Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F731E/F5967E6C5EF111E6A7D1AF26C4F9AE02/51242EA0157A11EEBF2E043CC4F9AE02.roa
File: 51242EA0157A11EEBF2E043CC4F9AE02.roa (raw, json)
Hash identifier: gdgPydJrUkK8DpVlQ4wmxtIpuGhoHfbxVdF/ULwigco=
Subject key identifier: 16:D6:6F:9F:23:09:24:76:45:5D:B4:FA:5B:43:3C:41:7C:14:EE:D6
Certificate issuer: /CN=A91F731E/serialNumber=2585243D6805F2EA8BC3F63B82364BA991F330B9
Certificate serial: 1EC5
Authority key identifier: 25:85:24:3D:68:05:F2:EA:8B:C3:F6:3B:82:36:4B:A9:91:F3:30:B9
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JYUkPWgF8uqLw_Y7gjZLqZHzMLk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F731E/F5967E6C5EF111E6A7D1AF26C4F9AE02/51242EA0157A11EEBF2E043CC4F9AE02.roa
Signing time: Fri 12 Jul 2024 16:53:35 +0000
ROA not before: Fri 12 Jul 2024 16:53:35 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 137187
IP address blocks: 103.211.150.0/23 maxlen: 24
124.41.244.0/22 maxlen: 22
124.41.244.0/24 maxlen: 24
124.41.245.0/24 maxlen: 24
124.41.246.0/24 maxlen: 24
124.41.247.0/24 maxlen: 24
2400:1a00:cd01::/48 maxlen: 48
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7877 (0x1ec5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F731E
Validity
Not Before: Jul 12 16:53:35 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=66915f8e-99c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:0a:c6:6f:d0:02:53:61:f4:52:55:ae:78:4b:
36:80:04:c3:ef:0b:29:70:40:b9:9d:9a:fa:7b:5d:
4f:99:e6:75:58:b4:fe:fd:e4:ca:3f:2e:23:ed:2b:
ba:3b:88:f7:0c:84:12:1c:45:87:da:44:a6:6e:a7:
76:31:bd:f6:e2:f7:ea:23:ae:1b:c0:e5:dd:6e:97:
71:66:8a:29:59:85:48:8b:73:fb:e2:5d:8d:95:97:
09:1f:da:56:af:77:ba:5d:a8:07:7d:e2:2b:c0:e9:
42:b6:b5:7e:6c:65:9b:c9:ad:b0:8f:a4:b1:88:69:
e6:02:d1:c7:98:cf:0f:84:bb:1f:7b:47:fd:60:d2:
6e:d3:2b:c6:7e:cf:89:71:ce:19:f8:c2:ab:cb:c4:
83:07:3c:fb:f1:65:d3:6e:d5:fa:0a:d6:6b:96:e8:
29:91:60:dc:a3:3a:e5:12:aa:48:14:3c:ab:6a:c0:
99:78:81:e9:5b:73:5d:58:52:e1:88:c3:b6:5c:0f:
66:5d:aa:91:99:f5:32:df:60:78:ab:e0:66:d0:1a:
bf:02:70:41:cf:6a:9d:bf:09:2c:5c:c5:84:a6:d1:
4f:1b:46:9d:6b:fa:4b:13:a2:87:c2:15:d7:ee:6d:
52:6f:df:d0:f8:06:f1:6f:46:42:e9:56:c2:57:08:
e5:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:D6:6F:9F:23:09:24:76:45:5D:B4:FA:5B:43:3C:41:7C:14:EE:D6
X509v3 Authority Key Identifier:
keyid:25:85:24:3D:68:05:F2:EA:8B:C3:F6:3B:82:36:4B:A9:91:F3:30:B9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F731E/F5967E6C5EF111E6A7D1AF26C4F9AE02/JYUkPWgF8uqLw_Y7gjZLqZHzMLk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JYUkPWgF8uqLw_Y7gjZLqZHzMLk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F731E/F5967E6C5EF111E6A7D1AF26C4F9AE02/51242EA0157A11EEBF2E043CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.211.150.0/23
124.41.244.0/22
IPv6:
2400:1a00:cd01::/48
Signature Algorithm: sha256WithRSAEncryption
86:d4:7d:ba:b0:c5:50:6a:9e:33:9b:01:47:52:fb:4d:b2:a6:
4a:5f:2f:df:08:86:f0:bd:54:62:41:aa:24:30:c9:2c:16:c4:
e9:53:8b:48:55:1e:58:6e:1a:72:d6:e0:7b:a8:93:5c:db:85:
5c:f9:a1:67:21:f4:b6:e4:31:ef:cf:b9:78:b1:51:a5:09:78:
57:84:15:f3:d2:26:86:46:cd:dc:70:09:d1:46:db:62:4a:31:
78:96:4f:00:8e:5b:78:88:b8:2d:86:07:4f:b6:0b:41:51:da:
e5:93:72:ab:32:42:f7:b5:16:68:24:a2:e2:79:6e:f0:7e:86:
10:0e:34:f1:09:d9:64:16:e5:81:16:36:18:9f:39:7e:01:97:
e6:e6:f5:7e:bf:9f:82:ee:f4:0c:f0:2a:4d:bb:66:ef:d0:75:
d1:61:c3:d1:9a:a4:f9:ee:92:38:9c:f4:ed:7b:62:64:91:40:
03:61:5e:3a:bb:ab:0c:3c:24:f7:5d:96:8d:d9:03:37:a7:33:
40:1d:50:00:58:46:2f:5f:1f:e1:b1:c6:d5:2e:19:37:54:bd:
32:09:36:6d:32:20:0d:cf:8a:16:c4:1f:3d:8d:b9:4d:c1:43:
91:1c:b0:77:b5:92:07:2e:39:2d:52:98:bc:d4:e6:14:4b:fd:
da:26:67:71
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgICHsUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjczMUUxMTAvBgNVBAUTKDI1ODUyNDNENjgwNUYyRUE4QkMzRjYzQjgyMzY0QkE5
OTFGMzMwQjkwHhcNMjQwNzEyMTY1MzM1WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjkxNWY4ZS05OWM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0ArGb9ACU2H0UlWueEs2gATD7wspcEC5nZr6e11PmeZ1WLT+/eTKPy4j7Su6
O4j3DIQSHEWH2kSmbqd2Mb324vfqI64bwOXdbpdxZoopWYVIi3P74l2NlZcJH9pW
r3e6XagHfeIrwOlCtrV+bGWbya2wj6SxiGnmAtHHmM8PhLsfe0f9YNJu0yvGfs+J
cc4Z+MKry8SDBzz78WXTbtX6CtZrlugpkWDcozrlEqpIFDyrasCZeIHpW3NdWFLh
iMO2XA9mXaqRmfUy32B4q+Bm0Bq/AnBBz2qdvwksXMWEptFPG0ada/pLE6KHwhXX
7m1Sb9/Q+Abxb0ZC6VbCVwjlfQIDAQABo4ICrDCCAqgwHQYDVR0OBBYEFBbWb58j
CSR2RV20+ltDPEF8FO7WMB8GA1UdIwQYMBaAFCWFJD1oBfLqi8P2O4I2S6mR8zC5
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNzMxRS9GNTk2N0U2QzVF
RjExMUU2QTdEMUFGMjZDNEY5QUUwMi9KWVVrUFdnRjh1cUx3X1k3Z2paTHFaSHpN
TGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0pZVWtQV2dGOHVxTHdfWTdnalpMcVpIek1May5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjczMUUvRjU5NjdFNkM1RUYxMTFFNkE3RDFBRjI2QzRGOUFFMDIvNTEyNDJFQTAx
NTdBMTFFRUJGMkUwNDNDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNgYIKwYBBQUHAQcBAf8E
JzAlMBIEAgABMAwDBAFn05YDBAJ8KfQwDwQCAAIwCQMHACQAGgDNATANBgkqhkiG
9w0BAQsFAAOCAQEAhtR9urDFUGqeM5sBR1L7TbKmSl8v3wiG8L1UYkGqJDDJLBbE
6VOLSFUeWG4actbge6iTXNuFXPmhZyH0tuQx78+5eLFRpQl4V4QV89ImhkbN3HAJ
0UbbYkoxeJZPAI5beIi4LYYHT7YLQVHa5ZNyqzJC97UWaCSi4nlu8H6GEA408QnZ
ZBblgRY2GJ85fgGX5ub1fr+fgu70DPAqTbtm79B10WHD0Zqk+e6SOJz07XtiZJFA
A2FeOrurDDwk912WjdkDN6czQB1QAFhGL18f4bHG1S4ZN1S9Mgk2bTIgDc+KFsQf
PY25TcFDkRywd7WSBy45LVKYvNTmFEv92iZncQ==
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:15:52 2025 by rpki-client