Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915BF76/944E38921DAB11E2BB30CAA908B02CD2/1EC858EED3D011EFAF492E7BC4F9AE02.roa
File: 1EC858EED3D011EFAF492E7BC4F9AE02.roa (raw, json)
Hash identifier: euotB1lZTcoqtUUH2euaO83sgnon7ei5ZbzHhUhX+Ec=
Subject key identifier: 73:49:7C:F9:B7:43:84:EB:56:98:DD:DE:84:EB:1A:86:EB:06:DA:C6
Certificate issuer: /CN=A915BF76/serialNumber=63EC4E6380FAAEA51107E9C40C2F1058E08F856E
Certificate serial: 3497
Authority key identifier: 63:EC:4E:63:80:FA:AE:A5:11:07:E9:C4:0C:2F:10:58:E0:8F:85:6E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Y-xOY4D6rqURB-nEDC8QWOCPhW4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915BF76/944E38921DAB11E2BB30CAA908B02CD2/1EC858EED3D011EFAF492E7BC4F9AE02.roa
Signing time: Thu 16 Jan 2025 06:07:09 +0000
ROA not before: Thu 16 Jan 2025 06:07:09 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 834
IP address blocks: 103.21.139.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13463 (0x3497)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915BF76
Validity
Not Before: Jan 16 06:07:09 2025 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=6788a20d-8228
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:90:79:3e:92:d7:72:64:9b:1d:e1:73:93:ed:
30:13:65:c2:7a:7e:f9:e8:95:49:4e:d8:56:02:7a:
f0:76:90:eb:18:05:23:d6:5e:29:3a:94:f6:87:72:
a3:b8:48:db:00:ca:68:61:4a:36:de:1a:1d:da:3b:
3b:b8:83:c9:76:e4:14:70:62:42:d2:d0:af:2b:3a:
63:2c:ca:1e:16:65:ed:9a:76:25:51:32:11:f5:f0:
c4:81:a1:91:7c:bc:bd:66:91:a5:66:08:9e:dc:ed:
2a:05:83:8b:b3:01:95:af:e6:45:d6:c8:c7:52:17:
a2:41:e9:b9:f9:9e:4c:24:d4:e6:10:2d:1d:7c:5b:
ae:b3:87:08:aa:f0:19:5d:94:a3:bf:fc:1c:a1:c7:
7e:7a:1a:2e:e3:79:6d:af:6c:c5:a3:4d:33:58:02:
6e:4b:c5:71:fd:06:ba:e2:f8:a9:2b:c6:a7:63:08:
1b:cf:eb:ec:6f:5a:2c:07:19:30:1c:62:79:d1:d2:
77:41:47:bd:ee:43:c2:fb:c2:d8:48:1f:33:4f:8d:
1e:08:7f:15:a6:29:b9:0f:85:8a:60:f4:97:80:cf:
81:98:e4:c7:0a:00:92:6a:75:28:03:f5:12:5a:95:
94:69:32:e2:66:44:27:2a:64:9b:26:22:e4:7b:a2:
c2:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:49:7C:F9:B7:43:84:EB:56:98:DD:DE:84:EB:1A:86:EB:06:DA:C6
X509v3 Authority Key Identifier:
keyid:63:EC:4E:63:80:FA:AE:A5:11:07:E9:C4:0C:2F:10:58:E0:8F:85:6E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915BF76/944E38921DAB11E2BB30CAA908B02CD2/Y-xOY4D6rqURB-nEDC8QWOCPhW4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Y-xOY4D6rqURB-nEDC8QWOCPhW4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915BF76/944E38921DAB11E2BB30CAA908B02CD2/1EC858EED3D011EFAF492E7BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.21.139.0/24
Signature Algorithm: sha256WithRSAEncryption
92:db:aa:4c:5a:80:15:2f:15:41:1b:af:63:be:eb:cb:0b:07:
5f:4f:89:22:22:1a:a8:4a:06:7c:89:3d:3e:e0:04:7d:39:8e:
46:6b:af:4c:26:20:2d:b5:65:1a:ef:2f:12:a7:31:cc:6a:81:
7c:36:73:ad:cf:af:db:c4:97:a7:8b:57:0f:6d:8a:6a:28:2e:
df:c1:69:12:a6:ea:24:95:e3:b9:8c:14:86:10:13:b1:96:7a:
94:58:11:3e:4a:13:47:fd:6b:5d:7f:d9:78:9f:bb:f2:83:e1:
6e:9e:fa:d4:04:c1:7f:8b:92:61:b6:25:ff:66:b7:5b:3e:06:
72:87:84:cf:05:fc:4d:9e:01:6f:5a:44:2d:2c:99:1a:6f:2f:
a9:70:3a:79:03:aa:20:70:58:7f:3f:18:e5:08:15:d5:06:8d:
89:76:58:05:38:80:8a:61:a1:25:1a:57:61:b8:dd:5a:64:b2:
e1:93:33:25:30:a6:42:c2:ec:8b:c1:8c:1f:e1:04:3b:1b:21:
e9:1d:b6:fb:f1:68:2f:53:14:ab:47:bd:b8:03:bd:d8:f2:7a:
a9:6f:0a:44:e3:76:6c:dd:eb:9d:3f:97:f2:21:d6:1a:53:0a:
24:12:ca:bb:cd:97:7f:d2:b4:75:58:62:75:d5:66:61:6b:1f:
76:36:44:78
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICNJcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUJGNzYxMTAvBgNVBAUTKDYzRUM0RTYzODBGQUFFQTUxMTA3RTlDNDBDMkYxMDU4
RTA4Rjg1NkUwHhcNMjUwMTE2MDYwNzA5WhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzg4YTIwZC04MjI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA9JB5PpLXcmSbHeFzk+0wE2XCen756JVJTthWAnrwdpDrGAUj1l4pOpT2h3Kj
uEjbAMpoYUo23hod2js7uIPJduQUcGJC0tCvKzpjLMoeFmXtmnYlUTIR9fDEgaGR
fLy9ZpGlZgie3O0qBYOLswGVr+ZF1sjHUheiQem5+Z5MJNTmEC0dfFuus4cIqvAZ
XZSjv/wcocd+ehou43ltr2zFo00zWAJuS8Vx/Qa64vipK8anYwgbz+vsb1osBxkw
HGJ50dJ3QUe97kPC+8LYSB8zT40eCH8Vpim5D4WKYPSXgM+BmOTHCgCSanUoA/US
WpWUaTLiZkQnKmSbJiLke6LCNQIDAQABo4IClTCCApEwHQYDVR0OBBYEFHNJfPm3
Q4TrVpjd3oTrGobrBtrGMB8GA1UdIwQYMBaAFGPsTmOA+q6lEQfpxAwvEFjgj4Vu
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QkY3Ni85NDRFMzg5MjFE
QUIxMUUyQkIzMENBQTkwOEIwMkNEMi9ZLXhPWTRENnJxVVJCLW5FREM4UVdPQ1Bo
VzQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1kteE9ZNEQ2cnFVUkItbkVEQzhRV09DUGhXNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUJGNzYvOTQ0RTM4OTIxREFCMTFFMkJCMzBDQUE5MDhCMDJDRDIvMUVDODU4RUVE
M0QwMTFFRkFGNDkyRTdCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnFYswDQYJKoZIhvcNAQELBQADggEBAJLbqkxagBUvFUEb
r2O+68sLB19PiSIiGqhKBnyJPT7gBH05jkZrr0wmIC21ZRrvLxKnMcxqgXw2c63P
r9vEl6eLVw9timooLt/BaRKm6iSV47mMFIYQE7GWepRYET5KE0f9a11/2Xifu/KD
4W6e+tQEwX+LkmG2Jf9mt1s+BnKHhM8F/E2eAW9aRC0smRpvL6lwOnkDqiBwWH8/
GOUIFdUGjYl2WAU4gIphoSUaV2G43VpksuGTMyUwpkLC7IvBjB/hBDsbIekdtvvx
aC9TFKtHvbgDvdjyeqlvCkTjdmzd650/l/Ih1hpTCiQSyrvNl3/StHVYYnXVZmFr
H3Y2RHg=
-----END CERTIFICATE-----
Generated at Fri Apr 4 21:51:38 2025 by rpki-client