Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91FD38A/9AEF17BE05F411EA886A3C23C4F9AE02/AA5D86B2381311EA998E103FC4F9AE02.roa
File: AA5D86B2381311EA998E103FC4F9AE02.roa (raw, json)
Hash identifier: SvZjqtxcRIhPhrqiLm27nklXEkCJpvMYZMwhSGgkVOM=
Subject key identifier: 95:9E:DD:1B:72:CB:EC:D6:56:37:37:5A:82:6F:86:5B:99:3D:03:3A
Certificate issuer: /CN=A91FD38A/serialNumber=B620A9C4963766CC3C58060694922E9F678811DE
Certificate serial: 0BF2
Authority key identifier: B6:20:A9:C4:96:37:66:CC:3C:58:06:06:94:92:2E:9F:67:88:11:DE
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tiCpxJY3Zsw8WAYGlJIun2eIEd4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91FD38A/9AEF17BE05F411EA886A3C23C4F9AE02/AA5D86B2381311EA998E103FC4F9AE02.roa
Signing time: Tue 10 Dec 2024 18:47:09 +0000
ROA not before: Tue 10 Dec 2024 18:47:09 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 136145
IP address blocks: 103.79.224.0/24 maxlen: 24
103.79.225.0/24 maxlen: 24
103.79.226.0/24 maxlen: 24
103.79.227.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3058 (0xbf2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91FD38A
Validity
Not Before: Dec 10 18:47:09 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=67588cac-c8a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:f6:00:58:96:57:a4:6c:ca:12:16:45:af:ae:
4d:00:85:a6:f6:2e:78:be:5e:4c:e9:50:fc:01:1c:
4f:ec:4c:15:e3:bc:a6:15:66:1d:1a:a4:5a:d1:09:
6c:9e:9f:5b:ea:26:98:ac:6e:1f:d7:5f:42:0d:d6:
e1:99:e0:87:69:18:a5:30:9d:da:1f:4b:63:bb:a5:
06:02:22:54:d5:35:86:62:28:c2:08:4a:8a:57:f0:
12:9f:ac:95:e8:0d:22:69:f1:9a:75:66:ef:2c:a8:
94:1d:2d:44:ca:3f:94:91:ec:1a:20:ae:63:66:3c:
79:08:b2:f3:85:76:db:a4:b3:e7:78:a9:71:fb:a6:
b1:31:58:b8:5c:56:6f:43:0f:ce:1a:84:3b:a7:51:
1d:6d:a3:65:f0:bf:1d:42:be:05:d5:9b:3d:8b:30:
b7:d6:b2:df:db:c9:3f:4f:4a:d1:d2:bb:fb:59:f5:
11:59:65:cb:96:dc:07:4e:c1:cd:70:29:54:fd:a1:
c0:61:c6:26:ac:bb:b0:ad:8e:f5:fc:a8:5b:0e:a1:
65:58:ea:72:99:f1:74:f4:f7:19:14:b1:7e:de:ac:
da:d3:a6:b4:74:20:51:5b:9c:03:ca:a9:51:61:ba:
f9:8c:28:83:6e:3f:42:9d:b1:f3:ee:56:1c:87:b1:
dd:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:9E:DD:1B:72:CB:EC:D6:56:37:37:5A:82:6F:86:5B:99:3D:03:3A
X509v3 Authority Key Identifier:
keyid:B6:20:A9:C4:96:37:66:CC:3C:58:06:06:94:92:2E:9F:67:88:11:DE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91FD38A/9AEF17BE05F411EA886A3C23C4F9AE02/tiCpxJY3Zsw8WAYGlJIun2eIEd4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tiCpxJY3Zsw8WAYGlJIun2eIEd4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FD38A/9AEF17BE05F411EA886A3C23C4F9AE02/AA5D86B2381311EA998E103FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.79.224.0/22
Signature Algorithm: sha256WithRSAEncryption
01:79:21:cd:83:36:cd:1b:f3:76:cc:aa:44:f1:3e:55:eb:74:
a9:c1:0e:04:c8:39:90:6d:a2:dc:99:bf:55:86:78:f6:95:1f:
49:e8:bf:a5:8c:75:1f:fc:eb:f7:e5:57:5c:8a:7f:e7:ac:30:
70:66:26:39:79:d0:43:e0:52:ed:13:ae:55:dd:a2:fa:7e:54:
10:3a:56:55:c3:38:77:8b:f4:4d:76:c8:81:ce:cb:ef:10:db:
c5:09:03:8d:e9:52:40:a4:0d:46:02:fe:98:51:e6:5d:77:93:
41:01:96:19:7b:6d:38:11:e7:18:10:7f:68:40:ad:64:79:9f:
2e:6b:da:7d:05:f5:26:09:73:64:7c:e8:fd:00:a6:d4:5f:f3:
45:9a:5c:02:80:f3:77:fa:32:90:77:86:3d:8b:89:c4:5b:8c:
79:cb:bf:a4:37:40:39:18:45:a1:af:79:e6:d6:ff:af:3b:9a:
1f:3b:80:74:ef:d8:79:ff:9d:cb:a5:dc:a1:5a:f5:02:b3:c8:
9b:98:4b:03:8e:bd:1d:d7:8e:c5:27:d7:e2:14:0c:a5:05:e9:
95:d5:46:0d:fa:08:a1:f3:a0:ab:a1:ac:5f:a8:cf:78:d4:62:
f7:a9:ec:ed:48:fc:82:d8:9f:96:1a:6d:ac:03:65:79:47:ba:
44:b6:4c:34
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICC/IwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RkQzOEExMTAvBgNVBAUTKEI2MjBBOUM0OTYzNzY2Q0MzQzU4MDYwNjk0OTIyRTlG
Njc4ODExREUwHhcNMjQxMjEwMTg0NzA5WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzU4OGNhYy1jOGE1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAo/YAWJZXpGzKEhZFr65NAIWm9i54vl5M6VD8ARxP7EwV47ymFWYdGqRa0Qls
np9b6iaYrG4f119CDdbhmeCHaRilMJ3aH0tju6UGAiJU1TWGYijCCEqKV/ASn6yV
6A0iafGadWbvLKiUHS1Eyj+UkewaIK5jZjx5CLLzhXbbpLPneKlx+6axMVi4XFZv
Qw/OGoQ7p1EdbaNl8L8dQr4F1Zs9izC31rLf28k/T0rR0rv7WfURWWXLltwHTsHN
cClU/aHAYcYmrLuwrY71/KhbDqFlWOpymfF09PcZFLF+3qza06a0dCBRW5wDyqlR
Ybr5jCiDbj9CnbHz7lYch7HdJwIDAQABo4IClTCCApEwHQYDVR0OBBYEFJWe3Rty
y+zWVjc3WoJvhluZPQM6MB8GA1UdIwQYMBaAFLYgqcSWN2bMPFgGBpSSLp9niBHe
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGRDM4QS85QUVGMTdCRTA1
RjQxMUVBODg2QTNDMjNDNEY5QUUwMi90aUNweEpZM1pzdzhXQVlHbEpJdW4yZUlF
ZDQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3RpQ3B4SlkzWnN3OFdBWUdsSkl1bjJlSUVkNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RkQzOEEvOUFFRjE3QkUwNUY0MTFFQTg4NkEzQzIzQzRGOUFFMDIvQUE1RDg2QjIz
ODEzMTFFQTk5OEUxMDNGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJnT+AwDQYJKoZIhvcNAQELBQADggEBAAF5Ic2DNs0b83bM
qkTxPlXrdKnBDgTIOZBtotyZv1WGePaVH0nov6WMdR/86/flV1yKf+esMHBmJjl5
0EPgUu0TrlXdovp+VBA6VlXDOHeL9E12yIHOy+8Q28UJA43pUkCkDUYC/phR5l13
k0EBlhl7bTgR5xgQf2hArWR5ny5r2n0F9SYJc2R86P0AptRf80WaXAKA83f6MpB3
hj2LicRbjHnLv6Q3QDkYRaGveebW/687mh87gHTv2Hn/ncul3KFa9QKzyJuYSwOO
vR3XjsUn1+IUDKUF6ZXVRg36CKHzoKuhrF+oz3jUYvep7O1I/ILYn5YabawDZXlH
ukS2TDQ=
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:18:17 2025 by rpki-client