Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91BAEDC/2DC1BAF2098511E7B1FFC23FC4F9AE02/C85D0F7E477711EBB4044E31C4F9AE02.roa
File: C85D0F7E477711EBB4044E31C4F9AE02.roa (raw, json)
Hash identifier: d9C+rmMNQQZELmuy5aIPVlKeATtzTC5JJ8WoYiMXlHI=
Subject key identifier: C3:94:2A:45:D1:DE:D0:8C:E6:F1:3F:A9:26:5B:39:6F:27:66:57:82
Certificate issuer: /CN=A91BAEDC/serialNumber=AD059592223E816AC53C433B965846F79D305234
Certificate serial: 1B59
Authority key identifier: AD:05:95:92:22:3E:81:6A:C5:3C:43:3B:96:58:46:F7:9D:30:52:34
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rQWVkiI-gWrFPEM7llhG950wUjQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91BAEDC/2DC1BAF2098511E7B1FFC23FC4F9AE02/C85D0F7E477711EBB4044E31C4F9AE02.roa
Signing time: Sun 02 Feb 2025 16:13:48 +0000
ROA not before: Sun 02 Feb 2025 16:13:48 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 61317
IP address blocks: 103.5.164.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7001 (0x1b59)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91BAEDC
Validity
Not Before: Feb 2 16:13:48 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=679f99bc-d323
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:22:3d:65:0e:c0:59:dc:d1:0a:5c:59:a7:c5:
63:a4:95:f4:66:8f:c0:c6:fc:f9:70:de:80:50:88:
bd:52:d5:67:d1:47:96:6d:64:c9:3c:38:e5:30:8e:
ec:78:a4:64:66:a0:0b:99:ab:ef:7e:04:db:b0:f8:
3d:7a:39:9f:4b:6a:74:6d:03:69:98:46:03:b3:f2:
ce:51:74:f9:08:86:21:43:8d:d7:6b:6c:23:b1:4f:
86:bd:b8:0f:7c:b3:1b:52:b2:0d:88:91:6f:b9:70:
83:61:ca:7d:4c:f5:a1:57:92:61:28:bb:31:e4:5d:
12:83:3f:b6:fc:59:72:90:b6:10:eb:e7:31:32:1c:
d5:59:2a:dd:d6:8e:12:1e:33:08:6c:c4:23:de:e6:
92:ea:33:e8:4c:60:e7:26:23:26:78:89:db:2d:bd:
99:2a:48:c7:b9:3d:4e:d4:0c:3d:bd:65:b8:7e:cd:
b6:0e:18:7d:b7:ce:ad:77:29:4f:48:0e:73:43:a4:
91:f6:f9:ff:f9:3a:67:20:c3:03:f8:9d:4c:7b:99:
fd:28:83:b1:ce:a4:6c:33:a0:9b:bc:2b:9a:27:86:
50:98:c0:78:17:c2:01:9a:e2:e8:de:57:06:44:0e:
cc:7d:22:a6:9d:4c:e8:1a:ef:98:39:6d:ec:f7:1f:
09:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:94:2A:45:D1:DE:D0:8C:E6:F1:3F:A9:26:5B:39:6F:27:66:57:82
X509v3 Authority Key Identifier:
keyid:AD:05:95:92:22:3E:81:6A:C5:3C:43:3B:96:58:46:F7:9D:30:52:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91BAEDC/2DC1BAF2098511E7B1FFC23FC4F9AE02/rQWVkiI-gWrFPEM7llhG950wUjQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rQWVkiI-gWrFPEM7llhG950wUjQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BAEDC/2DC1BAF2098511E7B1FFC23FC4F9AE02/C85D0F7E477711EBB4044E31C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.5.164.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:dd:03:8d:72:87:93:01:a7:ef:a6:2a:d1:9a:b6:8b:39:cb:
62:fd:af:c5:0f:75:67:fc:3a:64:18:16:8b:93:1e:4f:22:7b:
98:6b:06:de:5f:81:d9:22:1e:01:fe:f2:46:c1:6a:32:57:80:
10:b5:2c:26:64:af:0b:b3:35:66:6f:39:94:54:ff:e9:69:b5:
0d:d3:ce:82:cd:54:cd:f6:d7:7f:43:e8:c4:a8:27:d7:1e:75:
90:b9:40:a9:f3:04:b7:9f:3c:a2:8f:1c:12:60:e3:fb:07:49:
0a:b5:44:33:05:1f:64:3e:1d:27:7b:47:88:32:89:41:ee:8d:
c8:90:3e:dc:c3:73:42:61:b1:12:20:ff:f0:74:ed:01:8e:0c:
b8:44:b7:61:38:a4:39:f9:25:80:5f:26:f6:b8:5e:41:c7:3a:
7a:73:be:6e:b0:56:01:fc:87:44:6c:aa:01:7a:bf:30:e4:be:
3f:8e:d7:3d:63:bc:73:fb:07:6e:65:92:49:74:f3:34:01:4a:
97:85:40:d7:a0:56:ff:ef:5f:5f:6d:3a:4b:93:07:37:3d:34:
02:7e:27:c2:67:9c:02:64:0f:cc:02:b7:b4:85:68:4b:b2:f0:
2c:ab:db:eb:3b:b1:5a:6c:2e:9f:85:17:ee:9f:eb:e5:3a:d5:
61:ab:1d:94
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICG1kwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QkFFREMxMTAvBgNVBAUTKEFEMDU5NTkyMjIzRTgxNkFDNTNDNDMzQjk2NTg0NkY3
OUQzMDUyMzQwHhcNMjUwMjAyMTYxMzQ4WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzlmOTliYy1kMzIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuSI9ZQ7AWdzRClxZp8VjpJX0Zo/Axvz5cN6AUIi9UtVn0UeWbWTJPDjlMI7s
eKRkZqALmavvfgTbsPg9ejmfS2p0bQNpmEYDs/LOUXT5CIYhQ43Xa2wjsU+GvbgP
fLMbUrINiJFvuXCDYcp9TPWhV5JhKLsx5F0Sgz+2/FlykLYQ6+cxMhzVWSrd1o4S
HjMIbMQj3uaS6jPoTGDnJiMmeInbLb2ZKkjHuT1O1Aw9vWW4fs22Dhh9t86tdylP
SA5zQ6SR9vn/+TpnIMMD+J1Me5n9KIOxzqRsM6CbvCuaJ4ZQmMB4F8IBmuLo3lcG
RA7MfSKmnUzoGu+YOW3s9x8JNQIDAQABo4IClTCCApEwHQYDVR0OBBYEFMOUKkXR
3tCM5vE/qSZbOW8nZleCMB8GA1UdIwQYMBaAFK0FlZIiPoFqxTxDO5ZYRvedMFI0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQUVEQy8yREMxQkFGMjA5
ODUxMUU3QjFGRkMyM0ZDNEY5QUUwMi9yUVdWa2lJLWdXckZQRU03bGxoRzk1MHdV
alEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3JRV1ZraUktZ1dyRlBFTTdsbGhHOTUwd1VqUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QkFFREMvMkRDMUJBRjIwOTg1MTFFN0IxRkZDMjNGQzRGOUFFMDIvQzg1RDBGN0U0
Nzc3MTFFQkI0MDQ0RTMxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnBaQwDQYJKoZIhvcNAQELBQADggEBAA/dA41yh5MBp++m
KtGatos5y2L9r8UPdWf8OmQYFouTHk8ie5hrBt5fgdkiHgH+8kbBajJXgBC1LCZk
rwuzNWZvOZRU/+lptQ3TzoLNVM32139D6MSoJ9cedZC5QKnzBLefPKKPHBJg4/sH
SQq1RDMFH2Q+HSd7R4gyiUHujciQPtzDc0JhsRIg//B07QGODLhEt2E4pDn5JYBf
Jva4XkHHOnpzvm6wVgH8h0RsqgF6vzDkvj+O1z1jvHP7B25lkkl08zQBSpeFQNeg
Vv/vX19tOkuTBzc9NAJ+J8JnnAJkD8wCt7SFaEuy8Cyr2+s7sVpsLp+FF+6f6+U6
1WGrHZQ=
-----END CERTIFICATE-----
Generated at Fri Apr 4 19:38:22 2025 by rpki-client