Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DC146/DAA76492AE0E11EB8ABA334DC4F9AE02/4BB44892AE1111EBB4C2DA11C4F9AE02.roa
File: 4BB44892AE1111EBB4C2DA11C4F9AE02.roa (raw, json)
Hash identifier: JNSnvB3lv0/9vnQPkUAqkaUeoo68hc8fXSyVzWlD/Po=
Subject key identifier: 95:BC:B6:E2:9D:F8:E0:1A:7B:C3:B1:A8:4D:C7:A9:2D:35:7E:FC:49
Certificate issuer: /CN=A91DC146/serialNumber=690C729F18390564D670B18F7774754E5D279951
Certificate serial: 05CC
Authority key identifier: 69:0C:72:9F:18:39:05:64:D6:70:B1:8F:77:74:75:4E:5D:27:99:51
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aQxynxg5BWTWcLGPd3R1Tl0nmVE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DC146/DAA76492AE0E11EB8ABA334DC4F9AE02/4BB44892AE1111EBB4C2DA11C4F9AE02.roa
Signing time: Thu 06 Mar 2025 23:13:51 +0000
ROA not before: Thu 06 Mar 2025 23:13:51 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 134241
IP address blocks: 103.148.246.0/23 maxlen: 23
103.148.246.0/24 maxlen: 24
103.148.247.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1484 (0x5cc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DC146
Validity
Not Before: Mar 6 23:13:51 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=67ca2c2e-479c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:79:65:1f:2c:fc:43:7c:10:b8:b7:fd:7f:b3:
f5:9e:6a:46:9c:73:0f:32:f4:d3:38:db:37:79:25:
cb:a7:9c:de:03:e9:cf:c6:98:d0:93:4a:db:44:ee:
34:5d:9e:55:68:84:45:5e:10:c8:00:52:ab:12:b8:
56:55:d9:91:35:90:0e:30:3e:f9:c2:96:c3:ea:7f:
15:67:05:e6:fb:c2:55:4a:99:c0:a5:79:cf:08:5a:
5c:29:3c:8f:08:f1:77:34:ad:e3:c4:e8:78:09:10:
0b:01:5f:cf:ae:7e:61:49:3c:87:bc:78:57:7e:4e:
ea:18:14:bd:39:4e:5d:2c:c5:d3:88:1d:b9:74:dc:
be:0d:b2:0a:a6:cb:69:13:92:3f:fa:6f:10:d7:ad:
23:c6:fa:d4:80:7a:d2:bf:eb:fb:4b:e8:f1:67:e5:
d3:70:3c:57:5f:a7:f8:7b:54:6c:6a:5b:ed:4f:43:
46:97:6b:0c:e7:00:dd:ba:8e:ca:34:84:b9:d5:0d:
7e:a1:46:fc:f3:0d:41:ae:e4:7b:0b:68:67:bf:a7:
12:2b:2b:80:6c:32:8b:8e:5e:31:6f:f5:e8:18:5b:
35:55:fc:8b:26:e2:65:d1:fa:d8:c8:5d:fa:16:c6:
ae:3d:b9:94:9b:bc:aa:8c:47:d8:90:d3:77:a1:c7:
a4:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:BC:B6:E2:9D:F8:E0:1A:7B:C3:B1:A8:4D:C7:A9:2D:35:7E:FC:49
X509v3 Authority Key Identifier:
keyid:69:0C:72:9F:18:39:05:64:D6:70:B1:8F:77:74:75:4E:5D:27:99:51
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DC146/DAA76492AE0E11EB8ABA334DC4F9AE02/aQxynxg5BWTWcLGPd3R1Tl0nmVE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aQxynxg5BWTWcLGPd3R1Tl0nmVE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DC146/DAA76492AE0E11EB8ABA334DC4F9AE02/4BB44892AE1111EBB4C2DA11C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.148.246.0/23
Signature Algorithm: sha256WithRSAEncryption
19:b5:9d:5d:32:5f:1f:44:84:77:37:bf:8d:c0:d5:a4:d8:e8:
88:80:44:fa:11:cc:6b:b1:67:bd:15:d5:39:c5:58:b3:9c:fc:
87:ee:29:8e:d3:1c:45:71:4d:49:5c:48:8b:67:db:64:e5:74:
6e:60:1f:a1:a6:3c:8b:ad:b8:9a:39:72:c1:bb:30:b0:3b:1b:
90:ad:ca:d5:a5:5a:33:3e:09:c7:9d:8f:5a:10:22:d5:a0:96:
ea:d2:35:65:dd:6b:6e:31:87:6f:f2:fd:b5:db:51:47:54:c7:
41:04:22:ae:08:12:69:99:7c:a5:95:1d:9e:24:06:d9:bd:99:
d6:e4:11:79:c7:3d:88:6e:ea:84:52:f2:ec:7c:a0:d4:13:0a:
47:69:d1:b7:f6:43:9c:6f:1c:ec:20:aa:c6:a2:88:96:4f:f3:
d2:00:33:e3:43:54:35:2b:e5:eb:48:5d:9b:35:fc:a9:c5:bf:
50:8e:66:d9:cc:04:c3:3e:01:d0:f7:22:94:05:77:a6:12:6c:
e2:36:07:a4:3e:65:4c:bf:05:1d:cd:54:1b:95:d7:63:2f:06:
59:62:9f:5c:d4:b3:fb:44:b7:84:53:11:73:07:c9:1a:55:5a:
58:2e:89:80:f3:3c:fc:9c:10:80:f4:98:e7:17:66:4b:23:bc:
44:b6:d0:ba
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBcwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
REMxNDYxMTAvBgNVBAUTKDY5MEM3MjlGMTgzOTA1NjRENjcwQjE4Rjc3NzQ3NTRF
NUQyNzk5NTEwHhcNMjUwMzA2MjMxMzUxWhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02N2NhMmMyZS00NzljMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2XllHyz8Q3wQuLf9f7P1nmpGnHMPMvTTONs3eSXLp5zeA+nPxpjQk0rbRO40
XZ5VaIRFXhDIAFKrErhWVdmRNZAOMD75wpbD6n8VZwXm+8JVSpnApXnPCFpcKTyP
CPF3NK3jxOh4CRALAV/Prn5hSTyHvHhXfk7qGBS9OU5dLMXTiB25dNy+DbIKpstp
E5I/+m8Q160jxvrUgHrSv+v7S+jxZ+XTcDxXX6f4e1RsalvtT0NGl2sM5wDduo7K
NIS51Q1+oUb88w1BruR7C2hnv6cSKyuAbDKLjl4xb/XoGFs1VfyLJuJl0frYyF36
FsauPbmUm7yqjEfYkNN3ocekiQIDAQABo4IClTCCApEwHQYDVR0OBBYEFJW8tuKd
+OAae8OxqE3HqS01fvxJMB8GA1UdIwQYMBaAFGkMcp8YOQVk1nCxj3d0dU5dJ5lR
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQzE0Ni9EQUE3NjQ5MkFF
MEUxMUVCOEFCQTMzNERDNEY5QUUwMi9hUXh5bnhnNUJXVFdjTEdQZDNSMVRsMG5t
VkUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2FReHlueGc1QldUV2NMR1BkM1IxVGwwbm1WRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
REMxNDYvREFBNzY0OTJBRTBFMTFFQjhBQkEzMzREQzRGOUFFMDIvNEJCNDQ4OTJB
RTExMTFFQkI0QzJEQTExQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnlPYwDQYJKoZIhvcNAQELBQADggEBABm1nV0yXx9EhHc3
v43A1aTY6IiARPoRzGuxZ70V1TnFWLOc/IfuKY7THEVxTUlcSItn22TldG5gH6Gm
PIutuJo5csG7MLA7G5CtytWlWjM+Ccedj1oQItWglurSNWXda24xh2/y/bXbUUdU
x0EEIq4IEmmZfKWVHZ4kBtm9mdbkEXnHPYhu6oRS8ux8oNQTCkdp0bf2Q5xvHOwg
qsaiiJZP89IAM+NDVDUr5etIXZs1/KnFv1COZtnMBMM+AdD3IpQFd6YSbOI2B6Q+
ZUy/BR3NVBuV12MvBllin1zUs/tEt4RTEXMHyRpVWlguiYDzPPycEID0mOcXZksj
vES20Lo=
-----END CERTIFICATE-----
Generated at Sat Apr 5 01:55:08 2025 by rpki-client