Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D5F2D/CD6D6E56989211EC8F93573BC4F9AE02/8F5EABBE919F11EDA7387A37C4F9AE02.roa
File: 8F5EABBE919F11EDA7387A37C4F9AE02.roa (raw, json)
Hash identifier: 8Wa5zRD8JBVDnPrtDrMM10W+ePzBdP7fVD0dPyvthC0=
Subject key identifier: EC:B3:8B:5F:19:FA:34:B8:33:7D:02:AD:34:B4:8C:6C:CD:51:FF:CE
Certificate issuer: /CN=A91D5F2D/serialNumber=A013B1388A3933BE106BEAEDDFE9F3B8346D3748
Certificate serial: 0377
Authority key identifier: A0:13:B1:38:8A:39:33:BE:10:6B:EA:ED:DF:E9:F3:B8:34:6D:37:48
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oBOxOIo5M74Qa-rt3-nzuDRtN0g.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D5F2D/CD6D6E56989211EC8F93573BC4F9AE02/8F5EABBE919F11EDA7387A37C4F9AE02.roa
Signing time: Tue 31 Dec 2024 00:43:01 +0000
ROA not before: Tue 31 Dec 2024 00:43:01 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 136166
IP address blocks: 103.82.176.0/22 maxlen: 25
2400:8740::/40 maxlen: 40
2400:8740:1000::/40 maxlen: 40
2400:8740:1000::/48 maxlen: 48
2400:8740:2000::/40 maxlen: 40
2400:8740:2000::/48 maxlen: 48
2400:8740:3000::/40 maxlen: 40
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 887 (0x377)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D5F2D
Validity
Not Before: Dec 31 00:43:01 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=67733e15-a1e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:16:35:0c:a1:b7:b4:86:e5:c5:fd:41:66:5b:
ac:ac:d6:4e:78:c4:5c:6d:3d:0f:09:3f:91:b1:ee:
e1:2b:ad:be:b0:7e:f8:24:c3:1e:98:8f:09:df:92:
87:60:af:e3:1c:51:90:c0:30:69:5c:18:17:95:51:
83:4d:c2:dc:fb:18:10:a6:d0:be:7f:ba:b5:92:22:
f6:77:3d:4e:a0:ee:e0:c2:30:87:c9:34:f7:d2:52:
3b:4f:27:38:97:d9:96:e5:78:ce:1a:7a:d0:ac:71:
cf:7e:38:7d:87:44:d0:67:e5:67:38:4c:87:86:08:
a0:c8:59:5c:8a:7b:a6:bb:41:6d:3c:d1:2b:de:dc:
ad:41:85:de:45:e2:c5:83:61:2e:69:c5:be:01:a5:
11:10:33:7f:d9:6b:fe:21:3f:34:02:d6:18:9d:e8:
ab:89:31:30:a4:a0:04:34:a8:17:dd:9c:ec:2a:c3:
10:44:d7:b3:73:2c:71:6e:07:f1:81:58:0d:ed:59:
5c:2f:26:0b:e1:3f:d6:38:33:6e:7c:92:9f:f6:e5:
91:4b:9f:7d:e8:97:42:f1:ee:2d:96:c9:ea:c4:23:
fc:d2:f0:ee:c1:c2:e2:5c:fb:48:be:4c:d1:f0:aa:
0b:59:3b:a5:56:80:02:bb:11:6f:51:3d:26:25:9a:
63:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:B3:8B:5F:19:FA:34:B8:33:7D:02:AD:34:B4:8C:6C:CD:51:FF:CE
X509v3 Authority Key Identifier:
keyid:A0:13:B1:38:8A:39:33:BE:10:6B:EA:ED:DF:E9:F3:B8:34:6D:37:48
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D5F2D/CD6D6E56989211EC8F93573BC4F9AE02/oBOxOIo5M74Qa-rt3-nzuDRtN0g.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oBOxOIo5M74Qa-rt3-nzuDRtN0g.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D5F2D/CD6D6E56989211EC8F93573BC4F9AE02/8F5EABBE919F11EDA7387A37C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.82.176.0/22
IPv6:
2400:8740::/40
2400:8740:1000::/40
2400:8740:2000::/40
2400:8740:3000::/40
Signature Algorithm: sha256WithRSAEncryption
39:9b:97:96:9e:57:e6:6c:8e:26:8a:a3:14:48:77:86:c8:a6:
ef:fc:fe:05:9d:00:e0:2c:78:4d:97:a6:8b:a0:10:8a:86:8f:
61:06:21:10:79:bb:e2:ab:7e:da:af:41:a4:88:18:ef:f8:10:
d7:30:ab:2b:0f:06:d4:24:b5:f0:e4:17:54:dd:12:df:d4:41:
1b:60:9a:78:02:01:d7:5b:0b:8e:a6:c2:64:28:82:4e:04:35:
15:2c:f2:35:1d:a5:27:94:b0:39:3e:7b:e6:f5:ce:40:a1:2b:
5d:44:f4:74:08:46:66:f8:01:5b:4b:bd:e5:d1:d2:2e:59:bc:
fa:e0:c6:03:44:ed:44:16:ac:9f:95:e7:3b:0e:17:c5:4b:dd:
f8:0a:51:60:9f:71:2e:fa:ca:4e:c6:9e:0b:97:e9:64:5f:81:
4f:15:e0:9a:0c:85:e0:25:e9:2b:ff:25:28:75:ef:a6:a6:b8:
79:05:5c:74:82:65:e4:35:ed:8a:47:1b:35:4e:c3:a0:ca:26:
ca:2c:44:21:85:45:94:b8:75:52:fb:01:32:7c:62:1a:25:bb:
4e:e1:1c:57:d4:ff:cc:69:13:8b:4c:c6:2d:69:f4:fc:3e:ad:
ab:b4:d4:be:89:81:3a:58:f5:e9:3e:1c:c9:86:80:4c:65:bb:
81:67:06:a6
-----BEGIN CERTIFICATE-----
MIIFmTCCBIGgAwIBAgICA3cwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDVGMkQxMTAvBgNVBAUTKEEwMTNCMTM4OEEzOTMzQkUxMDZCRUFFRERGRTlGM0I4
MzQ2RDM3NDgwHhcNMjQxMjMxMDA0MzAxWhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzczM2UxNS1hMWU2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4xY1DKG3tIblxf1BZlusrNZOeMRcbT0PCT+Rse7hK62+sH74JMMemI8J35KH
YK/jHFGQwDBpXBgXlVGDTcLc+xgQptC+f7q1kiL2dz1OoO7gwjCHyTT30lI7Tyc4
l9mW5XjOGnrQrHHPfjh9h0TQZ+VnOEyHhgigyFlcinumu0FtPNEr3tytQYXeReLF
g2EuacW+AaUREDN/2Wv+IT80AtYYneiriTEwpKAENKgX3ZzsKsMQRNezcyxxbgfx
gVgN7VlcLyYL4T/WODNufJKf9uWRS5996JdC8e4tlsnqxCP80vDuwcLiXPtIvkzR
8KoLWTulVoACuxFvUT0mJZpjdQIDAQABo4ICvTCCArkwHQYDVR0OBBYEFOyzi18Z
+jS4M30CrTS0jGzNUf/OMB8GA1UdIwQYMBaAFKATsTiKOTO+EGvq7d/p87g0bTdI
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENUYyRC9DRDZENkU1Njk4
OTIxMUVDOEY5MzU3M0JDNEY5QUUwMi9vQk94T0lvNU03NFFhLXJ0My1uenVEUnRO
MGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL29CT3hPSW81TTc0UWEtcnQzLW56dURSdE4wZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDVGMkQvQ0Q2RDZFNTY5ODkyMTFFQzhGOTM1NzNCQzRGOUFFMDIvOEY1RUFCQkU5
MTlGMTFFREE3Mzg3QTM3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRwYIKwYBBQUHAQcBAf8E
ODA2MAwEAgABMAYDBAJnUrAwJgQCAAIwIAMGACQAh0AAAwYAJACHQBADBgAkAIdA
IAMGACQAh0AwMA0GCSqGSIb3DQEBCwUAA4IBAQA5m5eWnlfmbI4miqMUSHeGyKbv
/P4FnQDgLHhNl6aLoBCKho9hBiEQebviq37ar0GkiBjv+BDXMKsrDwbUJLXw5BdU
3RLf1EEbYJp4AgHXWwuOpsJkKIJOBDUVLPI1HaUnlLA5Pnvm9c5AoStdRPR0CEZm
+AFbS73l0dIuWbz64MYDRO1EFqyflec7DhfFS934ClFgn3Eu+spOxp4Ll+lkX4FP
FeCaDIXgJekr/yUode+mprh5BVx0gmXkNe2KRxs1TsOgyibKLEQhhUWUuHVS+wEy
fGIaJbtO4RxX1P/MaROLTMYtafT8Pq2rtNS+iYE6WPXpPhzJhoBMZbuBZwam
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:37:11 2025 by rpki-client