Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E2695/BB87AC4A47F811E880E4F410C4F9AE02/6208BAD4499611E8B421BE5CC4F9AE02.roa
File: 6208BAD4499611E8B421BE5CC4F9AE02.roa (raw, json)
Hash identifier: S5mRurG916ui1hjUc9swark9ywmNDAZ5nDRIJrKsR2I=
Subject key identifier: FA:11:BD:80:49:8D:05:E4:4E:22:2A:F3:82:CF:28:3F:90:B6:48:19
Certificate issuer: /CN=A91E2695/serialNumber=F4CFCA1D660BF161B3F409ADCB0C13C0FA822464
Certificate serial: 147F
Authority key identifier: F4:CF:CA:1D:66:0B:F1:61:B3:F4:09:AD:CB:0C:13:C0:FA:82:24:64
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9M_KHWYL8WGz9AmtywwTwPqCJGQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E2695/BB87AC4A47F811E880E4F410C4F9AE02/6208BAD4499611E8B421BE5CC4F9AE02.roa
Signing time: Wed 26 Jun 2024 17:46:51 +0000
ROA not before: Wed 26 Jun 2024 17:46:51 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 136558
IP address blocks: 103.92.208.0/24 maxlen: 24
103.101.53.0/24 maxlen: 24
103.101.54.0/23 maxlen: 23
103.101.54.0/24 maxlen: 24
103.101.55.0/24 maxlen: 24
2405:65c0::/32 maxlen: 32
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5247 (0x147f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E2695
Validity
Not Before: Jun 26 17:46:51 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=667c540b-ff66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:04:be:a4:56:82:e4:bb:60:ff:5d:22:4a:35:
25:84:77:f8:79:95:56:de:7d:04:2a:a8:1a:d5:dc:
3b:b5:d5:86:e6:ec:4e:bf:90:4f:be:25:91:f8:2d:
76:de:48:5b:0c:19:29:b6:6d:aa:8c:a6:f4:cd:cc:
66:ef:e5:9a:c5:35:76:28:dd:d7:e7:47:20:ed:37:
5c:f0:22:82:10:fc:18:ef:22:90:36:55:80:44:92:
77:b3:03:bb:ec:45:94:b5:22:97:92:2e:c4:d3:69:
af:27:eb:b7:2e:d9:aa:17:7b:6f:5c:16:82:36:97:
ba:a4:e2:7d:76:3c:bd:55:c7:ad:33:89:8f:d5:48:
7f:2a:28:45:8e:1c:23:41:7e:f6:8a:b5:a3:8a:30:
e8:7c:dc:68:b3:63:1d:58:fe:0f:d2:3b:bc:39:58:
40:d1:aa:db:10:a5:c0:57:b0:55:e1:d8:51:71:36:
43:29:57:83:9f:85:7e:5b:0b:14:85:f9:13:ec:9b:
49:f6:08:1e:df:12:1c:e4:46:7f:94:40:94:1b:1a:
54:92:1d:2f:ca:a0:8e:6c:6f:8a:f0:6b:2c:96:1e:
dc:06:95:62:fd:48:f7:c6:ab:0e:e1:0a:e8:6b:14:
67:b9:ff:3d:bc:b9:b5:a6:e2:12:28:62:df:d8:1b:
75:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:11:BD:80:49:8D:05:E4:4E:22:2A:F3:82:CF:28:3F:90:B6:48:19
X509v3 Authority Key Identifier:
keyid:F4:CF:CA:1D:66:0B:F1:61:B3:F4:09:AD:CB:0C:13:C0:FA:82:24:64
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E2695/BB87AC4A47F811E880E4F410C4F9AE02/9M_KHWYL8WGz9AmtywwTwPqCJGQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9M_KHWYL8WGz9AmtywwTwPqCJGQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E2695/BB87AC4A47F811E880E4F410C4F9AE02/6208BAD4499611E8B421BE5CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.92.208.0/24
103.101.53.0-103.101.55.255
IPv6:
2405:65c0::/32
Signature Algorithm: sha256WithRSAEncryption
36:3e:59:fb:69:a7:6b:e3:fd:9f:fe:7e:d0:fc:45:d4:e8:dc:
1e:9e:a9:83:44:40:67:fa:6b:71:48:01:c5:ce:c1:71:4a:6b:
84:0d:b7:ae:a1:ef:1b:1b:f2:e9:98:de:7c:23:ef:93:0f:24:
87:26:ca:f8:34:02:c5:ff:f8:6b:97:31:6b:bc:6b:9a:b0:43:
4e:0b:fd:3a:67:4f:da:41:19:bd:5a:96:ee:59:02:f1:9e:67:
73:55:ac:ad:18:bb:70:42:b4:cd:ee:9f:1f:3f:da:f1:05:d7:
85:25:f7:5a:2f:71:9f:15:cf:4f:1d:02:ed:89:7e:03:03:5d:
b4:a4:bc:9d:82:9f:9f:36:67:72:2a:fb:4b:25:47:98:1b:63:
3d:47:6c:18:11:25:67:85:3a:40:16:ca:8f:64:04:15:76:87:
02:cc:59:67:c5:cf:80:ed:e6:b9:e7:f5:f0:1f:60:5f:69:b8:
6e:f9:20:ef:e6:98:ad:cd:f0:3e:de:b2:0e:51:58:74:87:9b:
f4:13:66:4a:5a:fa:d6:3b:cc:46:91:81:c3:7b:02:e9:dd:5c:
fa:97:82:d7:70:8c:e8:5d:6f:2d:79:13:26:cb:79:fe:6b:03:
fc:5a:51:a5:f5:d8:0f:75:09:4d:85:ea:ee:ed:98:67:e6:40:
38:8c:18:3a
-----BEGIN CERTIFICATE-----
MIIFjjCCBHagAwIBAgICFH8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTI2OTUxMTAvBgNVBAUTKEY0Q0ZDQTFENjYwQkYxNjFCM0Y0MDlBRENCMEMxM0Mw
RkE4MjI0NjQwHhcNMjQwNjI2MTc0NjUxWhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjdjNTQwYi1mZjY2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtAS+pFaC5Ltg/10iSjUlhHf4eZVW3n0EKqga1dw7tdWG5uxOv5BPviWR+C12
3khbDBkptm2qjKb0zcxm7+WaxTV2KN3X50cg7Tdc8CKCEPwY7yKQNlWARJJ3swO7
7EWUtSKXki7E02mvJ+u3LtmqF3tvXBaCNpe6pOJ9djy9VcetM4mP1Uh/KihFjhwj
QX72irWjijDofNxos2MdWP4P0ju8OVhA0arbEKXAV7BV4dhRcTZDKVeDn4V+WwsU
hfkT7JtJ9gge3xIc5EZ/lECUGxpUkh0vyqCObG+K8Gsslh7cBpVi/Uj3xqsO4Qro
axRnuf89vLm1puISKGLf2Bt19QIDAQABo4ICsjCCAq4wHQYDVR0OBBYEFPoRvYBJ
jQXkTiIq84LPKD+QtkgZMB8GA1UdIwQYMBaAFPTPyh1mC/Fhs/QJrcsME8D6giRk
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMjY5NS9CQjg3QUM0QTQ3
RjgxMUU4ODBFNEY0MTBDNEY5QUUwMi85TV9LSFdZTDhXR3o5QW10eXd3VHdQcUNK
R1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzlNX0tIV1lMOFdHejlBbXR5d3dUd1BxQ0pHUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTI2OTUvQkI4N0FDNEE0N0Y4MTFFODgwRTRGNDEwQzRGOUFFMDIvNjIwOEJBRDQ0
OTk2MTFFOEI0MjFCRTVDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPAYIKwYBBQUHAQcBAf8E
LTArMBoEAgABMBQDBABnXNAwDAMEAGdlNQMEA2dlMDANBAIAAjAHAwUAJAVlwDAN
BgkqhkiG9w0BAQsFAAOCAQEANj5Z+2mna+P9n/5+0PxF1OjcHp6pg0RAZ/prcUgB
xc7BcUprhA23rqHvGxvy6ZjefCPvkw8khybK+DQCxf/4a5cxa7xrmrBDTgv9OmdP
2kEZvVqW7lkC8Z5nc1WsrRi7cEK0ze6fHz/a8QXXhSX3Wi9xnxXPTx0C7Yl+AwNd
tKS8nYKfnzZncir7SyVHmBtjPUdsGBElZ4U6QBbKj2QEFXaHAsxZZ8XPgO3muef1
8B9gX2m4bvkg7+aYrc3wPt6yDlFYdIeb9BNmSlr61jvMRpGBw3sC6d1c+peC13CM
6F1vLXkTJst5/msD/FpRpfXYD3UJTYXq7u2YZ+ZAOIwYOg==
-----END CERTIFICATE-----
Generated at Sat Apr 5 01:55:03 2025 by rpki-client