Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B25F2/EF90CD4E03B011EA85F02934C4F9AE02/47DADED8EC5211EFBF551F6DC4F9AE02.roa
File: 47DADED8EC5211EFBF551F6DC4F9AE02.roa (raw, json)
Hash identifier: Dq4Ro4BCHubyTM+Puy9Ox1X2qGGmM5W4/l0WmjnI3vE=
Subject key identifier: 41:10:21:2B:8B:59:94:03:4A:E2:C1:14:0A:3B:76:3F:35:85:04:04
Certificate issuer: /CN=A91B25F2/serialNumber=B6C87BB58728F76F6F90A09DFD6BAA1AD4E73BCA
Certificate serial: 0C32
Authority key identifier: B6:C8:7B:B5:87:28:F7:6F:6F:90:A0:9D:FD:6B:AA:1A:D4:E7:3B:CA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tsh7tYco929vkKCd_WuqGtTnO8o.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B25F2/EF90CD4E03B011EA85F02934C4F9AE02/47DADED8EC5211EFBF551F6DC4F9AE02.roa
Signing time: Sun 16 Feb 2025 10:39:21 +0000
ROA not before: Sun 16 Feb 2025 10:39:21 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 135881
IP address blocks: 103.78.224.0/22 maxlen: 24
2407:ff80::/32 maxlen: 36
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3122 (0xc32)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B25F2
Validity
Not Before: Feb 16 10:39:21 2025 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=67b1c059-a48c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:b4:59:2b:11:37:f5:74:cd:30:cc:8f:e2:c7:
c8:c7:94:e6:43:f5:65:1b:e0:01:63:b3:d3:42:23:
07:66:28:1b:a5:27:14:91:fb:ef:e1:d7:92:74:37:
71:19:72:96:c4:c0:ff:68:0e:1f:88:34:ed:a2:e1:
fe:36:5e:b8:88:de:e0:b7:12:42:41:b0:46:06:c5:
ce:0e:fe:c4:51:8c:88:49:bd:9c:91:81:0a:52:0c:
94:6a:c4:e1:46:59:df:54:d5:65:df:65:1f:1f:6c:
66:4d:c9:e4:41:04:c6:c4:7f:6f:70:09:7f:1c:a5:
07:40:3c:2d:82:f9:a8:4b:91:c4:8b:44:42:50:7e:
28:7a:08:e5:0e:8e:00:8b:95:7c:a6:71:49:57:9d:
4e:4d:16:a1:d2:cf:de:5f:6c:61:63:01:7a:40:16:
94:29:da:d1:55:44:00:45:cb:4a:39:27:ae:a0:95:
a3:a4:be:90:9c:aa:ed:3f:23:a6:bf:df:0f:39:e5:
f8:74:50:95:3f:b8:d8:9c:82:b5:75:4a:ac:15:99:
bc:b7:dd:c9:5e:a8:ae:ac:b5:0b:35:36:bd:95:6d:
96:b2:20:52:d1:fa:ce:02:e1:bf:b5:ac:a8:d1:2a:
92:c6:5e:47:75:23:23:27:0c:87:46:c4:bd:99:1d:
5e:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:10:21:2B:8B:59:94:03:4A:E2:C1:14:0A:3B:76:3F:35:85:04:04
X509v3 Authority Key Identifier:
keyid:B6:C8:7B:B5:87:28:F7:6F:6F:90:A0:9D:FD:6B:AA:1A:D4:E7:3B:CA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B25F2/EF90CD4E03B011EA85F02934C4F9AE02/tsh7tYco929vkKCd_WuqGtTnO8o.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tsh7tYco929vkKCd_WuqGtTnO8o.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B25F2/EF90CD4E03B011EA85F02934C4F9AE02/47DADED8EC5211EFBF551F6DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.78.224.0/22
IPv6:
2407:ff80::/32
Signature Algorithm: sha256WithRSAEncryption
59:82:8c:2e:01:28:11:e0:af:94:00:65:db:ab:05:98:6c:66:
56:64:a9:f6:80:d2:ba:37:4c:5a:1a:db:1d:dc:d7:14:bd:10:
20:41:9a:7b:b8:c8:43:d7:ee:f8:77:60:8b:72:0b:28:c8:4d:
ae:cc:6f:6e:66:b5:3d:12:1a:a7:d0:1f:e9:5c:e4:70:b6:7a:
84:56:74:53:c6:08:85:6f:0d:61:16:18:49:e8:9a:28:5c:eb:
8b:8b:25:43:c9:74:8d:66:b0:e0:ed:d6:ac:9b:2e:00:9c:28:
3e:fb:1a:47:67:5b:23:13:14:2e:e5:0f:10:2e:48:4d:38:bd:
b4:6c:7e:79:d4:ec:32:be:5e:09:5f:83:99:f2:a7:07:03:37:
b4:01:1b:3a:09:b9:3f:2d:32:2c:54:72:71:4e:04:d3:2a:b9:
49:bf:64:4f:f0:ef:8f:ee:71:85:3e:24:ad:82:39:d6:26:f3:
4c:4d:70:72:c0:20:03:df:b9:ed:f5:53:94:01:0a:44:74:48:
76:0a:27:e3:75:af:18:46:78:61:82:0c:dc:41:2e:d7:a9:d1:
15:bc:d2:6e:0e:fd:0a:1d:0e:a0:8a:73:7a:40:12:a1:b4:da:
b1:fd:f2:96:0c:b9:2e:9c:b4:09:80:7a:04:db:b0:11:f8:ff:
45:8f:58:37
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICDDIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjI1RjIxMTAvBgNVBAUTKEI2Qzg3QkI1ODcyOEY3NkY2RjkwQTA5REZENkJBQTFB
RDRFNzNCQ0EwHhcNMjUwMjE2MTAzOTIxWhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2IxYzA1OS1hNDhjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArbRZKxE39XTNMMyP4sfIx5TmQ/VlG+ABY7PTQiMHZigbpScUkfvv4deSdDdx
GXKWxMD/aA4fiDTtouH+Nl64iN7gtxJCQbBGBsXODv7EUYyISb2ckYEKUgyUasTh
RlnfVNVl32UfH2xmTcnkQQTGxH9vcAl/HKUHQDwtgvmoS5HEi0RCUH4oegjlDo4A
i5V8pnFJV51OTRah0s/eX2xhYwF6QBaUKdrRVUQARctKOSeuoJWjpL6QnKrtPyOm
v98POeX4dFCVP7jYnIK1dUqsFZm8t93JXqiurLULNTa9lW2WsiBS0frOAuG/tayo
0SqSxl5HdSMjJwyHRsS9mR1eXwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFEEQISuL
WZQDSuLBFAo7dj81hQQEMB8GA1UdIwQYMBaAFLbIe7WHKPdvb5Cgnf1rqhrU5zvK
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMjVGMi9FRjkwQ0Q0RTAz
QjAxMUVBODVGMDI5MzRDNEY5QUUwMi90c2g3dFljbzkyOXZrS0NkX1d1cUd0VG5P
OG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3RzaDd0WWNvOTI5dmtLQ2RfV3VxR3RUbk84by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjI1RjIvRUY5MENENEUwM0IwMTFFQTg1RjAyOTM0QzRGOUFFMDIvNDdEQURFRDhF
QzUyMTFFRkJGNTUxRjZEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAJnTuAwDQQCAAIwBwMFACQH/4AwDQYJKoZIhvcNAQELBQAD
ggEBAFmCjC4BKBHgr5QAZdurBZhsZlZkqfaA0ro3TFoa2x3c1xS9ECBBmnu4yEPX
7vh3YItyCyjITa7Mb25mtT0SGqfQH+lc5HC2eoRWdFPGCIVvDWEWGEnomihc64uL
JUPJdI1msODt1qybLgCcKD77GkdnWyMTFC7lDxAuSE04vbRsfnnU7DK+Xglfg5ny
pwcDN7QBGzoJuT8tMixUcnFOBNMquUm/ZE/w74/ucYU+JK2COdYm80xNcHLAIAPf
ue31U5QBCkR0SHYKJ+N1rxhGeGGCDNxBLtep0RW80m4O/QodDqCKc3pAEqG02rH9
8pYMuS6ctAmAegTbsBH4/0WPWDc=
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:15:58 2025 by rpki-client