Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F2089/E1C4A41E4CE811ECBD05FA7CC4F9AE02/3C4374804CEC11ECAE6AB280C4F9AE02.roa
File: 3C4374804CEC11ECAE6AB280C4F9AE02.roa (raw, json)
Hash identifier: F010fbR+bi9xTUBl3AUBVvzkCJVPeJDxWa/Ivtr1ZK4=
Subject key identifier: 71:3A:AE:DB:B5:83:14:FA:01:8B:DF:FC:56:CF:E0:96:0B:5E:80:AB
Certificate issuer: /CN=A91F2089/serialNumber=F14D6C3D3DE6CB1074F7A2E905D9F85451045A65
Certificate serial: 03FD
Authority key identifier: F1:4D:6C:3D:3D:E6:CB:10:74:F7:A2:E9:05:D9:F8:54:51:04:5A:65
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8U1sPT3myxB096LpBdn4VFEEWmU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F2089/E1C4A41E4CE811ECBD05FA7CC4F9AE02/3C4374804CEC11ECAE6AB280C4F9AE02.roa
Signing time: Tue 05 Nov 2024 00:03:20 +0000
ROA not before: Tue 05 Nov 2024 00:03:20 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 63991
IP address blocks: 103.176.228.0/23 maxlen: 24
2400:36a0::/32 maxlen: 32
2400:36a0::/48 maxlen: 48
2400:36a0:3c::/48 maxlen: 48
2400:36a0:3f::/48 maxlen: 48
2400:36a0:54::/48 maxlen: 48
2400:36a0:80::/48 maxlen: 48
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1021 (0x3fd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F2089
Validity
Not Before: Nov 5 00:03:20 2024 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=672960c8-8462
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:70:2a:16:83:ad:06:51:c1:df:77:1d:3e:97:
b6:e2:5b:6b:2b:a1:77:42:b9:1d:33:51:35:73:e5:
f7:d9:46:ae:f3:c5:d7:67:29:19:0d:a2:9a:38:22:
60:61:6e:85:2d:b7:83:92:ee:1c:af:02:76:b3:cc:
1f:d5:d2:0b:d2:77:64:41:34:9b:7d:8a:c4:c8:5a:
d4:bb:6f:e2:23:02:e9:e4:f6:e5:76:33:05:26:53:
ee:60:3d:c5:a1:44:c1:90:f0:39:c7:75:bd:9d:b1:
0a:0c:84:d5:09:ae:5b:cb:f8:e0:ec:94:4a:9e:63:
8b:a6:22:bc:d1:d9:a3:36:59:17:b6:78:3c:56:56:
83:e2:ce:88:cc:00:1b:07:0d:27:e2:14:a2:b4:17:
c4:b2:77:b7:e9:c3:62:2a:7f:dc:b5:f2:a4:03:78:
32:ad:b5:70:75:d9:1e:af:27:d5:f9:fa:8c:83:51:
66:24:23:8e:35:3c:27:ac:4c:e0:1e:ee:c2:b0:3d:
90:a5:01:d8:ac:a4:0d:81:ab:f2:86:38:67:f1:29:
f6:e5:0e:f4:d3:9c:e9:55:e3:48:4e:d5:85:85:6a:
2c:5b:7c:07:95:5d:8e:0b:37:2c:89:2a:1c:09:b7:
96:6b:5a:2d:05:df:de:00:37:e0:67:d6:7b:e1:f3:
0c:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:3A:AE:DB:B5:83:14:FA:01:8B:DF:FC:56:CF:E0:96:0B:5E:80:AB
X509v3 Authority Key Identifier:
keyid:F1:4D:6C:3D:3D:E6:CB:10:74:F7:A2:E9:05:D9:F8:54:51:04:5A:65
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F2089/E1C4A41E4CE811ECBD05FA7CC4F9AE02/8U1sPT3myxB096LpBdn4VFEEWmU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8U1sPT3myxB096LpBdn4VFEEWmU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F2089/E1C4A41E4CE811ECBD05FA7CC4F9AE02/3C4374804CEC11ECAE6AB280C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.176.228.0/23
IPv6:
2400:36a0::/32
Signature Algorithm: sha256WithRSAEncryption
24:2a:40:9e:6b:70:f4:be:20:e2:e9:ed:c1:b9:5e:76:70:c1:
07:00:c7:78:e9:9a:34:bb:49:1d:ee:83:4e:5a:68:ab:01:89:
4d:11:e6:77:82:3f:d7:c4:d4:5a:bb:e2:49:ff:87:f4:f6:b4:
13:6b:f5:a6:4c:40:5a:d8:1d:6c:db:4b:43:a7:a2:3a:7d:f8:
3e:b3:e9:39:ac:5f:e7:05:e4:fb:6c:6c:a2:45:7e:01:2a:74:
20:76:0e:de:86:61:b2:eb:da:a8:31:9f:a7:29:70:e0:e2:5b:
5a:28:70:13:a1:05:c6:40:5b:79:6e:f7:f1:f9:cd:a5:d9:7c:
ba:08:04:9d:5e:bb:a4:9b:69:15:ef:d9:bf:df:d7:d0:17:36:
d4:3f:eb:e4:0d:13:da:1e:5b:8a:93:bf:aa:df:a4:ee:b0:fc:
d9:ce:85:76:c4:6b:5d:cf:3d:62:fc:8c:87:28:af:20:d4:41:
64:c4:c7:fb:ee:65:b9:be:43:b9:9c:5f:db:73:2f:09:26:f8:
e0:21:d0:65:5d:63:10:c1:e4:85:56:a2:ee:51:71:66:5f:0a:
3b:f0:36:cd:fe:33:be:1a:6b:2b:eb:a3:1e:29:2c:f4:e0:36:
f7:46:f0:99:5d:93:9b:35:27:9d:d5:21:53:9d:80:bb:0d:d1:
e7:1d:1a:c1
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICA/0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjIwODkxMTAvBgNVBAUTKEYxNEQ2QzNEM0RFNkNCMTA3NEY3QTJFOTA1RDlGODU0
NTEwNDVBNjUwHhcNMjQxMTA1MDAwMzIwWhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzI5NjBjOC04NDYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA13AqFoOtBlHB33cdPpe24ltrK6F3QrkdM1E1c+X32Uau88XXZykZDaKaOCJg
YW6FLbeDku4crwJ2s8wf1dIL0ndkQTSbfYrEyFrUu2/iIwLp5PbldjMFJlPuYD3F
oUTBkPA5x3W9nbEKDITVCa5by/jg7JRKnmOLpiK80dmjNlkXtng8VlaD4s6IzAAb
Bw0n4hSitBfEsne36cNiKn/ctfKkA3gyrbVwddkeryfV+fqMg1FmJCOONTwnrEzg
Hu7CsD2QpQHYrKQNgavyhjhn8Sn25Q7005zpVeNITtWFhWosW3wHlV2OCzcsiSoc
CbeWa1otBd/eADfgZ9Z74fMMCwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFHE6rtu1
gxT6AYvf/FbP4JYLXoCrMB8GA1UdIwQYMBaAFPFNbD095ssQdPei6QXZ+FRRBFpl
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMjA4OS9FMUM0QTQxRTRD
RTgxMUVDQkQwNUZBN0NDNEY5QUUwMi84VTFzUFQzbXl4QjA5NkxwQmRuNFZGRUVX
bVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzhVMXNQVDNteXhCMDk2THBCZG40VkZFRVdtVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjIwODkvRTFDNEE0MUU0Q0U4MTFFQ0JEMDVGQTdDQzRGOUFFMDIvM0M0Mzc0ODA0
Q0VDMTFFQ0FFNkFCMjgwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAFnsOQwDQQCAAIwBwMFACQANqAwDQYJKoZIhvcNAQELBQAD
ggEBACQqQJ5rcPS+IOLp7cG5XnZwwQcAx3jpmjS7SR3ug05aaKsBiU0R5neCP9fE
1Fq74kn/h/T2tBNr9aZMQFrYHWzbS0Onojp9+D6z6TmsX+cF5PtsbKJFfgEqdCB2
Dt6GYbLr2qgxn6cpcODiW1oocBOhBcZAW3lu9/H5zaXZfLoIBJ1eu6SbaRXv2b/f
19AXNtQ/6+QNE9oeW4qTv6rfpO6w/NnOhXbEa13PPWL8jIcoryDUQWTEx/vuZbm+
Q7mcX9tzLwkm+OAh0GVdYxDB5IVWou5RcWZfCjvwNs3+M74aayvrox4pLPTgNvdG
8Jldk5s1J53VIVOdgLsN0ecdGsE=
-----END CERTIFICATE-----
Generated at Sat Apr 5 01:58:09 2025 by rpki-client