Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EF590/2F7B17C4390D11EB88BC6165C4F9AE02/E9573898390E11EBAC72036BC4F9AE02.roa
File: E9573898390E11EBAC72036BC4F9AE02.roa (raw, json)
Hash identifier: obihlxRhU0PPosQc2ueIbFqyf53tOUTNgrbX1TDxlFA=
Subject key identifier: F2:97:B3:36:F1:01:70:83:55:CA:22:E7:AA:A6:98:8A:60:BB:52:EB
Certificate issuer: /CN=A91EF590/serialNumber=4D71A7A18A82ADD044BC28EF5DF2196B0FD21D5C
Certificate serial: 0652
Authority key identifier: 4D:71:A7:A1:8A:82:AD:D0:44:BC:28:EF:5D:F2:19:6B:0F:D2:1D:5C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TXGnoYqCrdBEvCjvXfIZaw_SHVw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EF590/2F7B17C4390D11EB88BC6165C4F9AE02/E9573898390E11EBAC72036BC4F9AE02.roa
Signing time: Fri 12 Apr 2024 23:41:16 +0000
ROA not before: Fri 12 Apr 2024 23:41:16 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 137466
IP address blocks: 103.109.232.0/24 maxlen: 24
103.109.234.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1618 (0x652)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EF590
Validity
Not Before: Apr 12 23:41:16 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=6619c69c-5365
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:d8:3a:70:31:a8:a5:d3:8c:6e:cd:92:34:5b:
33:9e:1d:73:50:e1:f8:af:b7:67:64:80:a1:8e:ef:
09:25:3b:be:87:79:7d:ff:b5:8b:0c:68:64:83:c0:
36:c7:40:40:ca:ae:7a:85:3e:ad:d4:dc:18:24:72:
0f:3c:cf:4c:5d:5d:3b:3f:b1:ee:8c:36:83:60:84:
d8:52:da:7d:20:d5:1e:f5:33:a5:3f:4a:a4:85:ab:
c0:33:78:34:94:a7:7a:62:81:7b:e3:c0:c1:5e:1a:
29:84:cb:d1:9b:f7:79:e9:8d:b3:e6:53:b2:58:cb:
9e:5f:f5:2d:7d:38:32:3b:08:43:7a:d0:76:70:df:
b3:6d:a7:af:11:e9:51:1e:3e:d5:50:02:33:4f:4f:
5d:10:15:73:d5:52:07:86:95:61:f5:5f:12:38:9b:
40:bf:dd:18:36:4d:c2:19:a9:27:2e:9b:26:7b:52:
1e:da:3a:75:fb:dd:bd:74:fa:49:7f:31:fb:ef:e2:
66:f0:1d:5e:95:af:67:a9:89:07:d3:72:6e:aa:f6:
ce:18:d1:7e:77:39:e1:63:14:ad:35:c1:65:f8:a9:
2f:d8:bf:0f:a5:00:cc:70:0c:77:60:ec:4f:85:35:
dc:9c:0e:bf:8a:c1:df:3d:57:1b:15:70:93:39:04:
82:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:97:B3:36:F1:01:70:83:55:CA:22:E7:AA:A6:98:8A:60:BB:52:EB
X509v3 Authority Key Identifier:
keyid:4D:71:A7:A1:8A:82:AD:D0:44:BC:28:EF:5D:F2:19:6B:0F:D2:1D:5C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EF590/2F7B17C4390D11EB88BC6165C4F9AE02/TXGnoYqCrdBEvCjvXfIZaw_SHVw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TXGnoYqCrdBEvCjvXfIZaw_SHVw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EF590/2F7B17C4390D11EB88BC6165C4F9AE02/E9573898390E11EBAC72036BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.109.232.0/24
103.109.234.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:fc:11:85:17:bf:79:3e:f1:85:02:1b:61:24:2b:8a:50:9b:
49:ee:c5:e2:55:4a:b4:b3:2b:9c:6f:40:a3:2c:f3:81:72:6a:
9d:dc:d2:23:94:8e:5f:66:11:70:27:3a:4a:92:bf:90:a7:2c:
fc:5d:fc:ad:33:5c:9a:96:4f:7e:31:5f:bd:5b:37:50:2e:39:
94:a3:f0:f3:b7:b7:58:8d:8f:75:36:ce:d4:9a:74:e1:37:c9:
6f:33:6a:bd:b7:82:0b:0f:29:e8:be:d1:3f:e4:55:1a:77:c8:
c4:f8:77:2e:3b:fc:1b:fb:85:4a:f7:7b:fa:fb:ac:35:13:ac:
b1:07:8c:6f:84:ba:e7:4d:7f:c9:fa:d3:c9:40:4f:3f:b8:c4:
82:6f:a3:27:e0:59:e7:9b:05:9f:d5:2b:90:aa:a5:97:8c:41:
76:15:cb:9c:6e:3e:26:f4:56:a5:58:b0:d0:cb:6d:5f:12:7d:
b3:3c:d4:7a:5a:0a:1e:01:89:1f:91:59:06:8a:32:6d:1d:9c:
18:50:d6:06:9e:4a:e6:6f:24:e0:3f:6b:99:a1:d3:16:91:2d:
90:93:41:e9:0a:58:41:a6:1b:25:df:31:26:8f:46:b3:54:c9:
5c:df:c0:0c:5f:1e:31:69:ab:88:94:e6:01:13:d3:05:fe:73:
00:e9:21:66
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICBlIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUY1OTAxMTAvBgNVBAUTKDRENzFBN0ExOEE4MkFERDA0NEJDMjhFRjVERjIxOTZC
MEZEMjFENUMwHhcNMjQwNDEyMjM0MTE2WhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02NjE5YzY5Yy01MzY1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1dg6cDGopdOMbs2SNFsznh1zUOH4r7dnZIChju8JJTu+h3l9/7WLDGhkg8A2
x0BAyq56hT6t1NwYJHIPPM9MXV07P7HujDaDYITYUtp9INUe9TOlP0qkhavAM3g0
lKd6YoF748DBXhophMvRm/d56Y2z5lOyWMueX/UtfTgyOwhDetB2cN+zbaevEelR
Hj7VUAIzT09dEBVz1VIHhpVh9V8SOJtAv90YNk3CGaknLpsme1Ie2jp1+929dPpJ
fzH77+Jm8B1ela9nqYkH03JuqvbOGNF+dznhYxStNcFl+Kkv2L8PpQDMcAx3YOxP
hTXcnA6/isHfPVcbFXCTOQSClQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFPKXszbx
AXCDVcoi56qmmIpgu1LrMB8GA1UdIwQYMBaAFE1xp6GKgq3QRLwo713yGWsP0h1c
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFRjU5MC8yRjdCMTdDNDM5
MEQxMUVCODhCQzYxNjVDNEY5QUUwMi9UWEdub1lxQ3JkQkV2Q2p2WGZJWmF3X1NI
VncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1RYR25vWXFDcmRCRXZDanZYZklaYXdfU0hWdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUY1OTAvMkY3QjE3QzQzOTBEMTFFQjg4QkM2MTY1QzRGOUFFMDIvRTk1NzM4OTgz
OTBFMTFFQkFDNzIwMzZCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBABnbegDBABnbeowDQYJKoZIhvcNAQELBQADggEBAKb8EYUX
v3k+8YUCG2EkK4pQm0nuxeJVSrSzK5xvQKMs84Fyap3c0iOUjl9mEXAnOkqSv5Cn
LPxd/K0zXJqWT34xX71bN1AuOZSj8PO3t1iNj3U2ztSadOE3yW8zar23ggsPKei+
0T/kVRp3yMT4dy47/Bv7hUr3e/r7rDUTrLEHjG+EuudNf8n608lATz+4xIJvoyfg
WeebBZ/VK5CqpZeMQXYVy5xuPib0VqVYsNDLbV8SfbM81HpaCh4BiR+RWQaKMm0d
nBhQ1gaeSuZvJOA/a5mh0xaRLZCTQekKWEGmGyXfMSaPRrNUyVzfwAxfHjFpq4iU
5gET0wX+cwDpIWY=
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:10:11 2025 by rpki-client