Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DEB81/CF9663C670F711ECB318E43AC4F9AE02/216DB034DE9711EC9289256FC4F9AE02.roa
File: 216DB034DE9711EC9289256FC4F9AE02.roa (raw, json)
Hash identifier: +Y2vKS8CZ7xVCXV7DmrOc6o0OVVkIHves16LK2wsX2I=
Subject key identifier: 2E:D9:56:50:02:7D:45:DE:B6:F9:EA:9B:BF:2A:C1:64:1E:31:CF:3C
Certificate issuer: /CN=A91DEB81/serialNumber=7776612A43C22D0A66B8F13680B3058BED5D9892
Certificate serial: 03EF
Authority key identifier: 77:76:61:2A:43:C2:2D:0A:66:B8:F1:36:80:B3:05:8B:ED:5D:98:92
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d3ZhKkPCLQpmuPE2gLMFi-1dmJI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DEB81/CF9663C670F711ECB318E43AC4F9AE02/216DB034DE9711EC9289256FC4F9AE02.roa
Signing time: Sun 15 Dec 2024 00:33:27 +0000
ROA not before: Sun 15 Dec 2024 00:33:27 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 136526
IP address blocks: 103.254.74.0/24 maxlen: 24
192.51.188.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1007 (0x3ef)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DEB81
Validity
Not Before: Dec 15 00:33:27 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=675e23d7-7fa8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:67:30:12:b7:c8:36:99:08:67:ae:71:da:f0:
e8:3e:e2:bb:fb:73:14:5b:0e:4f:80:82:73:5a:ee:
7f:55:58:b8:ef:44:16:b8:b0:af:a6:4d:79:0d:18:
89:95:d8:62:b9:80:57:c8:3b:52:c4:36:85:db:9a:
f2:20:df:68:cd:31:37:29:72:a5:dc:60:6c:b4:dc:
06:45:8e:15:b2:31:45:d4:1b:78:84:6c:d6:14:f0:
64:ce:fe:bd:f3:ee:41:32:ef:ff:f3:2f:76:d1:ca:
84:c3:ed:10:d3:1f:29:32:4c:f1:12:35:02:33:5f:
12:ef:45:bf:8f:8f:65:00:e9:bb:88:b0:b2:44:62:
09:41:05:9b:63:45:69:f0:53:c7:cf:eb:8a:a5:4c:
ce:9b:63:42:c1:5b:35:05:1a:35:26:9d:a9:1b:66:
fa:cf:7b:57:14:5a:5b:76:cf:53:69:71:76:63:a9:
6b:3b:c5:51:58:28:37:5c:a8:ab:90:1f:b5:c7:3c:
0e:d0:43:a7:98:51:d6:8b:ee:88:16:e3:5f:d8:f1:
3a:44:02:dc:bd:4e:6f:ac:3d:c4:f8:64:3f:db:11:
a8:7f:7e:ce:64:9a:07:dd:35:01:7e:47:8a:d0:70:
a9:b4:03:72:69:21:d0:71:0e:8c:75:bd:0f:23:64:
98:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:D9:56:50:02:7D:45:DE:B6:F9:EA:9B:BF:2A:C1:64:1E:31:CF:3C
X509v3 Authority Key Identifier:
keyid:77:76:61:2A:43:C2:2D:0A:66:B8:F1:36:80:B3:05:8B:ED:5D:98:92
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DEB81/CF9663C670F711ECB318E43AC4F9AE02/d3ZhKkPCLQpmuPE2gLMFi-1dmJI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d3ZhKkPCLQpmuPE2gLMFi-1dmJI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DEB81/CF9663C670F711ECB318E43AC4F9AE02/216DB034DE9711EC9289256FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.254.74.0/24
192.51.188.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:79:84:2d:a8:ed:b3:77:f6:dc:80:01:56:c1:3e:a9:a6:fb:
57:41:4e:e4:ff:2a:7f:96:34:b3:fe:df:b0:35:05:6f:4f:4e:
a6:35:e2:e4:2e:3f:8e:8c:48:cb:e4:93:63:91:e3:c3:50:57:
3f:c3:ed:fb:b7:a0:cb:e5:9a:34:a1:2a:0c:d1:54:c2:58:8c:
c3:2d:cf:96:b9:b5:bb:85:20:ac:5f:64:ae:69:01:ee:a0:e0:
62:25:cd:28:ca:ca:80:ca:47:e1:ca:bc:db:7c:2f:46:87:15:
f1:76:96:52:13:b0:3c:83:b8:66:34:1c:06:94:21:cd:0f:5c:
ed:22:d8:47:56:af:78:10:65:7c:9f:b7:78:0e:25:26:ba:3c:
77:b7:62:35:7b:60:45:91:0a:b7:73:06:c4:6d:11:79:e6:02:
cc:b0:3e:0d:f6:a7:cc:db:9b:8c:fc:70:aa:49:fa:5a:68:ac:
a7:d7:c6:45:83:d3:da:c9:74:a9:fd:d3:e1:35:2c:53:3a:4e:
42:0a:9d:6d:ba:05:63:e8:37:34:ea:c2:e7:40:52:d0:04:54:
8b:26:00:37:34:96:da:90:76:58:e1:66:2a:8b:54:f0:d1:d4:
fe:93:12:3a:01:fa:93:1b:d6:df:15:c4:49:50:52:11:25:2f:
ec:d4:4a:4e
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICA+8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
REVCODExMTAvBgNVBAUTKDc3NzY2MTJBNDNDMjJEMEE2NkI4RjEzNjgwQjMwNThC
RUQ1RDk4OTIwHhcNMjQxMjE1MDAzMzI3WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzVlMjNkNy03ZmE4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsWcwErfINpkIZ65x2vDoPuK7+3MUWw5PgIJzWu5/VVi470QWuLCvpk15DRiJ
ldhiuYBXyDtSxDaF25ryIN9ozTE3KXKl3GBstNwGRY4VsjFF1Bt4hGzWFPBkzv69
8+5BMu//8y920cqEw+0Q0x8pMkzxEjUCM18S70W/j49lAOm7iLCyRGIJQQWbY0Vp
8FPHz+uKpUzOm2NCwVs1BRo1Jp2pG2b6z3tXFFpbds9TaXF2Y6lrO8VRWCg3XKir
kB+1xzwO0EOnmFHWi+6IFuNf2PE6RALcvU5vrD3E+GQ/2xGof37OZJoH3TUBfkeK
0HCptANyaSHQcQ6Mdb0PI2SYVQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFC7ZVlAC
fUXetvnqm78qwWQeMc88MB8GA1UdIwQYMBaAFHd2YSpDwi0KZrjxNoCzBYvtXZiS
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFERUI4MS9DRjk2NjNDNjcw
RjcxMUVDQjMxOEU0M0FDNEY5QUUwMi9kM1poS2tQQ0xRcG11UEUyZ0xNRmktMWRt
SkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2QzWmhLa1BDTFFwbXVQRTJnTE1GaS0xZG1KSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
REVCODEvQ0Y5NjYzQzY3MEY3MTFFQ0IzMThFNDNBQzRGOUFFMDIvMjE2REIwMzRE
RTk3MTFFQzkyODkyNTZGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBABn/koDBADAM7wwDQYJKoZIhvcNAQELBQADggEBAD55hC2o
7bN39tyAAVbBPqmm+1dBTuT/Kn+WNLP+37A1BW9PTqY14uQuP46MSMvkk2OR48NQ
Vz/D7fu3oMvlmjShKgzRVMJYjMMtz5a5tbuFIKxfZK5pAe6g4GIlzSjKyoDKR+HK
vNt8L0aHFfF2llITsDyDuGY0HAaUIc0PXO0i2EdWr3gQZXyft3gOJSa6PHe3YjV7
YEWRCrdzBsRtEXnmAsywPg32p8zbm4z8cKpJ+lporKfXxkWD09rJdKn90+E1LFM6
TkIKnW26BWPoNzTqwudAUtAEVIsmADc0ltqQdljhZiqLVPDR1P6TEjoB+pMb1t8V
xElQUhElL+zUSk4=
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:07:54 2025 by rpki-client