Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91ADBA2/D6954412553B11E7AA0EDE2AC4F9AE02/6C30EF68D9AD11EBA5CFBB17C4F9AE02.roa
File: 6C30EF68D9AD11EBA5CFBB17C4F9AE02.roa (raw, json)
Hash identifier: JD/t6QBbxRTutJyXKFJnddzibwxtjVqq1blAC5X3uC4=
Subject key identifier: 13:ED:EE:4D:FC:6D:7C:62:CC:1B:D1:62:61:C3:B6:19:8F:CA:B7:2C
Certificate issuer: /CN=A91ADBA2/serialNumber=AA632DC402A702F79A9C3693E9CC46C5981EE8EC
Certificate serial: 19B9
Authority key identifier: AA:63:2D:C4:02:A7:02:F7:9A:9C:36:93:E9:CC:46:C5:98:1E:E8:EC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qmMtxAKnAveanDaT6cxGxZge6Ow.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91ADBA2/D6954412553B11E7AA0EDE2AC4F9AE02/6C30EF68D9AD11EBA5CFBB17C4F9AE02.roa
Signing time: Thu 06 Feb 2025 16:23:54 +0000
ROA not before: Thu 06 Feb 2025 16:23:54 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 134990
IP address blocks: 103.204.244.0/22 maxlen: 24
157.119.236.0/22 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6585 (0x19b9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91ADBA2
Validity
Not Before: Feb 6 16:23:54 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=67a4e21a-6618
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:8b:90:ae:4b:5d:3b:f8:bc:0a:ae:7d:84:da:
e1:4e:87:95:b0:6f:5f:b3:49:8e:68:f3:66:31:4f:
58:ee:c7:ec:21:18:e5:b5:3d:67:3c:6e:4e:a1:16:
94:b7:69:94:86:4f:72:d6:39:5d:bc:d1:72:f6:ec:
b1:0b:93:0a:77:a5:03:08:6c:e8:28:21:63:0e:f8:
34:f6:9d:66:80:80:1d:8d:4a:d0:d8:c9:32:c8:8e:
b2:7b:51:e6:7c:b0:76:8b:f0:96:31:d3:0f:03:dc:
9b:12:4d:df:63:23:fe:e0:37:2b:e3:71:62:ed:6f:
0e:2d:50:b9:bb:0c:82:d0:52:4b:8f:75:e5:16:28:
a5:41:5d:74:89:e2:92:86:16:31:ae:8a:e0:fc:bc:
fa:40:5d:8a:e9:64:41:a2:9d:21:0f:84:62:84:ec:
93:75:05:2a:dd:3f:c6:51:ec:32:ad:69:00:ab:d2:
95:15:a8:3a:7c:12:28:a6:90:9d:54:c8:79:60:3b:
69:2e:62:26:d6:c0:e5:5a:29:43:58:5f:97:c6:2a:
9f:22:05:7c:f6:34:e0:1c:e0:a7:47:90:68:ab:14:
4b:97:16:90:f9:86:29:1e:73:b6:bb:33:8d:da:e3:
9f:cc:e6:82:10:13:48:c2:60:1c:37:8e:fc:fe:4e:
83:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:ED:EE:4D:FC:6D:7C:62:CC:1B:D1:62:61:C3:B6:19:8F:CA:B7:2C
X509v3 Authority Key Identifier:
keyid:AA:63:2D:C4:02:A7:02:F7:9A:9C:36:93:E9:CC:46:C5:98:1E:E8:EC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91ADBA2/D6954412553B11E7AA0EDE2AC4F9AE02/qmMtxAKnAveanDaT6cxGxZge6Ow.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qmMtxAKnAveanDaT6cxGxZge6Ow.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91ADBA2/D6954412553B11E7AA0EDE2AC4F9AE02/6C30EF68D9AD11EBA5CFBB17C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.204.244.0/22
157.119.236.0/22
Signature Algorithm: sha256WithRSAEncryption
79:97:cb:b9:74:87:d3:e6:82:58:f5:df:81:55:78:41:95:1e:
ea:44:b9:36:b7:18:47:d1:ec:6b:7c:bc:a7:ad:d2:b9:28:7c:
66:8f:30:a9:5d:0f:6b:05:a5:c6:73:4a:7a:b8:6b:cb:46:e4:
85:a2:cc:93:a2:0e:90:47:57:4a:bb:f1:55:77:1c:e6:07:d9:
7f:97:0f:19:77:0b:c3:aa:8c:8f:ed:af:30:aa:a9:4e:ca:a1:
05:7e:1e:0e:4a:f6:18:fe:43:ad:b8:fa:e2:d1:c8:34:c9:43:
97:3b:5c:ac:56:a0:f3:d6:84:dc:89:19:23:16:87:b0:5e:8d:
74:b4:85:f3:7d:5b:d5:cf:57:ed:40:60:fd:a5:3e:73:4c:33:
19:28:aa:5f:a4:0e:6f:fa:7f:84:80:b2:42:c9:18:2b:e4:2b:
02:6a:5a:0b:16:1d:33:b3:ae:34:9c:34:8a:e2:a9:ec:09:8c:
65:bb:1f:41:5c:9b:ca:bd:eb:88:a3:f9:45:d6:1b:51:2d:de:
fa:2b:1d:2c:4c:01:cf:b0:c6:d8:5d:1c:67:bc:32:9f:6b:87:
e5:19:1d:19:0c:11:27:bf:c1:e1:0a:d4:dc:19:0d:7d:85:ce:
7b:36:c2:84:57:2c:c4:e6:a9:b3:80:70:34:1c:4c:1c:51:58:
fb:f8:da:0f
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICGbkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QURCQTIxMTAvBgNVBAUTKEFBNjMyREM0MDJBNzAyRjc5QTlDMzY5M0U5Q0M0NkM1
OTgxRUU4RUMwHhcNMjUwMjA2MTYyMzU0WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2E0ZTIxYS02NjE4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAy4uQrktdO/i8Cq59hNrhToeVsG9fs0mOaPNmMU9Y7sfsIRjltT1nPG5OoRaU
t2mUhk9y1jldvNFy9uyxC5MKd6UDCGzoKCFjDvg09p1mgIAdjUrQ2MkyyI6ye1Hm
fLB2i/CWMdMPA9ybEk3fYyP+4Dcr43Fi7W8OLVC5uwyC0FJLj3XlFiilQV10ieKS
hhYxrorg/Lz6QF2K6WRBop0hD4RihOyTdQUq3T/GUewyrWkAq9KVFag6fBIoppCd
VMh5YDtpLmIm1sDlWilDWF+XxiqfIgV89jTgHOCnR5BoqxRLlxaQ+YYpHnO2uzON
2uOfzOaCEBNIwmAcN478/k6D+wIDAQABo4ICmzCCApcwHQYDVR0OBBYEFBPt7k38
bXxizBvRYmHDthmPyrcsMB8GA1UdIwQYMBaAFKpjLcQCpwL3mpw2k+nMRsWYHujs
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBREJBMi9ENjk1NDQxMjU1
M0IxMUU3QUEwRURFMkFDNEY5QUUwMi9xbU10eEFLbkF2ZWFuRGFUNmN4R3haZ2U2
T3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3FtTXR4QUtuQXZlYW5EYVQ2Y3hHeFpnZTZPdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QURCQTIvRDY5NTQ0MTI1NTNCMTFFN0FBMEVERTJBQzRGOUFFMDIvNkMzMEVGNjhE
OUFEMTFFQkE1Q0ZCQjE3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAJnzPQDBAKdd+wwDQYJKoZIhvcNAQELBQADggEBAHmXy7l0
h9Pmglj134FVeEGVHupEuTa3GEfR7Gt8vKet0rkofGaPMKldD2sFpcZzSnq4a8tG
5IWizJOiDpBHV0q78VV3HOYH2X+XDxl3C8OqjI/trzCqqU7KoQV+Hg5K9hj+Q624
+uLRyDTJQ5c7XKxWoPPWhNyJGSMWh7BejXS0hfN9W9XPV+1AYP2lPnNMMxkoql+k
Dm/6f4SAskLJGCvkKwJqWgsWHTOzrjScNIriqewJjGW7H0Fcm8q964ij+UXWG1Et
3vorHSxMAc+wxthdHGe8Mp9rh+UZHRkMESe/weEK1NwZDX2Fzns2woRXLMTmqbOA
cDQcTBxRWPv42g8=
-----END CERTIFICATE-----
Generated at Sat Apr 5 00:55:09 2025 by rpki-client