Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D4325/ED8565E8812F11EB94D38132C4F9AE02/CE6FBAEE813111EBA15FAC34C4F9AE02.roa
File: CE6FBAEE813111EBA15FAC34C4F9AE02.roa (raw, json)
Hash identifier: aM+7gCUGE+qk8+F9OXTcC/AfNjJw372IOJzcraxEznU=
Subject key identifier: DA:D0:9B:B1:35:F3:51:3C:1B:57:4D:11:FB:57:94:36:40:FE:D2:FE
Certificate issuer: /CN=A91D4325/serialNumber=25FD5AC999B0395E6C0EBD561E1B1B88E0D60763
Certificate serial: 0605
Authority key identifier: 25:FD:5A:C9:99:B0:39:5E:6C:0E:BD:56:1E:1B:1B:88:E0:D6:07:63
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Jf1ayZmwOV5sDr1WHhsbiODWB2M.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D4325/ED8565E8812F11EB94D38132C4F9AE02/CE6FBAEE813111EBA15FAC34C4F9AE02.roa
Signing time: Wed 06 Nov 2024 22:21:31 +0000
ROA not before: Wed 06 Nov 2024 22:21:31 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 141397
IP address blocks: 103.198.24.0/24 maxlen: 24
103.198.25.0/24 maxlen: 24
2403:1280::/32 maxlen: 32
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1541 (0x605)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D4325
Validity
Not Before: Nov 6 22:21:31 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=672bebeb-c390
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:fd:52:42:17:0e:04:6c:d5:e2:ea:22:f7:fa:
97:7f:5e:16:d7:b2:5e:e8:ce:c7:27:c8:ef:ce:bd:
dd:80:66:a7:6d:e0:c8:79:5d:c9:71:8a:b4:ca:4a:
27:b5:6d:77:6f:fd:df:31:0d:73:24:be:40:ee:a1:
cd:fd:5a:2f:39:a3:7d:f5:8c:c9:02:80:52:38:1f:
01:9d:8b:32:d0:bc:c0:56:ae:a3:a9:34:00:d5:2b:
8d:99:13:ea:80:48:38:08:ec:17:7b:16:fd:2f:1b:
15:c9:c7:3a:9b:1b:df:07:b6:21:09:f8:ca:98:9d:
d2:ac:97:a3:8d:9e:f5:9b:f9:1d:a0:8d:52:6a:41:
91:3a:cd:ea:46:3f:38:5c:8b:a0:2d:f6:70:a2:ea:
a6:f2:7d:a3:27:d4:3d:9d:83:9c:e5:33:87:a5:ce:
6d:15:f9:4e:65:21:26:51:bf:4f:e6:9a:fb:3e:54:
13:f1:94:4d:5f:44:99:e3:ce:5c:67:7e:b9:68:15:
a8:a9:7c:28:09:aa:e1:57:2f:56:98:cc:3a:d1:ba:
c8:eb:6d:e1:4f:49:31:b1:4e:1c:2c:4d:db:ab:78:
f4:2d:11:b6:f6:3b:e6:ec:52:fe:e1:4a:f9:48:f7:
fb:f5:c1:49:d6:45:42:10:b7:80:15:a5:bf:98:1d:
66:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:D0:9B:B1:35:F3:51:3C:1B:57:4D:11:FB:57:94:36:40:FE:D2:FE
X509v3 Authority Key Identifier:
keyid:25:FD:5A:C9:99:B0:39:5E:6C:0E:BD:56:1E:1B:1B:88:E0:D6:07:63
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D4325/ED8565E8812F11EB94D38132C4F9AE02/Jf1ayZmwOV5sDr1WHhsbiODWB2M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Jf1ayZmwOV5sDr1WHhsbiODWB2M.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D4325/ED8565E8812F11EB94D38132C4F9AE02/CE6FBAEE813111EBA15FAC34C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.198.24.0/23
IPv6:
2403:1280::/32
Signature Algorithm: sha256WithRSAEncryption
33:60:20:5f:25:33:76:fc:27:9f:bf:ea:1b:29:bb:e6:53:ce:
24:a1:99:ce:ad:7a:ac:71:1e:ab:e5:2d:89:ec:1b:ee:dc:82:
ee:c8:2c:df:97:b5:63:ee:d7:b5:f4:e7:b6:e3:c5:60:49:fd:
c4:b9:a0:20:1d:ff:fc:01:8b:ab:7e:2e:d9:dc:8e:08:82:f4:
f8:ed:70:67:9d:ae:ad:68:6c:d6:73:08:b9:bb:3c:59:5d:b6:
a6:cd:0e:7f:bf:45:53:9a:69:4f:dc:c9:65:e9:13:27:57:4e:
91:e1:41:18:d6:8d:15:26:73:c7:f3:2c:8c:2a:8e:1f:d8:cf:
45:94:23:f1:78:14:71:96:d9:79:c0:07:d2:98:fd:d2:14:10:
57:cc:56:bb:95:11:f6:3f:81:f5:89:fa:d9:5c:6e:28:cf:10:
29:8f:0a:c2:54:3b:92:4b:d6:bc:2e:04:7b:53:c9:ac:39:6f:
1f:18:fd:8f:e6:f1:51:00:70:4e:88:00:dc:7e:04:1b:ba:e8:
a9:22:b3:cd:37:71:fe:52:b1:36:23:0f:19:b3:7f:90:f0:ff:
a7:e6:ab:d8:e7:80:02:bc:f1:07:12:4b:63:ef:58:ba:17:98:
72:be:ba:d8:62:1b:d0:59:ba:40:c0:12:bd:a3:0e:c8:8b:f3:
06:4c:a0:26
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICBgUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDQzMjUxMTAvBgNVBAUTKDI1RkQ1QUM5OTlCMDM5NUU2QzBFQkQ1NjFFMUIxQjg4
RTBENjA3NjMwHhcNMjQxMTA2MjIyMTMxWhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzJiZWJlYi1jMzkwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArP1SQhcOBGzV4uoi9/qXf14W17Je6M7HJ8jvzr3dgGanbeDIeV3JcYq0ykon
tW13b/3fMQ1zJL5A7qHN/VovOaN99YzJAoBSOB8BnYsy0LzAVq6jqTQA1SuNmRPq
gEg4COwXexb9LxsVycc6mxvfB7YhCfjKmJ3SrJejjZ71m/kdoI1SakGROs3qRj84
XIugLfZwouqm8n2jJ9Q9nYOc5TOHpc5tFflOZSEmUb9P5pr7PlQT8ZRNX0SZ485c
Z365aBWoqXwoCarhVy9WmMw60brI623hT0kxsU4cLE3bq3j0LRG29jvm7FL+4Ur5
SPf79cFJ1kVCELeAFaW/mB1mvQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFNrQm7E1
81E8G1dNEftXlDZA/tL+MB8GA1UdIwQYMBaAFCX9WsmZsDlebA69Vh4bG4jg1gdj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENDMyNS9FRDg1NjVFODgx
MkYxMUVCOTREMzgxMzJDNEY5QUUwMi9KZjFheVptd09WNXNEcjFXSGhzYmlPRFdC
Mk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0pmMWF5Wm13T1Y1c0RyMVdIaHNiaU9EV0IyTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDQzMjUvRUQ4NTY1RTg4MTJGMTFFQjk0RDM4MTMyQzRGOUFFMDIvQ0U2RkJBRUU4
MTMxMTFFQkExNUZBQzM0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAFnxhgwDQQCAAIwBwMFACQDEoAwDQYJKoZIhvcNAQELBQAD
ggEBADNgIF8lM3b8J5+/6hspu+ZTziShmc6teqxxHqvlLYnsG+7cgu7ILN+XtWPu
17X057bjxWBJ/cS5oCAd//wBi6t+LtncjgiC9PjtcGedrq1obNZzCLm7PFldtqbN
Dn+/RVOaaU/cyWXpEydXTpHhQRjWjRUmc8fzLIwqjh/Yz0WUI/F4FHGW2XnAB9KY
/dIUEFfMVruVEfY/gfWJ+tlcbijPECmPCsJUO5JL1rwuBHtTyaw5bx8Y/Y/m8VEA
cE6IANx+BBu66Kkis803cf5SsTYjDxmzf5Dw/6fmq9jngAK88QcSS2PvWLoXmHK+
uthiG9BZukDAEr2jDsiL8wZMoCY=
-----END CERTIFICATE-----
Generated at Sat Apr 5 01:50:43 2025 by rpki-client