Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AE85E/0BED35261D6E11E2B04A61AF08B02CD2/392987D254F611E79DF7E643C4F9AE02.roa
File: 392987D254F611E79DF7E643C4F9AE02.roa (raw, json)
Hash identifier: E8L7EMY++G+/jL4fto/6X8FIxPH0nU/qyOAGKr50fbg=
Subject key identifier: 12:96:34:4B:E4:D2:D2:2D:31:45:71:A7:25:1B:64:EF:FB:C7:C9:67
Certificate issuer: /CN=A91AE85E/serialNumber=709765C7D4D331F4C36AC6BE347FA66A1F023490
Certificate serial: 349F
Authority key identifier: 70:97:65:C7:D4:D3:31:F4:C3:6A:C6:BE:34:7F:A6:6A:1F:02:34:90
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cJdlx9TTMfTDasa-NH-mah8CNJA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91AE85E/0BED35261D6E11E2B04A61AF08B02CD2/392987D254F611E79DF7E643C4F9AE02.roa
Signing time: Tue 14 Jan 2025 14:30:09 +0000
ROA not before: Tue 14 Jan 2025 14:30:09 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 132003
IP address blocks: 103.10.233.0/24 maxlen: 24
103.196.108.0/23 maxlen: 24
2404:2000:3000::/40 maxlen: 48
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13471 (0x349f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91AE85E
Validity
Not Before: Jan 14 14:30:09 2025 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=678674f1-d212
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:f0:57:65:c1:b2:c7:0c:52:56:17:d7:8d:c2:
c1:c7:20:c8:24:89:2e:74:36:57:e8:b5:21:b1:f8:
33:e7:67:5b:b0:2e:d9:a7:d5:c8:47:e4:08:b2:63:
38:b9:df:84:6e:30:ed:7a:1b:05:af:eb:5b:4a:eb:
ea:e1:7f:c3:47:66:be:32:5b:55:5a:64:e1:d0:68:
1b:12:ac:cd:49:aa:13:67:07:52:0f:ec:14:89:20:
e4:7b:c8:89:ff:32:73:59:dc:cc:8f:fd:4b:07:7b:
81:b5:6d:b2:83:e0:27:c4:61:2b:f3:76:16:8f:18:
d7:55:5a:c4:76:79:a9:dc:54:51:ff:3f:9a:89:7c:
f4:2f:97:d4:24:2e:e5:aa:0c:7f:f0:32:c4:4d:8d:
1b:51:7c:b0:ed:20:09:18:36:3a:a1:c3:6b:e4:cb:
5f:22:3c:d8:f5:0a:71:39:96:32:83:0d:d0:54:a0:
fa:e5:66:77:c8:5d:1b:71:8f:43:0b:d5:eb:12:d7:
cf:7a:b2:4d:c0:b1:1d:90:60:68:10:66:0b:34:67:
b8:b9:14:cf:b3:70:ff:d2:34:b4:85:46:a2:2e:30:
d5:3d:57:f2:9c:8e:31:cb:cd:d4:24:09:c0:6a:04:
3c:a3:23:eb:a6:c1:48:38:45:03:57:54:dc:75:45:
13:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:96:34:4B:E4:D2:D2:2D:31:45:71:A7:25:1B:64:EF:FB:C7:C9:67
X509v3 Authority Key Identifier:
keyid:70:97:65:C7:D4:D3:31:F4:C3:6A:C6:BE:34:7F:A6:6A:1F:02:34:90
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91AE85E/0BED35261D6E11E2B04A61AF08B02CD2/cJdlx9TTMfTDasa-NH-mah8CNJA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cJdlx9TTMfTDasa-NH-mah8CNJA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AE85E/0BED35261D6E11E2B04A61AF08B02CD2/392987D254F611E79DF7E643C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.10.233.0/24
103.196.108.0/23
IPv6:
2404:2000:3000::/40
Signature Algorithm: sha256WithRSAEncryption
3f:9d:48:23:ff:ec:78:02:ad:97:95:a8:86:40:b2:5a:40:bd:
cc:bc:6a:5c:8f:d1:32:3d:4c:49:7c:b3:68:fc:3f:ab:fa:53:
17:9a:9b:20:4b:96:c8:33:44:42:45:84:f4:cb:21:bf:8b:cd:
b9:7d:b5:b7:0e:75:0b:85:44:8a:c1:db:02:71:00:da:ba:3e:
54:7f:a0:5b:b2:ca:11:55:1a:6f:67:72:66:32:50:9d:f9:02:
13:e8:3a:94:70:81:70:a8:11:00:e4:c4:60:ea:d5:3a:9f:d9:
4f:b2:6c:51:2e:ed:32:99:3d:24:01:8a:46:26:a8:76:fc:20:
89:03:07:f1:2c:cc:a0:cf:bb:79:0b:f1:64:24:55:78:7d:b8:
e0:89:47:97:57:72:a5:de:13:02:80:92:8f:e6:e6:9b:f8:b8:
9d:db:d3:66:10:bd:13:0a:f4:b6:2d:ee:c7:23:df:fa:0b:70:
26:ce:17:5d:3e:6d:7e:e0:c8:09:b9:69:c6:16:71:7f:bc:d8:
93:dd:a8:bd:0c:d5:2d:21:98:c2:56:9f:64:1f:e7:ef:28:31:
af:0e:3c:3d:6f:22:17:1b:f3:b8:f1:cb:1e:04:8a:3c:d2:40:
25:6a:cf:41:82:45:8a:96:63:fc:34:f6:7a:6d:49:3d:66:5a:
d5:1a:0d:e1
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgICNJ8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUU4NUUxMTAvBgNVBAUTKDcwOTc2NUM3RDREMzMxRjRDMzZBQzZCRTM0N0ZBNjZB
MUYwMjM0OTAwHhcNMjUwMTE0MTQzMDA5WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzg2NzRmMS1kMjEyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApvBXZcGyxwxSVhfXjcLBxyDIJIkudDZX6LUhsfgz52dbsC7Zp9XIR+QIsmM4
ud+EbjDtehsFr+tbSuvq4X/DR2a+MltVWmTh0GgbEqzNSaoTZwdSD+wUiSDke8iJ
/zJzWdzMj/1LB3uBtW2yg+AnxGEr83YWjxjXVVrEdnmp3FRR/z+aiXz0L5fUJC7l
qgx/8DLETY0bUXyw7SAJGDY6ocNr5MtfIjzY9QpxOZYygw3QVKD65WZ3yF0bcY9D
C9XrEtfPerJNwLEdkGBoEGYLNGe4uRTPs3D/0jS0hUaiLjDVPVfynI4xy83UJAnA
agQ8oyPrpsFIOEUDV1TcdUUT4QIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFBKWNEvk
0tItMUVxpyUbZO/7x8lnMB8GA1UdIwQYMBaAFHCXZcfU0zH0w2rGvjR/pmofAjSQ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBRTg1RS8wQkVEMzUyNjFE
NkUxMUUyQjA0QTYxQUYwOEIwMkNEMi9jSmRseDlUVE1mVERhc2EtTkgtbWFoOENO
SkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2NKZGx4OVRUTWZURGFzYS1OSC1tYWg4Q05KQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUU4NUUvMEJFRDM1MjYxRDZFMTFFMkIwNEE2MUFGMDhCMDJDRDIvMzkyOTg3RDI1
NEY2MTFFNzlERjdFNjQzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNQYIKwYBBQUHAQcBAf8E
JjAkMBIEAgABMAwDBABnCukDBAFnxGwwDgQCAAIwCAMGACQEIAAwMA0GCSqGSIb3
DQEBCwUAA4IBAQA/nUgj/+x4Aq2XlaiGQLJaQL3MvGpcj9EyPUxJfLNo/D+r+lMX
mpsgS5bIM0RCRYT0yyG/i825fbW3DnULhUSKwdsCcQDauj5Uf6BbssoRVRpvZ3Jm
MlCd+QIT6DqUcIFwqBEA5MRg6tU6n9lPsmxRLu0ymT0kAYpGJqh2/CCJAwfxLMyg
z7t5C/FkJFV4fbjgiUeXV3Kl3hMCgJKP5uab+Lid29NmEL0TCvS2Le7HI9/6C3Am
zhddPm1+4MgJuWnGFnF/vNiT3ai9DNUtIZjCVp9kH+fvKDGvDjw9byIXG/O48cse
BIo80kAlas9BgkWKlmP8NPZ6bUk9ZlrVGg3h
-----END CERTIFICATE-----
Generated at Sat Apr 5 01:50:43 2025 by rpki-client