Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D2258/638C3844CA8F11EC933AB211C4F9AE02/E27CA57ECA9111EC9F9A7513C4F9AE02.roa
File: E27CA57ECA9111EC9F9A7513C4F9AE02.roa (raw, json)
Hash identifier: C1ezUxuL3ClkX3BgQjjS1dTVihRitOogxbbsy9SR+JY=
Subject key identifier: 21:6C:21:F1:C5:D7:B1:3B:26:D4:EE:88:F7:67:29:24:E4:3B:B0:2E
Certificate issuer: /CN=A91D2258/serialNumber=F49A39D4308970E4702DF29F1D4DCF521F0A5135
Certificate serial: 02D6
Authority key identifier: F4:9A:39:D4:30:89:70:E4:70:2D:F2:9F:1D:4D:CF:52:1F:0A:51:35
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9Jo51DCJcORwLfKfHU3PUh8KUTU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D2258/638C3844CA8F11EC933AB211C4F9AE02/E27CA57ECA9111EC9F9A7513C4F9AE02.roa
Signing time: Sat 21 Dec 2024 01:03:38 +0000
ROA not before: Sat 21 Dec 2024 01:03:38 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 4826
IP address blocks: 103.42.19.0/24 maxlen: 24
103.157.84.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 726 (0x2d6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D2258
Validity
Not Before: Dec 21 01:03:38 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=676613e9-38d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:4f:9e:79:52:71:31:6d:5d:d4:44:64:e1:4d:
8c:04:f6:86:96:f3:9b:fa:83:63:2c:ff:60:48:a3:
5b:92:8d:e7:8d:7e:57:1d:43:b9:3e:57:da:c6:ba:
a3:e1:6f:67:14:5b:25:12:72:d1:fd:12:42:51:26:
b9:44:a4:9f:44:f6:22:1a:ba:0e:32:28:4b:05:f9:
5f:22:01:46:84:0c:1e:a8:a5:02:32:60:65:c4:54:
8a:f4:f1:b4:22:59:f4:ae:9e:0a:51:5d:35:f0:d4:
63:dd:d1:93:72:f3:e7:8c:d5:91:f7:14:ae:e3:cc:
0f:a3:53:8e:7f:b2:5e:fc:2d:99:d7:1c:c6:fa:70:
97:d2:eb:44:54:fc:17:04:e2:3b:35:c6:bf:f0:b0:
9e:84:be:c8:98:73:11:26:f5:45:e8:66:1e:56:e6:
00:9b:ce:ad:1a:dc:00:93:aa:da:88:c6:8f:0e:8d:
7c:08:12:b4:a1:f4:6a:e0:36:be:74:05:b0:ae:b6:
7c:c4:16:5b:5f:a8:14:cd:4c:95:e7:58:7d:d2:0a:
d6:9f:3d:87:d6:78:0b:98:a0:cb:ab:4a:7a:48:0c:
5e:75:60:2e:5c:80:05:f9:3e:69:c0:7f:45:cf:32:
8b:8c:f3:ea:27:7f:9c:b0:70:29:64:51:c1:38:d0:
88:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:6C:21:F1:C5:D7:B1:3B:26:D4:EE:88:F7:67:29:24:E4:3B:B0:2E
X509v3 Authority Key Identifier:
keyid:F4:9A:39:D4:30:89:70:E4:70:2D:F2:9F:1D:4D:CF:52:1F:0A:51:35
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D2258/638C3844CA8F11EC933AB211C4F9AE02/9Jo51DCJcORwLfKfHU3PUh8KUTU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9Jo51DCJcORwLfKfHU3PUh8KUTU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D2258/638C3844CA8F11EC933AB211C4F9AE02/E27CA57ECA9111EC9F9A7513C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.42.19.0/24
103.157.84.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:93:5e:63:0f:1d:15:bb:5b:01:d4:f3:3b:e9:80:d4:07:63:
ac:aa:1c:bf:42:02:39:ab:92:09:26:0a:06:15:56:f0:a9:94:
3d:67:e8:e8:9a:1f:96:b5:f9:24:fe:f8:6a:e1:da:90:f8:b2:
56:9f:38:6a:5b:14:08:eb:23:64:8e:cc:22:a0:e4:82:0f:8a:
10:4b:9e:ea:59:c2:19:56:63:85:7e:32:99:60:6b:42:e1:16:
4d:f3:41:20:70:2b:4a:53:0b:e8:42:eb:80:5e:7e:9a:b0:9e:
90:11:79:94:f8:0b:14:9a:e5:8c:8e:35:32:80:6a:5b:27:09:
51:ca:b7:83:8a:9a:c1:bb:71:93:aa:e2:8b:f9:6a:8a:f2:b7:
03:51:5c:c0:80:c8:64:09:ca:91:00:80:aa:0d:5c:4d:49:a9:
dd:59:09:1b:49:64:b9:f8:b2:71:a8:01:c7:a1:a9:52:aa:a5:
d7:70:cc:a4:a8:d5:50:4a:3b:66:6f:80:4a:28:cc:c6:f0:7e:
a9:46:9f:f5:83:cc:1c:a9:87:fa:05:73:53:62:6d:1e:1d:33:
c1:7c:41:eb:c6:c8:47:ef:80:b7:85:74:21:1f:f6:25:03:8c:
e5:e9:e6:23:ed:5b:69:12:e9:95:73:41:3c:34:16:df:aa:96:
e8:62:b7:4c
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICAtYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDIyNTgxMTAvBgNVBAUTKEY0OUEzOUQ0MzA4OTcwRTQ3MDJERjI5RjFENERDRjUy
MUYwQTUxMzUwHhcNMjQxMjIxMDEwMzM4WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzY2MTNlOS0zOGQ2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAy0+eeVJxMW1d1ERk4U2MBPaGlvOb+oNjLP9gSKNbko3njX5XHUO5Plfaxrqj
4W9nFFslEnLR/RJCUSa5RKSfRPYiGroOMihLBflfIgFGhAweqKUCMmBlxFSK9PG0
Iln0rp4KUV018NRj3dGTcvPnjNWR9xSu48wPo1OOf7Je/C2Z1xzG+nCX0utEVPwX
BOI7Nca/8LCehL7ImHMRJvVF6GYeVuYAm86tGtwAk6raiMaPDo18CBK0ofRq4Da+
dAWwrrZ8xBZbX6gUzUyV51h90grWnz2H1ngLmKDLq0p6SAxedWAuXIAF+T5pwH9F
zzKLjPPqJ3+csHApZFHBONCIewIDAQABo4ICmzCCApcwHQYDVR0OBBYEFCFsIfHF
17E7JtTuiPdnKSTkO7AuMB8GA1UdIwQYMBaAFPSaOdQwiXDkcC3ynx1Nz1IfClE1
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMjI1OC82MzhDMzg0NENB
OEYxMUVDOTMzQUIyMTFDNEY5QUUwMi85Sm81MURDSmNPUndMZktmSFUzUFVoOEtV
VFUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzlKbzUxRENKY09Sd0xmS2ZIVTNQVWg4S1VUVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDIyNTgvNjM4QzM4NDRDQThGMTFFQzkzM0FCMjExQzRGOUFFMDIvRTI3Q0E1N0VD
QTkxMTFFQzlGOUE3NTEzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBABnKhMDBABnnVQwDQYJKoZIhvcNAQELBQADggEBAC2TXmMP
HRW7WwHU8zvpgNQHY6yqHL9CAjmrkgkmCgYVVvCplD1n6OiaH5a1+ST++Grh2pD4
slafOGpbFAjrI2SOzCKg5IIPihBLnupZwhlWY4V+Mplga0LhFk3zQSBwK0pTC+hC
64BefpqwnpAReZT4CxSa5YyONTKAalsnCVHKt4OKmsG7cZOq4ov5aorytwNRXMCA
yGQJypEAgKoNXE1Jqd1ZCRtJZLn4snGoAcehqVKqpddwzKSo1VBKO2ZvgEoozMbw
fqlGn/WDzByph/oFc1NibR4dM8F8QevGyEfvgLeFdCEf9iUDjOXp5iPtW2kS6ZVz
QTw0Ft+qluhit0w=
-----END CERTIFICATE-----
Generated at Sat Apr 5 01:45:09 2025 by rpki-client