Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E5D0C/891B4ECA323611EC89838756C4F9AE02/9C581C28B07511EF9D153813C4F9AE02.roa
File: 9C581C28B07511EF9D153813C4F9AE02.roa (raw, json)
Hash identifier: 2ILq0YdLX+uDk2zpnZWvB9sk0e06nVHIZcSy04DKJII=
Subject key identifier: 0C:43:A1:6F:D4:7F:16:EA:9D:44:FE:A8:54:66:D0:71:6F:58:4C:55
Certificate issuer: /CN=A91E5D0C/serialNumber=3E73B2BE13037BE744391D3A899CDD202B82F76D
Certificate serial: 0468
Authority key identifier: 3E:73:B2:BE:13:03:7B:E7:44:39:1D:3A:89:9C:DD:20:2B:82:F7:6D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PnOyvhMDe-dEOR06iZzdICuC920.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E5D0C/891B4ECA323611EC89838756C4F9AE02/9C581C28B07511EF9D153813C4F9AE02.roa
Signing time: Tue 03 Dec 2024 00:14:36 +0000
ROA not before: Tue 03 Dec 2024 00:14:36 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 137453
IP address blocks: 103.174.44.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1128 (0x468)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E5D0C
Validity
Not Before: Dec 3 00:14:36 2024 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=674e4d6c-3689
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:81:48:05:0a:34:16:26:c9:12:cc:e1:10:8a:
86:25:d7:de:40:d2:8f:42:0a:3b:e5:78:e6:d9:56:
a1:fa:97:0a:b1:d0:c8:64:a6:f0:51:b0:76:fa:26:
50:d3:a6:ff:f5:cd:bb:ed:8f:ed:a0:02:21:03:67:
4c:c7:3d:a3:21:f9:75:28:fa:de:6d:98:1f:3a:db:
0c:4b:6a:c8:1e:a7:df:a2:b1:a9:af:a4:a1:e5:ef:
93:16:ca:9e:e1:d7:09:ec:64:3d:59:d2:7a:52:b8:
5f:c2:cd:e6:49:8d:7a:17:5c:e7:cf:1a:fc:c7:ba:
98:93:32:85:75:ad:5c:2a:e0:4d:cf:96:7c:6c:d1:
69:d9:84:b9:0b:33:20:23:dd:d5:16:1e:a2:c4:68:
62:f8:88:9f:a6:4d:94:2d:a6:f7:b1:7d:4a:68:b1:
9f:e8:87:38:39:d9:06:f3:6f:a3:68:3d:34:20:59:
76:57:1a:9b:31:7a:a1:6d:e3:0e:af:b9:97:74:cb:
c9:2e:18:80:e5:b5:d7:25:3b:87:0a:1d:56:de:30:
3b:75:e7:b5:a4:18:47:1b:2b:5f:d1:6b:fe:05:31:
ba:25:8e:b8:a1:96:13:7f:52:d4:18:dc:e4:06:63:
ce:e0:9d:5b:05:3b:ed:4e:0b:45:25:3d:df:60:3a:
3a:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:43:A1:6F:D4:7F:16:EA:9D:44:FE:A8:54:66:D0:71:6F:58:4C:55
X509v3 Authority Key Identifier:
keyid:3E:73:B2:BE:13:03:7B:E7:44:39:1D:3A:89:9C:DD:20:2B:82:F7:6D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E5D0C/891B4ECA323611EC89838756C4F9AE02/PnOyvhMDe-dEOR06iZzdICuC920.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PnOyvhMDe-dEOR06iZzdICuC920.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E5D0C/891B4ECA323611EC89838756C4F9AE02/9C581C28B07511EF9D153813C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.174.44.0/24
Signature Algorithm: sha256WithRSAEncryption
32:fe:90:04:3d:ab:12:b4:5c:fe:2b:e2:b5:e3:c1:10:02:9e:
39:61:6e:aa:b5:ac:ef:a6:5f:e8:a5:ed:56:ca:a9:a0:c5:ee:
1c:5f:28:cc:4d:d3:cc:25:ba:f8:ad:c4:d6:d9:08:71:53:82:
82:ce:c4:7f:a1:6a:4a:1d:f0:6d:75:99:da:e5:1a:02:00:5e:
de:b7:4a:90:d4:dd:a1:45:67:93:a3:94:d7:32:dd:51:52:7d:
c5:18:c6:0f:ef:f3:13:72:3b:9e:fd:56:67:cb:67:29:5b:08:
3e:82:9c:09:62:0c:48:ec:83:13:a6:ca:b2:fd:6e:61:b9:16:
07:58:e8:ca:ef:c9:13:b3:81:fc:c5:d5:25:59:e1:7f:45:a5:
07:44:dd:eb:9e:96:25:f4:02:ae:64:aa:be:31:20:0f:43:34:
f5:4d:50:98:59:dc:d0:fe:63:34:51:eb:e3:f2:b2:73:2a:b8:
7b:19:41:df:82:f6:ed:50:00:36:83:17:c3:30:e6:ba:13:51:
6d:9c:42:b6:0f:2f:ee:3f:91:a1:53:b4:ba:ab:c8:09:e8:e3:
45:0f:0b:91:a9:be:09:f2:e8:f5:22:f7:a4:14:62:8b:e3:2d:
41:cf:24:74:bb:26:32:b3:c6:b8:52:6e:83:9e:a4:86:a2:64:
cd:2b:31:a3
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBGgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTVEMEMxMTAvBgNVBAUTKDNFNzNCMkJFMTMwMzdCRTc0NDM5MUQzQTg5OUNERDIw
MkI4MkY3NkQwHhcNMjQxMjAzMDAxNDM2WhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzRlNGQ2Yy0zNjg5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwYFIBQo0FibJEszhEIqGJdfeQNKPQgo75Xjm2Vah+pcKsdDIZKbwUbB2+iZQ
06b/9c277Y/toAIhA2dMxz2jIfl1KPrebZgfOtsMS2rIHqfforGpr6Sh5e+TFsqe
4dcJ7GQ9WdJ6Urhfws3mSY16F1znzxr8x7qYkzKFda1cKuBNz5Z8bNFp2YS5CzMg
I93VFh6ixGhi+Iifpk2ULab3sX1KaLGf6Ic4OdkG82+jaD00IFl2VxqbMXqhbeMO
r7mXdMvJLhiA5bXXJTuHCh1W3jA7dee1pBhHGytf0Wv+BTG6JY64oZYTf1LUGNzk
BmPO4J1bBTvtTgtFJT3fYDo62QIDAQABo4IClTCCApEwHQYDVR0OBBYEFAxDoW/U
fxbqnUT+qFRm0HFvWExVMB8GA1UdIwQYMBaAFD5zsr4TA3vnRDkdOomc3SArgvdt
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNUQwQy84OTFCNEVDQTMy
MzYxMUVDODk4Mzg3NTZDNEY5QUUwMi9Qbk95dmhNRGUtZEVPUjA2aVp6ZElDdUM5
MjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1BuT3l2aE1EZS1kRU9SMDZpWnpkSUN1QzkyMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTVEMEMvODkxQjRFQ0EzMjM2MTFFQzg5ODM4NzU2QzRGOUFFMDIvOUM1ODFDMjhC
MDc1MTFFRjlEMTUzODEzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnriwwDQYJKoZIhvcNAQELBQADggEBADL+kAQ9qxK0XP4r
4rXjwRACnjlhbqq1rO+mX+il7VbKqaDF7hxfKMxN08wluvitxNbZCHFTgoLOxH+h
akod8G11mdrlGgIAXt63SpDU3aFFZ5OjlNcy3VFSfcUYxg/v8xNyO579VmfLZylb
CD6CnAliDEjsgxOmyrL9bmG5FgdY6MrvyROzgfzF1SVZ4X9FpQdE3eueliX0Aq5k
qr4xIA9DNPVNUJhZ3ND+YzRR6+PysnMquHsZQd+C9u1QADaDF8Mw5roTUW2cQrYP
L+4/kaFTtLqryAno40UPC5Gpvgny6PUi96QUYovjLUHPJHS7JjKzxrhSboOepIai
ZM0rMaM=
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:20:45 2025 by rpki-client