Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B2131/BE4A6CD07D7211EB8CB63665C4F9AE02/D240E2EE814D11EBB1CE367FC4F9AE02.roa
File: D240E2EE814D11EBB1CE367FC4F9AE02.roa (raw, json)
Hash identifier: Qo5xdUrtF15zNycYs0WHF7Yan+dHCZcWYP9fO9pL8S4=
Subject key identifier: FB:FD:0B:78:80:AB:F4:F6:14:57:63:C1:BB:6E:0F:F1:CA:EB:04:6D
Certificate issuer: /CN=A91B2131/serialNumber=1407E31C87E1162459D83C3AEB488C975A9C23F1
Certificate serial: 05C8
Authority key identifier: 14:07:E3:1C:87:E1:16:24:59:D8:3C:3A:EB:48:8C:97:5A:9C:23:F1
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FAfjHIfhFiRZ2Dw660iMl1qcI_E.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B2131/BE4A6CD07D7211EB8CB63665C4F9AE02/D240E2EE814D11EBB1CE367FC4F9AE02.roa
Signing time: Thu 04 Jul 2024 23:41:38 +0000
ROA not before: Thu 04 Jul 2024 23:41:38 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 138002
IP address blocks: 103.115.233.0/24 maxlen: 24
2001:df5:3f00::/48 maxlen: 48
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1480 (0x5c8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B2131
Validity
Not Before: Jul 4 23:41:38 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=66873332-70bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:98:d0:d6:ff:f6:49:6b:fb:2c:69:50:4e:ed:
6b:0a:63:37:de:a0:b8:40:d0:f8:42:0c:15:73:0c:
27:03:14:3b:68:c6:9c:47:61:d1:09:8e:4a:53:cc:
77:97:42:66:26:82:54:9e:4d:12:ac:3f:10:d6:fc:
44:74:b1:64:b0:da:25:89:4a:0f:4d:3b:36:46:06:
1c:41:14:b2:49:3a:e0:77:13:9d:63:fd:a8:9a:3b:
91:81:2f:a0:81:86:bf:ad:92:0a:04:05:58:87:ae:
f8:d9:59:91:b8:fc:ae:09:f2:d0:d6:d3:f5:90:59:
54:1f:3b:13:42:db:ce:9e:ed:b5:6a:cd:0b:34:4c:
e6:b1:9d:cc:7e:f7:44:7e:b3:7d:e3:6a:0d:7e:cf:
dc:e9:5b:cc:2c:e8:3a:51:38:20:65:c2:13:64:e3:
b2:35:81:b4:96:79:6e:dc:35:8b:a6:6a:fd:6f:4c:
9d:57:0d:dd:ee:89:16:c6:01:a6:52:fe:9b:9b:5a:
bb:68:26:fb:6a:3b:fc:70:a2:b9:cf:94:e4:9f:de:
35:3a:a0:f3:2b:2c:bc:c2:b6:42:4b:07:55:82:fd:
3f:a9:48:eb:a7:11:49:a4:62:83:1f:af:b6:b2:0b:
94:60:6c:4f:be:15:07:76:fd:e6:8a:14:73:6f:18:
84:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:FD:0B:78:80:AB:F4:F6:14:57:63:C1:BB:6E:0F:F1:CA:EB:04:6D
X509v3 Authority Key Identifier:
keyid:14:07:E3:1C:87:E1:16:24:59:D8:3C:3A:EB:48:8C:97:5A:9C:23:F1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B2131/BE4A6CD07D7211EB8CB63665C4F9AE02/FAfjHIfhFiRZ2Dw660iMl1qcI_E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FAfjHIfhFiRZ2Dw660iMl1qcI_E.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B2131/BE4A6CD07D7211EB8CB63665C4F9AE02/D240E2EE814D11EBB1CE367FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.115.233.0/24
IPv6:
2001:df5:3f00::/48
Signature Algorithm: sha256WithRSAEncryption
ad:e6:41:dc:69:cd:24:41:6f:c7:02:e9:00:9a:5e:e7:3a:ec:
1f:2d:62:dd:41:f9:68:2f:da:d6:1c:0d:06:2d:df:0b:60:82:
73:8f:02:03:9e:e7:14:59:db:4b:7e:64:32:88:bb:c5:3a:59:
47:a3:aa:27:a5:4f:96:46:54:2c:eb:81:d6:b5:d6:83:65:4b:
11:39:5c:23:e9:60:53:4a:f2:e7:ad:36:00:b2:d3:70:67:ff:
66:4e:d7:7c:d7:4d:30:26:5c:fb:6d:d6:40:c0:46:f4:9a:4d:
a9:51:b4:fa:19:55:c8:25:8e:01:4d:b6:92:3b:fe:2f:11:81:
e1:b4:d6:4c:d7:92:fa:99:ae:d5:8f:0b:50:34:f8:94:1b:bf:
84:f5:e5:0b:5e:e3:4a:4e:c9:13:36:14:41:f8:d4:7b:ef:67:
61:bf:b0:03:83:8a:6e:86:65:36:64:02:c8:b6:f9:32:c4:25:
6f:cf:9d:5d:74:9d:1f:ef:51:fc:c6:ba:89:07:7a:de:aa:f7:
21:0d:5a:a3:bb:62:a7:4e:ca:4a:34:93:1d:f9:9c:db:6b:2e:
e5:ca:09:03:e8:ea:69:c7:fc:e4:63:cc:2d:8b:fe:09:c3:35:
1f:63:33:47:85:78:ca:dc:70:69:c9:5c:2d:6d:bf:72:8f:19:
33:59:cc:22
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICBcgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjIxMzExMTAvBgNVBAUTKDE0MDdFMzFDODdFMTE2MjQ1OUQ4M0MzQUVCNDg4Qzk3
NUE5QzIzRjEwHhcNMjQwNzA0MjM0MTM4WhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Njg3MzMzMi03MGJiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0ZjQ1v/2SWv7LGlQTu1rCmM33qC4QND4QgwVcwwnAxQ7aMacR2HRCY5KU8x3
l0JmJoJUnk0SrD8Q1vxEdLFksNoliUoPTTs2RgYcQRSySTrgdxOdY/2omjuRgS+g
gYa/rZIKBAVYh6742VmRuPyuCfLQ1tP1kFlUHzsTQtvOnu21as0LNEzmsZ3MfvdE
frN942oNfs/c6VvMLOg6UTggZcITZOOyNYG0lnlu3DWLpmr9b0ydVw3d7okWxgGm
Uv6bm1q7aCb7ajv8cKK5z5Tkn941OqDzKyy8wrZCSwdVgv0/qUjrpxFJpGKDH6+2
sguUYGxPvhUHdv3mihRzbxiE5QIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFPv9C3iA
q/T2FFdjwbtuD/HK6wRtMB8GA1UdIwQYMBaAFBQH4xyH4RYkWdg8OutIjJdanCPx
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMjEzMS9CRTRBNkNEMDdE
NzIxMUVCOENCNjM2NjVDNEY5QUUwMi9GQWZqSElmaEZpUloyRHc2NjBpTWwxcWNJ
X0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZBZmpISWZoRmlSWjJEdzY2MGlNbDFxY0lfRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjIxMzEvQkU0QTZDRDA3RDcyMTFFQjhDQjYzNjY1QzRGOUFFMDIvRDI0MEUyRUU4
MTREMTFFQkIxQ0UzNjdGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBABnc+kwDwQCAAIwCQMHACABDfU/ADANBgkqhkiG9w0BAQsF
AAOCAQEAreZB3GnNJEFvxwLpAJpe5zrsHy1i3UH5aC/a1hwNBi3fC2CCc48CA57n
FFnbS35kMoi7xTpZR6OqJ6VPlkZULOuB1rXWg2VLETlcI+lgU0ry5602ALLTcGf/
Zk7XfNdNMCZc+23WQMBG9JpNqVG0+hlVyCWOAU22kjv+LxGB4bTWTNeS+pmu1Y8L
UDT4lBu/hPXlC17jSk7JEzYUQfjUe+9nYb+wA4OKboZlNmQCyLb5MsQlb8+dXXSd
H+9R/Ma6iQd63qr3IQ1ao7tip07KSjSTHfmc22su5coJA+jqacf85GPMLYv+CcM1
H2MzR4V4ytxwaclcLW2/co8ZM1nMIg==
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:58:06 2025 by rpki-client