Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AE984/28745E4C15EE11EAA2D9E06EC4F9AE02/CEC4C3FC903B11ED96D73F40C4F9AE02.roa
File: CEC4C3FC903B11ED96D73F40C4F9AE02.roa (raw, json)
Hash identifier: ZFOmsL5bJSLH6PZ2YkIqaVTwufEfPYg2DbDADn/8Z+w=
Subject key identifier: 8C:52:FC:C5:EF:2C:6D:3B:5D:83:BD:EE:74:18:23:6C:B0:BD:D5:69
Certificate issuer: /CN=A91AE984/serialNumber=8ABA3E47D51C5D2C9EF343E5AF41101E43C58A88
Certificate serial: 0BD9
Authority key identifier: 8A:BA:3E:47:D5:1C:5D:2C:9E:F3:43:E5:AF:41:10:1E:43:C5:8A:88
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iro-R9UcXSye80Plr0EQHkPFiog.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91AE984/28745E4C15EE11EAA2D9E06EC4F9AE02/CEC4C3FC903B11ED96D73F40C4F9AE02.roa
Signing time: Fri 28 Mar 2025 19:29:52 +0000
ROA not before: Fri 28 Mar 2025 19:29:52 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 59238
IP address blocks: 103.135.108.0/22 maxlen: 24
2404:7bc0::/32 maxlen: 32
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3033 (0xbd9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91AE984
Validity
Not Before: Mar 28 19:29:52 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=67e6f8af-d356
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:e2:6b:4b:6d:02:3d:fb:9f:93:21:fb:38:d8:
b2:7b:3b:3b:03:b1:81:e3:99:ca:99:15:f2:d7:06:
37:47:88:b4:5a:50:55:75:6b:ea:c5:9b:f9:bd:7c:
fa:d2:a8:a0:f3:97:9a:c2:0b:25:a5:dc:89:8d:24:
54:f8:be:33:79:1d:13:f5:52:77:2a:7c:9b:0a:a0:
8f:fe:f1:ba:bc:77:bd:48:65:20:43:66:ea:e4:f2:
f8:68:80:10:55:6e:43:4c:01:3d:57:bf:3d:14:b8:
1f:ae:86:ba:25:7c:b1:33:18:41:29:5a:84:7b:0c:
e4:77:0e:d7:39:9c:b7:22:31:6e:28:98:95:05:f7:
65:28:44:ef:64:3e:38:5d:7c:db:d6:43:29:a3:c7:
15:93:03:1c:55:95:a6:c1:08:6a:7f:a6:ad:80:54:
a1:2d:4e:81:e7:6d:b3:88:e6:c4:94:0d:cb:01:fd:
25:00:b7:64:5a:93:6e:d6:09:a2:75:84:2f:c2:cd:
67:6d:e7:44:28:0c:e0:5c:68:7b:fd:80:f1:f5:2f:
7d:32:59:54:ea:83:6b:14:63:cf:9d:64:77:32:70:
9e:28:92:44:d1:4b:db:1a:ea:5a:c2:b5:e4:d7:a4:
73:31:d6:44:91:f8:6a:52:9a:0b:c7:62:2d:82:2c:
91:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:52:FC:C5:EF:2C:6D:3B:5D:83:BD:EE:74:18:23:6C:B0:BD:D5:69
X509v3 Authority Key Identifier:
keyid:8A:BA:3E:47:D5:1C:5D:2C:9E:F3:43:E5:AF:41:10:1E:43:C5:8A:88
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91AE984/28745E4C15EE11EAA2D9E06EC4F9AE02/iro-R9UcXSye80Plr0EQHkPFiog.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iro-R9UcXSye80Plr0EQHkPFiog.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AE984/28745E4C15EE11EAA2D9E06EC4F9AE02/CEC4C3FC903B11ED96D73F40C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.135.108.0/22
IPv6:
2404:7bc0::/32
Signature Algorithm: sha256WithRSAEncryption
0d:85:84:dc:d8:fc:e3:e5:22:d6:01:2a:a5:5a:ad:2f:6f:96:
36:0a:0c:be:e8:b7:9a:93:57:a8:c1:ee:88:7b:c4:f7:c5:d6:
35:ae:aa:31:10:3b:f5:cf:88:d1:42:15:c9:9d:7c:4f:db:77:
99:d1:fc:72:0a:d4:5b:0d:31:8c:3b:2e:29:22:f9:40:73:2e:
b6:a8:ad:dd:ad:8b:08:5c:4a:28:de:e4:73:b3:33:68:de:ad:
0f:2a:12:46:90:f1:cf:98:56:b6:d9:38:72:7a:37:81:79:ac:
eb:75:25:65:b8:a3:63:44:7c:f1:d2:96:8e:37:2b:f1:f2:b6:
5c:ab:07:44:7b:f6:a5:09:93:cc:aa:6e:88:9f:49:3b:76:88:
57:63:d8:23:e5:89:ed:16:86:00:fe:2c:11:3a:2b:9d:dd:c7:
48:3c:51:68:b9:2c:68:86:c1:d8:9a:ea:c8:95:05:8e:20:cc:
aa:4e:6e:fa:91:25:44:53:b8:c3:5a:bb:ca:cf:b7:e0:93:a4:
55:d5:43:d0:ad:94:e1:c9:46:62:65:37:35:18:cb:ff:b8:81:
ac:0d:28:4b:2f:a1:84:f6:ae:45:4a:8c:7a:90:18:a6:3d:ec:
5e:57:a4:71:96:56:55:0c:03:76:0f:45:d5:de:a2:91:96:c1:
82:63:ba:cf
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICC9kwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUU5ODQxMTAvBgNVBAUTKDhBQkEzRTQ3RDUxQzVEMkM5RUYzNDNFNUFGNDExMDFF
NDNDNThBODgwHhcNMjUwMzI4MTkyOTUyWhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02N2U2ZjhhZi1kMzU2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0OJrS20CPfufkyH7ONiyezs7A7GB45nKmRXy1wY3R4i0WlBVdWvqxZv5vXz6
0qig85eawgslpdyJjSRU+L4zeR0T9VJ3KnybCqCP/vG6vHe9SGUgQ2bq5PL4aIAQ
VW5DTAE9V789FLgfroa6JXyxMxhBKVqEewzkdw7XOZy3IjFuKJiVBfdlKETvZD44
XXzb1kMpo8cVkwMcVZWmwQhqf6atgFShLU6B522ziObElA3LAf0lALdkWpNu1gmi
dYQvws1nbedEKAzgXGh7/YDx9S99MllU6oNrFGPPnWR3MnCeKJJE0UvbGupawrXk
16RzMdZEkfhqUpoLx2ItgiyR5QIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFIxS/MXv
LG07XYO97nQYI2ywvdVpMB8GA1UdIwQYMBaAFIq6PkfVHF0snvND5a9BEB5DxYqI
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBRTk4NC8yODc0NUU0QzE1
RUUxMUVBQTJEOUUwNkVDNEY5QUUwMi9pcm8tUjlVY1hTeWU4MFBscjBFUUhrUEZp
b2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2lyby1SOVVjWFN5ZTgwUGxyMEVRSGtQRmlvZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUU5ODQvMjg3NDVFNEMxNUVFMTFFQUEyRDlFMDZFQzRGOUFFMDIvQ0VDNEMzRkM5
MDNCMTFFRDk2RDczRjQwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAJnh2wwDQQCAAIwBwMFACQEe8AwDQYJKoZIhvcNAQELBQAD
ggEBAA2FhNzY/OPlItYBKqVarS9vljYKDL7ot5qTV6jB7oh7xPfF1jWuqjEQO/XP
iNFCFcmdfE/bd5nR/HIK1FsNMYw7Liki+UBzLraord2tiwhcSije5HOzM2jerQ8q
EkaQ8c+YVrbZOHJ6N4F5rOt1JWW4o2NEfPHSlo43K/HytlyrB0R79qUJk8yqboif
STt2iFdj2CPlie0WhgD+LBE6K53dx0g8UWi5LGiGwdia6siVBY4gzKpObvqRJURT
uMNau8rPt+CTpFXVQ9CtlOHJRmJlNzUYy/+4gawNKEsvoYT2rkVKjHqQGKY97F5X
pHGWVlUMA3YPRdXeopGWwYJjus8=
-----END CERTIFICATE-----
Generated at Sat Apr 5 01:45:00 2025 by rpki-client