Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/31D56A8E06C711EF9A0E1D0AC4F9AE02.roa
File: 31D56A8E06C711EF9A0E1D0AC4F9AE02.roa (raw, json)
Hash identifier: Yqwo5M588Yfv+JXGuvZtKg0Gtdf+iGVakUUN+3KDHdo=
Subject key identifier: 4E:46:28:1C:46:05:98:F5:58:3E:78:9E:0F:83:AC:D8:70:58:18:D7
Certificate issuer: /CN=A91B5D7E/serialNumber=4CAE3AEFB1AC8ABDDB99BCCEE4FA5A916D157B34
Certificate serial: 3594
Authority key identifier: 4C:AE:3A:EF:B1:AC:8A:BD:DB:99:BC:CE:E4:FA:5A:91:6D:15:7B:34
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TK4677Gsir3bmbzO5PpakW0VezQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/31D56A8E06C711EF9A0E1D0AC4F9AE02.roa
Signing time: Wed 18 Dec 2024 14:40:33 +0000
ROA not before: Wed 18 Dec 2024 14:40:33 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 140607
IP address blocks: 103.207.85.0/24 maxlen: 24
116.90.118.0/24 maxlen: 24
116.90.121.0/24 maxlen: 24
116.90.122.0/24 maxlen: 24
202.142.151.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13716 (0x3594)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B5D7E
Validity
Not Before: Dec 18 14:40:33 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=6762dee1-1e62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:b1:72:d8:26:93:2a:ce:9f:20:8b:98:18:d4:
5c:e2:3b:de:df:90:9d:45:63:e4:60:a5:75:c3:ac:
81:da:82:58:a6:c2:07:67:41:24:72:72:5c:71:a4:
77:a9:f9:18:0d:ee:01:9f:29:fb:2e:7d:a2:6a:54:
9b:16:62:74:86:cd:4e:1a:8c:36:b9:d9:f1:6f:bb:
b6:1c:86:a8:56:5c:4e:2f:c3:f9:c3:d3:92:dc:0b:
c1:1e:45:40:e7:b0:18:57:37:f1:66:6b:2e:6b:5b:
cf:f1:3a:8e:9c:ff:19:31:61:99:7b:d8:c5:15:60:
5d:e2:8e:5c:d4:92:f6:6f:db:2f:ff:9a:b0:f9:ff:
a2:a5:7f:63:b9:eb:e1:5f:89:c7:16:03:c5:74:51:
7f:6c:88:d6:5a:21:f4:ba:2b:e1:89:96:66:27:4a:
62:16:1b:f8:6d:e1:80:2a:d6:3c:c2:3e:5d:9d:aa:
58:a4:bb:43:93:8f:90:90:e3:25:50:ef:e0:b6:19:
c3:ec:e4:d9:84:c0:b2:08:05:4f:f8:35:04:fb:b0:
82:1c:c6:4b:7f:e4:de:d5:00:d5:72:e8:84:05:f2:
30:00:49:b5:4c:5a:d1:0c:41:33:34:d6:44:ac:b1:
ec:65:6d:19:5b:f0:ca:76:a5:7d:aa:7b:d5:86:5b:
57:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:46:28:1C:46:05:98:F5:58:3E:78:9E:0F:83:AC:D8:70:58:18:D7
X509v3 Authority Key Identifier:
keyid:4C:AE:3A:EF:B1:AC:8A:BD:DB:99:BC:CE:E4:FA:5A:91:6D:15:7B:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/TK4677Gsir3bmbzO5PpakW0VezQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TK4677Gsir3bmbzO5PpakW0VezQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/31D56A8E06C711EF9A0E1D0AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.207.85.0/24
116.90.118.0/24
116.90.121.0-116.90.122.255
202.142.151.0/24
Signature Algorithm: sha256WithRSAEncryption
86:9a:d9:08:fc:78:b9:4c:9d:11:a5:a4:af:f0:ad:25:d1:08:
26:eb:07:d0:3a:5f:73:e5:7d:3d:e6:2f:84:8d:b9:4a:d3:e6:
6d:4c:ef:3d:d7:a2:8d:08:f9:24:59:c8:43:f4:b9:84:1e:90:
de:34:4d:d8:31:13:e2:67:84:63:6b:b6:29:34:0b:c0:f4:31:
c1:37:31:34:22:38:67:bf:c9:8d:3d:38:fb:37:92:8d:fa:eb:
b4:0c:75:ee:c3:3e:a0:55:c0:df:4d:f0:7c:f3:a1:3a:5b:31:
bf:29:af:f1:43:7c:8f:df:b3:6f:47:3c:78:8b:c3:ef:52:8e:
40:d1:11:07:05:81:3e:68:1d:24:80:e4:c9:4c:b3:36:e8:d5:
22:a3:1a:81:55:2a:21:22:8d:2d:2d:aa:02:a5:86:54:f7:68:
45:23:be:75:7d:6a:84:2c:22:3f:4d:13:a9:63:33:08:f4:f3:
83:6f:f1:58:e2:0f:cb:35:88:3d:f0:77:96:d9:2d:ef:fe:39:
d7:e8:75:ec:bf:aa:e1:36:95:67:73:b2:4d:f8:0b:28:59:56:
91:bc:29:e0:56:51:5d:30:6d:db:8f:da:c9:8b:20:5b:83:da:
36:53:53:68:65:17:c3:7a:e3:41:e5:b0:57:22:a5:35:2f:09:
c2:86:98:48
-----BEGIN CERTIFICATE-----
MIIFizCCBHOgAwIBAgICNZQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjVEN0UxMTAvBgNVBAUTKDRDQUUzQUVGQjFBQzhBQkREQjk5QkNDRUU0RkE1QTkx
NkQxNTdCMzQwHhcNMjQxMjE4MTQ0MDMzWhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzYyZGVlMS0xZTYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsrFy2CaTKs6fIIuYGNRc4jve35CdRWPkYKV1w6yB2oJYpsIHZ0EkcnJccaR3
qfkYDe4Bnyn7Ln2ialSbFmJ0hs1OGow2udnxb7u2HIaoVlxOL8P5w9OS3AvBHkVA
57AYVzfxZmsua1vP8TqOnP8ZMWGZe9jFFWBd4o5c1JL2b9sv/5qw+f+ipX9juevh
X4nHFgPFdFF/bIjWWiH0uivhiZZmJ0piFhv4beGAKtY8wj5dnapYpLtDk4+QkOMl
UO/gthnD7OTZhMCyCAVP+DUE+7CCHMZLf+Te1QDVcuiEBfIwAEm1TFrRDEEzNNZE
rLHsZW0ZW/DKdqV9qnvVhltX8wIDAQABo4ICrzCCAqswHQYDVR0OBBYEFE5GKBxG
BZj1WD54ng+DrNhwWBjXMB8GA1UdIwQYMBaAFEyuOu+xrIq925m8zuT6WpFtFXs0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNUQ3RS9FQ0E2ODIzNDFE
ODcxMUUyOTgzMjJERTAwOEIwMkNEMi9USzQ2NzdHc2lyM2JtYnpPNVBwYWtXMFZl
elEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1RLNDY3N0dzaXIzYm1iek81UHBha1cwVmV6US5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjVEN0UvRUNBNjgyMzQxRDg3MTFFMjk4MzIyREUwMDhCMDJDRDIvMzFENTZBOEUw
NkM3MTFFRjlBMEUxRDBBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOQYIKwYBBQUHAQcBAf8E
KjAoMCYEAgABMCADBABnz1UDBAB0WnYwDAMEAHRaeQMEAHRaegMEAMqOlzANBgkq
hkiG9w0BAQsFAAOCAQEAhprZCPx4uUydEaWkr/CtJdEIJusH0Dpfc+V9PeYvhI25
StPmbUzvPdeijQj5JFnIQ/S5hB6Q3jRN2DET4meEY2u2KTQLwPQxwTcxNCI4Z7/J
jT04+zeSjfrrtAx17sM+oFXA303wfPOhOlsxvymv8UN8j9+zb0c8eIvD71KOQNER
BwWBPmgdJIDkyUyzNujVIqMagVUqISKNLS2qAqWGVPdoRSO+dX1qhCwiP00TqWMz
CPTzg2/xWOIPyzWIPfB3ltkt7/451+h17L+q4TaVZ3OyTfgLKFlWkbwp4FZRXTBt
24/ayYsgW4PaNlNTaGUXw3rjQeWwVyKlNS8JwoaYSA==
-----END CERTIFICATE-----
Generated at Sat Apr 5 01:40:39 2025 by rpki-client