Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D0C8E/032E57B8743911ECB557236FC4F9AE02/FDEBCCB83FD811EF82C60D57C4F9AE02.roa
File: FDEBCCB83FD811EF82C60D57C4F9AE02.roa (raw, json)
Hash identifier: MSmcq58yu8XDPGZRI+2DBALebkyGW0B04LyaY7vi5Co=
Subject key identifier: 95:EB:00:24:B9:2C:FC:AB:96:2D:42:D7:FE:AA:36:D3:85:17:7C:9B
Certificate issuer: /CN=A91D0C8E/serialNumber=9535D76110B3C029C5855B4C174505AF6119F30C
Certificate serial: 037A
Authority key identifier: 95:35:D7:61:10:B3:C0:29:C5:85:5B:4C:17:45:05:AF:61:19:F3:0C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lTXXYRCzwCnFhVtMF0UFr2EZ8ww.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D0C8E/032E57B8743911ECB557236FC4F9AE02/FDEBCCB83FD811EF82C60D57C4F9AE02.roa
Signing time: Thu 11 Jul 2024 22:57:48 +0000
ROA not before: Thu 11 Jul 2024 22:57:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 133894
IP address blocks: 103.88.193.0/24 maxlen: 24
103.88.194.0/24 maxlen: 24
103.88.195.0/24 maxlen: 24
116.204.240.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 890 (0x37a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D0C8E
Validity
Not Before: Jul 11 22:57:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6690636b-56ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:1c:22:db:df:03:4d:8c:7b:a6:6c:31:22:80:
07:21:95:31:4b:dd:b0:7a:0b:8c:0d:9a:a4:af:c1:
27:3d:41:95:2b:82:c5:89:3f:06:4b:4d:1b:7b:90:
22:98:9e:60:72:c4:c7:58:9a:b2:b1:d9:61:d1:18:
ce:e5:3e:8e:ee:fb:d0:1e:1c:67:aa:14:03:11:c5:
30:d2:2d:19:db:45:30:db:0e:af:8b:78:0a:37:ab:
72:f2:96:99:0a:2c:2c:24:f9:dc:54:40:d2:74:21:
56:d4:e9:10:cf:f8:1d:16:c0:6c:d9:21:f0:f0:e8:
1d:e2:8f:16:d8:b5:93:93:d5:e1:df:89:27:14:ea:
65:e2:9e:13:44:8b:de:ce:39:44:68:b5:94:c1:6b:
c9:27:1b:94:76:22:fb:12:1f:41:aa:14:a3:bf:60:
7d:5e:16:71:44:3e:d9:dd:69:6a:e5:ed:e8:f9:83:
8a:b5:4d:f9:05:dc:c1:ec:c4:40:dd:4c:29:9f:3a:
2e:92:c8:c8:8b:d5:fc:3e:53:a8:8a:a8:22:92:73:
c0:28:c2:6b:a9:b5:37:4e:15:52:44:3f:d1:bf:55:
7b:0c:3d:d8:fc:d5:32:25:79:71:88:39:6a:55:43:
f5:97:67:34:22:69:77:24:34:43:52:9b:84:65:56:
0b:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:EB:00:24:B9:2C:FC:AB:96:2D:42:D7:FE:AA:36:D3:85:17:7C:9B
X509v3 Authority Key Identifier:
keyid:95:35:D7:61:10:B3:C0:29:C5:85:5B:4C:17:45:05:AF:61:19:F3:0C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D0C8E/032E57B8743911ECB557236FC4F9AE02/lTXXYRCzwCnFhVtMF0UFr2EZ8ww.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lTXXYRCzwCnFhVtMF0UFr2EZ8ww.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D0C8E/032E57B8743911ECB557236FC4F9AE02/FDEBCCB83FD811EF82C60D57C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.88.193.0-103.88.195.255
116.204.240.0/24
Signature Algorithm: sha256WithRSAEncryption
31:c5:ac:8f:84:98:50:20:86:36:1f:1f:08:ab:69:36:7c:98:
d4:e3:99:58:08:f8:b2:f8:d8:d9:b4:14:3a:5b:a9:96:67:8f:
7b:55:76:28:1b:e8:07:09:1e:bd:53:af:19:43:1e:3e:c5:14:
99:c3:50:5d:b1:13:60:07:58:57:3d:e6:fb:59:9f:04:aa:c4:
65:c6:04:67:ea:bf:1e:85:af:01:0d:16:36:f3:c7:05:9f:70:
66:d5:da:fd:1d:72:de:6c:6a:f6:5c:23:f1:8c:c3:97:ae:89:
5c:73:6e:86:da:42:05:c1:19:2a:67:79:bf:8b:e2:87:b0:d3:
a6:bc:83:3c:c0:22:3b:fa:57:7e:29:2a:b2:63:41:4b:83:2c:
80:67:ba:4f:d9:55:a6:7d:d5:3e:7f:c7:5d:49:fa:bd:e2:45:
d3:96:29:1a:50:d5:08:62:13:29:23:50:89:b4:71:87:02:e4:
a9:72:62:92:0d:2f:84:d8:1a:41:8d:d3:6e:e8:c2:29:b5:a4:
09:17:0a:63:7e:e6:1c:32:e9:7b:bd:db:0e:ce:fb:e8:26:a9:
0b:0a:43:1f:bb:2f:fd:80:da:b0:ac:b9:de:6d:08:23:e1:9c:
5e:73:a2:3d:5b:14:ba:3e:bc:03:40:bc:62:86:c6:db:b2:8b:
45:59:06:0e
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgICA3owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDBDOEUxMTAvBgNVBAUTKDk1MzVENzYxMTBCM0MwMjlDNTg1NUI0QzE3NDUwNUFG
NjExOUYzMEMwHhcNMjQwNzExMjI1NzQ4WhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjkwNjM2Yi01NmVhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAmhwi298DTYx7pmwxIoAHIZUxS92weguMDZqkr8EnPUGVK4LFiT8GS00be5Ai
mJ5gcsTHWJqysdlh0RjO5T6O7vvQHhxnqhQDEcUw0i0Z20Uw2w6vi3gKN6ty8paZ
CiwsJPncVEDSdCFW1OkQz/gdFsBs2SHw8Ogd4o8W2LWTk9Xh34knFOpl4p4TRIve
zjlEaLWUwWvJJxuUdiL7Eh9BqhSjv2B9XhZxRD7Z3Wlq5e3o+YOKtU35BdzB7MRA
3UwpnzouksjIi9X8PlOoiqgiknPAKMJrqbU3ThVSRD/Rv1V7DD3Y/NUyJXlxiDlq
VUP1l2c0Iml3JDRDUpuEZVYLhwIDAQABo4ICozCCAp8wHQYDVR0OBBYEFJXrACS5
LPyrli1C1/6qNtOFF3ybMB8GA1UdIwQYMBaAFJU112EQs8ApxYVbTBdFBa9hGfMM
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMEM4RS8wMzJFNTdCODc0
MzkxMUVDQjU1NzIzNkZDNEY5QUUwMi9sVFhYWVJDendDbkZoVnRNRjBVRnIyRVo4
d3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2xUWFhZUkN6d0NuRmhWdE1GMFVGcjJFWjh3dy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDBDOEUvMDMyRTU3Qjg3NDM5MTFFQ0I1NTcyMzZGQzRGOUFFMDIvRkRFQkNDQjgz
RkQ4MTFFRjgyQzYwRDU3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLQYIKwYBBQUHAQcBAf8E
HjAcMBoEAgABMBQwDAMEAGdYwQMEAmdYwAMEAHTM8DANBgkqhkiG9w0BAQsFAAOC
AQEAMcWsj4SYUCCGNh8fCKtpNnyY1OOZWAj4svjY2bQUOluplmePe1V2KBvoBwke
vVOvGUMePsUUmcNQXbETYAdYVz3m+1mfBKrEZcYEZ+q/HoWvAQ0WNvPHBZ9wZtXa
/R1y3mxq9lwj8YzDl66JXHNuhtpCBcEZKmd5v4vih7DTpryDPMAiO/pXfikqsmNB
S4MsgGe6T9lVpn3VPn/HXUn6veJF05YpGlDVCGITKSNQibRxhwLkqXJikg0vhNga
QY3TbujCKbWkCRcKY37mHDLpe73bDs776CapCwpDH7sv/YDasKy53m0II+GcXnOi
PVsUuj68A0C8YobG27KLRVkGDg==
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:03:07 2025 by rpki-client