Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A45E0/23BF2F26113E11EA88E87876C4F9AE02/884C5FB8E60411EFBF5A7957C4F9AE02.roa
File: 884C5FB8E60411EFBF5A7957C4F9AE02.roa (raw, json)
Hash identifier: lJpIF/DoFI3JvxRyvCQySFIPNE83lEmMNZBRdgQLMfI=
Subject key identifier: 36:BF:3B:2C:5D:C6:32:07:02:FE:E0:56:C7:F5:D8:5B:80:73:83:75
Certificate issuer: /CN=A91A45E0/serialNumber=6B0CB59503DA895FF94269D7A9BC20261704DCE9
Certificate serial: 0BFE
Authority key identifier: 6B:0C:B5:95:03:DA:89:5F:F9:42:69:D7:A9:BC:20:26:17:04:DC:E9
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/awy1lQPaiV_5QmnXqbwgJhcE3Ok.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A45E0/23BF2F26113E11EA88E87876C4F9AE02/884C5FB8E60411EFBF5A7957C4F9AE02.roa
Signing time: Sat 08 Feb 2025 10:07:41 +0000
ROA not before: Sat 08 Feb 2025 10:07:41 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 139013
IP address blocks: 103.100.232.0/22 maxlen: 22
103.100.232.0/23 maxlen: 23
103.100.232.0/24 maxlen: 24
103.100.234.0/23 maxlen: 23
103.100.234.0/24 maxlen: 24
103.100.235.0/24 maxlen: 24
2404:cec0::/32 maxlen: 32
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3070 (0xbfe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A45E0
Validity
Not Before: Feb 8 10:07:41 2025 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=67a72ced-6f9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:3f:69:de:2e:4f:b5:da:23:d5:16:76:71:16:
51:15:61:23:d7:14:e8:e8:45:5c:6a:6f:07:a6:95:
77:fc:1f:45:aa:ec:ab:e1:45:dc:c2:60:6f:78:79:
3e:af:ee:14:cd:78:4e:a8:df:a8:60:08:91:a4:60:
86:8c:a9:72:6e:cb:23:7c:20:10:bb:2c:54:ea:07:
bd:17:98:91:db:dd:b6:b2:39:95:72:ff:33:90:28:
46:e2:bc:ae:52:c4:57:8f:cc:c2:b4:7a:95:30:78:
ad:e8:fc:54:73:e6:2c:f2:76:ec:74:12:43:72:74:
e3:6a:6e:37:25:22:c8:b7:20:c7:96:d6:8d:8d:7d:
d6:7a:11:96:18:55:36:15:c2:f1:ae:9f:85:38:1a:
8f:b4:04:01:e8:07:05:0f:80:b4:54:30:91:b8:0f:
97:71:0d:ad:fa:dc:ab:2d:36:13:46:df:40:17:6e:
1e:93:86:d0:47:8a:76:72:c1:90:ab:08:43:18:ff:
02:1f:70:d1:07:b8:b1:eb:37:dc:4f:76:39:89:c7:
a7:97:26:a2:6c:5c:3a:33:cd:b3:b2:e3:c6:51:e6:
05:8c:fe:c0:25:02:d1:f2:45:78:d1:98:d2:2e:bc:
57:20:61:c4:58:d7:09:65:b2:cf:ab:46:5f:3c:1a:
10:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:BF:3B:2C:5D:C6:32:07:02:FE:E0:56:C7:F5:D8:5B:80:73:83:75
X509v3 Authority Key Identifier:
keyid:6B:0C:B5:95:03:DA:89:5F:F9:42:69:D7:A9:BC:20:26:17:04:DC:E9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A45E0/23BF2F26113E11EA88E87876C4F9AE02/awy1lQPaiV_5QmnXqbwgJhcE3Ok.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/awy1lQPaiV_5QmnXqbwgJhcE3Ok.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A45E0/23BF2F26113E11EA88E87876C4F9AE02/884C5FB8E60411EFBF5A7957C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.100.232.0/22
IPv6:
2404:cec0::/32
Signature Algorithm: sha256WithRSAEncryption
0b:3f:1f:c4:be:92:a4:24:25:c7:8a:1e:7f:84:e1:d4:c1:a0:
7c:b2:c2:c7:1d:68:ef:eb:ad:c5:ef:4f:43:7f:fc:90:43:77:
40:68:53:de:2f:6d:81:94:e3:8b:d1:df:b4:3d:ef:f1:01:59:
08:c3:10:c3:05:50:39:09:c6:bc:f5:33:d8:c1:11:4a:0d:94:
11:da:e8:c1:ce:00:0d:5e:f3:19:30:c1:15:a9:c5:aa:67:cb:
f6:03:2d:98:66:b9:d5:77:67:46:be:b8:2d:d1:6d:bf:b4:15:
2f:47:d3:80:53:53:66:c5:bb:69:74:6f:30:7d:00:8c:01:d5:
6d:84:d6:3b:55:92:71:f7:5f:c1:b0:02:bd:d1:e5:f0:6b:b6:
01:c9:4e:63:97:33:b2:a9:27:81:e1:d9:15:b7:d8:98:ba:91:
21:c2:7a:18:bd:df:67:14:d8:93:7f:2c:01:dc:5b:6d:22:8f:
4a:c3:c1:4c:fc:d4:f5:a1:eb:e8:8f:c2:ae:8e:e6:2f:ee:95:
16:37:30:d2:c2:c1:30:a4:d1:4a:44:f7:cf:3c:78:95:9f:06:
ed:b7:cc:0d:b2:d5:cc:2f:fc:69:25:ef:c9:7c:ae:78:3f:f9:
b6:ee:d7:5e:e4:f8:df:ba:97:5e:0d:cf:33:ff:a6:16:3e:7f:
e4:f0:b4:50
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICC/4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTQ1RTAxMTAvBgNVBAUTKDZCMENCNTk1MDNEQTg5NUZGOTQyNjlEN0E5QkMyMDI2
MTcwNERDRTkwHhcNMjUwMjA4MTAwNzQxWhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2E3MmNlZC02ZjliMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzz9p3i5Ptdoj1RZ2cRZRFWEj1xTo6EVcam8HppV3/B9Fquyr4UXcwmBveHk+
r+4UzXhOqN+oYAiRpGCGjKlybssjfCAQuyxU6ge9F5iR2922sjmVcv8zkChG4ryu
UsRXj8zCtHqVMHit6PxUc+Ys8nbsdBJDcnTjam43JSLItyDHltaNjX3WehGWGFU2
FcLxrp+FOBqPtAQB6AcFD4C0VDCRuA+XcQ2t+tyrLTYTRt9AF24ek4bQR4p2csGQ
qwhDGP8CH3DRB7ix6zfcT3Y5icenlyaibFw6M82zsuPGUeYFjP7AJQLR8kV40ZjS
LrxXIGHEWNcJZbLPq0ZfPBoQnQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFDa/Oyxd
xjIHAv7gVsf12FuAc4N1MB8GA1UdIwQYMBaAFGsMtZUD2olf+UJp16m8ICYXBNzp
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNDVFMC8yM0JGMkYyNjEx
M0UxMUVBODhFODc4NzZDNEY5QUUwMi9hd3kxbFFQYWlWXzVRbW5YcWJ3Z0poY0Uz
T2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2F3eTFsUVBhaVZfNVFtblhxYndnSmhjRTNPay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTQ1RTAvMjNCRjJGMjYxMTNFMTFFQTg4RTg3ODc2QzRGOUFFMDIvODg0QzVGQjhF
NjA0MTFFRkJGNUE3OTU3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAJnZOgwDQQCAAIwBwMFACQEzsAwDQYJKoZIhvcNAQELBQAD
ggEBAAs/H8S+kqQkJceKHn+E4dTBoHyywscdaO/rrcXvT0N//JBDd0BoU94vbYGU
44vR37Q97/EBWQjDEMMFUDkJxrz1M9jBEUoNlBHa6MHOAA1e8xkwwRWpxapny/YD
LZhmudV3Z0a+uC3Rbb+0FS9H04BTU2bFu2l0bzB9AIwB1W2E1jtVknH3X8GwAr3R
5fBrtgHJTmOXM7KpJ4Hh2RW32Ji6kSHCehi932cU2JN/LAHcW20ij0rDwUz81PWh
6+iPwq6O5i/ulRY3MNLCwTCk0UpE9888eJWfBu23zA2y1cwv/Gkl78l8rng/+bbu
117k+N+6l14NzzP/phY+f+TwtFA=
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:36:38 2025 by rpki-client