Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9126C60/BF6323E6894B11E387C49E675911EA32/7726182828DD11ED8EA0FC4FC4F9AE02.roa
File: 7726182828DD11ED8EA0FC4FC4F9AE02.roa (raw, json)
Hash identifier: B6weuy2U7VjqemndD9JlkjRjdvpM++iJ2EL75fmO3yk=
Subject key identifier: 55:45:C8:23:EE:A5:D1:61:68:64:51:1B:E8:62:7D:5F:EB:00:35:8E
Certificate issuer: /CN=A9126C60/serialNumber=439F5A9A40E199679A7BC09BE207FD1F60A04857
Certificate serial: 2D27
Authority key identifier: 43:9F:5A:9A:40:E1:99:67:9A:7B:C0:9B:E2:07:FD:1F:60:A0:48:57
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Q59amkDhmWeae8Cb4gf9H2CgSFc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9126C60/BF6323E6894B11E387C49E675911EA32/7726182828DD11ED8EA0FC4FC4F9AE02.roa
Signing time: Fri 06 Dec 2024 15:32:16 +0000
ROA not before: Fri 06 Dec 2024 15:32:16 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 8075
IP address blocks: 103.8.80.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 11559 (0x2d27)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9126C60
Validity
Not Before: Dec 6 15:32:16 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=67531900-1eaf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:8e:c6:76:68:cc:7b:42:c5:50:2a:cc:31:d7:
4a:a1:1b:7d:ad:72:ce:15:53:4c:49:ca:11:70:06:
1a:1f:6f:25:58:39:09:1a:8f:92:89:95:6f:b5:de:
d6:8e:cd:c5:a9:11:1a:6b:55:d5:b6:33:c3:c9:67:
3d:72:af:24:dd:bd:e6:9f:8c:dc:2c:e9:40:aa:3a:
27:e9:ef:0f:df:3a:57:9e:c7:54:7b:08:35:b6:9c:
5f:7f:2f:db:d3:82:56:f1:23:bb:72:6d:27:85:f4:
5a:16:98:6c:6b:99:6c:bc:29:13:b2:52:63:16:d3:
dc:0e:14:72:65:99:b9:e8:8a:87:f3:23:31:24:8b:
71:59:b8:fe:d2:77:34:f3:87:6b:95:e9:22:93:12:
f7:c1:bd:21:c4:c6:5d:a6:7e:3b:d6:6b:ed:f5:d5:
05:b8:1d:d8:f6:f8:01:cc:d6:ce:bc:c2:8f:65:f7:
85:8f:5f:98:c4:53:a9:fc:22:d0:9e:73:b5:8f:56:
1a:f2:ea:3a:41:ef:9f:06:2d:cd:71:79:51:84:28:
7c:d1:79:3d:37:93:aa:f6:b3:61:f0:76:43:22:61:
c1:ab:4f:18:cc:e7:e2:10:37:f4:be:c2:20:e7:bc:
75:89:db:d3:fc:65:dc:79:40:82:2e:e0:ad:07:59:
e0:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:45:C8:23:EE:A5:D1:61:68:64:51:1B:E8:62:7D:5F:EB:00:35:8E
X509v3 Authority Key Identifier:
keyid:43:9F:5A:9A:40:E1:99:67:9A:7B:C0:9B:E2:07:FD:1F:60:A0:48:57
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9126C60/BF6323E6894B11E387C49E675911EA32/Q59amkDhmWeae8Cb4gf9H2CgSFc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Q59amkDhmWeae8Cb4gf9H2CgSFc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9126C60/BF6323E6894B11E387C49E675911EA32/7726182828DD11ED8EA0FC4FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.8.80.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:cc:16:98:f2:a6:34:2e:0b:35:34:96:d5:df:64:ec:1b:52:
29:10:72:71:a8:44:c3:19:e9:c9:7c:d0:2d:26:3e:55:fe:39:
cf:0b:95:4d:dd:4d:be:49:19:d6:41:73:78:13:2f:45:c0:01:
e3:32:ec:a3:ac:51:aa:9d:90:f2:b7:cb:58:bd:22:60:fe:21:
51:98:db:cd:89:d8:c9:28:2f:2b:51:21:6c:1a:74:82:98:75:
28:8f:68:e3:46:f0:7b:11:ed:9b:93:da:11:a6:0f:ca:66:48:
ff:37:18:73:23:42:23:f7:35:73:04:0e:68:ec:01:66:fb:be:
16:0e:10:a4:fc:ee:06:3b:3e:eb:89:bb:d7:47:53:20:fd:a8:
2b:1c:0e:95:1e:39:74:40:c8:93:99:87:4c:c6:11:0d:a2:7b:
3c:57:a0:35:f2:30:93:da:e3:e6:54:fc:54:a2:4e:b4:4d:b7:
7d:4b:10:bb:e6:79:09:28:c1:1d:48:a9:0b:ff:8a:e5:40:a2:
a6:17:35:b9:83:ee:0b:c4:9d:ec:c6:64:de:d7:1e:63:9e:be:
24:02:5a:2e:bf:a1:d1:e8:ae:b1:c7:d9:db:79:8a:c5:27:22:
c1:7c:d8:f3:d3:88:99:c1:73:14:7d:80:c5:c1:3c:4e:33:1f:
b3:08:a8:c4
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICLScwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjZDNjAxMTAvBgNVBAUTKDQzOUY1QTlBNDBFMTk5Njc5QTdCQzA5QkUyMDdGRDFG
NjBBMDQ4NTcwHhcNMjQxMjA2MTUzMjE2WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzUzMTkwMC0xZWFmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA6o7GdmjMe0LFUCrMMddKoRt9rXLOFVNMScoRcAYaH28lWDkJGo+SiZVvtd7W
js3FqREaa1XVtjPDyWc9cq8k3b3mn4zcLOlAqjon6e8P3zpXnsdUewg1tpxffy/b
04JW8SO7cm0nhfRaFphsa5lsvCkTslJjFtPcDhRyZZm56IqH8yMxJItxWbj+0nc0
84drlekikxL3wb0hxMZdpn471mvt9dUFuB3Y9vgBzNbOvMKPZfeFj1+YxFOp/CLQ
nnO1j1Ya8uo6Qe+fBi3NcXlRhCh80Xk9N5Oq9rNh8HZDImHBq08YzOfiEDf0vsIg
57x1idvT/GXceUCCLuCtB1ngqQIDAQABo4IClTCCApEwHQYDVR0OBBYEFFVFyCPu
pdFhaGRRG+hifV/rADWOMB8GA1UdIwQYMBaAFEOfWppA4ZlnmnvAm+IH/R9goEhX
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNkM2MC9CRjYzMjNFNjg5
NEIxMUUzODdDNDlFNjc1OTExRUEzMi9RNTlhbWtEaG1XZWFlOENiNGdmOUgyQ2dT
RmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1E1OWFta0RobVdlYWU4Q2I0Z2Y5SDJDZ1NGYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjZDNjAvQkY2MzIzRTY4OTRCMTFFMzg3QzQ5RTY3NTkxMUVBMzIvNzcyNjE4Mjgy
OEREMTFFRDhFQTBGQzRGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnCFAwDQYJKoZIhvcNAQELBQADggEBAF/MFpjypjQuCzU0
ltXfZOwbUikQcnGoRMMZ6cl80C0mPlX+Oc8LlU3dTb5JGdZBc3gTL0XAAeMy7KOs
UaqdkPK3y1i9ImD+IVGY282J2MkoLytRIWwadIKYdSiPaONG8HsR7ZuT2hGmD8pm
SP83GHMjQiP3NXMEDmjsAWb7vhYOEKT87gY7PuuJu9dHUyD9qCscDpUeOXRAyJOZ
h0zGEQ2iezxXoDXyMJPa4+ZU/FSiTrRNt31LELvmeQkowR1IqQv/iuVAoqYXNbmD
7gvEnezGZN7XHmOeviQCWi6/odHorrHH2dt5isUnIsF82PPTiJnBcxR9gMXBPE4z
H7MIqMQ=
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:38:46 2025 by rpki-client