Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CD98D/461457B4500C11EBA72DBE24C4F9AE02/44E601A48AE411EB9FA47119C4F9AE02.roa
File: 44E601A48AE411EB9FA47119C4F9AE02.roa (raw, json)
Hash identifier: 3R6YoDZW1C1Bqy4OLDxnImm+ghDMXTGayV4irvmHJ9s=
Subject key identifier: 35:F6:BC:07:82:83:D6:04:6A:70:56:FE:B4:B1:2E:3F:CD:50:7C:B1
Certificate issuer: /CN=A91CD98D/serialNumber=BFE461375DC223D4F7B27055E2B34745FE6101D4
Certificate serial: 06CC
Authority key identifier: BF:E4:61:37:5D:C2:23:D4:F7:B2:70:55:E2:B3:47:45:FE:61:01:D4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/v-RhN13CI9T3snBV4rNHRf5hAdQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CD98D/461457B4500C11EBA72DBE24C4F9AE02/44E601A48AE411EB9FA47119C4F9AE02.roa
Signing time: Sun 02 Feb 2025 22:01:40 +0000
ROA not before: Sun 02 Feb 2025 22:01:40 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 134506
IP address blocks: 103.161.106.0/23 maxlen: 23
103.161.106.0/24 maxlen: 24
103.161.107.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1740 (0x6cc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CD98D
Validity
Not Before: Feb 2 22:01:40 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=679feb43-6866
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:f5:82:f7:a0:52:d9:62:b9:31:af:79:af:58:
e6:e3:e9:5e:e1:98:ec:89:f2:c4:d9:3c:bc:f8:5b:
af:e3:cb:5d:e1:28:d4:c9:0f:88:3f:a1:79:ec:ee:
9b:2a:85:e4:66:b8:1b:65:78:6c:be:e4:7c:8e:e1:
a5:0a:2a:1e:ae:92:a5:8e:5e:01:13:8a:91:32:0a:
f9:8e:b7:b1:b8:31:dd:ad:20:58:67:f7:dc:62:4b:
96:f2:39:21:ff:72:a6:6e:22:e0:7f:68:b8:30:28:
8e:07:1b:9d:87:9a:6b:76:24:3f:4f:d8:88:49:e4:
bd:7f:84:ca:d8:f3:da:68:21:0f:76:6c:0c:bf:d4:
cf:4b:52:6c:16:f7:10:9a:c9:a3:f9:59:dd:b5:22:
82:2e:12:69:ad:b4:b3:4c:87:df:43:fb:d9:3f:6e:
d0:80:b8:48:85:04:21:4f:bf:3e:8e:f1:c8:2d:64:
f7:3a:11:42:cc:61:77:40:5d:fc:a7:98:2f:00:0a:
ca:85:07:97:a8:87:58:3c:19:27:6d:94:8c:51:13:
92:a9:14:bd:c1:d9:ed:44:4a:db:ae:34:01:af:03:
76:d2:78:1a:20:32:99:56:69:e2:93:a0:77:9a:c8:
71:3f:37:67:6c:9f:32:1f:ee:8d:a3:8b:63:5f:a3:
f3:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:F6:BC:07:82:83:D6:04:6A:70:56:FE:B4:B1:2E:3F:CD:50:7C:B1
X509v3 Authority Key Identifier:
keyid:BF:E4:61:37:5D:C2:23:D4:F7:B2:70:55:E2:B3:47:45:FE:61:01:D4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CD98D/461457B4500C11EBA72DBE24C4F9AE02/v-RhN13CI9T3snBV4rNHRf5hAdQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/v-RhN13CI9T3snBV4rNHRf5hAdQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CD98D/461457B4500C11EBA72DBE24C4F9AE02/44E601A48AE411EB9FA47119C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.161.106.0/23
Signature Algorithm: sha256WithRSAEncryption
79:54:8b:ef:0e:35:0c:7c:80:9e:e9:6a:35:b7:74:db:fd:11:
d5:c2:04:48:40:6f:49:8c:9d:58:fb:05:a3:2b:f1:55:f6:6c:
d2:2c:29:aa:17:fc:e7:79:df:58:3c:a0:64:4f:0d:8b:80:04:
29:5a:83:bc:6e:90:b0:b7:28:00:e4:16:b6:60:56:94:49:68:
b0:69:52:80:84:70:a0:71:5e:a0:f5:99:3d:ed:f9:e0:b6:e5:
48:03:ad:17:4e:43:42:77:76:9c:28:34:3c:c3:fe:c3:29:88:
43:c4:1b:5c:aa:3f:73:35:d9:88:b5:f8:38:b3:f9:0a:23:69:
7c:d7:aa:03:21:2a:48:97:f8:6a:88:ae:3e:1d:5e:05:fa:1d:
1c:17:03:e3:72:29:b4:41:3d:dc:35:d2:1b:2b:d5:f2:ee:98:
2a:dc:47:fe:c4:fd:15:df:e4:2b:56:38:69:7a:9a:e2:ce:68:
41:79:bf:01:32:7e:47:db:5f:2d:de:b6:d1:ae:16:92:cd:2e:
0d:33:84:d2:74:18:4c:ba:d5:1d:c1:9d:6f:ed:5a:50:28:23:
f0:ff:fd:5b:15:aa:ab:15:a3:7d:6a:f9:08:af:0e:21:4c:89:
6d:69:b8:2c:32:4c:70:15:96:15:7d:23:91:58:a2:f8:a7:a2:
f4:6a:a2:1f
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBswwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0Q5OEQxMTAvBgNVBAUTKEJGRTQ2MTM3NURDMjIzRDRGN0IyNzA1NUUyQjM0NzQ1
RkU2MTAxRDQwHhcNMjUwMjAyMjIwMTQwWhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzlmZWI0My02ODY2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsPWC96BS2WK5Ma95r1jm4+le4ZjsifLE2Ty8+Fuv48td4SjUyQ+IP6F57O6b
KoXkZrgbZXhsvuR8juGlCioerpKljl4BE4qRMgr5jrexuDHdrSBYZ/fcYkuW8jkh
/3KmbiLgf2i4MCiOBxudh5prdiQ/T9iISeS9f4TK2PPaaCEPdmwMv9TPS1JsFvcQ
msmj+VndtSKCLhJprbSzTIffQ/vZP27QgLhIhQQhT78+jvHILWT3OhFCzGF3QF38
p5gvAArKhQeXqIdYPBknbZSMUROSqRS9wdntRErbrjQBrwN20ngaIDKZVmnik6B3
mshxPzdnbJ8yH+6No4tjX6PzqwIDAQABo4IClTCCApEwHQYDVR0OBBYEFDX2vAeC
g9YEanBW/rSxLj/NUHyxMB8GA1UdIwQYMBaAFL/kYTddwiPU97JwVeKzR0X+YQHU
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRDk4RC80NjE0NTdCNDUw
MEMxMUVCQTcyREJFMjRDNEY5QUUwMi92LVJoTjEzQ0k5VDNzbkJWNHJOSFJmNWhB
ZFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3YtUmhOMTNDSTlUM3NuQlY0ck5IUmY1aEFkUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0Q5OEQvNDYxNDU3QjQ1MDBDMTFFQkE3MkRCRTI0QzRGOUFFMDIvNDRFNjAxQTQ4
QUU0MTFFQjlGQTQ3MTE5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnoWowDQYJKoZIhvcNAQELBQADggEBAHlUi+8ONQx8gJ7p
ajW3dNv9EdXCBEhAb0mMnVj7BaMr8VX2bNIsKaoX/Od531g8oGRPDYuABClag7xu
kLC3KADkFrZgVpRJaLBpUoCEcKBxXqD1mT3t+eC25UgDrRdOQ0J3dpwoNDzD/sMp
iEPEG1yqP3M12Yi1+Diz+QojaXzXqgMhKkiX+GqIrj4dXgX6HRwXA+NyKbRBPdw1
0hsr1fLumCrcR/7E/RXf5CtWOGl6muLOaEF5vwEyfkfbXy3ettGuFpLNLg0zhNJ0
GEy61R3BnW/tWlAoI/D//VsVqqsVo31q+QivDiFMiW1puCwyTHAVlhV9I5FYovin
ovRqoh8=
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:20:34 2025 by rpki-client