Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B9C52/6B7151620D7E11EC9C0B5F75C4F9AE02/DBEA4AA402C411F0A370F12EC4F9AE02.roa
File: DBEA4AA402C411F0A370F12EC4F9AE02.roa (raw, json)
Hash identifier: LglT88AP992wwS6++8oX+hvPgvXH2IXg5x9/81P07t8=
Subject key identifier: DE:0C:53:AE:AC:B7:6C:E3:40:49:EB:15:CD:19:C4:D4:5E:CF:E8:B6
Certificate issuer: /CN=A91B9C52/serialNumber=CBC14D405778462F9C5D91583A5C71836F23C19D
Certificate serial: 03
Authority key identifier: CB:C1:4D:40:57:78:46:2F:9C:5D:91:58:3A:5C:71:83:6F:23:C1:9D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y8FNQFd4Ri-cXZFYOlxxg28jwZ0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B9C52/6B7151620D7E11EC9C0B5F75C4F9AE02/DBEA4AA402C411F0A370F12EC4F9AE02.roa
Signing time: Mon 17 Mar 2025 00:14:57 +0000
ROA not before: Mon 17 Mar 2025 00:14:57 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 150750
IP address blocks: 103.151.236.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3 (0x3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B9C52
Validity
Not Before: Mar 17 00:14:57 2025 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=67d76981-c72f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:3b:2d:71:aa:d4:93:bf:3d:82:f8:58:10:f9:
a7:cd:0c:e2:b0:ac:30:c6:60:b5:41:5b:fe:02:96:
8a:04:80:d5:7a:a2:68:b1:39:73:1f:5e:92:08:48:
08:e0:f2:25:ee:09:3c:b8:99:34:94:ac:77:65:50:
e4:c4:e5:a4:e4:05:33:a0:2f:8e:b8:5e:17:6a:b7:
34:29:32:cb:05:58:8d:a9:10:c7:d2:0d:16:97:40:
8d:8e:b5:4f:ae:a4:e4:b5:f8:fe:43:f4:48:a1:dc:
b7:fa:e9:66:ec:7a:fa:70:94:76:5d:70:88:c2:b3:
32:af:7a:23:ac:ab:fc:20:83:92:2f:8b:f4:e1:57:
da:6f:0e:30:82:7f:a4:be:ca:9c:29:be:1a:9e:a7:
50:21:c8:eb:7a:5f:ea:7c:44:41:9c:92:23:73:be:
c4:76:58:f8:df:71:be:2b:76:02:0c:8d:0f:52:0d:
9c:69:1d:20:60:92:ae:48:a5:ef:a5:22:cc:26:b2:
a5:29:ef:9e:55:54:06:5a:45:66:9d:3e:81:0d:56:
2f:56:e6:ce:a5:78:76:18:27:e2:27:86:31:b4:32:
1d:b6:89:9b:a4:4c:d9:d5:5d:05:a3:49:a1:42:80:
62:d2:ee:8d:42:a4:12:ca:f0:b7:6c:a2:d6:33:80:
fb:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:0C:53:AE:AC:B7:6C:E3:40:49:EB:15:CD:19:C4:D4:5E:CF:E8:B6
X509v3 Authority Key Identifier:
keyid:CB:C1:4D:40:57:78:46:2F:9C:5D:91:58:3A:5C:71:83:6F:23:C1:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B9C52/6B7151620D7E11EC9C0B5F75C4F9AE02/y8FNQFd4Ri-cXZFYOlxxg28jwZ0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y8FNQFd4Ri-cXZFYOlxxg28jwZ0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B9C52/6B7151620D7E11EC9C0B5F75C4F9AE02/DBEA4AA402C411F0A370F12EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.151.236.0/24
Signature Algorithm: sha256WithRSAEncryption
85:af:6b:79:6a:5e:0a:7f:92:21:85:cd:5a:5a:72:7a:68:4e:
fd:ed:79:c2:35:94:0d:0b:87:be:fb:c1:79:8c:a5:fc:cb:6a:
f4:25:64:90:aa:75:93:19:19:bd:ce:3a:e2:52:b9:8c:ca:32:
5d:e9:da:44:03:f8:7e:01:70:2e:81:32:e2:07:fe:ae:8a:5e:
6f:26:20:89:92:49:b2:1f:4c:26:05:6f:2c:5d:81:ff:50:98:
4c:05:84:01:24:6d:c2:b7:44:8a:b3:72:02:9d:5d:f9:81:2d:
aa:9f:dc:6a:2c:c1:e5:b3:70:ab:19:91:0b:da:70:5a:d2:7d:
8d:65:4e:c3:08:d2:98:f7:05:fb:cd:ca:17:0b:f1:c1:73:e7:
47:1f:70:9e:d7:ae:6c:19:a1:44:32:46:cb:cc:33:ff:e9:f6:
f3:56:45:73:4e:8d:6e:b7:1b:8e:b5:23:e8:96:17:d9:f9:c3:
74:0b:e8:b6:9e:e7:af:b2:a7:fb:84:a5:1f:09:80:52:76:c4:
6e:a2:c5:9d:a7:e4:1c:45:f3:8c:da:1c:0e:5d:77:25:9d:84:
b1:31:60:3b:f6:c8:8a:d4:80:a1:a1:79:e3:ba:d2:bd:6e:40:
56:4b:03:36:9c:e6:c2:34:26:0c:21:b4:78:e5:b9:5c:87:fa:
b6:d3:08:db
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC
OUM1MjExMC8GA1UEBRMoQ0JDMTRENDA1Nzc4NDYyRjlDNUQ5MTU4M0E1QzcxODM2
RjIzQzE5RDAeFw0yNTAzMTcwMDE0NTdaFw0yNTA4MzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3ZDc2OTgxLWM3MmYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDPOy1xqtSTvz2C+FgQ+afNDOKwrDDGYLVBW/4ClooEgNV6omixOXMfXpIISAjg
8iXuCTy4mTSUrHdlUOTE5aTkBTOgL464XhdqtzQpMssFWI2pEMfSDRaXQI2OtU+u
pOS1+P5D9Eih3Lf66WbsevpwlHZdcIjCszKveiOsq/wgg5Ivi/ThV9pvDjCCf6S+
ypwpvhqep1AhyOt6X+p8REGckiNzvsR2WPjfcb4rdgIMjQ9SDZxpHSBgkq5Ipe+l
IswmsqUp755VVAZaRWadPoENVi9W5s6leHYYJ+InhjG0Mh22iZukTNnVXQWjSaFC
gGLS7o1CpBLK8LdsotYzgPupAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQU3gxTrqy3
bONASesVzRnE1F7P6LYwHwYDVR0jBBgwFoAUy8FNQFd4Ri+cXZFYOlxxg28jwZ0w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUI5QzUyLzZCNzE1MTYyMEQ3
RTExRUM5QzBCNUY3NUM0RjlBRTAyL3k4Rk5RRmQ0UmktY1haRllPbHh4ZzI4anda
MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIveThGTlFGZDRSaS1jWFpGWU9seHhnMjhqd1owLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC
OUM1Mi82QjcxNTE2MjBEN0UxMUVDOUMwQjVGNzVDNEY5QUUwMi9EQkVBNEFBNDAy
QzQxMUYwQTM3MEYxMkVDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAGeX7DANBgkqhkiG9w0BAQsFAAOCAQEAha9reWpeCn+SIYXN
WlpyemhO/e15wjWUDQuHvvvBeYyl/Mtq9CVkkKp1kxkZvc464lK5jMoyXenaRAP4
fgFwLoEy4gf+ropebyYgiZJJsh9MJgVvLF2B/1CYTAWEASRtwrdEirNyAp1d+YEt
qp/caizB5bNwqxmRC9pwWtJ9jWVOwwjSmPcF+83KFwvxwXPnRx9wnteubBmhRDJG
y8wz/+n281ZFc06NbrcbjrUj6JYX2fnDdAvotp7nr7Kn+4SlHwmAUnbEbqLFnafk
HEXzjNocDl13JZ2EsTFgO/bIitSAoaF547rSvW5AVksDNpzmwjQmDCG0eOW5XIf6
ttMI2w==
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:57:22 2025 by rpki-client