Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E2454/D4C30B421D8711E2A19822E008B02CD2/78123422B0CD11E58B55FC73C4F9AE02.roa
File: 78123422B0CD11E58B55FC73C4F9AE02.roa (raw, json)
Hash identifier: ELjtbDvUJdRIE0OkklMq1ckQ7DJ/Pb2ipSH84CeiKCg=
Subject key identifier: A3:87:86:7D:2C:6A:00:91:B3:F3:C5:D2:81:3A:79:73:1E:65:80:82
Certificate issuer: /CN=A91E2454/serialNumber=AB6262BC7D02EC1AD48B71DA98B73D22A362DAF0
Certificate serial: 3598
Authority key identifier: AB:62:62:BC:7D:02:EC:1A:D4:8B:71:DA:98:B7:3D:22:A3:62:DA:F0
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/q2JivH0C7BrUi3HamLc9IqNi2vA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E2454/D4C30B421D8711E2A19822E008B02CD2/78123422B0CD11E58B55FC73C4F9AE02.roa
Signing time: Thu 12 Dec 2024 14:30:31 +0000
ROA not before: Thu 12 Dec 2024 14:30:31 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 132844
IP address blocks: 121.58.241.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13720 (0x3598)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E2454
Validity
Not Before: Dec 12 14:30:31 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=675af387-6e49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:01:ed:01:48:51:a7:b5:1a:8d:11:66:0c:99:
57:4c:6d:32:a3:da:e7:c1:eb:42:09:f2:17:8c:9b:
74:1e:13:1e:c7:62:bc:8b:88:c8:ce:bf:4e:cb:fc:
f3:5d:31:7a:f2:df:0f:ce:f8:e5:35:01:de:8e:88:
31:9b:29:a1:12:a4:3c:ac:6e:17:be:50:7d:27:9d:
63:f9:2b:47:20:5f:c1:01:0f:5c:ba:0b:c3:a5:df:
f1:57:f7:2d:c8:10:85:48:db:39:e3:98:25:3d:44:
c3:45:03:12:43:83:53:5b:f9:7e:18:23:0d:72:1a:
d4:bf:0d:4d:6b:a0:57:16:e2:f4:f8:86:86:ef:04:
55:d6:74:40:b6:68:a0:70:32:4f:65:2b:1a:59:79:
ef:46:39:44:ef:eb:d5:7d:10:fa:bb:d8:5e:66:c3:
11:8a:88:46:72:d2:31:bd:a0:ae:6a:b0:84:05:ea:
0c:1d:8c:e9:3a:28:e9:42:78:c5:53:ee:a3:7e:c2:
22:3a:5c:7f:bd:ba:34:d2:0f:8e:62:b0:28:65:ce:
08:84:4b:48:02:5a:11:dd:07:c4:88:77:59:0f:7e:
c8:89:17:f3:c0:02:92:40:b0:89:72:00:04:4b:bb:
bb:ae:79:4e:53:ba:d1:b0:41:ca:b5:91:c3:a3:b7:
0e:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:87:86:7D:2C:6A:00:91:B3:F3:C5:D2:81:3A:79:73:1E:65:80:82
X509v3 Authority Key Identifier:
keyid:AB:62:62:BC:7D:02:EC:1A:D4:8B:71:DA:98:B7:3D:22:A3:62:DA:F0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E2454/D4C30B421D8711E2A19822E008B02CD2/q2JivH0C7BrUi3HamLc9IqNi2vA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/q2JivH0C7BrUi3HamLc9IqNi2vA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E2454/D4C30B421D8711E2A19822E008B02CD2/78123422B0CD11E58B55FC73C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
121.58.241.0/24
Signature Algorithm: sha256WithRSAEncryption
84:5a:02:de:34:87:05:db:48:db:51:af:7e:06:6b:1e:f6:f8:
f2:e4:a0:16:c8:79:99:86:1a:35:fb:36:56:5e:40:77:30:86:
d8:99:c2:4d:2d:75:53:00:6d:ab:bc:29:35:3e:46:89:5a:a7:
6f:29:42:63:60:43:3a:4d:f1:21:d9:a3:e7:7f:3b:8e:7d:10:
94:5d:01:aa:82:51:f3:77:e7:51:c2:58:76:46:94:1b:e7:44:
0b:36:7b:c4:aa:c4:45:a4:42:c6:d3:db:f0:e4:dc:3a:74:cd:
ed:7c:be:df:92:f0:45:61:14:44:0a:00:ef:82:ed:c8:2f:c8:
e7:d2:6b:c5:d3:6b:45:5e:63:88:21:32:52:b6:ad:0c:e7:f4:
d4:7d:fb:20:09:de:c1:c2:13:1e:cf:d2:6e:fa:7b:c9:56:b1:
89:b2:f9:46:a1:4a:fe:5d:31:c2:58:a0:4a:5d:a2:bb:f8:85:
b0:ce:ca:c1:cc:60:57:c5:92:84:4e:48:e8:da:ff:ff:94:09:
e5:87:e9:8e:2a:cc:b7:b3:ad:a0:1e:29:59:b6:29:bb:e8:dc:
dc:a4:05:d3:7a:84:5b:e1:d2:d9:a7:fb:46:31:9b:49:f0:31:
a1:3b:3f:5b:f3:7a:b3:39:08:9b:86:9a:d3:bc:2e:db:84:2e:
6c:16:52:10
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICNZgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTI0NTQxMTAvBgNVBAUTKEFCNjI2MkJDN0QwMkVDMUFENDhCNzFEQTk4QjczRDIy
QTM2MkRBRjAwHhcNMjQxMjEyMTQzMDMxWhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzVhZjM4Ny02ZTQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxgHtAUhRp7UajRFmDJlXTG0yo9rnwetCCfIXjJt0HhMex2K8i4jIzr9Oy/zz
XTF68t8PzvjlNQHejogxmymhEqQ8rG4XvlB9J51j+StHIF/BAQ9cugvDpd/xV/ct
yBCFSNs545glPUTDRQMSQ4NTW/l+GCMNchrUvw1Na6BXFuL0+IaG7wRV1nRAtmig
cDJPZSsaWXnvRjlE7+vVfRD6u9heZsMRiohGctIxvaCuarCEBeoMHYzpOijpQnjF
U+6jfsIiOlx/vbo00g+OYrAoZc4IhEtIAloR3QfEiHdZD37IiRfzwAKSQLCJcgAE
S7u7rnlOU7rRsEHKtZHDo7cOMQIDAQABo4IClTCCApEwHQYDVR0OBBYEFKOHhn0s
agCRs/PF0oE6eXMeZYCCMB8GA1UdIwQYMBaAFKtiYrx9Auwa1Itx2pi3PSKjYtrw
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMjQ1NC9ENEMzMEI0MjFE
ODcxMUUyQTE5ODIyRTAwOEIwMkNEMi9xMkppdkgwQzdCclVpM0hhbUxjOUlxTmky
dkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3EySml2SDBDN0JyVWkzSGFtTGM5SXFOaTJ2QS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTI0NTQvRDRDMzBCNDIxRDg3MTFFMkExOTgyMkUwMDhCMDJDRDIvNzgxMjM0MjJC
MENEMTFFNThCNTVGQzczQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAB5OvEwDQYJKoZIhvcNAQELBQADggEBAIRaAt40hwXbSNtR
r34Gax72+PLkoBbIeZmGGjX7NlZeQHcwhtiZwk0tdVMAbau8KTU+Rolap28pQmNg
QzpN8SHZo+d/O459EJRdAaqCUfN351HCWHZGlBvnRAs2e8SqxEWkQsbT2/Dk3Dp0
ze18vt+S8EVhFEQKAO+C7cgvyOfSa8XTa0VeY4ghMlK2rQzn9NR9+yAJ3sHCEx7P
0m76e8lWsYmy+UahSv5dMcJYoEpdorv4hbDOysHMYFfFkoROSOja//+UCeWH6Y4q
zLezraAeKVm2Kbvo3NykBdN6hFvh0tmn+0Yxm0nwMaE7P1vzerM5CJuGmtO8LtuE
LmwWUhA=
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:08:03 2025 by rpki-client