Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B9385/73CF676A8A0B11EAA2964C0BC4F9AE02/5197AD868A0D11EAA9BA2E0FC4F9AE02.roa
File: 5197AD868A0D11EAA9BA2E0FC4F9AE02.roa (raw, json)
Hash identifier: AMJQ1+Gi+Yyv8xwV6R2XZnBmrwaFZwHHnnFnkWB/QsY=
Subject key identifier: A4:B9:1B:31:FE:B3:D9:37:2C:5F:74:65:05:B2:E6:C5:A8:15:39:0E
Certificate issuer: /CN=A91B9385/serialNumber=35BF9DC5535A683AB695A77826786D3DF9E2C5B4
Certificate serial: 0977
Authority key identifier: 35:BF:9D:C5:53:5A:68:3A:B6:95:A7:78:26:78:6D:3D:F9:E2:C5:B4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Nb-dxVNaaDq2lad4JnhtPfnixbQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B9385/73CF676A8A0B11EAA2964C0BC4F9AE02/5197AD868A0D11EAA9BA2E0FC4F9AE02.roa
Signing time: Thu 20 Mar 2025 20:30:12 +0000
ROA not before: Thu 20 Mar 2025 20:30:12 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 133480
IP address blocks: 103.108.92.0/24 maxlen: 24
103.108.93.0/24 maxlen: 24
103.108.94.0/24 maxlen: 24
103.108.95.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2423 (0x977)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B9385
Validity
Not Before: Mar 20 20:30:12 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67dc7ad4-5790
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:13:c4:57:47:39:71:5a:b4:5e:8f:9a:18:e7:
a8:82:ec:1a:04:cf:4f:96:c2:93:16:44:ba:96:ba:
53:66:68:1f:2d:8c:75:e0:1d:02:af:6a:02:dd:47:
14:45:9a:1f:70:59:87:98:7d:76:cd:68:f2:39:bd:
ce:7d:51:01:47:f7:f0:6b:fc:cf:df:0c:8b:32:78:
2d:6f:81:b1:63:ff:72:63:56:77:1c:ee:7b:37:0d:
44:c1:f9:10:f7:37:d0:98:40:cd:58:27:e7:00:b2:
af:24:95:a1:67:f6:d8:9d:81:b3:1a:2c:84:61:8f:
96:44:ea:f7:1b:62:d3:00:a2:9a:e2:81:59:5a:89:
0b:64:83:58:64:e7:74:1c:7a:db:be:a5:c3:d4:25:
bc:2e:2a:53:8a:f9:24:1f:5f:02:78:ee:e3:fd:bd:
b5:53:46:38:a5:1c:f9:74:47:a8:96:7c:11:ef:90:
86:1c:b5:22:d7:d6:6e:28:4b:4e:55:8b:7e:d5:ff:
89:ae:74:9d:6b:df:64:29:9a:4a:38:ec:eb:26:d7:
d5:46:cf:8e:09:10:56:8b:68:e9:58:f8:b5:be:3d:
ab:9e:d7:2c:eb:49:b9:2b:68:39:41:00:73:03:53:
bc:9d:b7:8a:f4:ca:64:89:42:03:8b:cf:e3:e5:20:
f2:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:B9:1B:31:FE:B3:D9:37:2C:5F:74:65:05:B2:E6:C5:A8:15:39:0E
X509v3 Authority Key Identifier:
keyid:35:BF:9D:C5:53:5A:68:3A:B6:95:A7:78:26:78:6D:3D:F9:E2:C5:B4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B9385/73CF676A8A0B11EAA2964C0BC4F9AE02/Nb-dxVNaaDq2lad4JnhtPfnixbQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Nb-dxVNaaDq2lad4JnhtPfnixbQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B9385/73CF676A8A0B11EAA2964C0BC4F9AE02/5197AD868A0D11EAA9BA2E0FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.108.92.0/22
Signature Algorithm: sha256WithRSAEncryption
66:49:60:4d:72:88:d2:89:35:e6:54:20:2c:4a:56:8d:46:d0:
8e:ff:f7:77:30:88:f5:1e:9f:1f:d6:b9:ca:34:09:5f:22:7e:
af:dc:b5:a6:ea:c7:1a:b0:d9:a4:cf:5d:e9:c3:7c:a6:e8:50:
3d:99:f1:cf:a8:e1:87:ca:9b:6a:6a:3b:49:5f:57:41:18:05:
63:e9:8b:cd:8e:1e:bb:c2:ee:ea:18:7d:55:ad:dd:13:31:5d:
2d:b1:95:3f:60:b5:8e:16:fe:50:5e:f4:b0:32:d1:32:ab:6b:
09:bc:20:2e:3f:f4:89:54:4f:91:4d:3a:78:66:c4:17:88:25:
40:fc:74:71:d1:2e:03:fc:0a:06:79:3b:1c:88:71:8a:41:46:
c8:59:fb:83:f2:69:b8:ab:28:44:b9:ea:c1:1b:a0:d0:ff:cc:
f3:49:45:92:b7:a1:75:d3:27:40:3a:e6:a9:26:18:14:f1:c7:
50:6a:df:f1:49:e4:f0:7b:c7:75:c1:2d:63:4b:e3:02:10:d5:
de:85:d5:c0:3c:b0:3b:f6:e3:f1:ab:d9:81:6d:cc:b0:4d:25:
91:42:2a:cb:08:63:6b:7f:54:e3:d2:95:b4:9f:92:5d:be:b6:
a8:de:0f:63:9f:26:15:04:25:fc:b9:cb:fa:9d:36:1e:14:9f:
7f:7c:04:ad
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCXcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjkzODUxMTAvBgNVBAUTKDM1QkY5REM1NTM1QTY4M0FCNjk1QTc3ODI2Nzg2RDNE
RjlFMkM1QjQwHhcNMjUwMzIwMjAzMDEyWhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2RjN2FkNC01NzkwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxxPEV0c5cVq0Xo+aGOeoguwaBM9PlsKTFkS6lrpTZmgfLYx14B0Cr2oC3UcU
RZofcFmHmH12zWjyOb3OfVEBR/fwa/zP3wyLMngtb4GxY/9yY1Z3HO57Nw1EwfkQ
9zfQmEDNWCfnALKvJJWhZ/bYnYGzGiyEYY+WROr3G2LTAKKa4oFZWokLZINYZOd0
HHrbvqXD1CW8LipTivkkH18CeO7j/b21U0Y4pRz5dEeolnwR75CGHLUi19ZuKEtO
VYt+1f+JrnSda99kKZpKOOzrJtfVRs+OCRBWi2jpWPi1vj2rntcs60m5K2g5QQBz
A1O8nbeK9MpkiUIDi8/j5SDy8wIDAQABo4IClTCCApEwHQYDVR0OBBYEFKS5GzH+
s9k3LF90ZQWy5sWoFTkOMB8GA1UdIwQYMBaAFDW/ncVTWmg6tpWneCZ4bT354sW0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCOTM4NS83M0NGNjc2QThB
MEIxMUVBQTI5NjRDMEJDNEY5QUUwMi9OYi1keFZOYWFEcTJsYWQ0Sm5odFBmbml4
YlEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL05iLWR4Vk5hYURxMmxhZDRKbmh0UGZuaXhiUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjkzODUvNzNDRjY3NkE4QTBCMTFFQUEyOTY0QzBCQzRGOUFFMDIvNTE5N0FEODY4
QTBEMTFFQUE5QkEyRTBGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJnbFwwDQYJKoZIhvcNAQELBQADggEBAGZJYE1yiNKJNeZU
ICxKVo1G0I7/93cwiPUenx/Wuco0CV8ifq/ctabqxxqw2aTPXenDfKboUD2Z8c+o
4YfKm2pqO0lfV0EYBWPpi82OHrvC7uoYfVWt3RMxXS2xlT9gtY4W/lBe9LAy0TKr
awm8IC4/9IlUT5FNOnhmxBeIJUD8dHHRLgP8CgZ5OxyIcYpBRshZ+4PyabirKES5
6sEboND/zPNJRZK3oXXTJ0A65qkmGBTxx1Bq3/FJ5PB7x3XBLWNL4wIQ1d6F1cA8
sDv24/Gr2YFtzLBNJZFCKssIY2t/VOPSlbSfkl2+tqjeD2OfJhUEJfy5y/qdNh4U
n398BK0=
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:15:50 2025 by rpki-client