Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C862F/D5E1DDEA965F11ECAD217376C4F9AE02/437E6F641A2A11ED8E5B3178C4F9AE02.roa
File: 437E6F641A2A11ED8E5B3178C4F9AE02.roa (raw, json)
Hash identifier: W2t7cvkTvvu4tLiipq3paLT/+ja5H4MoySHQU+pxdNU=
Subject key identifier: 02:6D:E0:4D:C3:1B:C1:40:6F:39:8A:AD:E8:F0:03:47:8B:CA:2E:E1
Certificate issuer: /CN=A91C862F/serialNumber=9CB2195EBAA20960DAF882FB5F47EB55A19D22EC
Certificate serial: 0393
Authority key identifier: 9C:B2:19:5E:BA:A2:09:60:DA:F8:82:FB:5F:47:EB:55:A1:9D:22:EC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nLIZXrqiCWDa-IL7X0frVaGdIuw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C862F/D5E1DDEA965F11ECAD217376C4F9AE02/437E6F641A2A11ED8E5B3178C4F9AE02.roa
Signing time: Tue 25 Mar 2025 01:06:23 +0000
ROA not before: Tue 25 Mar 2025 01:06:23 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 140889
IP address blocks: 103.182.170.0/24 maxlen: 24
103.182.171.0/24 maxlen: 24
2001:df0:7f40::/48 maxlen: 48
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 915 (0x393)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C862F
Validity
Not Before: Mar 25 01:06:23 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=67e2018f-c806
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:b7:24:17:a9:f2:bd:d9:aa:ce:98:e0:c4:a3:
bd:63:02:78:e8:21:84:77:75:5f:2b:d4:e1:6d:c4:
f0:a3:5f:16:bf:a8:18:bd:d4:83:94:81:2f:7d:7f:
1e:d6:7e:a7:1e:a9:e7:64:73:c8:f5:c9:5a:30:b5:
2f:73:25:41:a3:23:94:c2:88:c6:bf:db:13:83:92:
df:86:fd:d8:c4:02:61:fe:41:6f:fa:d8:61:2a:87:
73:ed:0c:62:c5:7f:09:8e:df:60:43:3e:9b:99:80:
86:35:0d:e0:2f:9f:ba:1d:a5:65:df:9b:f2:4e:42:
b1:42:e7:f8:d0:ce:0a:d6:6e:fe:56:29:f4:cc:d7:
ef:d0:ed:23:50:21:18:38:84:62:3d:29:67:4e:f0:
0a:6a:63:75:52:d4:09:29:51:a4:cf:a3:7e:99:b5:
06:11:b9:fa:de:5a:d7:cc:4e:bb:8e:8b:e0:42:85:
69:7a:b4:14:4b:99:db:54:6b:a5:43:9c:70:56:8a:
d7:76:b4:fe:ea:d4:cc:0a:40:3b:10:8d:f1:4d:25:
92:1f:db:06:59:8a:c7:78:31:3d:98:cd:68:04:83:
00:3b:be:d8:4e:af:60:8a:b0:56:a5:88:19:98:f2:
0c:4d:bd:71:0a:65:a5:1d:35:2c:98:a4:39:ed:1a:
a0:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:6D:E0:4D:C3:1B:C1:40:6F:39:8A:AD:E8:F0:03:47:8B:CA:2E:E1
X509v3 Authority Key Identifier:
keyid:9C:B2:19:5E:BA:A2:09:60:DA:F8:82:FB:5F:47:EB:55:A1:9D:22:EC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C862F/D5E1DDEA965F11ECAD217376C4F9AE02/nLIZXrqiCWDa-IL7X0frVaGdIuw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nLIZXrqiCWDa-IL7X0frVaGdIuw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C862F/D5E1DDEA965F11ECAD217376C4F9AE02/437E6F641A2A11ED8E5B3178C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.182.170.0/23
IPv6:
2001:df0:7f40::/48
Signature Algorithm: sha256WithRSAEncryption
6a:6d:2a:90:7d:43:5c:e8:78:2e:03:3a:bd:22:ab:67:f2:d5:
8f:1a:4b:da:1a:02:9b:f1:02:ac:93:db:59:b1:a5:46:cc:43:
a5:c5:c0:37:c3:24:8a:6f:47:ab:0d:8f:8a:fa:b5:23:ef:4f:
8f:94:40:6f:47:59:71:7e:5b:42:aa:84:c7:c9:94:56:b1:45:
3b:8b:33:3e:32:76:49:f7:4b:78:96:86:ee:0b:ab:ea:a3:db:
20:a7:aa:b9:65:54:d8:d4:9d:fc:26:21:7b:93:13:d3:93:2b:
0d:80:d5:4a:e4:43:b2:91:9c:88:df:5c:00:2a:be:10:a9:80:
b0:74:b7:41:ba:67:2f:b7:5e:e6:5f:e5:db:2c:ba:f4:28:30:
8c:e8:97:bd:c4:40:e0:1a:f5:a8:75:b2:b0:a3:8c:50:c8:77:
07:94:c8:59:d8:e1:f8:f7:f8:a4:7e:46:49:1d:e7:cd:19:8f:
78:b2:b9:0b:4a:45:d0:d0:f6:a7:c2:26:6d:9b:d3:81:30:14:
2b:03:b1:4f:6a:a8:a4:33:c6:7c:9b:97:a4:55:c6:9f:5d:1b:
35:99:73:9c:a1:67:43:5d:d2:54:06:20:96:dc:71:bc:60:f1:
20:6a:f2:89:33:f6:d8:b3:d2:b9:04:8d:96:95:65:d9:0f:ce:
eb:54:03:2c
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICA5MwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Qzg2MkYxMTAvBgNVBAUTKDlDQjIxOTVFQkFBMjA5NjBEQUY4ODJGQjVGNDdFQjU1
QTE5RDIyRUMwHhcNMjUwMzI1MDEwNjIzWhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02N2UyMDE4Zi1jODA2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwrckF6nyvdmqzpjgxKO9YwJ46CGEd3VfK9ThbcTwo18Wv6gYvdSDlIEvfX8e
1n6nHqnnZHPI9claMLUvcyVBoyOUwojGv9sTg5Lfhv3YxAJh/kFv+thhKodz7Qxi
xX8Jjt9gQz6bmYCGNQ3gL5+6HaVl35vyTkKxQuf40M4K1m7+Vin0zNfv0O0jUCEY
OIRiPSlnTvAKamN1UtQJKVGkz6N+mbUGEbn63lrXzE67jovgQoVperQUS5nbVGul
Q5xwVorXdrT+6tTMCkA7EI3xTSWSH9sGWYrHeDE9mM1oBIMAO77YTq9girBWpYgZ
mPIMTb1xCmWlHTUsmKQ57RqgOwIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFAJt4E3D
G8FAbzmKrejwA0eLyi7hMB8GA1UdIwQYMBaAFJyyGV66oglg2viC+19H61WhnSLs
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDODYyRi9ENUUxRERFQTk2
NUYxMUVDQUQyMTczNzZDNEY5QUUwMi9uTElaWHJxaUNXRGEtSUw3WDBmclZhR2RJ
dXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL25MSVpYcnFpQ1dEYS1JTDdYMGZyVmFHZEl1dy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Qzg2MkYvRDVFMURERUE5NjVGMTFFQ0FEMjE3Mzc2QzRGOUFFMDIvNDM3RTZGNjQx
QTJBMTFFRDhFNUIzMTc4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFntqowDwQCAAIwCQMHACABDfB/QDANBgkqhkiG9w0BAQsF
AAOCAQEAam0qkH1DXOh4LgM6vSKrZ/LVjxpL2hoCm/ECrJPbWbGlRsxDpcXAN8Mk
im9Hqw2Pivq1I+9Pj5RAb0dZcX5bQqqEx8mUVrFFO4szPjJ2SfdLeJaG7gur6qPb
IKequWVU2NSd/CYhe5MT05MrDYDVSuRDspGciN9cACq+EKmAsHS3QbpnL7de5l/l
2yy69CgwjOiXvcRA4Br1qHWysKOMUMh3B5TIWdjh+Pf4pH5GSR3nzRmPeLK5C0pF
0ND2p8ImbZvTgTAUKwOxT2qopDPGfJuXpFXGn10bNZlznKFnQ13SVAYgltxxvGDx
IGryiTP22LPSuQSNlpVl2Q/O61QDLA==
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:20:46 2025 by rpki-client