Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B43EE/4A8ADAC0CD4611EDB45CCD66C4F9AE02/A0A7B5161B6D11EE943DBE1AC4F9AE02.roa
File: A0A7B5161B6D11EE943DBE1AC4F9AE02.roa (raw, json)
Hash identifier: 6nBegUEh6ts9PfjWE2PkXRJ1EOdzjUB+XsuGThTEurg=
Subject key identifier: 0B:52:5E:4F:7D:E9:1E:09:04:69:54:E3:9A:39:C3:B6:E2:A5:7D:73
Certificate issuer: /CN=A91B43EE/serialNumber=02BA63B5862E2709B90D16B7DC2EB5CFC8A2E684
Certificate serial: DF
Authority key identifier: 02:BA:63:B5:86:2E:27:09:B9:0D:16:B7:DC:2E:B5:CF:C8:A2:E6:84
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ArpjtYYuJwm5DRa33C61z8ii5oQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B43EE/4A8ADAC0CD4611EDB45CCD66C4F9AE02/A0A7B5161B6D11EE943DBE1AC4F9AE02.roa
Signing time: Wed 01 May 2024 06:40:02 +0000
ROA not before: Wed 01 May 2024 06:40:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 139009
IP address blocks: 103.244.49.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 223 (0xdf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B43EE
Validity
Not Before: May 1 06:40:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6631e3c1-02e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:c1:06:0f:ca:ea:96:82:00:e5:2a:02:44:58:
3e:b2:eb:26:f5:06:6e:f0:19:de:01:dc:21:87:61:
4f:c6:e1:cb:b5:90:b6:60:43:6f:96:28:22:c5:f2:
dc:8d:6f:c8:55:0e:14:f2:69:6b:34:f0:42:ad:91:
51:df:2e:b2:6b:60:87:96:28:e9:65:5d:7b:ce:80:
1a:75:78:ed:60:ed:80:57:d2:ae:c7:c2:b8:21:04:
a7:b5:ab:ba:a7:96:56:7c:08:99:3b:8b:45:c6:42:
03:b2:a2:f2:d4:de:b5:32:b6:ce:0c:4e:bd:c5:96:
43:87:29:d6:13:7a:81:2b:a3:d2:03:bc:71:ac:27:
b9:4a:f0:30:e4:b0:48:57:d1:8a:8c:4c:f5:51:57:
c8:16:fa:81:87:69:9a:8b:85:96:3c:5c:13:66:c1:
33:67:91:30:23:5b:39:e2:61:69:3f:19:5a:72:dc:
0a:fc:4d:be:85:d0:e9:9c:ea:73:d5:a6:de:a8:da:
6a:4f:07:12:56:3c:aa:be:ef:0e:34:77:ad:7a:f1:
57:ae:e9:8b:8a:85:29:48:f2:99:1d:43:c4:6a:26:
c1:ea:94:3a:d9:30:10:04:78:38:65:fc:3a:79:2c:
0e:26:45:ac:9c:3c:bd:26:3e:3b:d1:2a:0d:41:bb:
b1:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:52:5E:4F:7D:E9:1E:09:04:69:54:E3:9A:39:C3:B6:E2:A5:7D:73
X509v3 Authority Key Identifier:
keyid:02:BA:63:B5:86:2E:27:09:B9:0D:16:B7:DC:2E:B5:CF:C8:A2:E6:84
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B43EE/4A8ADAC0CD4611EDB45CCD66C4F9AE02/ArpjtYYuJwm5DRa33C61z8ii5oQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ArpjtYYuJwm5DRa33C61z8ii5oQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B43EE/4A8ADAC0CD4611EDB45CCD66C4F9AE02/A0A7B5161B6D11EE943DBE1AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.244.49.0/24
Signature Algorithm: sha256WithRSAEncryption
a4:4a:8b:de:43:f4:4b:dc:a0:0e:8f:fd:d1:ca:23:d3:cb:85:
b0:c4:fc:f4:70:bb:2e:d8:c7:36:8e:39:4a:ab:42:33:dc:f1:
35:34:48:40:44:a4:dc:69:d2:a4:34:ef:f2:6f:06:68:72:f8:
ec:ee:97:63:32:59:fa:f6:e5:fe:e7:55:b5:ce:ef:46:ca:0f:
35:6f:01:2f:b4:1d:f1:b5:39:c4:76:e3:de:aa:8a:8e:3b:b7:
77:9f:8d:ef:d0:ab:bf:2b:d5:3e:93:2d:76:f0:bb:50:fc:90:
c2:50:84:16:10:ad:70:b0:45:73:d5:93:49:64:66:29:2c:88:
5b:13:02:54:c3:7a:ca:b5:9c:c9:b7:89:00:99:4e:4d:fa:8a:
b7:33:5b:57:df:89:33:af:7d:09:30:10:ab:f0:63:a1:b3:61:
1c:8d:a9:b5:b6:7f:f3:c4:d9:4f:7f:6c:cb:74:45:d3:f5:08:
bc:eb:b7:6d:19:42:90:3f:24:9f:7a:9e:04:b5:54:2a:77:c6:
84:b1:9d:4d:83:49:4b:e3:d4:25:21:10:2b:40:60:c2:b2:65:
37:9f:03:f3:b5:f0:01:96:47:51:d3:4a:0e:9f:70:84:c0:43:
2a:0e:bb:30:17:cb:6b:c3:56:05:10:68:1d:3a:70:da:d1:04:
9a:17:89:b9
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAN8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjQzRUUxMTAvBgNVBAUTKDAyQkE2M0I1ODYyRTI3MDlCOTBEMTZCN0RDMkVCNUNG
QzhBMkU2ODQwHhcNMjQwNTAxMDY0MDAyWhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjMxZTNjMS0wMmUzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAt8EGD8rqloIA5SoCRFg+susm9QZu8BneAdwhh2FPxuHLtZC2YENvligixfLc
jW/IVQ4U8mlrNPBCrZFR3y6ya2CHlijpZV17zoAadXjtYO2AV9Kux8K4IQSntau6
p5ZWfAiZO4tFxkIDsqLy1N61MrbODE69xZZDhynWE3qBK6PSA7xxrCe5SvAw5LBI
V9GKjEz1UVfIFvqBh2mai4WWPFwTZsEzZ5EwI1s54mFpPxlactwK/E2+hdDpnOpz
1abeqNpqTwcSVjyqvu8ONHetevFXrumLioUpSPKZHUPEaibB6pQ62TAQBHg4Zfw6
eSwOJkWsnDy9Jj470SoNQbuxlQIDAQABo4IClTCCApEwHQYDVR0OBBYEFAtSXk99
6R4JBGlU45o5w7bipX1zMB8GA1UdIwQYMBaAFAK6Y7WGLicJuQ0Wt9wutc/IouaE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNDNFRS80QThBREFDMENE
NDYxMUVEQjQ1Q0NENjZDNEY5QUUwMi9BcnBqdFlZdUp3bTVEUmEzM0M2MXo4aWk1
b1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0FycGp0WVl1SndtNURSYTMzQzYxejhpaTVvUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjQzRUUvNEE4QURBQzBDRDQ2MTFFREI0NUNDRDY2QzRGOUFFMDIvQTBBN0I1MTYx
QjZEMTFFRTk0M0RCRTFBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABn9DEwDQYJKoZIhvcNAQELBQADggEBAKRKi95D9EvcoA6P
/dHKI9PLhbDE/PRwuy7YxzaOOUqrQjPc8TU0SEBEpNxp0qQ07/JvBmhy+Ozul2My
Wfr25f7nVbXO70bKDzVvAS+0HfG1OcR2496qio47t3efje/Qq78r1T6TLXbwu1D8
kMJQhBYQrXCwRXPVk0lkZiksiFsTAlTDesq1nMm3iQCZTk36irczW1ffiTOvfQkw
EKvwY6GzYRyNqbW2f/PE2U9/bMt0RdP1CLzrt20ZQpA/JJ96ngS1VCp3xoSxnU2D
SUvj1CUhECtAYMKyZTefA/O18AGWR1HTSg6fcITAQyoOuzAXy2vDVgUQaB06cNrR
BJoXibk=
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:52:11 2025 by rpki-client