Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D624F/0B913B0EB46F11EAA7FC8A09C4F9AE02/E43DC97CB46F11EA889ACA09C4F9AE02.roa
File: E43DC97CB46F11EA889ACA09C4F9AE02.roa (raw, json)
Hash identifier: 7qPOEKIxNomgCIWc/yHC1zpaUnhuR5qP+cJAyuTEkQ0=
Subject key identifier: 36:B6:D7:1F:F3:D6:2A:97:C7:68:CF:A5:F9:62:26:8B:C7:4B:93:78
Certificate issuer: /CN=A91D624F/serialNumber=CF3B13D3B498123895467FBF8AE4EDBFE3C93D78
Certificate serial: 0829
Authority key identifier: CF:3B:13:D3:B4:98:12:38:95:46:7F:BF:8A:E4:ED:BF:E3:C9:3D:78
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zzsT07SYEjiVRn-_iuTtv-PJPXg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D624F/0B913B0EB46F11EAA7FC8A09C4F9AE02/E43DC97CB46F11EA889ACA09C4F9AE02.roa
Signing time: Wed 31 Jul 2024 21:49:13 +0000
ROA not before: Wed 31 Jul 2024 21:49:13 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 136749
IP address blocks: 103.95.32.0/22 maxlen: 24
2401:5640::/32 maxlen: 32
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2089 (0x829)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D624F
Validity
Not Before: Jul 31 21:49:13 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=66aab159-9aed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:e9:b7:ba:76:73:a5:3d:95:a7:1f:8b:75:71:
ef:ec:14:9c:f5:98:81:aa:95:7f:20:81:70:7b:50:
34:80:eb:bb:02:46:cc:2d:aa:e9:db:28:20:86:29:
9b:1a:b4:f5:71:13:ce:02:2a:a4:c9:09:54:68:56:
70:6b:82:9c:ff:86:f9:8d:cb:26:57:b2:52:69:fc:
22:4a:40:9c:77:f0:f2:61:38:5d:5a:8d:41:46:ac:
42:39:8d:21:d9:c1:9b:8f:82:62:4f:13:3c:fd:06:
75:ce:f1:06:be:cc:a7:84:0b:80:b4:3d:5c:45:34:
13:fa:b7:7f:56:64:f6:7a:57:c5:c6:f5:20:ad:ba:
60:de:d0:70:66:e8:9e:47:e2:aa:21:ee:94:c3:ee:
be:fc:b3:56:24:f3:cb:f3:7c:14:34:99:3a:d5:d5:
c6:21:7f:0f:85:65:05:de:25:a9:80:06:eb:3c:b3:
f8:92:b4:e2:90:9a:52:b7:87:9b:9a:15:57:1d:c6:
8f:c2:a7:8b:10:0f:42:6a:70:3b:a6:1d:95:d2:9a:
5d:ab:5e:de:37:fb:23:b6:0b:04:0d:f0:ff:e6:da:
e8:8b:c9:45:40:7d:bd:8d:70:41:80:19:20:c6:ab:
fd:4a:84:f3:38:fe:36:23:8d:4d:e6:f4:3b:22:88:
70:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:B6:D7:1F:F3:D6:2A:97:C7:68:CF:A5:F9:62:26:8B:C7:4B:93:78
X509v3 Authority Key Identifier:
keyid:CF:3B:13:D3:B4:98:12:38:95:46:7F:BF:8A:E4:ED:BF:E3:C9:3D:78
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D624F/0B913B0EB46F11EAA7FC8A09C4F9AE02/zzsT07SYEjiVRn-_iuTtv-PJPXg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zzsT07SYEjiVRn-_iuTtv-PJPXg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D624F/0B913B0EB46F11EAA7FC8A09C4F9AE02/E43DC97CB46F11EA889ACA09C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.95.32.0/22
IPv6:
2401:5640::/32
Signature Algorithm: sha256WithRSAEncryption
b4:94:d6:2f:58:e1:ac:13:77:e8:e0:1e:1f:0a:1a:c9:8d:f1:
65:5a:bf:fa:51:83:5d:b2:95:0e:bd:22:e1:66:80:a2:57:92:
69:93:2f:96:b5:72:1b:1d:e3:1f:46:33:c9:9f:d8:93:24:ca:
cb:3e:db:ae:1d:58:2e:66:a4:86:16:71:70:5e:ea:6c:d4:5d:
84:7c:b6:6d:94:d8:58:56:7b:7a:a3:cf:20:d0:69:2a:e9:39:
32:71:b8:4c:a7:0d:cc:87:c2:b4:21:f8:87:44:75:ee:23:02:
6c:ce:89:a9:f0:07:94:31:89:a4:b2:b6:eb:3c:b4:8d:84:70:
2b:e2:fa:e3:53:63:44:47:02:f9:6e:63:fa:fd:1e:38:b4:eb:
c2:57:c4:6f:0d:9c:14:4e:82:6c:a9:8a:f8:84:bc:e5:24:b6:
0f:14:42:92:fd:5c:9f:dc:8c:96:c5:05:a9:27:fa:4c:87:46:
7f:ad:ca:1c:f9:f1:04:23:32:d5:bd:da:2e:7e:9f:9d:64:a4:
f8:d5:7d:31:98:b5:10:eb:72:e3:fe:c5:4a:2f:f8:d7:47:67:
4c:fb:aa:56:ef:f3:da:f2:ac:c9:d0:03:ac:cb:44:87:d4:df:
f0:79:84:91:19:6f:f4:ca:0a:3b:67:6a:0f:be:a3:39:32:48:
a6:c7:37:62
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICCCkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDYyNEYxMTAvBgNVBAUTKENGM0IxM0QzQjQ5ODEyMzg5NTQ2N0ZCRjhBRTRFREJG
RTNDOTNENzgwHhcNMjQwNzMxMjE0OTEzWhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmFhYjE1OS05YWVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2em3unZzpT2Vpx+LdXHv7BSc9ZiBqpV/IIFwe1A0gOu7AkbMLarp2ygghimb
GrT1cRPOAiqkyQlUaFZwa4Kc/4b5jcsmV7JSafwiSkCcd/DyYThdWo1BRqxCOY0h
2cGbj4JiTxM8/QZ1zvEGvsynhAuAtD1cRTQT+rd/VmT2elfFxvUgrbpg3tBwZuie
R+KqIe6Uw+6+/LNWJPPL83wUNJk61dXGIX8PhWUF3iWpgAbrPLP4krTikJpSt4eb
mhVXHcaPwqeLEA9CanA7ph2V0ppdq17eN/sjtgsEDfD/5troi8lFQH29jXBBgBkg
xqv9SoTzOP42I41N5vQ7Iohw0QIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFDa21x/z
1iqXx2jPpfliJovHS5N4MB8GA1UdIwQYMBaAFM87E9O0mBI4lUZ/v4rk7b/jyT14
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENjI0Ri8wQjkxM0IwRUI0
NkYxMUVBQTdGQzhBMDlDNEY5QUUwMi96enNUMDdTWUVqaVZSbi1faXVUdHYtUEpQ
WGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3p6c1QwN1NZRWppVlJuLV9pdVR0di1QSlBYZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RDYyNEYvMEI5MTNCMEVCNDZGMTFFQUE3RkM4QTA5QzRGOUFFMDIvRTQzREM5N0NC
NDZGMTFFQTg4OUFDQTA5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAJnXyAwDQQCAAIwBwMFACQBVkAwDQYJKoZIhvcNAQELBQAD
ggEBALSU1i9Y4awTd+jgHh8KGsmN8WVav/pRg12ylQ69IuFmgKJXkmmTL5a1chsd
4x9GM8mf2JMkyss+264dWC5mpIYWcXBe6mzUXYR8tm2U2FhWe3qjzyDQaSrpOTJx
uEynDcyHwrQh+IdEde4jAmzOianwB5QxiaSytus8tI2EcCvi+uNTY0RHAvluY/r9
Hji068JXxG8NnBROgmypiviEvOUktg8UQpL9XJ/cjJbFBakn+kyHRn+tyhz58QQj
MtW92i5+n51kpPjVfTGYtRDrcuP+xUov+NdHZ0z7qlbv89ryrMnQA6zLRIfU3/B5
hJEZb/TKCjtnag++ozkySKbHN2I=
-----END CERTIFICATE-----
Generated at Sat Apr 5 01:58:05 2025 by rpki-client