Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91CE35F/EC34742CF91A11EC901B8F25C4F9AE02/B879F326E03C11EF991E147AC4F9AE02.roa
File: B879F326E03C11EF991E147AC4F9AE02.roa (raw, json)
Hash identifier: dip5IeNJpbDU1ccX03iPyGVzMpp3W/9g/+L61z8aGL4=
Subject key identifier: F3:9A:49:DC:E8:CA:36:86:D9:93:DC:85:77:A4:CE:8A:8E:51:AF:BB
Certificate issuer: /CN=A91CE35F/serialNumber=81A38C8B09667225EE04F73AECFA09590D1F414C
Certificate serial: 0284
Authority key identifier: 81:A3:8C:8B:09:66:72:25:EE:04:F7:3A:EC:FA:09:59:0D:1F:41:4C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gaOMiwlmciXuBPc67PoJWQ0fQUw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91CE35F/EC34742CF91A11EC901B8F25C4F9AE02/B879F326E03C11EF991E147AC4F9AE02.roa
Signing time: Sat 15 Feb 2025 03:24:30 +0000
ROA not before: Sat 15 Feb 2025 03:24:30 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 63927
IP address blocks: 103.125.244.0/22 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 644 (0x284)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CE35F
Validity
Not Before: Feb 15 03:24:30 2025 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=67b008ed-1844
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:2a:8f:99:ca:96:c9:c9:68:61:1c:9a:b5:87:
22:63:fc:6b:19:42:6b:57:9f:6d:3b:81:f7:78:71:
b6:cd:2f:f1:f3:78:01:b8:a4:ee:26:72:32:08:ea:
8e:a9:ed:2a:fb:17:0f:5c:96:5b:cf:45:e5:d1:17:
3b:6f:e0:84:7f:aa:9b:aa:f6:41:08:d8:47:eb:40:
c5:d9:13:ed:f7:35:79:28:27:2e:1e:52:ab:7c:94:
28:4e:54:04:7d:70:b4:fd:41:79:b1:16:2d:7d:d9:
f3:2c:48:cb:fa:0a:8e:04:e7:14:be:ff:1f:a3:eb:
e3:46:42:1e:36:4c:31:60:3e:83:32:46:5b:83:01:
00:2c:87:58:db:08:2e:95:f5:7a:7c:f8:f9:c2:5d:
d6:d5:a8:c7:b2:20:1a:e3:da:0c:72:44:a9:27:91:
8a:ec:e5:b7:ac:ca:f1:12:ee:67:f7:9f:a1:8f:35:
83:93:17:bb:7b:84:f0:61:b0:a1:32:9b:dc:0e:e5:
53:90:4f:ae:16:91:e2:0a:1b:2d:ba:a1:2d:14:c9:
d2:3c:c3:0e:f8:6d:3e:cd:d4:9b:a0:eb:ce:cf:2c:
ef:ae:9a:a2:a7:96:f2:a8:23:03:7c:28:7d:38:18:
d2:89:50:54:f8:49:fd:be:c4:32:30:b9:b4:30:cd:
61:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:9A:49:DC:E8:CA:36:86:D9:93:DC:85:77:A4:CE:8A:8E:51:AF:BB
X509v3 Authority Key Identifier:
keyid:81:A3:8C:8B:09:66:72:25:EE:04:F7:3A:EC:FA:09:59:0D:1F:41:4C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91CE35F/EC34742CF91A11EC901B8F25C4F9AE02/gaOMiwlmciXuBPc67PoJWQ0fQUw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gaOMiwlmciXuBPc67PoJWQ0fQUw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CE35F/EC34742CF91A11EC901B8F25C4F9AE02/B879F326E03C11EF991E147AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.125.244.0/22
Signature Algorithm: sha256WithRSAEncryption
4d:99:bb:c3:e9:76:0b:a9:33:6c:b5:5f:d2:98:f7:c7:12:ce:
d1:6b:73:f8:e5:3a:fb:17:d5:6d:82:95:47:04:80:de:4c:7e:
bb:2a:56:cd:d3:40:48:bd:53:ce:fb:c4:ff:8a:92:73:18:d9:
bf:b3:e7:97:56:9f:57:b2:0b:f0:5a:d0:4d:b3:6b:0b:ca:41:
18:56:75:3f:6b:e7:f5:01:26:37:0e:a1:3d:b1:dd:f9:ff:90:
9a:08:cc:0d:15:c3:ad:f4:58:50:34:1a:0b:3c:ad:bc:f4:15:
83:b8:e3:c6:b4:f3:4e:cb:76:87:4e:f4:2a:a9:b5:67:f6:21:
83:cb:bf:1c:8d:f8:f0:bd:c2:fc:ed:c4:b8:a0:5b:54:ec:51:
5b:44:aa:25:6d:91:54:1f:bc:32:22:25:38:49:96:33:d2:d4:
0a:0e:e5:43:58:6d:ef:4e:32:3b:c5:1e:f3:8c:8f:72:f0:75:
00:fd:bc:e2:af:21:51:ee:49:8d:49:cd:ed:2a:49:2c:f2:ac:
0e:49:7c:c7:70:4e:49:44:b2:6d:34:c3:dd:2f:33:8b:ec:31:
c7:d1:68:ea:b6:b2:fb:86:e3:75:b5:d5:62:93:0d:5c:4e:27:
95:4c:0d:d1:08:bb:61:13:fd:31:ec:64:47:4d:a2:fc:11:6b:
14:3c:ec:11
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAoQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Q0UzNUYxMTAvBgNVBAUTKDgxQTM4QzhCMDk2NjcyMjVFRTA0RjczQUVDRkEwOTU5
MEQxRjQxNEMwHhcNMjUwMjE1MDMyNDMwWhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2IwMDhlZC0xODQ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2SqPmcqWycloYRyatYciY/xrGUJrV59tO4H3eHG2zS/x83gBuKTuJnIyCOqO
qe0q+xcPXJZbz0Xl0Rc7b+CEf6qbqvZBCNhH60DF2RPt9zV5KCcuHlKrfJQoTlQE
fXC0/UF5sRYtfdnzLEjL+gqOBOcUvv8fo+vjRkIeNkwxYD6DMkZbgwEALIdY2wgu
lfV6fPj5wl3W1ajHsiAa49oMckSpJ5GK7OW3rMrxEu5n95+hjzWDkxe7e4TwYbCh
MpvcDuVTkE+uFpHiChstuqEtFMnSPMMO+G0+zdSboOvOzyzvrpqip5byqCMDfCh9
OBjSiVBU+En9vsQyMLm0MM1h7QIDAQABo4IClTCCApEwHQYDVR0OBBYEFPOaSdzo
yjaG2ZPchXekzoqOUa+7MB8GA1UdIwQYMBaAFIGjjIsJZnIl7gT3Ouz6CVkNH0FM
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRTM1Ri9FQzM0NzQyQ0Y5
MUExMUVDOTAxQjhGMjVDNEY5QUUwMi9nYU9NaXdsbWNpWHVCUGM2N1BvSldRMGZR
VXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2dhT01pd2xtY2lYdUJQYzY3UG9KV1EwZlFVdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Q0UzNUYvRUMzNDc0MkNGOTFBMTFFQzkwMUI4RjI1QzRGOUFFMDIvQjg3OUYzMjZF
MDNDMTFFRjk5MUUxNDdBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJnffQwDQYJKoZIhvcNAQELBQADggEBAE2Zu8PpdgupM2y1
X9KY98cSztFrc/jlOvsX1W2ClUcEgN5MfrsqVs3TQEi9U877xP+KknMY2b+z55dW
n1eyC/Ba0E2zawvKQRhWdT9r5/UBJjcOoT2x3fn/kJoIzA0Vw630WFA0Ggs8rbz0
FYO448a0807LdodO9CqptWf2IYPLvxyN+PC9wvztxLigW1TsUVtEqiVtkVQfvDIi
JThJljPS1AoO5UNYbe9OMjvFHvOMj3LwdQD9vOKvIVHuSY1Jze0qSSzyrA5JfMdw
TklEsm00w90vM4vsMcfRaOq2svuG43W11WKTDVxOJ5VMDdEIu2ET/THsZEdNovwR
axQ87BE=
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:54:09 2025 by rpki-client