Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91BA164/AFC592ECF31E11E883EB7B79C4F9AE02/81169D9C27F111EB97EE5C56C4F9AE02.roa
File: 81169D9C27F111EB97EE5C56C4F9AE02.roa (raw, json)
Hash identifier: nCSC5o0BZpn9RcZOmKpVHja367zDdV974zmaJyAkSKA=
Subject key identifier: FC:7A:6C:61:BC:1D:1B:53:62:CC:AB:57:88:00:A1:80:63:5D:8C:8F
Certificate issuer: /CN=A91BA164/serialNumber=2EC44B9FC165C3BC8285812C313CC7801988FF31
Certificate serial: 0F80
Authority key identifier: 2E:C4:4B:9F:C1:65:C3:BC:82:85:81:2C:31:3C:C7:80:19:88:FF:31
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LsRLn8Flw7yChYEsMTzHgBmI_zE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91BA164/AFC592ECF31E11E883EB7B79C4F9AE02/81169D9C27F111EB97EE5C56C4F9AE02.roa
Signing time: Tue 09 Aug 2022 00:44:40 +0000
ROA not before: Tue 09 Aug 2022 00:44:40 +0000
ROA not after: Tue 31 Oct 2023 00:00:00 +0000
asID: 139021
IP address blocks: 43.249.0.0/24 maxlen: 24
43.249.1.0/24 maxlen: 24
43.249.2.0/24 maxlen: 24
43.249.3.0/24 maxlen: 24
103.24.248.0/22 maxlen: 24
103.96.148.0/23 maxlen: 24
103.96.150.0/23 maxlen: 24
103.120.82.0/23 maxlen: 24
2404:ccc0::/32 maxlen: 32
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3968 (0xf80)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91BA164
Validity
Not Before: Aug 9 00:44:40 2022 GMT
Not After : Oct 31 00:00:00 2023 GMT
Subject: CN=62f1adf8-98e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:de:5c:d3:fb:b2:50:3f:f2:5a:40:bd:6f:73:
2d:d8:ca:dc:43:ee:4b:09:e8:76:68:fc:4f:87:57:
02:a5:96:8e:2b:f4:ac:d3:4a:f0:ab:36:60:32:c7:
f1:40:b4:6f:86:c4:b5:07:ea:72:26:7d:20:c4:52:
4f:83:6d:bb:71:19:bd:0b:f6:f5:b2:0f:0a:70:5c:
d7:7e:df:81:47:45:fa:81:64:6e:38:49:e6:e8:bf:
59:91:ab:7a:83:71:8f:f8:25:fb:ca:ff:02:4f:98:
a2:c0:0e:2a:0f:dc:b8:75:e6:07:6e:e0:93:64:95:
8b:dc:38:2e:2f:2d:9f:af:06:8a:fb:50:a4:8f:e0:
56:14:52:c7:62:31:d5:f4:82:e7:e1:78:b5:1b:6b:
af:45:d8:7f:55:b7:e7:03:0a:ed:27:d4:c0:45:07:
b1:21:bb:47:2d:4c:ce:42:32:3d:90:9a:94:8a:f9:
31:bb:ae:73:2a:49:42:01:5f:24:70:e4:22:0e:c4:
20:2b:ff:66:b8:1f:c0:38:e0:73:e3:fd:8b:e1:bf:
53:02:4a:5b:28:4a:40:93:78:ce:3b:50:a9:a3:fb:
57:4b:35:0d:e1:2a:f4:97:4c:c2:18:96:12:89:22:
a8:3e:81:2c:d7:70:0f:eb:68:26:8f:73:21:eb:a8:
84:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:7A:6C:61:BC:1D:1B:53:62:CC:AB:57:88:00:A1:80:63:5D:8C:8F
X509v3 Authority Key Identifier:
keyid:2E:C4:4B:9F:C1:65:C3:BC:82:85:81:2C:31:3C:C7:80:19:88:FF:31
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91BA164/AFC592ECF31E11E883EB7B79C4F9AE02/LsRLn8Flw7yChYEsMTzHgBmI_zE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LsRLn8Flw7yChYEsMTzHgBmI_zE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BA164/AFC592ECF31E11E883EB7B79C4F9AE02/81169D9C27F111EB97EE5C56C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.249.0.0/22
103.24.248.0/22
103.96.148.0/22
103.120.82.0/23
IPv6:
2404:ccc0::/32
Signature Algorithm: sha256WithRSAEncryption
67:db:fe:c0:d9:d8:57:d5:d4:2f:9e:e2:81:5c:8e:9d:68:f2:
c8:b2:76:e3:e7:2d:b4:9e:2c:d9:b7:66:1a:7a:14:5e:3a:18:
d4:de:d0:8d:87:f7:a1:91:92:83:0b:1e:20:6d:d4:b7:7a:74:
3e:65:90:56:f4:cd:26:f4:ee:d0:90:b7:79:f4:61:53:35:e4:
47:b2:38:04:03:5a:24:d2:89:71:a7:a4:1f:7e:e3:f2:82:3b:
10:99:1d:0c:23:8d:4b:ee:fb:7e:7d:d0:f1:18:89:ba:a8:26:
a7:12:bb:0c:52:36:90:61:e2:82:ac:eb:5b:1c:6f:9d:5e:e8:
fc:f4:e6:c6:45:51:ca:16:46:2f:be:b5:97:f5:f3:f3:65:ab:
b6:6f:21:5e:a0:3f:28:03:62:c8:62:af:d5:01:91:b3:99:ec:
d1:37:41:5b:ed:d8:e3:b4:16:bd:fc:83:dc:58:7e:2e:34:5c:
c2:d4:6e:8a:b5:da:2a:10:78:8f:e4:df:ad:d9:06:e3:8d:81:
40:6b:d6:15:f8:d9:3e:a6:83:27:a6:ec:58:7d:1a:38:0b:1c:
3f:7b:50:bf:0a:d0:8f:28:21:a0:11:82:80:eb:19:39:73:46:
45:61:26:34:87:07:18:0f:49:3b:a3:5a:1a:20:35:2d:ba:8a:
58:55:73:4b
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICD4AwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QkExNjQxMTAvBgNVBAUTKDJFQzQ0QjlGQzE2NUMzQkM4Mjg1ODEyQzMxM0NDNzgw
MTk4OEZGMzEwHhcNMjIwODA5MDA0NDQwWhcNMjMxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmYxYWRmOC05OGU3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvd5c0/uyUD/yWkC9b3Mt2MrcQ+5LCeh2aPxPh1cCpZaOK/Ss00rwqzZgMsfx
QLRvhsS1B+pyJn0gxFJPg227cRm9C/b1sg8KcFzXft+BR0X6gWRuOEnm6L9Zkat6
g3GP+CX7yv8CT5iiwA4qD9y4deYHbuCTZJWL3DguLy2frwaK+1Ckj+BWFFLHYjHV
9ILn4Xi1G2uvRdh/VbfnAwrtJ9TARQexIbtHLUzOQjI9kJqUivkxu65zKklCAV8k
cOQiDsQgK/9muB/AOOBz4/2L4b9TAkpbKEpAk3jOO1Cpo/tXSzUN4Sr0l0zCGJYS
iSKoPoEs13AP62gmj3Mh66iEIQIDAQABo4ICtjCCArIwHQYDVR0OBBYEFPx6bGG8
HRtTYsyrV4gAoYBjXYyPMB8GA1UdIwQYMBaAFC7ES5/BZcO8goWBLDE8x4AZiP8x
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQTE2NC9BRkM1OTJFQ0Yz
MUUxMUU4ODNFQjdCNzlDNEY5QUUwMi9Mc1JMbjhGbHc3eUNoWUVzTVR6SGdCbUlf
ekUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0xzUkxuOEZsdzd5Q2hZRXNNVHpIZ0JtSV96RS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QkExNjQvQUZDNTkyRUNGMzFFMTFFODgzRUI3Qjc5QzRGOUFFMDIvODExNjlEOUMy
N0YxMTFFQjk3RUU1QzU2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQAYIKwYBBQUHAQcBAf8E
MTAvMB4EAgABMBgDBAIr+QADBAJnGPgDBAJnYJQDBAFneFIwDQQCAAIwBwMFACQE
zMAwDQYJKoZIhvcNAQELBQADggEBAGfb/sDZ2FfV1C+e4oFcjp1o8siyduPnLbSe
LNm3Zhp6FF46GNTe0I2H96GRkoMLHiBt1Ld6dD5lkFb0zSb07tCQt3n0YVM15Eey
OAQDWiTSiXGnpB9+4/KCOxCZHQwjjUvu+3590PEYibqoJqcSuwxSNpBh4oKs61sc
b51e6Pz05sZFUcoWRi++tZf18/Nlq7ZvIV6gPygDYshir9UBkbOZ7NE3QVvt2OO0
Fr38g9xYfi40XMLUboq12ioQeI/k363ZBuONgUBr1hX42T6mgyem7Fh9GjgLHD97
UL8K0I8oIaARgoDrGTlzRkVhJjSHBxgPSTujWhogNS26ilhVc0s=
-----END CERTIFICATE-----
Generated at Sat Apr 5 01:45:06 2025 by rpki-client