Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B01C7/97CF20FA332311E4A6E74911C4F9AE02/E86E188A795F11EFBF3B491CC4F9AE02.roa
File: E86E188A795F11EFBF3B491CC4F9AE02.roa (raw, json)
Hash identifier: 7r3+bfJMmECiAzmN3nCQ3UiLeoGkCPSVCRUYmPSHhFI=
Subject key identifier: 81:2F:B6:B0:12:67:7D:59:21:5C:86:0D:A2:E8:00:46:73:40:5A:6B
Certificate issuer: /CN=A91B01C7/serialNumber=E8DF8D5E4C84DA87D729A73C1C4E8611381AB2C1
Certificate serial: 29AC
Authority key identifier: E8:DF:8D:5E:4C:84:DA:87:D7:29:A7:3C:1C:4E:86:11:38:1A:B2:C1
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6N-NXkyE2ofXKac8HE6GETgassE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B01C7/97CF20FA332311E4A6E74911C4F9AE02/E86E188A795F11EFBF3B491CC4F9AE02.roa
Signing time: Mon 23 Sep 2024 03:57:10 +0000
ROA not before: Mon 23 Sep 2024 03:57:10 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 58601
IP address blocks: 103.9.112.0/22 maxlen: 22
103.9.112.0/24 maxlen: 24
103.9.113.0/24 maxlen: 24
103.9.114.0/24 maxlen: 24
103.9.115.0/24 maxlen: 24
2403:e100::/32 maxlen: 32
2403:e100:1000::/48 maxlen: 48
2403:e100:1000:4::/64 maxlen: 64
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10668 (0x29ac)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B01C7
Validity
Not Before: Sep 23 03:57:10 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=66f0e716-d39d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:5f:26:2f:8a:6c:f4:b9:48:a6:71:30:38:88:
de:70:30:4d:dc:a5:60:e1:28:dd:52:7b:39:8a:b5:
27:8f:e8:80:28:b6:ae:0f:12:ee:68:f6:ec:31:f4:
0b:5c:92:b4:fa:e1:21:d6:db:ab:60:85:fb:f5:60:
ab:8b:e5:97:c3:69:a0:5f:53:42:53:f6:0e:ce:c6:
94:11:15:36:05:af:bb:a1:d1:c7:15:ee:50:60:c9:
e9:2d:a9:3c:9f:fd:43:ef:1e:a3:f0:4d:58:cf:31:
f9:24:8c:20:36:62:c0:a5:26:71:d9:ee:36:35:1a:
77:00:5a:cb:2d:f0:16:43:22:b7:74:fa:bf:a5:31:
d7:7f:32:a8:0f:5e:7a:64:9d:aa:dc:af:56:fa:2d:
ed:60:19:7b:83:6e:4f:97:be:01:c6:c6:3c:61:ea:
cd:34:31:b4:a8:0b:90:5a:41:a1:3f:eb:4e:d5:e8:
26:4d:46:d9:da:63:cd:95:40:b0:7b:25:78:1d:bc:
2b:33:31:e0:bd:e7:a4:16:11:7e:b6:44:9f:61:22:
8b:2a:26:51:fd:17:a7:c5:35:03:7d:ae:16:c5:4a:
0d:df:e8:89:4d:f4:3e:51:24:e9:ff:cd:f4:22:73:
06:49:3a:e9:75:4d:1c:54:54:aa:a5:bf:0e:95:ee:
40:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:2F:B6:B0:12:67:7D:59:21:5C:86:0D:A2:E8:00:46:73:40:5A:6B
X509v3 Authority Key Identifier:
keyid:E8:DF:8D:5E:4C:84:DA:87:D7:29:A7:3C:1C:4E:86:11:38:1A:B2:C1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B01C7/97CF20FA332311E4A6E74911C4F9AE02/6N-NXkyE2ofXKac8HE6GETgassE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6N-NXkyE2ofXKac8HE6GETgassE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B01C7/97CF20FA332311E4A6E74911C4F9AE02/E86E188A795F11EFBF3B491CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.9.112.0/22
IPv6:
2403:e100::/32
Signature Algorithm: sha256WithRSAEncryption
5f:3b:61:80:7b:7f:f6:fa:8b:67:bf:e4:b2:40:8e:d6:04:78:
51:45:37:28:3e:d4:92:dd:4d:59:e5:12:fa:19:a3:99:1b:22:
7a:c4:ad:ad:8d:bb:bf:f5:51:40:4d:db:3e:c2:63:26:79:be:
4a:2d:25:7b:6e:db:5f:06:ec:bb:29:cf:6b:bd:d3:3c:b3:61:
21:9b:e5:dc:22:25:cf:05:d2:8f:b3:f2:6e:21:28:16:97:56:
9e:7e:10:a7:a9:29:9e:73:0f:df:1e:46:47:06:ea:73:d3:d7:
db:06:44:e0:04:3c:6e:98:71:f0:01:f9:0d:87:57:c3:c5:dc:
da:67:04:ab:d4:68:c9:31:d9:40:2d:24:09:4c:ad:85:ac:73:
f6:a8:06:88:a6:e8:b1:e6:62:a7:9f:0e:06:15:43:5f:e0:be:
07:f5:53:40:12:e0:53:93:ed:e3:09:47:7b:10:6a:bb:c9:0f:
cc:9a:95:e8:d3:a5:d3:ab:e6:80:16:d2:09:f0:a7:b6:bb:85:
5c:44:f4:ba:15:d5:27:97:37:0c:8c:6b:a1:a5:a1:ac:4b:b4:
e4:79:57:3f:ba:c2:b1:41:1b:a2:10:3f:b5:5f:27:80:0c:07:
ce:6c:71:c9:2c:69:16:17:40:ab:14:c4:a5:ab:55:ef:09:de:
95:0f:15:79
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICKawwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjAxQzcxMTAvBgNVBAUTKEU4REY4RDVFNEM4NERBODdENzI5QTczQzFDNEU4NjEx
MzgxQUIyQzEwHhcNMjQwOTIzMDM1NzEwWhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmYwZTcxNi1kMzlkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuV8mL4ps9LlIpnEwOIjecDBN3KVg4SjdUns5irUnj+iAKLauDxLuaPbsMfQL
XJK0+uEh1turYIX79WCri+WXw2mgX1NCU/YOzsaUERU2Ba+7odHHFe5QYMnpLak8
n/1D7x6j8E1YzzH5JIwgNmLApSZx2e42NRp3AFrLLfAWQyK3dPq/pTHXfzKoD156
ZJ2q3K9W+i3tYBl7g25Pl74BxsY8YerNNDG0qAuQWkGhP+tO1egmTUbZ2mPNlUCw
eyV4HbwrMzHgveekFhF+tkSfYSKLKiZR/RenxTUDfa4WxUoN3+iJTfQ+USTp/830
InMGSTrpdU0cVFSqpb8Ole5AKQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFIEvtrAS
Z31ZIVyGDaLoAEZzQFprMB8GA1UdIwQYMBaAFOjfjV5MhNqH1ymnPBxOhhE4GrLB
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMDFDNy85N0NGMjBGQTMz
MjMxMUU0QTZFNzQ5MTFDNEY5QUUwMi82Ti1OWGt5RTJvZlhLYWM4SEU2R0VUZ2Fz
c0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzZOLU5Ya3lFMm9mWEthYzhIRTZHRVRnYXNzRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjAxQzcvOTdDRjIwRkEzMzIzMTFFNEE2RTc0OTExQzRGOUFFMDIvRTg2RTE4OEE3
OTVGMTFFRkJGM0I0OTFDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAJnCXAwDQQCAAIwBwMFACQD4QAwDQYJKoZIhvcNAQELBQAD
ggEBAF87YYB7f/b6i2e/5LJAjtYEeFFFNyg+1JLdTVnlEvoZo5kbInrEra2Nu7/1
UUBN2z7CYyZ5vkotJXtu218G7Lspz2u90zyzYSGb5dwiJc8F0o+z8m4hKBaXVp5+
EKepKZ5zD98eRkcG6nPT19sGROAEPG6YcfAB+Q2HV8PF3NpnBKvUaMkx2UAtJAlM
rYWsc/aoBoim6LHmYqefDgYVQ1/gvgf1U0AS4FOT7eMJR3sQarvJD8yalejTpdOr
5oAW0gnwp7a7hVxE9LoV1SeXNwyMa6GloaxLtOR5Vz+6wrFBG6IQP7VfJ4AMB85s
ccksaRYXQKsUxKWrVe8J3pUPFXk=
-----END CERTIFICATE-----
Generated at Fri Apr 4 23:54:28 2025 by rpki-client