Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CA141/AED18DA89E5511EA8DD1903CC4F9AE02/6B576C449E5711EABC193842C4F9AE02.roa
File: 6B576C449E5711EABC193842C4F9AE02.roa (raw, json)
Hash identifier: rmBjNT0g6o5OQJ7VMnQunSAodjeObi4QujloW5TWZhg=
Subject key identifier: 16:3C:E3:6C:BC:38:69:6A:AF:C9:2E:00:C1:C5:5F:95:A8:26:D8:C2
Certificate issuer: /CN=A91CA141/serialNumber=13A475D6BE3C2C7AC4A8DD371066AA6C0174FA3D
Certificate serial: 0917
Authority key identifier: 13:A4:75:D6:BE:3C:2C:7A:C4:A8:DD:37:10:66:AA:6C:01:74:FA:3D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/E6R11r48LHrEqN03EGaqbAF0-j0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CA141/AED18DA89E5511EA8DD1903CC4F9AE02/6B576C449E5711EABC193842C4F9AE02.roa
Signing time: Fri 28 Mar 2025 20:43:08 +0000
ROA not before: Fri 28 Mar 2025 20:43:08 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 38900
IP address blocks: 103.22.234.0/23 maxlen: 24
203.92.24.0/24 maxlen: 24
203.92.25.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2327 (0x917)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CA141
Validity
Not Before: Mar 28 20:43:08 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=67e709dc-56ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:d9:ea:81:6f:65:e3:49:53:37:07:3c:09:3e:
fc:b5:50:e4:8d:0e:6e:5b:34:be:31:ac:e3:c3:d0:
e4:52:b9:67:07:4e:49:85:3c:90:27:74:ba:f6:33:
ad:3a:8a:14:b6:6a:5a:57:c9:b3:19:f2:a9:72:f7:
fc:b3:7b:5f:3a:32:08:e5:21:e3:56:58:a7:de:eb:
88:97:44:ab:30:93:2f:2e:cc:94:4b:82:c9:91:59:
f3:be:e9:01:98:d8:1a:cb:a2:4e:07:4c:6f:e5:de:
b6:e7:05:84:2f:df:57:dc:76:e2:4b:ae:d9:b7:4f:
98:05:45:b2:e4:66:ba:ec:2e:1f:97:0d:2f:fb:6b:
4e:fd:ea:74:60:10:ff:1b:7e:7f:d8:39:29:ef:a7:
28:ba:66:98:9e:13:77:65:95:48:82:d7:dc:44:54:
52:b1:b7:d3:0c:41:a1:50:aa:73:22:2d:0d:18:17:
95:9d:9c:1f:0d:df:ee:03:40:3b:32:70:09:63:13:
58:21:d0:84:a2:1b:2a:04:f6:15:ee:38:67:66:77:
aa:72:5e:0b:d1:5f:b5:40:d3:a2:9e:fe:75:dc:b1:
5c:08:b6:bc:c4:c2:41:0b:8d:62:78:d0:5e:f6:6a:
d5:f5:46:0d:29:55:e6:c4:ac:0c:58:f2:49:ec:7c:
14:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:3C:E3:6C:BC:38:69:6A:AF:C9:2E:00:C1:C5:5F:95:A8:26:D8:C2
X509v3 Authority Key Identifier:
keyid:13:A4:75:D6:BE:3C:2C:7A:C4:A8:DD:37:10:66:AA:6C:01:74:FA:3D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CA141/AED18DA89E5511EA8DD1903CC4F9AE02/E6R11r48LHrEqN03EGaqbAF0-j0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/E6R11r48LHrEqN03EGaqbAF0-j0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CA141/AED18DA89E5511EA8DD1903CC4F9AE02/6B576C449E5711EABC193842C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.22.234.0/23
203.92.24.0/23
Signature Algorithm: sha256WithRSAEncryption
43:3a:00:d2:52:e4:59:10:d1:ff:be:dc:9f:85:f9:b7:63:08:
2d:bb:e6:50:ef:f5:3f:50:77:16:df:46:06:c3:09:bd:1b:65:
19:3d:01:6e:49:b4:c3:25:93:b3:86:12:52:f2:fa:af:4f:31:
97:f2:80:e2:7d:7b:0a:d7:af:4c:fb:b8:ae:22:8f:d5:07:80:
a5:ad:0f:0f:35:9e:a7:72:39:4a:5c:a5:20:f6:ab:11:aa:80:
c2:5c:12:0b:87:99:29:7b:fd:47:0a:56:56:33:b6:6b:13:9f:
00:e1:3f:fb:4b:21:21:57:14:66:1b:fe:e4:bf:c1:2f:bc:74:
cd:f0:e6:27:51:7e:b0:d6:f0:4e:07:6e:af:1d:5a:db:31:e3:
8d:0e:25:c5:8a:8c:35:88:41:76:12:ac:b6:e3:e8:59:8d:45:
4f:77:79:0f:6b:dd:2a:39:f9:fa:6e:0f:eb:f2:39:ea:ae:e8:
b6:8c:83:e3:14:25:6c:26:64:22:51:5e:da:0a:c9:27:0b:d7:
0d:80:0f:b7:11:18:d3:fe:33:04:61:3e:17:6c:f9:e5:cb:03:
d8:bb:30:23:81:8b:97:9e:5d:10:6c:f9:54:f1:66:8a:8c:e4:
dd:aa:ec:b9:53:90:e9:1b:a0:05:d3:a0:22:9d:a8:ee:e0:85:
16:ea:be:6e
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICCRcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0ExNDExMTAvBgNVBAUTKDEzQTQ3NUQ2QkUzQzJDN0FDNEE4REQzNzEwNjZBQTZD
MDE3NEZBM0QwHhcNMjUwMzI4MjA0MzA4WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02N2U3MDlkYy01NmVmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5dnqgW9l40lTNwc8CT78tVDkjQ5uWzS+Mazjw9DkUrlnB05JhTyQJ3S69jOt
OooUtmpaV8mzGfKpcvf8s3tfOjII5SHjVlin3uuIl0SrMJMvLsyUS4LJkVnzvukB
mNgay6JOB0xv5d625wWEL99X3HbiS67Zt0+YBUWy5Ga67C4flw0v+2tO/ep0YBD/
G35/2Dkp76coumaYnhN3ZZVIgtfcRFRSsbfTDEGhUKpzIi0NGBeVnZwfDd/uA0A7
MnAJYxNYIdCEohsqBPYV7jhnZneqcl4L0V+1QNOinv513LFcCLa8xMJBC41ieNBe
9mrV9UYNKVXmxKwMWPJJ7HwU1wIDAQABo4ICmzCCApcwHQYDVR0OBBYEFBY842y8
OGlqr8kuAMHFX5WoJtjCMB8GA1UdIwQYMBaAFBOkdda+PCx6xKjdNxBmqmwBdPo9
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDQTE0MS9BRUQxOERBODlF
NTUxMUVBOEREMTkwM0NDNEY5QUUwMi9FNlIxMXI0OExIckVxTjAzRUdhcWJBRjAt
ajAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0U2UjExcjQ4TEhyRXFOMDNFR2FxYkFGMC1qMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0ExNDEvQUVEMThEQTg5RTU1MTFFQThERDE5MDNDQzRGOUFFMDIvNkI1NzZDNDQ5
RTU3MTFFQUJDMTkzODQyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAFnFuoDBAHLXBgwDQYJKoZIhvcNAQELBQADggEBAEM6ANJS
5FkQ0f++3J+F+bdjCC275lDv9T9QdxbfRgbDCb0bZRk9AW5JtMMlk7OGElLy+q9P
MZfygOJ9ewrXr0z7uK4ij9UHgKWtDw81nqdyOUpcpSD2qxGqgMJcEguHmSl7/UcK
VlYztmsTnwDhP/tLISFXFGYb/uS/wS+8dM3w5idRfrDW8E4Hbq8dWtsx440OJcWK
jDWIQXYSrLbj6FmNRU93eQ9r3So5+fpuD+vyOequ6LaMg+MUJWwmZCJRXtoKyScL
1w2AD7cRGNP+MwRhPhds+eXLA9i7MCOBi5eeXRBs+VTxZoqM5N2q7LlTkOkboAXT
oCKdqO7ghRbqvm4=
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:23:03 2025 by rpki-client