Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E5D0C/891B4ECA323611EC89838756C4F9AE02/FE76F7D8EC4A11EFA7845862C4F9AE02.roa
File: FE76F7D8EC4A11EFA7845862C4F9AE02.roa (raw, json)
Hash identifier: JmLkpvQJH0Uq9XtysKaBXjhAS8plkz/VizJFG4sBHBE=
Subject key identifier: B6:03:D4:B4:40:D5:DE:AA:F8:24:36:AF:3B:07:9F:0D:71:B7:16:52
Certificate issuer: /CN=A91E5D0C/serialNumber=3E73B2BE13037BE744391D3A899CDD202B82F76D
Certificate serial: 0496
Authority key identifier: 3E:73:B2:BE:13:03:7B:E7:44:39:1D:3A:89:9C:DD:20:2B:82:F7:6D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PnOyvhMDe-dEOR06iZzdICuC920.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E5D0C/891B4ECA323611EC89838756C4F9AE02/FE76F7D8EC4A11EFA7845862C4F9AE02.roa
Signing time: Sun 16 Feb 2025 09:47:12 +0000
ROA not before: Sun 16 Feb 2025 09:47:12 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 147179
IP address blocks: 103.174.45.0/24 maxlen: 24
2407:fa40::/32 maxlen: 32
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1174 (0x496)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E5D0C
Validity
Not Before: Feb 16 09:47:12 2025 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=67b1b41f-ba2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:04:df:f4:92:64:2b:29:22:4e:4c:2d:69:07:
c9:7e:bc:70:b4:40:37:91:29:aa:e0:2f:f2:cc:55:
2c:e6:64:54:2d:88:0b:e1:90:76:df:df:10:d6:5c:
0c:6d:2e:43:b8:54:c2:5b:a0:ff:8e:cb:03:e3:a7:
9a:27:dd:08:92:d6:f0:ab:7b:fa:47:5c:02:8d:94:
9b:5a:e5:13:7d:f1:a5:9b:28:41:4d:16:2b:65:2d:
c3:30:89:7e:40:e0:f7:f9:8f:ef:19:16:0a:e7:f4:
78:4c:ae:26:b7:84:98:ed:03:96:37:81:71:56:bc:
d5:08:dc:25:12:51:4c:cf:21:42:c0:9d:04:b0:27:
ff:ba:1e:b5:4a:9f:95:a5:77:77:53:1a:ff:e7:9c:
f2:bf:05:a0:f9:f6:33:5a:bf:bb:1f:96:8d:21:31:
af:e7:35:26:4d:db:35:df:53:23:d6:21:7f:8b:03:
be:2e:0c:d9:6c:79:ac:88:b4:1c:f2:4b:16:15:2e:
21:2f:f0:21:90:d7:9e:a8:56:f3:d2:e8:52:80:ea:
fd:c2:26:70:a9:55:82:77:b1:0f:1d:41:75:08:ca:
bc:1b:d7:3c:f9:28:c2:eb:63:26:cb:eb:34:66:7e:
46:78:50:3b:f4:61:e5:9c:19:6c:24:a9:c9:e4:31:
fd:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:03:D4:B4:40:D5:DE:AA:F8:24:36:AF:3B:07:9F:0D:71:B7:16:52
X509v3 Authority Key Identifier:
keyid:3E:73:B2:BE:13:03:7B:E7:44:39:1D:3A:89:9C:DD:20:2B:82:F7:6D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E5D0C/891B4ECA323611EC89838756C4F9AE02/PnOyvhMDe-dEOR06iZzdICuC920.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PnOyvhMDe-dEOR06iZzdICuC920.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E5D0C/891B4ECA323611EC89838756C4F9AE02/FE76F7D8EC4A11EFA7845862C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.174.45.0/24
IPv6:
2407:fa40::/32
Signature Algorithm: sha256WithRSAEncryption
84:aa:8e:22:29:59:3d:24:4e:22:e9:70:82:14:b0:04:74:c1:
24:60:10:ad:8c:78:e1:27:d0:e5:6d:e0:be:6d:6b:0b:0a:3d:
b8:ad:28:a6:2b:23:97:5f:41:be:e2:53:64:6f:a8:bc:8f:33:
b8:40:2f:f0:e7:0a:f9:0e:e9:ad:69:0c:0f:e1:54:f3:0e:09:
d4:bd:e2:77:8a:60:64:1a:7d:31:f6:8d:3c:ca:89:7d:de:b3:
fd:da:e2:95:bc:a2:56:76:fb:7b:0f:f7:68:4b:a9:b0:99:bd:
57:ff:70:75:a2:67:58:42:1a:c9:42:ff:66:06:3b:35:19:7c:
d5:f7:46:10:a3:f0:4f:a1:d4:2c:2d:09:28:5c:47:41:f2:9f:
56:d7:5c:fb:f9:71:e4:be:e2:0b:8a:6d:5d:01:75:01:53:43:
97:63:88:00:0a:e7:93:bb:ee:bc:6b:66:c0:52:5b:66:e8:bb:
85:16:a3:91:92:0f:2b:0e:19:78:6b:19:af:91:93:e0:a3:63:
e8:17:d6:b8:f2:f9:54:d2:7f:5a:02:09:49:a0:a8:cc:be:d7:
15:c7:34:c9:53:df:b0:b6:a4:fa:c4:8f:a8:5e:2d:c6:19:a1:
95:e2:26:7c:5d:31:e1:b6:e9:96:2e:67:9f:cf:1c:f5:c8:44:
0a:d1:b2:76
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICBJYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTVEMEMxMTAvBgNVBAUTKDNFNzNCMkJFMTMwMzdCRTc0NDM5MUQzQTg5OUNERDIw
MkI4MkY3NkQwHhcNMjUwMjE2MDk0NzEyWhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2IxYjQxZi1iYTJmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAywTf9JJkKykiTkwtaQfJfrxwtEA3kSmq4C/yzFUs5mRULYgL4ZB2398Q1lwM
bS5DuFTCW6D/jssD46eaJ90Iktbwq3v6R1wCjZSbWuUTffGlmyhBTRYrZS3DMIl+
QOD3+Y/vGRYK5/R4TK4mt4SY7QOWN4FxVrzVCNwlElFMzyFCwJ0EsCf/uh61Sp+V
pXd3Uxr/55zyvwWg+fYzWr+7H5aNITGv5zUmTds131Mj1iF/iwO+LgzZbHmsiLQc
8ksWFS4hL/AhkNeeqFbz0uhSgOr9wiZwqVWCd7EPHUF1CMq8G9c8+SjC62Mmy+s0
Zn5GeFA79GHlnBlsJKnJ5DH9uQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFLYD1LRA
1d6q+CQ2rzsHnw1xtxZSMB8GA1UdIwQYMBaAFD5zsr4TA3vnRDkdOomc3SArgvdt
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNUQwQy84OTFCNEVDQTMy
MzYxMUVDODk4Mzg3NTZDNEY5QUUwMi9Qbk95dmhNRGUtZEVPUjA2aVp6ZElDdUM5
MjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1BuT3l2aE1EZS1kRU9SMDZpWnpkSUN1QzkyMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTVEMEMvODkxQjRFQ0EzMjM2MTFFQzg5ODM4NzU2QzRGOUFFMDIvRkU3NkY3RDhF
QzRBMTFFRkE3ODQ1ODYyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBABnri0wDQQCAAIwBwMFACQH+kAwDQYJKoZIhvcNAQELBQAD
ggEBAISqjiIpWT0kTiLpcIIUsAR0wSRgEK2MeOEn0OVt4L5tawsKPbitKKYrI5df
Qb7iU2RvqLyPM7hAL/DnCvkO6a1pDA/hVPMOCdS94neKYGQafTH2jTzKiX3es/3a
4pW8olZ2+3sP92hLqbCZvVf/cHWiZ1hCGslC/2YGOzUZfNX3RhCj8E+h1CwtCShc
R0Hyn1bXXPv5ceS+4guKbV0BdQFTQ5djiAAK55O77rxrZsBSW2bou4UWo5GSDysO
GXhrGa+Rk+CjY+gX1rjy+VTSf1oCCUmgqMy+1xXHNMlT37C2pPrEj6heLcYZoZXi
JnxdMeG26ZYuZ5/PHPXIRArRsnY=
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:18:13 2025 by rpki-client