Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91324D4/1A6E751CA71F11EB848AF030C4F9AE02/78345D00E01211ED8766DC5CC4F9AE02.roa
File: 78345D00E01211ED8766DC5CC4F9AE02.roa (raw, json)
Hash identifier: CGANdjpj39CJWyCZVGb4EKEpCCBaXu9btf2XqDDOLY4=
Subject key identifier: 44:7C:58:9C:0E:7D:5F:AE:8D:60:78:3D:CB:DD:50:90:F9:D1:DF:56
Certificate issuer: /CN=A91324D4/serialNumber=BF74E7E614D4B22E4B7FE40B6BECEFD1705ACFC1
Certificate serial: 05FD
Authority key identifier: BF:74:E7:E6:14:D4:B2:2E:4B:7F:E4:0B:6B:EC:EF:D1:70:5A:CF:C1
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/v3Tn5hTUsi5Lf-QLa-zv0XBaz8E.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91324D4/1A6E751CA71F11EB848AF030C4F9AE02/78345D00E01211ED8766DC5CC4F9AE02.roa
Signing time: Thu 13 Feb 2025 00:31:38 +0000
ROA not before: Thu 13 Feb 2025 00:31:37 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 136174
IP address blocks: 203.215.165.0/24 maxlen: 24
203.215.180.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1533 (0x5fd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91324D4
Validity
Not Before: Feb 13 00:31:37 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67ad3d69-c717
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:70:81:4b:7b:97:39:de:9b:6d:40:e0:0e:8b:
f8:dc:9f:96:f2:7f:51:ef:87:e2:2b:9d:04:06:c7:
c4:fa:5c:33:59:a9:83:36:e0:d3:d4:e8:ea:87:16:
77:95:54:f7:32:57:85:09:75:e2:86:4a:d0:87:d4:
f2:2b:8a:c0:a5:a5:5b:95:d8:9d:af:ab:0e:04:33:
95:82:53:16:d4:99:63:4c:11:9a:72:11:08:fb:c5:
3c:bb:fc:4e:8b:bd:76:49:af:c5:05:69:53:7d:d3:
89:2f:aa:15:62:fb:32:97:70:d0:86:14:1a:1b:76:
90:99:af:d8:6d:a0:da:d4:77:3b:36:8c:e2:c3:c3:
40:f9:45:c0:81:1e:6f:c9:1c:5e:3a:0a:76:20:ce:
48:15:9d:0d:66:36:ae:1c:42:36:bc:80:c8:4c:b6:
bc:fc:76:76:e9:81:92:0d:3b:01:d5:34:ba:f0:27:
8f:b3:24:4c:3d:25:dd:da:e2:01:ce:02:f7:b5:38:
8c:1f:f8:35:a8:25:39:b9:c0:5c:db:0a:70:55:a2:
b2:0d:7c:4b:7c:97:26:65:99:c3:69:cb:98:ae:be:
47:39:ba:d6:a3:7c:96:c0:a5:0b:5e:1d:49:54:dc:
dd:b4:ee:ba:b9:be:c9:5a:75:b3:f3:44:05:28:3f:
46:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:7C:58:9C:0E:7D:5F:AE:8D:60:78:3D:CB:DD:50:90:F9:D1:DF:56
X509v3 Authority Key Identifier:
keyid:BF:74:E7:E6:14:D4:B2:2E:4B:7F:E4:0B:6B:EC:EF:D1:70:5A:CF:C1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91324D4/1A6E751CA71F11EB848AF030C4F9AE02/v3Tn5hTUsi5Lf-QLa-zv0XBaz8E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/v3Tn5hTUsi5Lf-QLa-zv0XBaz8E.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91324D4/1A6E751CA71F11EB848AF030C4F9AE02/78345D00E01211ED8766DC5CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.215.165.0/24
203.215.180.0/24
Signature Algorithm: sha256WithRSAEncryption
54:71:1f:a1:2c:ec:4a:2d:d1:7a:2a:20:cc:8d:55:5d:98:11:
e7:f1:ab:b9:cb:d7:63:c7:da:fd:03:e3:4d:38:8f:8c:2c:1d:
f2:f1:c0:77:d8:1f:38:25:61:91:68:24:11:6a:61:03:a3:d1:
e4:25:58:99:16:45:c5:40:dd:01:f2:ba:71:ee:c2:97:bd:74:
13:bd:6b:a8:de:37:09:9c:3e:df:8c:d7:3d:7a:f8:f5:3f:d5:
d2:08:85:c5:53:7e:f5:cc:c1:ce:f6:d2:bb:bd:9f:09:29:75:
67:a3:00:ad:4b:d9:d3:fc:ab:4f:82:ea:99:10:89:fc:a0:7f:
01:7d:3a:b7:eb:13:38:ab:08:85:8d:a6:89:e5:1f:a9:48:9c:
4a:37:22:9f:25:26:7b:47:ba:e7:d9:aa:d1:cd:85:80:2d:37:
b6:3a:96:3e:68:6c:5a:e4:99:a6:6b:1b:92:32:d4:16:c5:2c:
62:d9:c4:f5:1f:a0:d7:19:0a:89:32:a4:43:a7:89:86:ce:f1:
cf:62:3c:1f:9d:14:58:44:cd:8d:ca:f6:32:ca:12:de:10:fe:
da:c5:f8:b2:c4:32:ba:bb:ac:06:a0:13:ff:ba:14:2d:67:4b:
42:2b:b9:55:4e:5a:f8:02:79:55:d1:47:e6:a5:a3:9c:4d:46:
80:cc:ac:ad
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICBf0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzI0RDQxMTAvBgNVBAUTKEJGNzRFN0U2MTRENEIyMkU0QjdGRTQwQjZCRUNFRkQx
NzA1QUNGQzEwHhcNMjUwMjEzMDAzMTM3WhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2FkM2Q2OS1jNzE3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAunCBS3uXOd6bbUDgDov43J+W8n9R74fiK50EBsfE+lwzWamDNuDT1OjqhxZ3
lVT3MleFCXXihkrQh9TyK4rApaVbldidr6sOBDOVglMW1JljTBGachEI+8U8u/xO
i712Sa/FBWlTfdOJL6oVYvsyl3DQhhQaG3aQma/YbaDa1Hc7Noziw8NA+UXAgR5v
yRxeOgp2IM5IFZ0NZjauHEI2vIDITLa8/HZ26YGSDTsB1TS68CePsyRMPSXd2uIB
zgL3tTiMH/g1qCU5ucBc2wpwVaKyDXxLfJcmZZnDacuYrr5HObrWo3yWwKULXh1J
VNzdtO66ub7JWnWz80QFKD9GQQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFER8WJwO
fV+ujWB4PcvdUJD50d9WMB8GA1UdIwQYMBaAFL905+YU1LIuS3/kC2vs79FwWs/B
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzMjRENC8xQTZFNzUxQ0E3
MUYxMUVCODQ4QUYwMzBDNEY5QUUwMi92M1RuNWhUVXNpNUxmLVFMYS16djBYQmF6
OEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3YzVG41aFRVc2k1TGYtUUxhLXp2MFhCYXo4RS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzI0RDQvMUE2RTc1MUNBNzFGMTFFQjg0OEFGMDMwQzRGOUFFMDIvNzgzNDVEMDBF
MDEyMTFFRDg3NjZEQzVDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBADL16UDBADL17QwDQYJKoZIhvcNAQELBQADggEBAFRxH6Es
7Eot0XoqIMyNVV2YEefxq7nL12PH2v0D4004j4wsHfLxwHfYHzglYZFoJBFqYQOj
0eQlWJkWRcVA3QHyunHuwpe9dBO9a6jeNwmcPt+M1z16+PU/1dIIhcVTfvXMwc72
0ru9nwkpdWejAK1L2dP8q0+C6pkQifygfwF9OrfrEzirCIWNponlH6lInEo3Ip8l
JntHuufZqtHNhYAtN7Y6lj5obFrkmaZrG5Iy1BbFLGLZxPUfoNcZCokypEOniYbO
8c9iPB+dFFhEzY3K9jLKEt4Q/trF+LLEMrq7rAagE/+6FC1nS0IruVVOWvgCeVXR
R+alo5xNRoDMrK0=
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:58:03 2025 by rpki-client