Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C4FB5/EF987EE209D111E995607B52C4F9AE02/D3258BFA7AE711EFB4F5E235C4F9AE02.roa
File: D3258BFA7AE711EFB4F5E235C4F9AE02.roa (raw, json)
Hash identifier: IqcKshpk+qASTKe+nVLkoXyik/TGszfm7PEMyL1PxRk=
Subject key identifier: 02:51:58:DC:6B:5C:29:26:BB:4C:83:1C:AF:29:35:73:37:7E:61:14
Certificate issuer: /CN=A91C4FB5/serialNumber=CAFA20A9018095D229F0AC43920DCD43A66BEB52
Certificate serial: 112A
Authority key identifier: CA:FA:20:A9:01:80:95:D2:29:F0:AC:43:92:0D:CD:43:A6:6B:EB:52
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yvogqQGAldIp8KxDkg3NQ6Zr61I.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C4FB5/EF987EE209D111E995607B52C4F9AE02/D3258BFA7AE711EFB4F5E235C4F9AE02.roa
Signing time: Mon 06 Jan 2025 17:45:28 +0000
ROA not before: Mon 06 Jan 2025 17:45:28 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 13444
IP address blocks: 103.127.248.0/22 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4394 (0x112a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C4FB5
Validity
Not Before: Jan 6 17:45:28 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=677c16b8-e78b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:a9:1a:f5:2c:66:2e:b4:b4:74:fb:85:d3:fc:
21:1a:ab:49:db:b0:d3:c8:55:50:7e:7d:36:77:1e:
e6:31:46:45:c9:ba:cc:7e:91:0b:28:1b:e1:09:fd:
87:54:8d:96:d2:cf:ec:3c:a3:05:bd:fd:e7:2b:a0:
6b:33:41:61:18:4a:79:9f:72:bf:d8:6c:d8:db:b6:
e9:3c:b5:aa:d0:d8:9c:9b:4c:c5:e0:8e:81:32:df:
b0:3b:12:fc:44:1e:e4:99:24:b5:bc:dc:11:0f:e2:
c7:01:96:cb:c0:ba:2e:db:f2:8a:bb:77:73:dd:d8:
7d:f1:3d:d8:fe:89:b0:df:f3:72:56:a6:27:6b:d4:
22:33:01:18:24:63:15:67:2a:e7:73:cc:48:b4:f8:
f3:cc:7d:ce:73:7f:be:d4:63:c1:a9:ee:d8:68:67:
95:9e:3d:eb:c5:f2:a3:6e:c4:4b:f8:39:44:70:53:
ca:79:30:2d:bc:35:9a:f8:50:0f:86:94:23:39:ac:
d0:2d:98:9a:62:35:e8:2f:2c:e6:4e:d6:eb:45:12:
a1:72:7e:1e:0f:15:91:31:17:3d:52:d8:30:7e:2e:
0d:35:10:f0:88:f2:83:68:48:78:7c:3b:c2:ef:a0:
aa:74:56:b1:d2:ea:4c:33:e7:cc:8b:89:55:ec:a9:
c9:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:51:58:DC:6B:5C:29:26:BB:4C:83:1C:AF:29:35:73:37:7E:61:14
X509v3 Authority Key Identifier:
keyid:CA:FA:20:A9:01:80:95:D2:29:F0:AC:43:92:0D:CD:43:A6:6B:EB:52
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C4FB5/EF987EE209D111E995607B52C4F9AE02/yvogqQGAldIp8KxDkg3NQ6Zr61I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yvogqQGAldIp8KxDkg3NQ6Zr61I.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C4FB5/EF987EE209D111E995607B52C4F9AE02/D3258BFA7AE711EFB4F5E235C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.127.248.0/22
Signature Algorithm: sha256WithRSAEncryption
b2:b6:47:7f:43:54:c3:ea:63:ae:2f:95:08:b3:cf:e4:b6:be:
5d:0f:6e:14:21:cd:c9:66:6b:a4:54:6b:22:b8:83:ed:df:82:
71:d6:ef:f1:1a:3a:01:70:8c:ab:98:13:b1:b5:9a:08:08:39:
2e:6c:fa:00:84:ad:7e:34:1b:18:52:21:cc:7a:53:25:9f:c6:
11:ad:2d:7e:b2:78:66:5c:02:02:dd:c3:6a:0e:6f:8e:7f:f7:
bd:28:f7:c3:82:f7:8a:9f:2f:f0:60:0e:d8:ea:f9:33:d2:25:
3d:98:de:01:b4:dc:44:b0:87:b0:c3:35:7d:2f:56:d9:6a:79:
7a:cc:83:42:48:69:e3:b2:1b:61:ab:8c:0c:47:26:6e:aa:63:
d3:be:df:05:7c:8d:f7:70:ab:62:df:56:ed:ab:c2:59:6c:7c:
7c:de:ce:7f:3a:4b:be:19:ad:cc:42:40:7d:50:ff:89:6e:e9:
04:51:3a:17:0b:e4:df:a4:1b:27:cd:5d:33:d3:e4:2d:11:52:
6b:74:fd:a7:73:c0:94:c5:fa:15:7b:e9:a6:c4:41:b1:a4:dc:
a9:aa:b4:77:f3:1a:6a:5b:c5:fc:ff:9e:b9:55:44:3e:78:3b:
85:9d:a5:26:cf:0b:7c:88:d6:dd:61:4d:2e:c5:02:82:83:de:
19:55:49:80
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICESowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzRGQjUxMTAvBgNVBAUTKENBRkEyMEE5MDE4MDk1RDIyOUYwQUM0MzkyMERDRDQz
QTY2QkVCNTIwHhcNMjUwMTA2MTc0NTI4WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzdjMTZiOC1lNzhiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyqka9SxmLrS0dPuF0/whGqtJ27DTyFVQfn02dx7mMUZFybrMfpELKBvhCf2H
VI2W0s/sPKMFvf3nK6BrM0FhGEp5n3K/2GzY27bpPLWq0Nicm0zF4I6BMt+wOxL8
RB7kmSS1vNwRD+LHAZbLwLou2/KKu3dz3dh98T3Y/omw3/NyVqYna9QiMwEYJGMV
Zyrnc8xItPjzzH3Oc3++1GPBqe7YaGeVnj3rxfKjbsRL+DlEcFPKeTAtvDWa+FAP
hpQjOazQLZiaYjXoLyzmTtbrRRKhcn4eDxWRMRc9Utgwfi4NNRDwiPKDaEh4fDvC
76CqdFax0upMM+fMi4lV7KnJIQIDAQABo4IClTCCApEwHQYDVR0OBBYEFAJRWNxr
XCkmu0yDHK8pNXM3fmEUMB8GA1UdIwQYMBaAFMr6IKkBgJXSKfCsQ5INzUOma+tS
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNEZCNS9FRjk4N0VFMjA5
RDExMUU5OTU2MDdCNTJDNEY5QUUwMi95dm9ncVFHQWxkSXA4S3hEa2czTlE2WnI2
MUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3l2b2dxUUdBbGRJcDhLeERrZzNOUTZacjYxSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzRGQjUvRUY5ODdFRTIwOUQxMTFFOTk1NjA3QjUyQzRGOUFFMDIvRDMyNThCRkE3
QUU3MTFFRkI0RjVFMjM1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJnf/gwDQYJKoZIhvcNAQELBQADggEBALK2R39DVMPqY64v
lQizz+S2vl0PbhQhzclma6RUayK4g+3fgnHW7/EaOgFwjKuYE7G1mggIOS5s+gCE
rX40GxhSIcx6UyWfxhGtLX6yeGZcAgLdw2oOb45/970o98OC94qfL/BgDtjq+TPS
JT2Y3gG03ESwh7DDNX0vVtlqeXrMg0JIaeOyG2GrjAxHJm6qY9O+3wV8jfdwq2Lf
Vu2rwllsfHzezn86S74ZrcxCQH1Q/4lu6QRROhcL5N+kGyfNXTPT5C0RUmt0/adz
wJTF+hV76abEQbGk3KmqtHfzGmpbxfz/nrlVRD54O4WdpSbPC3yI1t1hTS7FAoKD
3hlVSYA=
-----END CERTIFICATE-----
Generated at Sat Apr 5 01:45:09 2025 by rpki-client