Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C9A8D/32F1F4C283E911ECB873C871C4F9AE02/D2A57AD8DDF111EF969ABC1CC4F9AE02.roa
File: D2A57AD8DDF111EF969ABC1CC4F9AE02.roa (raw, json)
Hash identifier: oVUb29+C/dpDmyrIQ/S9XmPyQiqyJJ84om1g2jTlU5s=
Subject key identifier: 06:7A:F1:2F:B3:5F:E1:69:6C:84:69:16:A7:00:11:53:BF:EB:05:04
Certificate issuer: /CN=A91C9A8D/serialNumber=82D818861DD4A70F7708D205E4B89E8514CA1F6C
Certificate serial: 02
Authority key identifier: 82:D8:18:86:1D:D4:A7:0F:77:08:D2:05:E4:B8:9E:85:14:CA:1F:6C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gtgYhh3Upw93CNIF5LiehRTKH2w.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C9A8D/32F1F4C283E911ECB873C871C4F9AE02/D2A57AD8DDF111EF969ABC1CC4F9AE02.roa
Signing time: Wed 29 Jan 2025 03:33:36 +0000
ROA not before: Wed 29 Jan 2025 03:33:36 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 135594
IP address blocks: 103.67.165.0/24 maxlen: 24
103.152.4.0/24 maxlen: 24
2001:df3:4a00::/48 maxlen: 48
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C9A8D
Validity
Not Before: Jan 29 03:33:36 2025 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=6799a190-53eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:92:45:94:74:ba:c0:09:1e:93:ec:04:a0:6e:
f5:64:0c:f1:d1:b4:24:b8:6b:59:66:ef:7d:1f:9d:
62:f4:72:20:63:30:70:3a:fe:55:a9:8c:64:dc:84:
16:df:37:83:09:9d:e1:7a:d1:90:f3:21:b5:03:13:
2a:0d:7a:73:60:9d:3a:67:05:67:a8:69:a0:e9:85:
5b:08:69:0f:47:1d:d4:78:b3:a5:14:d9:79:66:ef:
22:dc:3c:68:fe:22:34:35:d4:ea:5c:f8:58:08:06:
52:4a:e0:9a:b5:17:93:2e:12:c1:74:4f:34:90:ec:
40:ec:87:a2:06:17:b6:42:b3:1c:3b:96:57:ec:33:
e0:01:13:69:1e:00:9c:0e:26:08:f2:be:71:7c:b9:
60:9c:24:d9:c8:76:a6:a8:b6:32:ed:17:0c:18:be:
12:bf:f4:e3:b7:6d:ef:22:5b:d1:ec:29:fb:ab:4c:
b1:b4:12:45:16:a5:d9:40:be:84:01:87:30:2f:46:
58:da:3d:c5:fb:d2:97:34:a9:d6:08:f8:0c:db:66:
de:53:6b:74:de:60:f4:12:30:d4:fa:9f:f2:a9:ae:
c0:34:3f:d7:fa:d9:99:78:9c:f1:9a:70:30:87:8b:
42:7f:e7:1e:7b:0b:27:4a:ba:d1:63:09:f6:ba:72:
8f:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:7A:F1:2F:B3:5F:E1:69:6C:84:69:16:A7:00:11:53:BF:EB:05:04
X509v3 Authority Key Identifier:
keyid:82:D8:18:86:1D:D4:A7:0F:77:08:D2:05:E4:B8:9E:85:14:CA:1F:6C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C9A8D/32F1F4C283E911ECB873C871C4F9AE02/gtgYhh3Upw93CNIF5LiehRTKH2w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gtgYhh3Upw93CNIF5LiehRTKH2w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C9A8D/32F1F4C283E911ECB873C871C4F9AE02/D2A57AD8DDF111EF969ABC1CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.67.165.0/24
103.152.4.0/24
IPv6:
2001:df3:4a00::/48
Signature Algorithm: sha256WithRSAEncryption
9c:96:f1:b4:fa:77:3d:48:0c:bc:c1:01:69:3e:74:92:02:36:
fc:0b:b7:4c:a0:49:ae:4a:80:1e:6c:32:f9:b6:aa:4e:97:54:
01:ba:f5:e9:57:7b:42:1b:22:67:14:a0:ca:e2:4c:02:c8:f9:
29:a2:3d:09:97:17:59:39:d5:7e:3b:75:ff:4c:11:1b:48:0c:
d3:80:00:84:8a:ea:2a:9a:26:49:29:4f:1f:12:b9:dd:28:43:
49:7b:ec:d1:6b:9a:f6:56:87:8f:52:90:81:7a:ad:1f:da:03:
ca:9f:e5:2e:cb:a3:64:0a:90:b0:d6:ce:57:d9:78:5a:f6:95:
c1:ed:7e:77:40:64:58:57:cd:bc:52:2b:93:3d:dd:58:5c:9a:
27:c4:2d:88:06:ea:53:f5:28:d2:84:31:6e:a5:83:0e:86:04:
d3:17:ea:2d:c0:aa:2d:25:ab:07:ae:ef:18:72:50:47:a0:70:
e5:2a:4b:91:e4:91:4e:2f:3f:a3:1a:dc:71:70:9b:f6:b1:c4:
59:24:b1:92:48:00:68:1a:fb:b4:97:51:60:b6:3c:50:69:27:
2c:28:a0:9f:ca:60:5f:42:88:c1:3c:4f:0e:39:b7:e4:8b:86:
8f:58:66:62:13:70:f1:a2:7c:1f:99:5b:09:1b:0b:0a:0a:ca:
c9:12:3c:a6
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD
OUE4RDExMC8GA1UEBRMoODJEODE4ODYxREQ0QTcwRjc3MDhEMjA1RTRCODlFODUx
NENBMUY2QzAeFw0yNTAxMjkwMzMzMzZaFw0yNTA5MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3OTlhMTkwLTUzZWIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDCkkWUdLrACR6T7ASgbvVkDPHRtCS4a1lm730fnWL0ciBjMHA6/lWpjGTchBbf
N4MJneF60ZDzIbUDEyoNenNgnTpnBWeoaaDphVsIaQ9HHdR4s6UU2Xlm7yLcPGj+
IjQ11Opc+FgIBlJK4Jq1F5MuEsF0TzSQ7EDsh6IGF7ZCsxw7llfsM+ABE2keAJwO
JgjyvnF8uWCcJNnIdqaotjLtFwwYvhK/9OO3be8iW9HsKfurTLG0EkUWpdlAvoQB
hzAvRljaPcX70pc0qdYI+AzbZt5Ta3TeYPQSMNT6n/KprsA0P9f62Zl4nPGacDCH
i0J/5x57CydKutFjCfa6co/7AgMBAAGjggKsMIICqDAdBgNVHQ4EFgQUBnrxL7Nf
4WlshGkWpwARU7/rBQQwHwYDVR0jBBgwFoAUgtgYhh3Upw93CNIF5LiehRTKH2ww
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUM5QThELzMyRjFGNEMyODNF
OTExRUNCODczQzg3MUM0RjlBRTAyL2d0Z1loaDNVcHc5M0NOSUY1TGllaFJUS0gy
dy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvZ3RnWWhoM1VwdzkzQ05JRjVMaWVoUlRLSDJ3LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD
OUE4RC8zMkYxRjRDMjgzRTkxMUVDQjg3M0M4NzFDNEY5QUUwMi9EMkE1N0FEOERE
RjExMUVGOTY5QUJDMUNDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDA2BggrBgEFBQcBBwEB/wQn
MCUwEgQCAAEwDAMEAGdDpQMEAGeYBDAPBAIAAjAJAwcAIAEN80oAMA0GCSqGSIb3
DQEBCwUAA4IBAQCclvG0+nc9SAy8wQFpPnSSAjb8C7dMoEmuSoAebDL5tqpOl1QB
uvXpV3tCGyJnFKDK4kwCyPkpoj0JlxdZOdV+O3X/TBEbSAzTgACEiuoqmiZJKU8f
ErndKENJe+zRa5r2VoePUpCBeq0f2gPKn+Uuy6NkCpCw1s5X2Xha9pXB7X53QGRY
V828UiuTPd1YXJonxC2IBupT9SjShDFupYMOhgTTF+otwKotJasHru8YclBHoHDl
KkuR5JFOLz+jGtxxcJv2scRZJLGSSABoGvu0l1FgtjxQaScsKKCfymBfQojBPE8O
Obfki4aPWGZiE3DxonwfmVsJGwsKCsrJEjym
-----END CERTIFICATE-----
Generated at Sat Apr 5 01:17:43 2025 by rpki-client