Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AFB4B/8E162430C76011EC8E7D9629C4F9AE02/E2F2A470C76411EC85896F5EC4F9AE02.roa
File: E2F2A470C76411EC85896F5EC4F9AE02.roa (raw, json)
Hash identifier: hSEOk4wSvcqkKWJUmunbhE8NC6T2P49jnE2eWh8/b4M=
Subject key identifier: 95:ED:00:CB:2D:15:CF:E0:AF:D4:8D:A3:18:B6:DD:71:A4:CE:87:D7
Certificate issuer: /CN=A91AFB4B/serialNumber=A35561DA45A955F02D122A0D88E8C76239EDF920
Certificate serial: 02F7
Authority key identifier: A3:55:61:DA:45:A9:55:F0:2D:12:2A:0D:88:E8:C7:62:39:ED:F9:20
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o1Vh2kWpVfAtEioNiOjHYjnt-SA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91AFB4B/8E162430C76011EC8E7D9629C4F9AE02/E2F2A470C76411EC85896F5EC4F9AE02.roa
Signing time: Tue 11 Feb 2025 01:24:25 +0000
ROA not before: Tue 11 Feb 2025 01:24:25 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 4826
IP address blocks: 103.126.206.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 759 (0x2f7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91AFB4B
Validity
Not Before: Feb 11 01:24:25 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=67aaa6c8-dcc3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:d9:f6:30:6d:6d:e0:9b:b4:1d:f0:ab:bf:1a:
67:51:8d:02:29:93:fc:24:15:e0:e1:c6:b9:22:7e:
f6:67:41:54:7a:96:08:38:6f:bc:a9:67:62:c6:2b:
f3:93:b6:ae:1b:33:d7:23:f1:6f:88:f9:18:ab:8f:
98:07:c3:04:07:61:68:78:a5:b0:aa:b1:ae:94:d7:
46:77:67:48:6b:3f:78:38:27:a4:a7:9b:20:74:1e:
76:08:cf:a2:f6:05:1a:ee:27:f8:68:b3:25:31:51:
43:d6:74:b7:50:7b:eb:56:26:1f:0d:e5:e4:9c:74:
f8:fa:f1:d7:d7:95:d1:58:6c:e6:4f:2f:6b:a5:76:
28:59:a8:c7:ec:29:17:f1:b1:f0:13:ca:b0:67:45:
09:cd:fe:24:9b:54:01:7c:42:64:1f:90:8a:65:34:
4d:1a:30:13:3b:5b:28:e1:09:f9:53:32:b1:e6:f4:
4a:f8:8e:31:4a:f3:87:34:a3:34:40:87:43:6f:32:
6b:cd:66:e8:4e:1d:0b:a9:35:89:e3:f6:38:67:a9:
54:c2:2a:26:cc:1b:5f:35:d6:cf:9b:d4:e1:7d:7b:
10:cd:59:f0:05:c7:e6:7e:e3:c4:7b:ef:37:1e:8e:
67:28:25:38:91:ac:73:3b:7b:05:b0:fc:e5:2d:44:
2d:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:ED:00:CB:2D:15:CF:E0:AF:D4:8D:A3:18:B6:DD:71:A4:CE:87:D7
X509v3 Authority Key Identifier:
keyid:A3:55:61:DA:45:A9:55:F0:2D:12:2A:0D:88:E8:C7:62:39:ED:F9:20
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91AFB4B/8E162430C76011EC8E7D9629C4F9AE02/o1Vh2kWpVfAtEioNiOjHYjnt-SA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o1Vh2kWpVfAtEioNiOjHYjnt-SA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AFB4B/8E162430C76011EC8E7D9629C4F9AE02/E2F2A470C76411EC85896F5EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.126.206.0/24
Signature Algorithm: sha256WithRSAEncryption
34:84:51:dd:b8:91:7f:c7:a3:33:75:b4:d7:06:17:c0:83:08:
b6:33:0a:ff:4e:d1:45:0b:1f:bb:82:a9:42:9c:1d:53:ef:c6:
c8:74:6d:fa:44:9d:d3:56:eb:7e:fe:14:5b:b7:7d:8d:50:cf:
55:fc:27:7a:c5:fe:bc:ce:b8:0e:6b:a8:e0:55:8a:1a:0e:e2:
38:ef:92:82:55:ae:09:30:44:70:99:31:34:54:19:4c:ea:39:
ea:7c:c4:a7:8f:2a:7b:c4:51:34:73:01:67:83:62:a0:5f:8a:
a2:4e:ed:db:6b:04:fe:62:ca:82:62:98:13:47:38:cb:f1:0a:
8e:b7:ec:0e:9c:fd:55:5e:f4:73:8e:20:5e:da:3b:de:96:32:
37:7a:e8:48:6d:64:ec:a8:9d:da:32:ef:15:80:ad:82:57:b2:
2a:1a:19:62:8a:fb:17:d8:9e:02:2d:7e:65:0b:66:7c:48:e8:
1e:45:f3:2f:80:27:64:f7:df:75:7e:53:4a:71:41:59:4b:8f:
19:d7:f7:3e:c9:bb:25:55:82:eb:d2:2e:a7:7c:62:67:f2:dd:
5c:11:42:b6:0a:18:4a:e4:30:d2:1f:3b:0a:bc:e7:e1:e3:c6:
2b:91:ee:b0:57:dc:09:81:c1:12:d1:b3:cc:34:66:af:e4:59:
59:e2:01:bf
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAvcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUZCNEIxMTAvBgNVBAUTKEEzNTU2MURBNDVBOTU1RjAyRDEyMkEwRDg4RThDNzYy
MzlFREY5MjAwHhcNMjUwMjExMDEyNDI1WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2FhYTZjOC1kY2MzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAt9n2MG1t4Ju0HfCrvxpnUY0CKZP8JBXg4ca5In72Z0FUepYIOG+8qWdixivz
k7auGzPXI/FviPkYq4+YB8MEB2FoeKWwqrGulNdGd2dIaz94OCekp5sgdB52CM+i
9gUa7if4aLMlMVFD1nS3UHvrViYfDeXknHT4+vHX15XRWGzmTy9rpXYoWajH7CkX
8bHwE8qwZ0UJzf4km1QBfEJkH5CKZTRNGjATO1so4Qn5UzKx5vRK+I4xSvOHNKM0
QIdDbzJrzWboTh0LqTWJ4/Y4Z6lUwiomzBtfNdbPm9ThfXsQzVnwBcfmfuPEe+83
Ho5nKCU4kaxzO3sFsPzlLUQtuwIDAQABo4IClTCCApEwHQYDVR0OBBYEFJXtAMst
Fc/gr9SNoxi23XGkzofXMB8GA1UdIwQYMBaAFKNVYdpFqVXwLRIqDYjox2I57fkg
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBRkI0Qi84RTE2MjQzMEM3
NjAxMUVDOEU3RDk2MjlDNEY5QUUwMi9vMVZoMmtXcFZmQXRFaW9OaU9qSFlqbnQt
U0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL28xVmgya1dwVmZBdEVpb05pT2pIWWpudC1TQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUZCNEIvOEUxNjI0MzBDNzYwMTFFQzhFN0Q5NjI5QzRGOUFFMDIvRTJGMkE0NzBD
NzY0MTFFQzg1ODk2RjVFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnfs4wDQYJKoZIhvcNAQELBQADggEBADSEUd24kX/HozN1
tNcGF8CDCLYzCv9O0UULH7uCqUKcHVPvxsh0bfpEndNW637+FFu3fY1Qz1X8J3rF
/rzOuA5rqOBVihoO4jjvkoJVrgkwRHCZMTRUGUzqOep8xKePKnvEUTRzAWeDYqBf
iqJO7dtrBP5iyoJimBNHOMvxCo637A6c/VVe9HOOIF7aO96WMjd66EhtZOyondoy
7xWArYJXsioaGWKK+xfYngItfmULZnxI6B5F8y+AJ2T333V+U0pxQVlLjxnX9z7J
uyVVguvSLqd8Ymfy3VwRQrYKGErkMNIfOwq85+HjxiuR7rBX3AmBwRLRs8w0Zq/k
WVniAb8=
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:15:55 2025 by rpki-client