Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E3C42/3FB3B8D8F55911E9B7574956C4F9AE02/C41C9EFEF55A11E9BF182559C4F9AE02.roa
File: C41C9EFEF55A11E9BF182559C4F9AE02.roa (raw, json)
Hash identifier: oJosadtw5w9tpArhAwGt/EEeiGusbxI8nMtN4HfNB7o=
Subject key identifier: 97:F8:D1:02:9B:6C:78:9B:10:C9:58:89:D2:17:0E:CD:E4:EF:8B:01
Certificate issuer: /CN=A91E3C42/serialNumber=4FEF6507B255D8066A0DA3FF27D395468B152D38
Certificate serial: 0C66
Authority key identifier: 4F:EF:65:07:B2:55:D8:06:6A:0D:A3:FF:27:D3:95:46:8B:15:2D:38
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/T-9lB7JV2AZqDaP_J9OVRosVLTg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E3C42/3FB3B8D8F55911E9B7574956C4F9AE02/C41C9EFEF55A11E9BF182559C4F9AE02.roa
Signing time: Tue 18 Feb 2025 19:07:09 +0000
ROA not before: Tue 18 Feb 2025 19:07:09 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 136211
IP address blocks: 103.83.196.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3174 (0xc66)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E3C42
Validity
Not Before: Feb 18 19:07:09 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67b4da5d-59bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:91:cf:fd:d3:07:07:f0:c6:21:97:c6:4d:38:
72:76:02:c7:fe:fa:1e:10:0a:21:d2:3a:60:ae:f0:
86:83:f1:2d:d7:46:99:31:f5:4a:31:3d:46:dc:2b:
6d:7e:f6:63:12:66:f6:10:0c:93:7c:d5:36:f7:cb:
f1:56:99:18:37:0a:78:28:d5:9e:c4:4d:97:1e:26:
6f:a2:6b:cb:f9:5d:da:50:1c:38:1d:03:3c:b2:36:
0c:43:c7:d9:96:97:99:6c:cc:44:91:dc:0f:13:b3:
13:ad:bf:97:23:a8:53:b6:d7:6b:77:92:d1:ea:1a:
c3:cc:c9:5a:ee:54:af:da:fd:3f:d7:c2:cf:6d:6c:
ae:0e:50:64:c6:eb:57:85:35:db:6b:9a:81:b1:3d:
2f:98:71:82:d3:96:5c:c7:01:13:39:95:f3:a9:94:
df:21:a7:17:cf:54:a8:09:04:9e:ae:ec:00:d7:d7:
5b:95:59:65:97:a4:af:1b:01:01:2c:d4:76:a8:f3:
34:ca:de:8e:7f:99:75:ab:2b:b5:b7:7c:90:b4:5e:
c7:fa:94:2d:7a:c3:19:58:cc:89:87:5a:ed:1a:d3:
50:53:4a:ec:ec:e1:51:33:54:83:b6:50:67:6d:85:
c6:b9:59:80:35:46:63:82:1f:0e:60:0a:70:be:e3:
62:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:F8:D1:02:9B:6C:78:9B:10:C9:58:89:D2:17:0E:CD:E4:EF:8B:01
X509v3 Authority Key Identifier:
keyid:4F:EF:65:07:B2:55:D8:06:6A:0D:A3:FF:27:D3:95:46:8B:15:2D:38
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E3C42/3FB3B8D8F55911E9B7574956C4F9AE02/T-9lB7JV2AZqDaP_J9OVRosVLTg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/T-9lB7JV2AZqDaP_J9OVRosVLTg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E3C42/3FB3B8D8F55911E9B7574956C4F9AE02/C41C9EFEF55A11E9BF182559C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.83.196.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:7b:42:b4:95:35:0b:bb:1e:96:57:09:ae:2c:48:13:be:55:
3c:e0:2e:d1:c0:5a:cc:e8:7f:51:30:ef:72:e5:93:02:17:07:
06:e2:5b:29:03:f1:8a:13:a9:2f:de:b9:b1:b1:ca:c5:98:7b:
0f:52:1d:85:f2:20:9c:72:39:8e:3f:37:1b:63:54:7b:b0:7a:
00:19:05:80:43:72:b2:d4:2b:73:6a:0a:0d:e5:a1:8b:a1:02:
a1:ff:2a:f8:ca:72:76:1b:f6:80:18:05:44:8d:c7:68:7f:28:
5e:da:a0:12:71:64:b8:15:33:f8:32:3f:ed:f3:d9:29:4a:26:
c5:8a:88:c4:6f:33:68:47:c8:a2:15:78:de:09:d1:55:d1:6d:
8d:36:bf:e4:f8:4d:af:31:be:8e:09:ed:29:7d:69:5d:d1:f7:
7f:12:04:8a:c6:d8:17:39:32:6d:28:a5:dc:c3:85:19:76:b2:
2d:69:72:28:63:28:2f:5e:2b:1a:ec:17:66:25:19:24:b5:4a:
87:e0:ac:fc:55:36:e4:05:eb:32:0c:17:28:8a:cc:a1:b1:84:
d6:b4:37:bf:a8:7d:30:9a:20:c8:34:39:71:33:48:9e:bc:f9:
f0:5f:3c:de:aa:7a:68:32:8c:9c:f2:13:a0:41:85:16:3e:85:
a4:bf:3e:e5
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICDGYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTNDNDIxMTAvBgNVBAUTKDRGRUY2NTA3QjI1NUQ4MDY2QTBEQTNGRjI3RDM5NTQ2
OEIxNTJEMzgwHhcNMjUwMjE4MTkwNzA5WhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2I0ZGE1ZC01OWJmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwJHP/dMHB/DGIZfGTThydgLH/voeEAoh0jpgrvCGg/Et10aZMfVKMT1G3Ctt
fvZjEmb2EAyTfNU298vxVpkYNwp4KNWexE2XHiZvomvL+V3aUBw4HQM8sjYMQ8fZ
lpeZbMxEkdwPE7MTrb+XI6hTttdrd5LR6hrDzMla7lSv2v0/18LPbWyuDlBkxutX
hTXba5qBsT0vmHGC05ZcxwETOZXzqZTfIacXz1SoCQSeruwA19dblVlll6SvGwEB
LNR2qPM0yt6Of5l1qyu1t3yQtF7H+pQtesMZWMyJh1rtGtNQU0rs7OFRM1SDtlBn
bYXGuVmANUZjgh8OYApwvuNiaQIDAQABo4IClTCCApEwHQYDVR0OBBYEFJf40QKb
bHibEMlYidIXDs3k74sBMB8GA1UdIwQYMBaAFE/vZQeyVdgGag2j/yfTlUaLFS04
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFM0M0Mi8zRkIzQjhEOEY1
NTkxMUU5Qjc1NzQ5NTZDNEY5QUUwMi9ULTlsQjdKVjJBWnFEYVBfSjlPVlJvc1ZM
VGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1QtOWxCN0pWMkFacURhUF9KOU9WUm9zVkxUZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTNDNDIvM0ZCM0I4RDhGNTU5MTFFOUI3NTc0OTU2QzRGOUFFMDIvQzQxQzlFRkVG
NTVBMTFFOUJGMTgyNTU5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnU8QwDQYJKoZIhvcNAQELBQADggEBAB17QrSVNQu7HpZX
Ca4sSBO+VTzgLtHAWszof1Ew73LlkwIXBwbiWykD8YoTqS/eubGxysWYew9SHYXy
IJxyOY4/NxtjVHuwegAZBYBDcrLUK3NqCg3loYuhAqH/KvjKcnYb9oAYBUSNx2h/
KF7aoBJxZLgVM/gyP+3z2SlKJsWKiMRvM2hHyKIVeN4J0VXRbY02v+T4Ta8xvo4J
7Sl9aV3R938SBIrG2Bc5Mm0opdzDhRl2si1pcihjKC9eKxrsF2YlGSS1SofgrPxV
NuQF6zIMFyiKzKGxhNa0N7+ofTCaIMg0OXEzSJ68+fBfPN6qemgyjJzyE6BBhRY+
haS/PuU=
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:18:12 2025 by rpki-client