Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E868C/3FB93368A9DB11E984285286C4F9AE02/3FE88D863D8211EEA0E4DD46C4F9AE02.roa
File: 3FE88D863D8211EEA0E4DD46C4F9AE02.roa (raw, json)
Hash identifier: GkH732I1xtgGbCxpuKwxGejcreu2f5sOzAx51TVl89I=
Subject key identifier: 69:25:AA:0C:79:C5:C1:0F:81:2C:1D:D4:86:98:91:90:1C:CA:4A:68
Certificate issuer: /CN=A91E868C/serialNumber=28E670C2E37012F05C63BB566E203C51DC45E2B2
Certificate serial: 0DFC
Authority key identifier: 28:E6:70:C2:E3:70:12:F0:5C:63:BB:56:6E:20:3C:51:DC:45:E2:B2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KOZwwuNwEvBcY7tWbiA8UdxF4rI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E868C/3FB93368A9DB11E984285286C4F9AE02/3FE88D863D8211EEA0E4DD46C4F9AE02.roa
Signing time: Wed 04 Sep 2024 18:36:26 +0000
ROA not before: Wed 04 Sep 2024 18:36:26 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 132021
IP address blocks: 103.5.0.0/22 maxlen: 22
103.5.0.0/23 maxlen: 23
103.5.0.0/24 maxlen: 24
103.5.1.0/24 maxlen: 24
103.5.2.0/23 maxlen: 23
103.5.2.0/24 maxlen: 24
103.5.3.0/24 maxlen: 24
2403:cd00::/32 maxlen: 32
2403:cd00::/33 maxlen: 33
2403:cd00:8000::/33 maxlen: 33
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3580 (0xdfc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E868C
Validity
Not Before: Sep 4 18:36:26 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=66d8a8a9-36f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:5b:e7:12:7b:8d:59:0b:e1:d2:ea:ec:f2:c7:
b5:e5:a2:18:d1:e1:34:3e:5f:3b:1d:a6:b5:24:58:
e6:22:c9:f2:6b:f2:8a:0e:80:af:0b:c0:98:c0:0c:
27:6d:1d:df:44:ef:99:85:c3:30:fa:78:3e:08:fc:
6c:0d:10:2b:7e:11:c7:c1:db:f3:e7:44:f0:59:65:
97:e6:95:af:b9:2f:9f:90:d7:36:7c:86:09:19:16:
e8:3c:e2:18:76:d0:8a:b8:0d:74:ed:55:01:33:9a:
8d:27:92:bc:e4:a3:c5:a9:9d:22:29:ad:21:ea:8b:
ba:8e:91:ea:a7:d3:7e:32:c2:65:4e:fb:74:ea:06:
9b:e1:b8:4c:ab:9e:47:d1:17:bc:14:e0:ca:2e:33:
4f:b6:41:63:94:92:ed:ec:fd:e3:1f:29:14:3f:4d:
ad:34:b5:cc:9f:7b:89:aa:b0:69:ce:a0:2f:81:24:
29:a3:29:ea:6b:b7:5e:16:9b:52:aa:72:66:8f:f0:
ec:de:67:47:c3:47:56:4d:5e:15:42:36:d6:d4:b9:
53:85:6c:62:5e:ad:c3:2c:a6:38:45:96:3a:47:c0:
8a:af:fb:58:5f:da:df:a6:e2:a0:71:51:4d:f4:45:
4e:e9:ee:91:eb:ed:85:b2:8c:85:c9:fe:73:84:e5:
80:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:25:AA:0C:79:C5:C1:0F:81:2C:1D:D4:86:98:91:90:1C:CA:4A:68
X509v3 Authority Key Identifier:
keyid:28:E6:70:C2:E3:70:12:F0:5C:63:BB:56:6E:20:3C:51:DC:45:E2:B2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E868C/3FB93368A9DB11E984285286C4F9AE02/KOZwwuNwEvBcY7tWbiA8UdxF4rI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KOZwwuNwEvBcY7tWbiA8UdxF4rI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E868C/3FB93368A9DB11E984285286C4F9AE02/3FE88D863D8211EEA0E4DD46C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.5.0.0/22
IPv6:
2403:cd00::/32
Signature Algorithm: sha256WithRSAEncryption
27:23:7c:0d:ea:70:19:cd:28:3b:f6:70:a3:9e:4b:30:ac:56:
8f:72:2e:9b:41:e9:80:be:05:3f:5b:8c:f5:ce:e5:a4:0b:b7:
4c:fd:27:a4:35:57:89:5b:7a:be:48:63:7b:03:d9:6c:e8:6d:
fa:81:18:a6:ed:e8:e8:58:f8:7c:ab:f8:a7:8e:a2:91:e2:51:
5c:8c:ad:f8:6d:94:10:b7:0e:4b:a0:46:8a:63:03:e1:48:73:
92:56:99:df:0f:25:27:95:3e:7d:37:86:7b:f3:ef:73:03:49:
8f:65:cf:2a:a9:0a:dd:11:cc:a5:17:ba:e5:f2:f3:dc:d5:b4:
9d:7f:d2:6e:4a:29:bc:87:a2:3a:8e:35:49:6f:99:4b:f5:5f:
3e:ae:f8:0e:67:4f:12:a7:51:ea:ba:c6:38:03:0d:01:72:56:
d9:72:04:00:25:e7:2b:8e:64:97:b1:15:3d:3b:7b:5e:2f:2e:
66:03:df:2a:34:93:a6:35:dc:c8:f7:0b:47:0f:32:92:39:29:
96:7c:bf:a1:64:9d:2b:13:a9:90:b0:10:d0:db:17:aa:01:37:
ae:b5:57:59:9e:ed:4e:0d:74:65:3b:fc:6a:e1:97:4b:36:9e:
81:91:53:30:2c:84:91:85:90:7c:c7:ef:ec:ff:df:ac:e5:00:
0f:14:24:28
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICDfwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTg2OEMxMTAvBgNVBAUTKDI4RTY3MEMyRTM3MDEyRjA1QzYzQkI1NjZFMjAzQzUx
REM0NUUyQjIwHhcNMjQwOTA0MTgzNjI2WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmQ4YThhOS0zNmYzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsFvnEnuNWQvh0urs8se15aIY0eE0Pl87Haa1JFjmIsnya/KKDoCvC8CYwAwn
bR3fRO+ZhcMw+ng+CPxsDRArfhHHwdvz50TwWWWX5pWvuS+fkNc2fIYJGRboPOIY
dtCKuA107VUBM5qNJ5K85KPFqZ0iKa0h6ou6jpHqp9N+MsJlTvt06gab4bhMq55H
0Re8FODKLjNPtkFjlJLt7P3jHykUP02tNLXMn3uJqrBpzqAvgSQpoynqa7deFptS
qnJmj/Ds3mdHw0dWTV4VQjbW1LlThWxiXq3DLKY4RZY6R8CKr/tYX9rfpuKgcVFN
9EVO6e6R6+2FsoyFyf5zhOWApQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFGklqgx5
xcEPgSwd1IaYkZAcykpoMB8GA1UdIwQYMBaAFCjmcMLjcBLwXGO7Vm4gPFHcReKy
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFODY4Qy8zRkI5MzM2OEE5
REIxMUU5ODQyODUyODZDNEY5QUUwMi9LT1p3d3VOd0V2QmNZN3RXYmlBOFVkeEY0
ckkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tPWnd3dU53RXZCY1k3dFdiaUE4VWR4RjRySS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTg2OEMvM0ZCOTMzNjhBOURCMTFFOTg0Mjg1Mjg2QzRGOUFFMDIvM0ZFODhEODYz
RDgyMTFFRUEwRTRERDQ2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAJnBQAwDQQCAAIwBwMFACQDzQAwDQYJKoZIhvcNAQELBQAD
ggEBACcjfA3qcBnNKDv2cKOeSzCsVo9yLptB6YC+BT9bjPXO5aQLt0z9J6Q1V4lb
er5IY3sD2WzobfqBGKbt6OhY+Hyr+KeOopHiUVyMrfhtlBC3DkugRopjA+FIc5JW
md8PJSeVPn03hnvz73MDSY9lzyqpCt0RzKUXuuXy89zVtJ1/0m5KKbyHojqONUlv
mUv1Xz6u+A5nTxKnUeq6xjgDDQFyVtlyBAAl5yuOZJexFT07e14vLmYD3yo0k6Y1
3Mj3C0cPMpI5KZZ8v6FknSsTqZCwENDbF6oBN661V1me7U4NdGU7/Grhl0s2noGR
UzAshJGFkHzH7+z/36zlAA8UJCg=
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:13:32 2025 by rpki-client