer: /CN=A91A3078/serialNumber=5027F3192EBDD54950A39C3D13094A71F1D33266
Certificate serial: 0ACB
Authority key identifier: 50:27:F3:19:2E:BD:D5:49:50:A3:9C:3D:13:09:4A:71:F1:D3:32:66
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UCfzGS691UlQo5w9EwlKcfHTMmY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A3078/8630B1C84C8C11EAB9E27057C4F9AE02/CDD62642854E11EBA2CFDC87C4F9AE02.roa
Signing time: Tue 04 Feb 2025 19:18:55 +0000
ROA not before: Tue 04 Feb 2025 19:18:55 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 140038
IP address blocks: 103.147.182.0/23 maxlen: 23
103.147.182.0/24 maxlen: 24
103.147.183.0/24 maxlen: 24
103.204.80.0/23 maxlen: 23
103.204.80.0/24 maxlen: 24
103.204.81.0/24 maxlen: 24
2001:df2:9f80::/48 maxlen: 48
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2763 (0xacb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A3078
Validity
Not Before: Feb 4 19:18:55 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=67a2681f-4fa1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:f0:de:7e:c5:4b:ec:82:6e:d3:3b:ef:2d:77:
26:19:da:5d:f4:de:44:61:bc:9a:0a:db:69:c0:0c:
5f:f6:50:3f:43:a9:9f:6e:12:53:a3:f8:6e:9b:4e:
e8:0a:68:9d:4b:13:ec:4e:cf:07:1c:17:3f:e4:28:
d3:4b:41:a5:23:23:f8:cc:c8:c9:78:dd:09:9e:5f:
fa:5c:ec:bc:c6:83:b0:79:7f:8b:d4:0a:f2:39:30:
e2:b1:5c:6b:f5:44:6c:66:6c:d6:5a:73:91:8d:41:
4d:30:aa:dd:3c:f7:7b:dc:d0:00:f3:5e:eb:2e:f2:
ae:8e:5a:d1:93:c5:80:c5:6e:1b:f9:64:33:f4:68:
c3:f1:4e:a2:ba:2d:3f:f1:c2:73:3b:f0:b2:f7:99:
29:c0:2b:82:46:a5:64:7d:5b:f6:da:b6:3d:d6:93:
d2:9e:b1:c8:8a:eb:4f:8b:41:eb:d8:d6:ec:ba:5e:
db:00:92:55:ba:3c:b6:1a:fb:7e:95:10:70:b3:29:
f8:17:91:d7:41:c1:50:0c:ef:72:c1:71:49:6a:fc:
20:1f:5c:f8:5b:3c:96:23:f5:4c:3d:43:89:21:0f:
6e:46:49:0a:a3:00:29:31:0c:71:8c:74:ab:b2:86:
11:6c:21:58:ae:ed:58:9e:f6:ed:2c:48:2f:1a:60:
fb:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:70:72:F2:58:85:73:8D:16:CA:89:D0:38:1E:5B:C1:FB:B7:EA:0F
X509v3 Authority Key Identifier:
keyid:50:27:F3:19:2E:BD:D5:49:50:A3:9C:3D:13:09:4A:71:F1:D3:32:66
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A3078/8630B1C84C8C11EAB9E27057C4F9AE02/UCfzGS691UlQo5w9EwlKcfHTMmY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UCfzGS691UlQo5w9EwlKcfHTMmY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A3078/8630B1C84C8C11EAB9E27057C4F9AE02/CDD62642854E11EBA2CFDC87C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.147.182.0/23
103.204.80.0/23
IPv6:
2001:df2:9f80::/48
Signature Algorithm: sha256WithRSAEncryption
14:04:cf:d6:3c:62:4c:67:96:16:ce:a2:d9:a7:9e:95:00:83:
ab:7e:f4:1f:25:9d:54:aa:66:03:77:8d:d5:5a:27:94:48:5f:
af:fc:be:32:f3:2f:38:e0:f6:aa:68:21:83:e3:74:04:95:d4:
ef:2f:af:f8:f8:47:5e:d4:1a:89:38:0d:fd:48:7b:a2:5d:b3:
f4:46:89:9d:59:d6:de:f2:70:14:6c:bb:38:4c:93:20:2b:ca:
e6:d1:f3:98:e4:df:8e:6f:ff:5b:24:6a:77:65:5a:9f:46:21:
24:d0:60:ee:54:3b:34:65:b7:ce:a3:cb:b2:d8:13:74:ce:54:
4a:0d:a0:cd:1a:ec:ef:e3:6c:4a:9e:6b:51:e2:9e:5d:4d:5e:
4d:48:b4:b4:49:2c:3d:44:3b:05:73:de:0e:87:9b:94:be:c2:
7b:4b:a9:20:31:38:3d:e5:e3:e2:41:3d:9e:30:83:a1:78:71:
e3:23:0f:20:8b:fa:c0:53:73:3c:93:30:09:af:f3:ab:92:82:
1b:46:fe:b3:34:44:a4:5d:c3:22:60:93:2e:e6:71:99:7f:ac:
fc:f6:54:a5:96:6d:d5:f1:d3:cf:5e:d9:8a:af:34:17:34:9f:
4b:69:7c:94:0a:9e:21:6b:c0:24:87:3d:97:b5:4d:cb:1c:50:
08:74:d8:ed
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgICCsswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTMwNzgxMTAvBgNVBAUTKDUwMjdGMzE5MkVCREQ1NDk1MEEzOUMzRDEzMDk0QTcx
RjFEMzMyNjYwHhcNMjUwMjA0MTkxODU1WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2EyNjgxZi00ZmExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA7/DefsVL7IJu0zvvLXcmGdpd9N5EYbyaCttpwAxf9lA/Q6mfbhJTo/hum07o
CmidSxPsTs8HHBc/5CjTS0GlIyP4zMjJeN0Jnl/6XOy8xoOweX+L1AryOTDisVxr
9URsZmzWWnORjUFNMKrdPPd73NAA817rLvKujlrRk8WAxW4b+WQz9GjD8U6iui0/
8cJzO/Cy95kpwCuCRqVkfVv22rY91pPSnrHIiutPi0Hr2Nbsul7bAJJVujy2Gvt+
lRBwsyn4F5HXQcFQDO9ywXFJavwgH1z4WzyWI/VMPUOJIQ9uRkkKowApMQxxjHSr
soYRbCFYru1YnvbtLEgvGmD7HwIDAQABo4ICrDCCAqgwHQYDVR0OBBYEFPBwcvJY
hXONFsqJ0DgeW8H7t+oPMB8GA1UdIwQYMBaAFFAn8xkuvdVJUKOcPRMJSnHx0zJm
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMzA3OC84NjMwQjFDODRD
OEMxMUVBQjlFMjcwNTdDNEY5QUUwMi9VQ2Z6R1M2OTFVbFFvNXc5RXdsS2NmSFRN
bVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1VDZnpHUzY5MVVsUW81dzlFd2xLY2ZIVE1tWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTMwNzgvODYzMEIxQzg0QzhDMTFFQUI5RTI3MDU3QzRGOUFFMDIvQ0RENjI2NDI4
NTRFMTFFQkEyQ0ZEQzg3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNgYIKwYBBQUHAQcBAf8E
JzAlMBIEAgABMAwDBAFnk7YDBAFnzFAwDwQCAAIwCQMHACABDfKfgDANBgkqhkiG
9w0BAQsFAAOCAQEAFATP1jxiTGeWFs6i2aeelQCDq370HyWdVKpmA3eN1VonlEhf
r/y+MvMvOOD2qmghg+N0BJXU7y+v+PhHXtQaiTgN/Uh7ol2z9EaJnVnW3vJwFGy7
OEyTICvK5tHzmOTfjm//WyRqd2Van0YhJNBg7lQ7NGW3zqPLstgTdM5USg2gzRrs
7+NsSp5rUeKeXU1eTUi0tEksPUQ7BXPeDoeblL7Ce0upIDE4PeXj4kE9njCDoXhx
4yMPIIv6wFNzPJMwCa/zq5KCG0b+szREpF3DImCTLuZxmX+s/PZUpZZt1fHTz17Z
iq80FzSfS2l8lAqeIWvAJIc9l7VNyxxQCHTY7Q==
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:07:41 2025 by rpki-client