Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CB14D/30FE0AFEC4C611EAA8D5BE66C4F9AE02/C483C80CDE4011EFB4A11D5CC4F9AE02.roa
File: C483C80CDE4011EFB4A11D5CC4F9AE02.roa (raw, json)
Hash identifier: AnxZMWG1/qyOSRCk3a+YCfaArWrcp/mUCUyzTLKhm8g=
Subject key identifier: 0A:80:89:C1:73:7F:B2:CC:C0:DE:57:E7:9D:02:A2:30:F1:46:2F:BA
Certificate issuer: /CN=A91CB14D/serialNumber=16C662726F4A009133D6591664239E00C681A004
Certificate serial: BE
Authority key identifier: 16:C6:62:72:6F:4A:00:91:33:D6:59:16:64:23:9E:00:C6:81:A0:04
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FsZicm9KAJEz1lkWZCOeAMaBoAQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CB14D/30FE0AFEC4C611EAA8D5BE66C4F9AE02/C483C80CDE4011EFB4A11D5CC4F9AE02.roa
Signing time: Sun 02 Feb 2025 01:10:01 +0000
ROA not before: Sun 02 Feb 2025 01:10:01 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 137432
IP address blocks: 103.153.52.0/23 maxlen: 23
103.153.52.0/24 maxlen: 24
103.153.53.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 190 (0xbe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CB14D
Validity
Not Before: Feb 2 01:10:01 2025 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=679ec5e9-22eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:62:21:09:24:db:00:86:39:b2:d6:33:db:89:
b8:ed:06:40:8a:80:f1:06:c1:b1:6f:ec:86:31:94:
8f:ac:1b:49:a8:75:15:22:67:41:0f:70:dd:e1:76:
3c:7f:0b:2a:c8:94:3c:b5:54:81:f2:ba:e4:8b:32:
35:0f:1c:66:1f:37:0e:dd:2b:74:ed:43:63:fd:c1:
19:f5:f4:a1:68:f8:e5:63:35:f4:5f:71:a0:b6:60:
74:96:bc:3d:3e:ce:e2:b5:ac:23:3c:4c:c6:81:7f:
93:eb:57:a3:e9:e3:df:0a:9d:88:e6:c1:30:53:1f:
ab:a8:e4:a3:42:91:d6:31:bf:fb:c5:89:80:44:d4:
60:9a:ec:2e:5e:25:8c:9f:0f:f8:22:06:87:07:30:
03:85:7d:16:fd:0a:59:1a:85:94:0a:49:4f:85:25:
2a:1e:d4:a8:d3:30:d3:08:a2:df:05:d9:c7:38:79:
e8:5f:96:41:b9:37:76:08:59:11:32:d7:9f:0a:1c:
e5:5c:a8:e7:8e:42:74:ff:ca:bf:82:f1:dd:01:54:
5a:35:37:59:14:72:b7:d4:a7:7d:60:45:11:cf:c7:
05:54:45:9f:8b:ba:90:3f:4b:19:bd:b8:d3:5f:7e:
00:33:44:3f:b5:28:47:bf:ed:54:50:a3:e8:79:bb:
96:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:80:89:C1:73:7F:B2:CC:C0:DE:57:E7:9D:02:A2:30:F1:46:2F:BA
X509v3 Authority Key Identifier:
keyid:16:C6:62:72:6F:4A:00:91:33:D6:59:16:64:23:9E:00:C6:81:A0:04
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CB14D/30FE0AFEC4C611EAA8D5BE66C4F9AE02/FsZicm9KAJEz1lkWZCOeAMaBoAQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FsZicm9KAJEz1lkWZCOeAMaBoAQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CB14D/30FE0AFEC4C611EAA8D5BE66C4F9AE02/C483C80CDE4011EFB4A11D5CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.153.52.0/23
Signature Algorithm: sha256WithRSAEncryption
7d:bb:71:39:a0:87:aa:0c:2e:72:bd:a9:12:75:54:1b:6d:f6:
5d:e3:f4:0c:d0:4a:e3:9f:55:58:dc:e4:7c:ce:0a:56:31:23:
11:df:df:4b:b1:31:54:95:79:ad:58:24:a0:5e:f4:73:dc:d6:
05:6d:d7:0d:cf:49:67:76:af:b2:fd:a6:1a:cd:cc:19:65:42:
9a:7d:3b:3d:f8:7f:e3:6f:6b:d2:95:0f:16:88:bf:81:8f:c7:
f4:61:a2:92:c3:e3:46:1b:e7:08:7d:f2:f9:3f:be:19:f0:fe:
12:7d:89:b6:e5:18:a7:1e:98:f7:87:cc:29:7a:98:11:18:dc:
b3:6d:a6:59:11:e4:b1:7e:6b:d0:de:a2:64:ae:57:b7:e6:97:
03:6b:52:4c:b5:14:a3:69:b2:3a:22:d1:a0:47:38:3e:e4:8b:
62:eb:98:65:ad:7b:f7:2f:f1:a5:e8:ce:fa:45:3e:9d:e6:e1:
55:81:da:6b:fb:2b:ab:b1:cd:73:e0:8c:41:57:f3:94:2f:7b:
2d:ad:52:ec:24:bb:97:99:fe:fd:6e:ba:cd:c8:80:6d:3a:73:
28:db:05:56:3a:48:88:bd:d5:3a:99:8f:d6:68:62:b9:8a:16:
46:29:6f:fd:ff:ec:0a:02:4c:43:53:68:b5:83:b9:c9:78:91:
e2:25:48:5e
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAL4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0IxNEQxMTAvBgNVBAUTKDE2QzY2MjcyNkY0QTAwOTEzM0Q2NTkxNjY0MjM5RTAw
QzY4MUEwMDQwHhcNMjUwMjAyMDExMDAxWhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzllYzVlOS0yMmViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2GIhCSTbAIY5stYz24m47QZAioDxBsGxb+yGMZSPrBtJqHUVImdBD3Dd4XY8
fwsqyJQ8tVSB8rrkizI1DxxmHzcO3St07UNj/cEZ9fShaPjlYzX0X3GgtmB0lrw9
Ps7itawjPEzGgX+T61ej6ePfCp2I5sEwUx+rqOSjQpHWMb/7xYmARNRgmuwuXiWM
nw/4IgaHBzADhX0W/QpZGoWUCklPhSUqHtSo0zDTCKLfBdnHOHnoX5ZBuTd2CFkR
MtefChzlXKjnjkJ0/8q/gvHdAVRaNTdZFHK31Kd9YEURz8cFVEWfi7qQP0sZvbjT
X34AM0Q/tShHv+1UUKPoebuWVQIDAQABo4IClTCCApEwHQYDVR0OBBYEFAqAicFz
f7LMwN5X550CojDxRi+6MB8GA1UdIwQYMBaAFBbGYnJvSgCRM9ZZFmQjngDGgaAE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDQjE0RC8zMEZFMEFGRUM0
QzYxMUVBQThENUJFNjZDNEY5QUUwMi9Gc1ppY205S0FKRXoxbGtXWkNPZUFNYUJv
QVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZzWmljbTlLQUpFejFsa1daQ09lQU1hQm9BUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0IxNEQvMzBGRTBBRkVDNEM2MTFFQUE4RDVCRTY2QzRGOUFFMDIvQzQ4M0M4MENE
RTQwMTFFRkI0QTExRDVDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnmTQwDQYJKoZIhvcNAQELBQADggEBAH27cTmgh6oMLnK9
qRJ1VBtt9l3j9AzQSuOfVVjc5HzOClYxIxHf30uxMVSVea1YJKBe9HPc1gVt1w3P
SWd2r7L9phrNzBllQpp9Oz34f+Nva9KVDxaIv4GPx/RhopLD40Yb5wh98vk/vhnw
/hJ9ibblGKcemPeHzCl6mBEY3LNtplkR5LF+a9DeomSuV7fmlwNrUky1FKNpsjoi
0aBHOD7ki2LrmGWte/cv8aXozvpFPp3m4VWB2mv7K6uxzXPgjEFX85Qvey2tUuwk
u5eZ/v1uus3IgG06cyjbBVY6SIi91TqZj9ZoYrmKFkYpb/3/7AoCTENTaLWDucl4
keIlSF4=
-----END CERTIFICATE-----
Generated at Sat Apr 5 00:50:27 2025 by rpki-client