Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D18DA/DE3894EC5EE911EB9F3B7F3DC4F9AE02/277A0A5A642B11EBBB477E4EC4F9AE02.roa
File: 277A0A5A642B11EBBB477E4EC4F9AE02.roa (raw, json)
Hash identifier: HVXaOsNZoPltolHevFPiB1XXc2ZtYhS+FxC+Zs4U1G4=
Subject key identifier: C2:45:D4:3B:94:98:5E:FA:C6:03:1F:19:AE:E6:6B:49:4D:25:1F:5D
Certificate issuer: /CN=A91D18DA/serialNumber=451226B3E977CF11961755B06937C1F7E735DC5E
Certificate serial: 0643
Authority key identifier: 45:12:26:B3:E9:77:CF:11:96:17:55:B0:69:37:C1:F7:E7:35:DC:5E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RRIms-l3zxGWF1WwaTfB9-c13F4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D18DA/DE3894EC5EE911EB9F3B7F3DC4F9AE02/277A0A5A642B11EBBB477E4EC4F9AE02.roa
Signing time: Sat 24 Aug 2024 23:11:56 +0000
ROA not before: Sat 24 Aug 2024 23:11:56 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 135175
IP address blocks: 103.155.84.0/24 maxlen: 24
103.155.85.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1603 (0x643)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D18DA
Validity
Not Before: Aug 24 23:11:56 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=66ca68bc-ebe0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:35:e6:3c:a6:d8:de:3c:9d:d1:8b:d9:e4:67:
84:ed:23:de:42:21:0f:92:f1:a8:3a:58:b5:a4:77:
05:aa:8e:f3:8d:75:93:23:31:db:a5:c6:f9:de:10:
88:b1:b4:f7:3f:02:34:93:64:f4:c0:83:da:8b:22:
2c:c1:b5:62:50:f8:62:6e:ba:d5:24:b1:2a:4b:24:
83:94:9a:db:b3:ed:8c:a7:b8:21:8d:26:14:a6:f3:
3c:9a:b2:92:3d:78:e8:58:42:75:c6:fa:f6:b5:d6:
72:30:e6:be:ac:47:36:46:1c:62:0b:0e:d4:1c:0e:
50:5e:b0:a3:b0:fe:00:0d:3f:d7:65:40:89:33:90:
ce:43:04:4d:47:39:cc:2c:a3:c2:db:4e:f7:33:25:
cb:b7:8e:4a:28:63:84:49:0b:d4:34:a7:9d:f3:a5:
37:b6:96:45:4d:07:4e:86:5d:7c:73:f0:48:6b:e9:
c6:4d:5d:02:ff:48:dc:21:e0:50:27:74:a7:5f:c7:
60:2a:e7:b0:c0:be:59:c8:2b:c3:d1:80:c3:5a:f7:
71:b0:ee:2c:ae:7c:f4:63:87:34:04:a3:90:36:eb:
19:fa:b5:40:7c:bf:dd:77:3a:22:30:69:25:ad:d5:
b2:22:b5:76:6d:05:7a:71:c4:26:67:56:4e:cb:65:
0e:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:45:D4:3B:94:98:5E:FA:C6:03:1F:19:AE:E6:6B:49:4D:25:1F:5D
X509v3 Authority Key Identifier:
keyid:45:12:26:B3:E9:77:CF:11:96:17:55:B0:69:37:C1:F7:E7:35:DC:5E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D18DA/DE3894EC5EE911EB9F3B7F3DC4F9AE02/RRIms-l3zxGWF1WwaTfB9-c13F4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RRIms-l3zxGWF1WwaTfB9-c13F4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D18DA/DE3894EC5EE911EB9F3B7F3DC4F9AE02/277A0A5A642B11EBBB477E4EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.155.84.0/23
Signature Algorithm: sha256WithRSAEncryption
43:42:58:70:6d:c2:c1:71:32:26:4a:ee:31:81:8c:7f:89:29:
56:b9:e3:33:9f:17:55:da:30:1c:67:ca:60:f1:95:14:e2:42:
63:7e:ca:5a:24:93:4e:57:ab:cc:09:c5:c1:59:12:21:ae:63:
6a:c5:43:88:6f:18:4d:0a:96:5a:95:d3:34:5e:78:16:d9:f6:
da:d6:75:e1:b8:23:a8:6a:50:3a:e0:03:80:48:f6:78:c5:59:
39:11:ec:fb:4b:7c:8c:07:fe:13:b7:24:fd:0d:f7:f7:c3:e4:
e3:29:e6:b9:2d:67:29:94:85:d5:8d:10:7e:8b:b9:26:ac:b3:
2d:02:88:1d:f4:47:07:54:41:9a:47:a2:f9:05:36:64:ea:2b:
42:25:a2:10:a4:97:7c:5f:1f:f8:08:25:04:08:8f:51:75:8b:
8b:aa:31:4a:23:06:23:3e:26:bd:ce:5d:8b:64:4a:c6:cc:0a:
e7:39:f0:0c:e6:0c:30:b9:36:68:3c:48:10:24:aa:4d:68:be:
9e:a1:93:4b:42:6c:a7:da:b6:f9:0a:51:62:e2:7d:21:60:01:
b4:5f:fc:7e:df:f8:c8:f2:2e:cc:01:f0:7d:6f:8e:35:b9:7a:
35:93:ba:2f:8f:3e:f7:8c:a7:48:d7:14:82:d8:ef:fe:bb:e7:
69:0b:11:66
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBkMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDE4REExMTAvBgNVBAUTKDQ1MTIyNkIzRTk3N0NGMTE5NjE3NTVCMDY5MzdDMUY3
RTczNURDNUUwHhcNMjQwODI0MjMxMTU2WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmNhNjhiYy1lYmUwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApzXmPKbY3jyd0YvZ5GeE7SPeQiEPkvGoOli1pHcFqo7zjXWTIzHbpcb53hCI
sbT3PwI0k2T0wIPaiyIswbViUPhibrrVJLEqSySDlJrbs+2Mp7ghjSYUpvM8mrKS
PXjoWEJ1xvr2tdZyMOa+rEc2RhxiCw7UHA5QXrCjsP4ADT/XZUCJM5DOQwRNRznM
LKPC2073MyXLt45KKGOESQvUNKed86U3tpZFTQdOhl18c/BIa+nGTV0C/0jcIeBQ
J3SnX8dgKuewwL5ZyCvD0YDDWvdxsO4srnz0Y4c0BKOQNusZ+rVAfL/ddzoiMGkl
rdWyIrV2bQV6ccQmZ1ZOy2UOeQIDAQABo4IClTCCApEwHQYDVR0OBBYEFMJF1DuU
mF76xgMfGa7ma0lNJR9dMB8GA1UdIwQYMBaAFEUSJrPpd88RlhdVsGk3wffnNdxe
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMThEQS9ERTM4OTRFQzVF
RTkxMUVCOUYzQjdGM0RDNEY5QUUwMi9SUkltcy1sM3p4R1dGMVd3YVRmQjktYzEz
RjQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1JSSW1zLWwzenhHV0YxV3dhVGZCOS1jMTNGNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDE4REEvREUzODk0RUM1RUU5MTFFQjlGM0I3RjNEQzRGOUFFMDIvMjc3QTBBNUE2
NDJCMTFFQkJCNDc3RTRFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnm1QwDQYJKoZIhvcNAQELBQADggEBAENCWHBtwsFxMiZK
7jGBjH+JKVa54zOfF1XaMBxnymDxlRTiQmN+ylokk05Xq8wJxcFZEiGuY2rFQ4hv
GE0KllqV0zReeBbZ9trWdeG4I6hqUDrgA4BI9njFWTkR7PtLfIwH/hO3JP0N9/fD
5OMp5rktZymUhdWNEH6LuSassy0CiB30RwdUQZpHovkFNmTqK0IlohCkl3xfH/gI
JQQIj1F1i4uqMUojBiM+Jr3OXYtkSsbMCuc58AzmDDC5Nmg8SBAkqk1ovp6hk0tC
bKfatvkKUWLifSFgAbRf/H7f+MjyLswB8H1vjjW5ejWTui+PPveMp0jXFILY7/67
52kLEWY=
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:18:06 2025 by rpki-client