Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F7DCD/84428B0E73D111EA9CDEC534C4F9AE02/0791DE6034A511ED9D82D13BC4F9AE02.roa
File: 0791DE6034A511ED9D82D13BC4F9AE02.roa (raw, json)
Hash identifier: juMQ71UzLGU0NVMfjPJ2FFyOOWRBZEQJenhZ2xiR7QE=
Subject key identifier: 85:F9:05:47:55:9E:9E:E8:F3:C4:49:04:59:4E:98:79:2A:6F:8B:71
Certificate issuer: /CN=A91F7DCD/serialNumber=3BD302FA7A2E866A679B1B6096DB67453A03AB86
Certificate serial: 0A04
Authority key identifier: 3B:D3:02:FA:7A:2E:86:6A:67:9B:1B:60:96:DB:67:45:3A:03:AB:86
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/O9MC-nouhmpnmxtglttnRToDq4Y.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F7DCD/84428B0E73D111EA9CDEC534C4F9AE02/0791DE6034A511ED9D82D13BC4F9AE02.roa
Signing time: Wed 12 Mar 2025 07:41:48 +0000
ROA not before: Wed 12 Mar 2025 07:41:48 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 149175
IP address blocks: 39.109.92.0/24 maxlen: 24
39.109.93.0/24 maxlen: 24
39.109.94.0/24 maxlen: 24
39.109.95.0/24 maxlen: 24
103.120.228.0/23 maxlen: 24
103.227.128.0/24 maxlen: 24
103.227.129.0/24 maxlen: 24
103.227.131.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2564 (0xa04)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F7DCD
Validity
Not Before: Mar 12 07:41:48 2025 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=67d13abc-a941
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:ad:7d:fd:03:a0:04:15:99:f8:b9:eb:4b:92:
7c:e9:10:a8:7f:ec:21:a5:d9:99:f8:eb:3b:b7:eb:
90:1a:a2:74:fc:b7:69:e8:c7:22:ba:56:9b:dc:90:
b6:df:0b:89:df:ca:d5:24:39:22:b1:62:1f:67:50:
86:0c:93:fc:5c:4d:5a:eb:5e:ff:de:0d:68:a7:f0:
bb:d5:08:24:c0:52:a0:27:65:28:69:db:83:d5:fd:
e4:56:be:2a:0d:89:b2:c2:fb:84:ba:c9:e2:b9:c8:
04:05:89:b7:10:ac:e5:1f:b0:7a:41:d7:28:7a:ad:
f6:97:fd:67:f5:0c:ca:d7:25:7a:52:32:3b:71:47:
7f:92:02:52:4c:5d:06:81:44:8b:60:f2:3c:3a:5b:
5b:4d:11:45:ed:7d:2d:5d:cf:6f:bc:6e:9c:6c:3d:
08:80:07:23:78:97:97:84:93:a5:da:78:36:50:ad:
2c:82:a0:0f:dc:fa:a5:d8:2b:1d:d9:c8:ff:4e:d5:
aa:d6:a9:61:1d:2f:1d:5d:d3:dc:4e:0d:88:dd:0b:
d6:5b:8d:93:82:59:c0:f9:d3:cd:66:7c:e4:6a:02:
af:a3:90:4f:35:f4:19:cb:e9:76:dd:80:1c:2d:ae:
47:69:cf:d4:40:9a:c3:d8:96:cd:32:97:f1:09:98:
c3:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:F9:05:47:55:9E:9E:E8:F3:C4:49:04:59:4E:98:79:2A:6F:8B:71
X509v3 Authority Key Identifier:
keyid:3B:D3:02:FA:7A:2E:86:6A:67:9B:1B:60:96:DB:67:45:3A:03:AB:86
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F7DCD/84428B0E73D111EA9CDEC534C4F9AE02/O9MC-nouhmpnmxtglttnRToDq4Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/O9MC-nouhmpnmxtglttnRToDq4Y.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F7DCD/84428B0E73D111EA9CDEC534C4F9AE02/0791DE6034A511ED9D82D13BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
39.109.92.0/22
103.120.228.0/23
103.227.128.0/23
103.227.131.0/24
Signature Algorithm: sha256WithRSAEncryption
23:bd:f1:0a:76:e0:d5:60:25:de:5f:47:50:62:c8:13:f8:ac:
5e:85:68:6c:30:0c:3f:1f:9e:06:fb:95:bd:dd:a3:74:58:8c:
32:22:8a:33:b7:0d:96:4f:0e:ef:ec:15:a7:c2:b8:d1:5b:fa:
b7:00:94:57:5a:83:9c:c3:b9:d3:aa:cd:2d:ec:e6:82:11:d1:
35:2b:b3:9d:39:e1:14:c1:2e:72:40:35:c3:bc:e3:28:fd:01:
d0:44:31:9d:8b:28:5c:69:4e:ec:b6:3b:9e:98:ba:ef:f3:07:
3e:e1:99:b7:50:6c:33:db:66:aa:2c:31:90:5e:bc:da:d9:b9:
61:52:98:21:33:58:72:98:a9:57:33:e1:7a:f4:5f:aa:01:ac:
24:a2:98:43:e3:e2:67:1a:6b:61:eb:35:1a:88:b5:dd:16:c8:
bf:6e:b1:78:90:c8:05:00:cf:79:24:21:0c:c0:3b:5b:32:2f:
16:be:57:de:a6:d3:c5:3d:77:14:4e:9e:60:4d:d5:06:2b:59:
c2:7a:61:00:cd:cf:cb:45:5b:9c:19:95:96:33:b2:e8:7c:02:
bc:d1:2a:e7:e3:82:cc:e0:42:2d:07:7f:35:0d:8d:3e:14:c0:
c9:62:d2:54:17:2f:4a:98:3a:50:b8:00:38:19:b6:a5:fe:8d:
f7:6a:1c:f5
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICCgQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjdEQ0QxMTAvBgNVBAUTKDNCRDMwMkZBN0EyRTg2NkE2NzlCMUI2MDk2REI2NzQ1
M0EwM0FCODYwHhcNMjUwMzEyMDc0MTQ4WhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2QxM2FiYy1hOTQxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAq619/QOgBBWZ+LnrS5J86RCof+whpdmZ+Os7t+uQGqJ0/Ldp6Mciulab3JC2
3wuJ38rVJDkisWIfZ1CGDJP8XE1a617/3g1op/C71QgkwFKgJ2UoaduD1f3kVr4q
DYmywvuEusniucgEBYm3EKzlH7B6Qdcoeq32l/1n9QzK1yV6UjI7cUd/kgJSTF0G
gUSLYPI8OltbTRFF7X0tXc9vvG6cbD0IgAcjeJeXhJOl2ng2UK0sgqAP3Pql2Csd
2cj/TtWq1qlhHS8dXdPcTg2I3QvWW42TglnA+dPNZnzkagKvo5BPNfQZy+l23YAc
La5Hac/UQJrD2JbNMpfxCZjDNQIDAQABo4ICpzCCAqMwHQYDVR0OBBYEFIX5BUdV
np7o88RJBFlOmHkqb4txMB8GA1UdIwQYMBaAFDvTAvp6LoZqZ5sbYJbbZ0U6A6uG
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGN0RDRC84NDQyOEIwRTcz
RDExMUVBOUNERUM1MzRDNEY5QUUwMi9POU1DLW5vdWhtcG5teHRnbHR0blJUb0Rx
NFkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL085TUMtbm91aG1wbm14dGdsdHRuUlRvRHE0WS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjdEQ0QvODQ0MjhCMEU3M0QxMTFFQTlDREVDNTM0QzRGOUFFMDIvMDc5MURFNjAz
NEE1MTFFRDlEODJEMTNCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMQYIKwYBBQUHAQcBAf8E
IjAgMB4EAgABMBgDBAInbVwDBAFneOQDBAFn44ADBABn44MwDQYJKoZIhvcNAQEL
BQADggEBACO98Qp24NVgJd5fR1BiyBP4rF6FaGwwDD8fngb7lb3do3RYjDIiijO3
DZZPDu/sFafCuNFb+rcAlFdag5zDudOqzS3s5oIR0TUrs5054RTBLnJANcO84yj9
AdBEMZ2LKFxpTuy2O56Yuu/zBz7hmbdQbDPbZqosMZBevNrZuWFSmCEzWHKYqVcz
4Xr0X6oBrCSimEPj4mcaa2HrNRqItd0WyL9usXiQyAUAz3kkIQzAO1syLxa+V96m
08U9dxROnmBN1QYrWcJ6YQDNz8tFW5wZlZYzsuh8ArzRKufjgszgQi0HfzUNjT4U
wMli0lQXL0qYOlC4ADgZtqX+jfdqHPU=
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:00:42 2025 by rpki-client