Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AEDF7/DEE2D07C090011EB8523165CC4F9AE02/13901018203F11ECBE18630CC4F9AE02.roa
File: 13901018203F11ECBE18630CC4F9AE02.roa (raw, json)
Hash identifier: wkWuHS/W7zmGTEYBssypeNIzyloTQsz7o6sC1nnuJqo=
Subject key identifier: 04:C7:98:E1:C7:69:A1:B3:7F:A7:99:7C:55:7A:78:BE:4B:0B:05:A6
Certificate issuer: /CN=A91AEDF7/serialNumber=9696C6592C02B503F488D4437CD0AC82C176B376
Certificate serial: 077D
Authority key identifier: 96:96:C6:59:2C:02:B5:03:F4:88:D4:43:7C:D0:AC:82:C1:76:B3:76
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lpbGWSwCtQP0iNRDfNCsgsF2s3Y.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91AEDF7/DEE2D07C090011EB8523165CC4F9AE02/13901018203F11ECBE18630CC4F9AE02.roa
Signing time: Fri 31 Jan 2025 21:30:29 +0000
ROA not before: Fri 31 Jan 2025 21:30:29 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 55366
IP address blocks: 103.70.172.0/22 maxlen: 23
103.70.172.0/24 maxlen: 24
103.70.173.0/24 maxlen: 24
103.70.174.0/24 maxlen: 24
103.70.175.0/24 maxlen: 24
202.58.229.0/24 maxlen: 24
202.90.38.0/23 maxlen: 23
202.90.38.0/24 maxlen: 24
202.90.39.0/24 maxlen: 24
203.142.223.0/24 maxlen: 24
2406:9c40::/32 maxlen: 40
2406:9c40:1000::/48 maxlen: 48
2406:9c40:1001::/48 maxlen: 48
2406:9c40:1002::/47 maxlen: 47
2406:9c40:1004::/46 maxlen: 46
2406:9c40:1008::/45 maxlen: 45
2406:9c40:1010::/44 maxlen: 44
2406:9c40:1020::/43 maxlen: 43
2406:9c40:1040::/42 maxlen: 42
2406:9c40:1080::/41 maxlen: 41
2406:9c40:2000::/48 maxlen: 48
2406:9c40:2001::/48 maxlen: 48
2406:9c40:2002::/47 maxlen: 47
2406:9c40:2004::/46 maxlen: 46
2406:9c40:2008::/45 maxlen: 45
2406:9c40:2010::/44 maxlen: 44
2406:9c40:2020::/43 maxlen: 43
2406:9c40:2040::/42 maxlen: 42
2406:9c40:2080::/41 maxlen: 41
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1917 (0x77d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91AEDF7
Validity
Not Before: Jan 31 21:30:29 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=679d40f4-6d84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:ae:56:41:5a:48:06:66:87:31:c4:05:b2:5f:
7d:d9:22:09:82:ff:28:c4:35:8a:e7:ed:b9:06:c7:
93:5f:ba:15:b1:dc:d4:a3:b9:9a:c2:8f:37:0c:f2:
0c:b1:f6:d6:33:54:e6:6d:0c:5b:be:6f:cf:68:b2:
55:d7:7f:df:a6:ae:7f:80:dc:62:29:29:30:73:22:
6e:6a:36:4a:dd:f8:1f:5f:2e:80:7c:e0:08:b8:dc:
90:31:fa:10:22:d2:f9:94:fd:57:42:99:d1:2b:62:
1b:36:2b:c7:56:83:07:da:e0:a2:e8:ab:a5:30:9a:
2f:33:71:7d:b5:6b:a2:c8:bd:0f:90:b2:0e:6f:66:
69:8d:68:97:af:38:9c:f6:82:eb:08:cf:29:cd:a1:
6c:1c:5e:d0:54:dd:dc:f1:ce:81:e9:3a:5f:fb:13:
0c:20:d6:c3:6d:e0:c8:51:9f:5b:38:f4:cd:21:09:
94:bf:e4:26:8d:32:0d:10:a6:5a:a6:bd:34:fe:24:
65:9d:d0:21:f1:ab:85:51:2e:12:05:f1:f8:4b:72:
73:5c:b9:fb:54:46:a3:b8:d9:b4:aa:20:ea:a2:cf:
d7:7f:89:05:c2:b9:70:15:ed:00:33:ab:76:94:03:
b3:b4:cb:29:1c:66:e8:4c:01:2e:63:1e:c0:d5:f2:
29:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:C7:98:E1:C7:69:A1:B3:7F:A7:99:7C:55:7A:78:BE:4B:0B:05:A6
X509v3 Authority Key Identifier:
keyid:96:96:C6:59:2C:02:B5:03:F4:88:D4:43:7C:D0:AC:82:C1:76:B3:76
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91AEDF7/DEE2D07C090011EB8523165CC4F9AE02/lpbGWSwCtQP0iNRDfNCsgsF2s3Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lpbGWSwCtQP0iNRDfNCsgsF2s3Y.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AEDF7/DEE2D07C090011EB8523165CC4F9AE02/13901018203F11ECBE18630CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.70.172.0/22
202.58.229.0/24
202.90.38.0/23
203.142.223.0/24
IPv6:
2406:9c40::/32
Signature Algorithm: sha256WithRSAEncryption
ae:a6:1f:1a:5e:d9:8a:15:36:1f:64:59:1b:7e:f0:af:b8:f9:
61:cd:25:8c:91:ef:57:fb:53:d8:60:a3:e4:45:5c:34:82:a8:
27:22:36:86:92:e7:df:96:24:3c:c2:68:b6:7a:d8:4b:9d:24:
5b:f1:96:e0:cc:01:0c:f2:91:d4:5e:b6:b8:ff:32:26:69:b4:
03:be:e2:c7:cb:ac:05:5b:0c:6e:3b:94:df:3f:78:57:bd:fe:
6c:de:3b:d6:8b:e0:ad:e5:5b:f8:20:e3:5d:0b:e3:a3:42:ee:
46:69:37:c0:14:24:c6:15:34:c1:7c:c0:24:a9:5a:5b:aa:29:
13:7b:c5:dc:f4:a0:44:bc:69:ac:92:0c:ed:9e:64:f0:9e:7d:
ad:7b:b9:49:59:3f:b7:28:04:05:d8:c9:5a:77:ca:cf:5f:32:
43:c1:17:dd:31:97:fe:c4:b5:aa:e2:67:df:23:43:7f:20:6c:
5d:1c:37:c4:79:e7:d0:27:66:02:39:84:97:8f:03:ff:15:e7:
ea:da:16:9c:d1:79:ce:34:4b:64:79:25:e8:a4:40:8c:fd:ff:
8a:ff:ef:74:97:b7:fe:e1:6d:80:32:48:69:21:06:af:f5:a2:
32:38:96:14:5e:71:af:54:0e:9e:4c:da:0c:cb:75:a9:34:b1:
5d:38:93:3a
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICB30wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUVERjcxMTAvBgNVBAUTKDk2OTZDNjU5MkMwMkI1MDNGNDg4RDQ0MzdDRDBBQzgy
QzE3NkIzNzYwHhcNMjUwMTMxMjEzMDI5WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzlkNDBmNC02ZDg0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAua5WQVpIBmaHMcQFsl992SIJgv8oxDWK5+25BseTX7oVsdzUo7mawo83DPIM
sfbWM1TmbQxbvm/PaLJV13/fpq5/gNxiKSkwcyJuajZK3fgfXy6AfOAIuNyQMfoQ
ItL5lP1XQpnRK2IbNivHVoMH2uCi6KulMJovM3F9tWuiyL0PkLIOb2ZpjWiXrzic
9oLrCM8pzaFsHF7QVN3c8c6B6Tpf+xMMINbDbeDIUZ9bOPTNIQmUv+QmjTINEKZa
pr00/iRlndAh8auFUS4SBfH4S3JzXLn7VEajuNm0qiDqos/Xf4kFwrlwFe0AM6t2
lAOztMspHGboTAEuYx7A1fIpSQIDAQABo4ICtjCCArIwHQYDVR0OBBYEFATHmOHH
aaGzf6eZfFV6eL5LCwWmMB8GA1UdIwQYMBaAFJaWxlksArUD9IjUQ3zQrILBdrN2
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBRURGNy9ERUUyRDA3QzA5
MDAxMUVCODUyMzE2NUNDNEY5QUUwMi9scGJHV1N3Q3RRUDBpTlJEZk5Dc2dzRjJz
M1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2xwYkdXU3dDdFFQMGlOUkRmTkNzZ3NGMnMzWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUVERjcvREVFMkQwN0MwOTAwMTFFQjg1MjMxNjVDQzRGOUFFMDIvMTM5MDEwMTgy
MDNGMTFFQ0JFMTg2MzBDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQAYIKwYBBQUHAQcBAf8E
MTAvMB4EAgABMBgDBAJnRqwDBADKOuUDBAHKWiYDBADLjt8wDQQCAAIwBwMFACQG
nEAwDQYJKoZIhvcNAQELBQADggEBAK6mHxpe2YoVNh9kWRt+8K+4+WHNJYyR71f7
U9hgo+RFXDSCqCciNoaS59+WJDzCaLZ62EudJFvxluDMAQzykdRetrj/MiZptAO+
4sfLrAVbDG47lN8/eFe9/mzeO9aL4K3lW/gg410L46NC7kZpN8AUJMYVNMF8wCSp
WluqKRN7xdz0oES8aaySDO2eZPCefa17uUlZP7coBAXYyVp3ys9fMkPBF90xl/7E
tariZ98jQ38gbF0cN8R559AnZgI5hJePA/8V5+raFpzRec40S2R5JeikQIz9/4r/
73SXt/7hbYAySGkhBq/1ojI4lhReca9UDp5M2gzLdak0sV04kzo=
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:55:15 2025 by rpki-client