Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DEB81/CF9663C670F711ECB318E43AC4F9AE02/1FBEA1EEDE9711EC9289256FC4F9AE02.roa
File: 1FBEA1EEDE9711EC9289256FC4F9AE02.roa (raw, json)
Hash identifier: wFyDTsNGRzgAv8mhqHHalbGpjw+H79Gqqrm8IklHVfE=
Subject key identifier: D0:11:DC:4F:0A:F2:71:41:45:62:A6:6F:21:86:6C:08:B7:17:F8:2A
Certificate issuer: /CN=A91DEB81/serialNumber=7776612A43C22D0A66B8F13680B3058BED5D9892
Certificate serial: 03F0
Authority key identifier: 77:76:61:2A:43:C2:2D:0A:66:B8:F1:36:80:B3:05:8B:ED:5D:98:92
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d3ZhKkPCLQpmuPE2gLMFi-1dmJI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DEB81/CF9663C670F711ECB318E43AC4F9AE02/1FBEA1EEDE9711EC9289256FC4F9AE02.roa
Signing time: Sun 15 Dec 2024 00:33:28 +0000
ROA not before: Sun 15 Dec 2024 00:33:28 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 137427
IP address blocks: 103.254.73.0/24 maxlen: 24
192.197.113.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1008 (0x3f0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DEB81
Validity
Not Before: Dec 15 00:33:28 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=675e23d8-4284
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:0f:4e:3a:ab:09:19:0f:b9:1a:a1:ae:78:c5:
00:3f:d7:1b:d2:19:56:37:ef:02:2c:ff:b6:bb:02:
08:36:bc:d9:34:d1:3a:75:bf:3e:86:ed:a4:95:6a:
3a:da:07:bb:75:91:a3:37:dc:2e:b9:38:a7:bf:67:
8b:9a:6e:02:af:fa:d0:30:44:cc:3f:6f:f4:27:93:
59:1f:34:39:b4:0d:b8:8d:b4:bf:16:74:a6:a5:ff:
f0:7e:2a:b9:19:eb:77:01:f9:ea:2a:5b:7e:ca:9c:
a6:fb:87:b1:48:15:87:e1:95:f2:cc:df:12:52:ff:
d5:39:c9:2a:b5:b3:77:60:2c:e3:c2:83:61:40:0f:
88:9f:00:4e:54:cb:fd:c2:f7:e6:03:0e:0b:40:08:
ec:26:26:13:48:f5:b8:81:a8:09:9d:24:34:aa:0f:
6b:a7:9b:8e:62:d0:4e:3c:80:29:20:3e:fd:b6:3b:
26:9a:5e:a8:38:db:0c:f7:a5:e1:30:98:0f:e0:cc:
5a:58:bf:eb:ce:06:1c:32:82:11:6c:b2:ae:40:e9:
1f:f3:1d:37:23:ce:e8:08:52:69:1c:85:cf:44:ee:
78:00:be:21:50:d4:26:86:fb:a5:dd:63:ef:df:43:
fb:cf:53:33:1d:83:f9:5f:3b:ad:dd:b8:d2:c4:7a:
fd:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:11:DC:4F:0A:F2:71:41:45:62:A6:6F:21:86:6C:08:B7:17:F8:2A
X509v3 Authority Key Identifier:
keyid:77:76:61:2A:43:C2:2D:0A:66:B8:F1:36:80:B3:05:8B:ED:5D:98:92
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DEB81/CF9663C670F711ECB318E43AC4F9AE02/d3ZhKkPCLQpmuPE2gLMFi-1dmJI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d3ZhKkPCLQpmuPE2gLMFi-1dmJI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DEB81/CF9663C670F711ECB318E43AC4F9AE02/1FBEA1EEDE9711EC9289256FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.254.73.0/24
192.197.113.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:2b:8f:c6:80:f4:1b:7c:7d:fe:37:54:42:5f:52:1e:eb:f9:
64:8a:12:fe:62:28:42:08:2a:0f:7d:6d:08:e0:19:4d:fa:44:
55:53:52:24:cf:91:30:d9:99:ec:f8:2e:f7:5e:ed:a6:3f:b4:
0f:da:78:5d:8d:4b:28:fe:62:e0:c4:e2:ef:f3:2e:42:c1:a9:
c6:93:c0:84:ad:0f:d3:e5:28:a0:b0:d9:e1:c8:93:f0:9c:30:
43:ae:aa:60:59:d1:6a:60:af:c1:e4:b2:a5:78:5e:c3:bd:5d:
35:f3:c8:2e:66:f3:fe:d0:01:18:bd:e5:6b:63:70:56:87:a6:
fd:fd:1a:d5:71:9e:77:88:07:a5:c8:34:dd:5e:02:94:d2:4f:
13:1b:c1:ab:be:9a:4c:a8:50:a5:51:4f:bd:4e:d1:77:c1:ff:
94:00:7f:a1:91:43:9b:79:de:42:83:6e:43:76:cd:e0:fb:28:
63:a7:06:27:b5:26:fa:7f:1c:53:df:10:3c:e9:3e:93:d8:b6:
48:72:d1:5e:d9:c4:3f:b0:de:a5:c0:2b:a2:6e:b0:53:e7:48:
fe:56:ae:c4:dd:6c:20:0f:8f:6a:a8:f4:e6:42:1d:7b:48:dc:
3e:a2:66:45:cf:37:ed:77:c3:03:4e:25:37:a7:29:c8:4d:39:
83:c2:a0:28
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICA/AwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
REVCODExMTAvBgNVBAUTKDc3NzY2MTJBNDNDMjJEMEE2NkI4RjEzNjgwQjMwNThC
RUQ1RDk4OTIwHhcNMjQxMjE1MDAzMzI4WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzVlMjNkOC00Mjg0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApQ9OOqsJGQ+5GqGueMUAP9cb0hlWN+8CLP+2uwIINrzZNNE6db8+hu2klWo6
2ge7dZGjN9wuuTinv2eLmm4Cr/rQMETMP2/0J5NZHzQ5tA24jbS/FnSmpf/wfiq5
Get3AfnqKlt+ypym+4exSBWH4ZXyzN8SUv/VOckqtbN3YCzjwoNhQA+InwBOVMv9
wvfmAw4LQAjsJiYTSPW4gagJnSQ0qg9rp5uOYtBOPIApID79tjsmml6oONsM96Xh
MJgP4MxaWL/rzgYcMoIRbLKuQOkf8x03I87oCFJpHIXPRO54AL4hUNQmhvul3WPv
30P7z1MzHYP5Xzut3bjSxHr96wIDAQABo4ICmzCCApcwHQYDVR0OBBYEFNAR3E8K
8nFBRWKmbyGGbAi3F/gqMB8GA1UdIwQYMBaAFHd2YSpDwi0KZrjxNoCzBYvtXZiS
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFERUI4MS9DRjk2NjNDNjcw
RjcxMUVDQjMxOEU0M0FDNEY5QUUwMi9kM1poS2tQQ0xRcG11UEUyZ0xNRmktMWRt
SkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2QzWmhLa1BDTFFwbXVQRTJnTE1GaS0xZG1KSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
REVCODEvQ0Y5NjYzQzY3MEY3MTFFQ0IzMThFNDNBQzRGOUFFMDIvMUZCRUExRUVE
RTk3MTFFQzkyODkyNTZGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBABn/kkDBADAxXEwDQYJKoZIhvcNAQELBQADggEBAI0rj8aA
9Bt8ff43VEJfUh7r+WSKEv5iKEIIKg99bQjgGU36RFVTUiTPkTDZmez4Lvde7aY/
tA/aeF2NSyj+YuDE4u/zLkLBqcaTwIStD9PlKKCw2eHIk/CcMEOuqmBZ0Wpgr8Hk
sqV4XsO9XTXzyC5m8/7QARi95WtjcFaHpv39GtVxnneIB6XINN1eApTSTxMbwau+
mkyoUKVRT71O0XfB/5QAf6GRQ5t53kKDbkN2zeD7KGOnBie1Jvp/HFPfEDzpPpPY
tkhy0V7ZxD+w3qXAK6JusFPnSP5WrsTdbCAPj2qo9OZCHXtI3D6iZkXPN+13wwNO
JTenKchNOYPCoCg=
-----END CERTIFICATE-----
Generated at Sat Apr 5 01:55:00 2025 by rpki-client