Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DA252/F081716886DC11EA9BD3C466C4F9AE02/81E66AB486DD11EAA5DCD466C4F9AE02.roa
File: 81E66AB486DD11EAA5DCD466C4F9AE02.roa (raw, json)
Hash identifier: PABbUqoLwf3xZn77dm2ppG3YXtLL0LLzakgXhNUgKAg=
Subject key identifier: 2B:F2:32:D6:3D:50:5B:F4:83:F9:76:F0:84:83:C9:F3:68:6C:A8:A0
Certificate issuer: /CN=A91DA252/serialNumber=28F18EC749EA91B5A3299749F2ABE2788A10C691
Certificate serial: 0985
Authority key identifier: 28:F1:8E:C7:49:EA:91:B5:A3:29:97:49:F2:AB:E2:78:8A:10:C6:91
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KPGOx0nqkbWjKZdJ8qvieIoQxpE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DA252/F081716886DC11EA9BD3C466C4F9AE02/81E66AB486DD11EAA5DCD466C4F9AE02.roa
Signing time: Fri 14 Mar 2025 20:22:58 +0000
ROA not before: Fri 14 Mar 2025 20:22:58 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 136238
IP address blocks: 36.255.104.0/24 maxlen: 24
36.255.105.0/24 maxlen: 24
103.84.134.0/24 maxlen: 24
103.110.109.0/24 maxlen: 24
103.110.110.0/24 maxlen: 24
103.110.111.0/24 maxlen: 24
2001:df0:1f00::/48 maxlen: 48
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2437 (0x985)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DA252
Validity
Not Before: Mar 14 20:22:58 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67d49022-df67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:8d:a1:a2:13:ac:71:d4:45:fa:a5:9c:25:c7:
09:06:29:7c:b9:1f:37:69:be:13:d5:7d:f3:e3:71:
f1:a9:a0:13:34:7f:ed:26:94:ac:a8:ef:b1:e4:6c:
f5:64:67:09:2d:76:ae:12:c4:51:c3:94:33:d6:62:
f7:04:98:a4:20:01:30:9c:b2:f3:54:a1:58:d5:d2:
88:bb:26:41:15:38:06:3a:d4:8b:65:f9:d4:5b:fa:
dc:d8:81:9c:ac:af:bc:10:7d:7a:3a:3d:7d:4a:75:
f0:d7:cb:ca:ad:54:6b:40:dd:25:86:ee:b4:2e:05:
ba:71:01:e0:88:aa:89:7c:30:88:d0:1c:be:a4:8b:
59:02:0e:4a:3a:63:ed:92:2d:30:27:05:6f:5c:9c:
38:53:4b:10:83:c7:08:56:fd:fb:d7:a5:86:be:bf:
20:79:5b:14:ca:26:95:97:1e:de:55:49:07:5f:a1:
35:ef:ad:84:70:36:0b:59:05:6f:1d:06:6d:02:f8:
b7:a7:fc:86:c9:d9:34:b6:72:57:96:03:8e:80:09:
28:b1:2f:62:65:81:9f:83:3e:52:60:09:1b:91:27:
e3:75:6d:4c:0f:7f:b8:52:71:ce:7f:9c:fc:90:2b:
14:56:d1:ec:fb:28:92:b0:a7:98:16:70:75:6f:e1:
0a:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:F2:32:D6:3D:50:5B:F4:83:F9:76:F0:84:83:C9:F3:68:6C:A8:A0
X509v3 Authority Key Identifier:
keyid:28:F1:8E:C7:49:EA:91:B5:A3:29:97:49:F2:AB:E2:78:8A:10:C6:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DA252/F081716886DC11EA9BD3C466C4F9AE02/KPGOx0nqkbWjKZdJ8qvieIoQxpE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KPGOx0nqkbWjKZdJ8qvieIoQxpE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DA252/F081716886DC11EA9BD3C466C4F9AE02/81E66AB486DD11EAA5DCD466C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
36.255.104.0/23
103.84.134.0/24
103.110.109.0-103.110.111.255
IPv6:
2001:df0:1f00::/48
Signature Algorithm: sha256WithRSAEncryption
12:39:13:a1:1a:08:74:8e:b4:73:d6:b4:94:46:10:77:c0:c6:
4b:11:fc:8d:90:59:df:12:eb:40:45:09:15:66:b6:25:6a:19:
32:f2:74:c3:42:e6:e9:a8:90:aa:db:a1:33:68:06:cb:94:f2:
28:62:01:dd:01:e5:81:0c:d4:4c:5c:6e:97:47:51:fa:ef:73:
b6:1d:8f:ea:fc:41:3b:aa:31:88:0b:f2:05:92:a1:65:a0:2e:
9c:df:6e:63:15:33:3d:47:92:00:a1:c3:ab:18:00:16:c4:32:
e8:25:24:9c:ee:f4:bf:98:66:ae:a0:2a:48:54:79:1b:ba:44:
e8:c3:65:1a:64:d0:ed:10:54:96:7a:19:ac:15:fc:28:f0:d8:
36:0b:c4:8f:18:19:c5:02:0f:b3:44:f3:20:21:3e:70:c1:de:
09:77:e5:b8:00:87:91:18:1e:0a:8e:16:e9:1c:4f:86:74:22:
dc:e4:21:07:b5:a4:e6:e2:a2:0e:9b:91:de:60:8a:ca:09:89:
6f:ab:44:52:d7:36:d0:87:77:35:60:50:41:87:fc:12:a5:ed:
db:f8:16:2f:d7:38:c6:1a:88:52:ef:3b:d2:90:b7:42:74:92:
79:a5:74:86:ba:c9:20:9d:79:55:71:28:a3:8e:07:3d:81:ce:
c6:9e:01:3f
-----BEGIN CERTIFICATE-----
MIIFljCCBH6gAwIBAgICCYUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
REEyNTIxMTAvBgNVBAUTKDI4RjE4RUM3NDlFQTkxQjVBMzI5OTc0OUYyQUJFMjc4
OEExMEM2OTEwHhcNMjUwMzE0MjAyMjU4WhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2Q0OTAyMi1kZjY3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuY2hohOscdRF+qWcJccJBil8uR83ab4T1X3z43HxqaATNH/tJpSsqO+x5Gz1
ZGcJLXauEsRRw5Qz1mL3BJikIAEwnLLzVKFY1dKIuyZBFTgGOtSLZfnUW/rc2IGc
rK+8EH16Oj19SnXw18vKrVRrQN0lhu60LgW6cQHgiKqJfDCI0By+pItZAg5KOmPt
ki0wJwVvXJw4U0sQg8cIVv3716WGvr8geVsUyiaVlx7eVUkHX6E1762EcDYLWQVv
HQZtAvi3p/yGydk0tnJXlgOOgAkosS9iZYGfgz5SYAkbkSfjdW1MD3+4UnHOf5z8
kCsUVtHs+yiSsKeYFnB1b+EKCwIDAQABo4ICujCCArYwHQYDVR0OBBYEFCvyMtY9
UFv0g/l28ISDyfNobKigMB8GA1UdIwQYMBaAFCjxjsdJ6pG1oymXSfKr4niKEMaR
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQTI1Mi9GMDgxNzE2ODg2
REMxMUVBOUJEM0M0NjZDNEY5QUUwMi9LUEdPeDBucWtiV2pLWmRKOHF2aWVJb1F4
cEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tQR094MG5xa2JXaktaZEo4cXZpZUlvUXhwRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
REEyNTIvRjA4MTcxNjg4NkRDMTFFQTlCRDNDNDY2QzRGOUFFMDIvODFFNjZBQjQ4
NkREMTFFQUE1RENENDY2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRAYIKwYBBQUHAQcBAf8E
NTAzMCAEAgABMBoDBAEk/2gDBABnVIYwDAMEAGdubQMEBGduYDAPBAIAAjAJAwcA
IAEN8B8AMA0GCSqGSIb3DQEBCwUAA4IBAQASOROhGgh0jrRz1rSURhB3wMZLEfyN
kFnfEutARQkVZrYlahky8nTDQubpqJCq26EzaAbLlPIoYgHdAeWBDNRMXG6XR1H6
73O2HY/q/EE7qjGIC/IFkqFloC6c325jFTM9R5IAocOrGAAWxDLoJSSc7vS/mGau
oCpIVHkbukTow2UaZNDtEFSWehmsFfwo8Ng2C8SPGBnFAg+zRPMgIT5wwd4Jd+W4
AIeRGB4KjhbpHE+GdCLc5CEHtaTm4qIOm5HeYIrKCYlvq0RS1zbQh3c1YFBBh/wS
pe3b+BYv1zjGGohS7zvSkLdCdJJ5pXSGuskgnXlVcSijjgc9gc7GngE/
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:00:39 2025 by rpki-client