Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91BA5BA/4326CBC0B7CD11ECAF681335C4F9AE02/5FFA5548B5A311EEA95C5732C4F9AE02.roa
File: 5FFA5548B5A311EEA95C5732C4F9AE02.roa (raw, json)
Hash identifier: GQNcpw13U6rTwcbD2+x10d2Oo9BkdgjUG3Bpk2yiXDc=
Subject key identifier: 59:08:E3:91:DE:FD:37:6C:49:2A:2B:42:40:2F:68:CD:AF:C9:15:10
Certificate issuer: /CN=A91BA5BA/serialNumber=02AA3A76C459497B1B45F26E9044ACC6F2E8044F
Certificate serial: 02CA
Authority key identifier: 02:AA:3A:76:C4:59:49:7B:1B:45:F2:6E:90:44:AC:C6:F2:E8:04:4F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Aqo6dsRZSXsbRfJukESsxvLoBE8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91BA5BA/4326CBC0B7CD11ECAF681335C4F9AE02/5FFA5548B5A311EEA95C5732C4F9AE02.roa
Signing time: Fri 05 Jul 2024 02:44:37 +0000
ROA not before: Fri 05 Jul 2024 02:44:37 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 131330
IP address blocks: 103.22.148.0/24 maxlen: 24
103.22.149.0/24 maxlen: 24
103.22.150.0/24 maxlen: 24
103.22.151.0/24 maxlen: 24
202.88.40.0/24 maxlen: 24
202.88.41.0/24 maxlen: 24
202.88.43.0/24 maxlen: 24
2400:1560::/32 maxlen: 32
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 714 (0x2ca)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91BA5BA
Validity
Not Before: Jul 5 02:44:37 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=66875e15-8a4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:d7:b6:78:3f:fe:12:71:7d:37:85:e3:c7:55:
45:84:8d:2e:e9:70:a0:da:c5:75:4b:fe:95:64:c7:
d6:de:56:c5:93:43:b6:10:b6:f8:d1:65:8c:99:ef:
13:c7:03:a7:49:56:23:b8:5f:66:de:35:2c:06:2f:
6b:e0:e7:b9:1e:7f:64:d6:ae:74:06:a5:74:27:7a:
6b:99:72:00:9f:27:df:f0:f3:c3:c6:0f:09:89:c8:
d5:f6:0f:63:54:10:3b:7a:a1:5d:3d:43:9c:aa:2e:
81:95:4b:ff:af:f9:f9:3c:be:47:2c:cd:44:be:4a:
3b:7c:21:bc:de:5a:78:3f:34:c5:7f:c5:dc:a5:67:
03:6f:f4:61:c0:22:bf:b3:d5:c5:35:dc:2b:3e:43:
03:a8:ed:d8:97:5a:b2:5d:f5:86:d2:1c:7c:9f:60:
cd:f9:58:40:8f:9c:9a:17:40:08:c1:88:4e:7e:36:
9e:19:04:a5:7b:08:8b:fe:a7:9c:32:08:ab:83:b0:
d0:47:c5:e4:e4:95:8e:c0:df:41:68:d6:39:49:37:
40:cd:eb:36:0f:0b:57:38:8e:25:07:1c:2f:6a:7d:
96:6a:52:de:77:59:ec:01:68:6a:41:1e:7e:6c:7c:
70:84:d0:68:24:74:72:0e:8e:b6:37:bd:83:8b:e4:
b9:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:08:E3:91:DE:FD:37:6C:49:2A:2B:42:40:2F:68:CD:AF:C9:15:10
X509v3 Authority Key Identifier:
keyid:02:AA:3A:76:C4:59:49:7B:1B:45:F2:6E:90:44:AC:C6:F2:E8:04:4F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91BA5BA/4326CBC0B7CD11ECAF681335C4F9AE02/Aqo6dsRZSXsbRfJukESsxvLoBE8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Aqo6dsRZSXsbRfJukESsxvLoBE8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BA5BA/4326CBC0B7CD11ECAF681335C4F9AE02/5FFA5548B5A311EEA95C5732C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.22.148.0/22
202.88.40.0/23
202.88.43.0/24
IPv6:
2400:1560::/32
Signature Algorithm: sha256WithRSAEncryption
5a:2f:ae:c6:fa:3a:d3:82:1e:eb:27:da:ee:88:6c:ff:2d:80:
24:94:55:38:1b:76:60:cc:5a:63:96:b3:1d:0e:5e:a8:a9:cf:
e9:f6:0c:96:da:28:21:a4:3a:28:24:87:04:49:c6:b5:50:74:
fa:c2:bc:48:27:80:b1:dd:cc:64:8b:dd:44:df:36:0f:48:73:
af:25:47:2a:75:3c:83:45:b6:70:02:7b:c1:5e:16:1b:51:c9:
96:23:fd:f7:2c:f4:21:1b:24:1b:cc:0e:38:f4:ed:53:0b:7a:
fd:01:c5:53:2a:be:90:87:60:4b:9a:81:a7:ea:49:5f:96:ac:
02:96:64:dc:35:16:71:5d:94:f0:dc:ea:83:1b:96:30:d9:2f:
00:83:20:5f:02:0a:73:0e:45:ba:2a:3f:dc:19:44:5d:3d:f0:
06:58:40:45:dc:f8:66:a1:cd:9a:50:10:41:2f:e8:80:7a:48:
7b:8d:73:87:23:82:97:1a:6a:ef:b1:5a:77:00:ed:58:c9:cc:
49:20:48:a4:a5:9d:3a:81:56:48:74:ac:f5:f6:b1:1d:a0:7b:
db:9b:50:a9:80:40:0b:b1:53:3a:cb:b6:c3:81:7b:57:bd:cb:
b1:43:f9:2f:89:57:ff:af:84:60:b9:10:ce:c2:90:80:f0:14:
ea:38:0e:c6
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgICAsowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QkE1QkExMTAvBgNVBAUTKDAyQUEzQTc2QzQ1OTQ5N0IxQjQ1RjI2RTkwNDRBQ0M2
RjJFODA0NEYwHhcNMjQwNzA1MDI0NDM3WhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Njg3NWUxNS04YTRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtNe2eD/+EnF9N4Xjx1VFhI0u6XCg2sV1S/6VZMfW3lbFk0O2ELb40WWMme8T
xwOnSVYjuF9m3jUsBi9r4Oe5Hn9k1q50BqV0J3prmXIAnyff8PPDxg8JicjV9g9j
VBA7eqFdPUOcqi6BlUv/r/n5PL5HLM1Evko7fCG83lp4PzTFf8XcpWcDb/RhwCK/
s9XFNdwrPkMDqO3Yl1qyXfWG0hx8n2DN+VhAj5yaF0AIwYhOfjaeGQSlewiL/qec
Mgirg7DQR8Xk5JWOwN9BaNY5STdAzes2DwtXOI4lBxwvan2WalLed1nsAWhqQR5+
bHxwhNBoJHRyDo62N72Di+S51wIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFFkI45He
/TdsSSorQkAvaM2vyRUQMB8GA1UdIwQYMBaAFAKqOnbEWUl7G0XybpBErMby6ARP
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQTVCQS80MzI2Q0JDMEI3
Q0QxMUVDQUY2ODEzMzVDNEY5QUUwMi9BcW82ZHNSWlNYc2JSZkp1a0VTc3h2TG9C
RTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0FxbzZkc1JaU1hzYlJmSnVrRVNzeHZMb0JFOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QkE1QkEvNDMyNkNCQzBCN0NEMTFFQ0FGNjgxMzM1QzRGOUFFMDIvNUZGQTU1NDhC
NUEzMTFFRUE5NUM1NzMyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOgYIKwYBBQUHAQcBAf8E
KzApMBgEAgABMBIDBAJnFpQDBAHKWCgDBADKWCswDQQCAAIwBwMFACQAFWAwDQYJ
KoZIhvcNAQELBQADggEBAFovrsb6OtOCHusn2u6IbP8tgCSUVTgbdmDMWmOWsx0O
Xqipz+n2DJbaKCGkOigkhwRJxrVQdPrCvEgngLHdzGSL3UTfNg9Ic68lRyp1PINF
tnACe8FeFhtRyZYj/fcs9CEbJBvMDjj07VMLev0BxVMqvpCHYEuagafqSV+WrAKW
ZNw1FnFdlPDc6oMbljDZLwCDIF8CCnMORboqP9wZRF098AZYQEXc+GahzZpQEEEv
6IB6SHuNc4cjgpcaau+xWncA7VjJzEkgSKSlnTqBVkh0rPX2sR2ge9ubUKmAQAux
UzrLtsOBe1e9y7FD+S+JV/+vhGC5EM7CkIDwFOo4DsY=
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:53:59 2025 by rpki-client