Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E8632/05CE44EA2E5E11E7BAC88B69C4F9AE02/DC3B90E4520011ECA6088714C4F9AE02.roa
File: DC3B90E4520011ECA6088714C4F9AE02.roa (raw, json)
Hash identifier: tVOP8LyZJ77JRBIkUucA79A27boRokWrzqFOTarPZXk=
Subject key identifier: 8F:B4:CD:B2:5F:06:84:6D:D9:36:48:AD:47:AF:68:BF:C8:AB:76:07
Certificate issuer: /CN=A91E8632/serialNumber=EC563DBFE2F398C8E9FB19F9F74232B6B54AA6EA
Certificate serial: 1AAA
Authority key identifier: EC:56:3D:BF:E2:F3:98:C8:E9:FB:19:F9:F7:42:32:B6:B5:4A:A6:EA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7FY9v-LzmMjp-xn590IytrVKpuo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E8632/05CE44EA2E5E11E7BAC88B69C4F9AE02/DC3B90E4520011ECA6088714C4F9AE02.roa
Signing time: Wed 18 Dec 2024 16:44:06 +0000
ROA not before: Wed 18 Dec 2024 16:44:06 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 133854
IP address blocks: 43.224.108.0/22 maxlen: 24
103.43.148.0/24 maxlen: 24
103.43.150.0/24 maxlen: 24
103.43.151.0/24 maxlen: 24
2401:c680::/32 maxlen: 32
2401:c680:1::/48 maxlen: 48
2401:c680:a::/48 maxlen: 48
2401:c680:e::/48 maxlen: 48
2401:c680:f::/48 maxlen: 48
2401:c680:1000::/38 maxlen: 38
2401:c680:2000::/40 maxlen: 40
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6826 (0x1aaa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E8632
Validity
Not Before: Dec 18 16:44:06 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=6762fbd6-77cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:26:14:2d:32:d6:96:5a:39:cf:a1:3f:7b:dd:
53:46:4f:09:a9:1c:89:46:33:61:e8:a0:80:92:34:
9c:9b:5c:6f:c7:96:cf:50:fd:07:79:44:1a:60:26:
45:0c:28:71:a2:f3:0a:b4:77:6b:d0:cf:f7:f2:22:
56:cf:bc:e8:58:a5:0c:9b:b6:2f:ac:9c:31:fb:37:
c9:1b:e2:f3:e5:c9:06:ee:ac:d4:b3:37:18:43:52:
7d:8c:d4:50:6a:8c:04:0f:7f:43:cc:ab:4e:66:62:
e9:21:9f:21:bc:4b:9e:1a:67:f3:50:8e:77:ea:9f:
5b:fc:0b:83:29:37:6f:33:b6:d1:a7:c0:96:cf:cd:
ff:fa:87:ce:68:ba:22:09:ad:07:4a:fa:70:23:dd:
62:fe:0d:11:04:d5:57:9e:a8:8d:c6:ee:d9:db:70:
58:e1:1f:9d:4e:7d:61:94:98:fb:e1:59:fd:f5:7a:
b2:16:55:32:75:2b:eb:84:36:04:57:a7:40:08:44:
0c:69:66:98:a1:00:ba:82:d2:c1:bb:84:49:e5:e9:
63:c4:8f:5c:8b:ce:a0:fe:65:48:20:20:65:88:41:
2f:3b:ca:f8:b3:a7:ac:fd:bc:bd:f7:b7:13:fe:28:
e3:c6:84:c9:a8:23:24:91:65:3c:45:4f:7b:c6:ec:
2b:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:B4:CD:B2:5F:06:84:6D:D9:36:48:AD:47:AF:68:BF:C8:AB:76:07
X509v3 Authority Key Identifier:
keyid:EC:56:3D:BF:E2:F3:98:C8:E9:FB:19:F9:F7:42:32:B6:B5:4A:A6:EA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E8632/05CE44EA2E5E11E7BAC88B69C4F9AE02/7FY9v-LzmMjp-xn590IytrVKpuo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7FY9v-LzmMjp-xn590IytrVKpuo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E8632/05CE44EA2E5E11E7BAC88B69C4F9AE02/DC3B90E4520011ECA6088714C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.224.108.0/22
103.43.148.0/24
103.43.150.0/23
IPv6:
2401:c680::/32
Signature Algorithm: sha256WithRSAEncryption
16:62:74:c1:c1:20:c9:a5:39:83:16:ec:ae:ab:3a:28:cf:19:
5b:89:df:22:65:aa:83:ce:26:63:69:56:75:3d:6b:5d:51:8e:
35:da:16:a4:f0:0e:be:cc:fd:68:1d:e6:6f:d7:89:51:f9:48:
d0:d0:2d:88:87:81:4f:ee:1f:27:96:47:0c:21:bf:9d:2f:5f:
52:5f:d6:b5:3a:94:ad:5b:4b:2a:2d:75:0c:a1:95:4b:63:fd:
21:a6:4c:5e:11:e9:d2:2f:fa:fa:ce:8c:aa:05:a9:02:5d:b8:
bc:e1:43:0b:e0:e6:f1:7b:9e:c2:d1:46:8b:48:a2:53:e0:71:
28:ce:5d:5c:fc:a3:fe:23:fa:ee:99:ab:4a:78:d9:01:b1:05:
b4:d2:70:3a:44:0e:0b:84:a2:d8:aa:14:73:ac:db:6e:ba:c3:
6b:a7:3f:15:b6:e8:b6:72:77:eb:5a:e9:af:16:d1:3e:fa:8b:
b2:57:c5:c8:d6:5f:1e:aa:d8:f9:1a:90:82:c0:93:d0:a1:d2:
84:47:b1:03:13:8f:d8:f5:ea:1c:a5:59:73:72:e3:f6:ff:9f:
ec:01:3b:70:d7:06:60:ab:43:ee:79:26:68:13:4b:8f:bf:00:
ae:9e:ac:45:24:38:37:5f:79:64:ab:5b:ee:f6:50:c5:9f:0a:
89:fa:a5:c1
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgICGqowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTg2MzIxMTAvBgNVBAUTKEVDNTYzREJGRTJGMzk4QzhFOUZCMTlGOUY3NDIzMkI2
QjU0QUE2RUEwHhcNMjQxMjE4MTY0NDA2WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzYyZmJkNi03N2NkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtiYULTLWllo5z6E/e91TRk8JqRyJRjNh6KCAkjScm1xvx5bPUP0HeUQaYCZF
DChxovMKtHdr0M/38iJWz7zoWKUMm7YvrJwx+zfJG+Lz5ckG7qzUszcYQ1J9jNRQ
aowED39DzKtOZmLpIZ8hvEueGmfzUI536p9b/AuDKTdvM7bRp8CWz83/+ofOaLoi
Ca0HSvpwI91i/g0RBNVXnqiNxu7Z23BY4R+dTn1hlJj74Vn99XqyFlUydSvrhDYE
V6dACEQMaWaYoQC6gtLBu4RJ5eljxI9ci86g/mVIICBliEEvO8r4s6es/by997cT
/ijjxoTJqCMkkWU8RU97xuwr7QIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFI+0zbJf
BoRt2TZIrUevaL/Iq3YHMB8GA1UdIwQYMBaAFOxWPb/i85jI6fsZ+fdCMra1Sqbq
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFODYzMi8wNUNFNDRFQTJF
NUUxMUU3QkFDODhCNjlDNEY5QUUwMi83Rlk5di1Mem1NanAteG41OTBJeXRyVktw
dW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzdGWTl2LUx6bU1qcC14bjU5MEl5dHJWS3B1by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTg2MzIvMDVDRTQ0RUEyRTVFMTFFN0JBQzg4QjY5QzRGOUFFMDIvREMzQjkwRTQ1
MjAwMTFFQ0E2MDg4NzE0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOgYIKwYBBQUHAQcBAf8E
KzApMBgEAgABMBIDBAIr4GwDBABnK5QDBAFnK5YwDQQCAAIwBwMFACQBxoAwDQYJ
KoZIhvcNAQELBQADggEBABZidMHBIMmlOYMW7K6rOijPGVuJ3yJlqoPOJmNpVnU9
a11RjjXaFqTwDr7M/Wgd5m/XiVH5SNDQLYiHgU/uHyeWRwwhv50vX1Jf1rU6lK1b
SyotdQyhlUtj/SGmTF4R6dIv+vrOjKoFqQJduLzhQwvg5vF7nsLRRotIolPgcSjO
XVz8o/4j+u6Zq0p42QGxBbTScDpEDguEotiqFHOs2266w2unPxW26LZyd+ta6a8W
0T76i7JXxcjWXx6q2PkakILAk9Ch0oRHsQMTj9j16hylWXNy4/b/n+wBO3DXBmCr
Q+55JmgTS4+/AK6erEUkODdfeWSrW+72UMWfCon6pcE=
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:54:12 2025 by rpki-client