Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91FDC78/15474008AEAC11EAA6C1D761C4F9AE02/6BC3CFFCAEAF11EAB092EE6BC4F9AE02.roa
File: 6BC3CFFCAEAF11EAB092EE6BC4F9AE02.roa (raw, json)
Hash identifier: SybMfJLj0+vEkXuaQthUd0H8Z1vNjBlLLQ9rhZgOuPQ=
Subject key identifier: F5:E8:32:DD:19:E6:71:1F:18:1D:38:98:F7:FE:89:2E:77:F9:AC:DE
Certificate issuer: /CN=A91FDC78/serialNumber=CC57E036431A5EA3C172AA7283401AF3C4AD5C59
Certificate serial: 08D6
Authority key identifier: CC:57:E0:36:43:1A:5E:A3:C1:72:AA:72:83:40:1A:F3:C4:AD:5C:59
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zFfgNkMaXqPBcqpyg0Aa88StXFk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91FDC78/15474008AEAC11EAA6C1D761C4F9AE02/6BC3CFFCAEAF11EAB092EE6BC4F9AE02.roa
Signing time: Wed 26 Mar 2025 20:31:14 +0000
ROA not before: Wed 26 Mar 2025 20:31:14 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 135126
IP address blocks: 43.252.112.0/22 maxlen: 22
43.252.112.0/24 maxlen: 24
43.252.113.0/24 maxlen: 24
43.252.114.0/24 maxlen: 24
43.252.115.0/24 maxlen: 24
103.210.24.0/22 maxlen: 22
103.210.24.0/23 maxlen: 23
103.210.24.0/24 maxlen: 24
103.210.25.0/24 maxlen: 24
103.210.26.0/24 maxlen: 24
103.210.27.0/24 maxlen: 24
180.233.124.0/22 maxlen: 22
180.233.124.0/24 maxlen: 24
180.233.125.0/24 maxlen: 24
180.233.126.0/24 maxlen: 24
180.233.127.0/24 maxlen: 24
2404:78c0::/48 maxlen: 48
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2262 (0x8d6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91FDC78
Validity
Not Before: Mar 26 20:31:14 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=67e46412-771d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:72:6d:2a:6c:ba:15:46:57:b5:c7:a6:53:a5:
94:fe:84:f5:3b:bc:68:85:e7:15:2b:d7:e3:61:ec:
9e:24:ee:ef:ec:16:a3:e0:f9:7f:4c:18:f5:ed:35:
e4:bd:e6:6f:3e:c4:ee:86:91:d2:6c:2f:0a:61:a8:
b3:03:6a:c8:a5:18:bc:21:dc:b4:74:a8:47:b9:51:
8e:5d:e4:6a:12:dd:9d:ea:73:06:6f:0b:2e:a2:6b:
30:ab:f8:5b:85:c6:c1:0c:4d:8f:0c:25:bf:17:b9:
75:0b:fa:f3:ba:e1:23:7b:8f:15:5f:aa:d7:6e:fd:
0f:0f:4c:3c:f3:d9:10:14:dd:f5:23:1b:ed:b1:68:
be:bd:65:77:f7:20:29:ed:9f:b5:8b:e4:3f:59:fd:
f2:15:61:49:12:f8:8e:77:b2:fe:21:82:2e:ed:58:
1d:e2:39:34:27:62:f2:00:18:54:e3:84:c4:d0:51:
0c:99:22:4d:1c:2e:a0:a9:7b:d1:a0:29:87:eb:39:
8b:0d:4f:a8:55:5a:68:e5:37:ad:14:fb:f8:95:2f:
18:b3:cb:47:2d:01:73:71:21:47:fa:1a:05:54:9c:
55:6c:ca:a4:3e:84:10:e8:84:49:15:01:14:c9:be:
f3:31:aa:09:f6:06:94:70:bb:b4:74:72:12:a7:55:
a4:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:E8:32:DD:19:E6:71:1F:18:1D:38:98:F7:FE:89:2E:77:F9:AC:DE
X509v3 Authority Key Identifier:
keyid:CC:57:E0:36:43:1A:5E:A3:C1:72:AA:72:83:40:1A:F3:C4:AD:5C:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91FDC78/15474008AEAC11EAA6C1D761C4F9AE02/zFfgNkMaXqPBcqpyg0Aa88StXFk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zFfgNkMaXqPBcqpyg0Aa88StXFk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FDC78/15474008AEAC11EAA6C1D761C4F9AE02/6BC3CFFCAEAF11EAB092EE6BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.252.112.0/22
103.210.24.0/22
180.233.124.0/22
IPv6:
2404:78c0::/48
Signature Algorithm: sha256WithRSAEncryption
23:44:d5:2a:45:69:60:3f:e5:00:65:9a:0d:e3:03:5a:f6:07:
b4:2a:6f:a1:36:31:60:7e:b2:aa:7e:ed:2a:8a:fa:92:31:48:
3a:8e:db:4e:02:22:40:b9:2b:57:e2:ed:4f:95:c6:9b:6c:17:
03:1e:8f:52:71:12:cf:6a:c2:1e:58:59:72:27:b9:e4:5f:59:
83:7c:38:b9:c6:99:39:59:a9:39:33:bb:83:8b:08:8f:29:05:
bb:60:24:29:9c:32:e8:08:33:06:29:dc:3d:d5:9a:06:09:e0:
e3:c2:d7:36:c1:75:e2:0c:bb:6c:c1:d4:98:f0:a9:5f:eb:2b:
df:20:83:f7:12:e8:d8:04:b9:db:23:c3:30:50:df:11:74:6a:
b5:08:3d:8e:4c:35:07:dd:be:e2:de:84:f0:6f:c7:e6:47:05:
e3:7c:15:21:28:70:57:b0:32:65:c6:17:8a:ca:a0:1d:b1:58:
bb:48:6d:03:e2:16:d6:cb:34:bd:a8:95:73:6b:56:b2:7a:07:
09:b6:36:34:bd:3f:51:71:25:a0:ec:95:19:80:29:87:b9:18:
0b:07:8f:65:08:40:16:ad:18:b0:82:bd:f2:55:b8:78:bf:90:
a4:f7:02:64:4e:c0:9e:ba:43:61:ea:14:45:6d:c9:64:44:4f:
51:85:f9:dc
-----BEGIN CERTIFICATE-----
MIIFjjCCBHagAwIBAgICCNYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RkRDNzgxMTAvBgNVBAUTKENDNTdFMDM2NDMxQTVFQTNDMTcyQUE3MjgzNDAxQUYz
QzRBRDVDNTkwHhcNMjUwMzI2MjAzMTE0WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02N2U0NjQxMi03NzFkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1nJtKmy6FUZXtcemU6WU/oT1O7xohecVK9fjYeyeJO7v7Baj4Pl/TBj17TXk
veZvPsTuhpHSbC8KYaizA2rIpRi8Idy0dKhHuVGOXeRqEt2d6nMGbwsuomswq/hb
hcbBDE2PDCW/F7l1C/rzuuEje48VX6rXbv0PD0w889kQFN31IxvtsWi+vWV39yAp
7Z+1i+Q/Wf3yFWFJEviOd7L+IYIu7Vgd4jk0J2LyABhU44TE0FEMmSJNHC6gqXvR
oCmH6zmLDU+oVVpo5TetFPv4lS8Ys8tHLQFzcSFH+hoFVJxVbMqkPoQQ6IRJFQEU
yb7zMaoJ9gaUcLu0dHISp1WkTwIDAQABo4ICsjCCAq4wHQYDVR0OBBYEFPXoMt0Z
5nEfGB04mPf+iS53+azeMB8GA1UdIwQYMBaAFMxX4DZDGl6jwXKqcoNAGvPErVxZ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGREM3OC8xNTQ3NDAwOEFF
QUMxMUVBQTZDMUQ3NjFDNEY5QUUwMi96RmZnTmtNYVhxUEJjcXB5ZzBBYTg4U3RY
RmsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3pGZmdOa01hWHFQQmNxcHlnMEFhODhTdFhGay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RkRDNzgvMTU0NzQwMDhBRUFDMTFFQUE2QzFENzYxQzRGOUFFMDIvNkJDM0NGRkNB
RUFGMTFFQUIwOTJFRTZCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPAYIKwYBBQUHAQcBAf8E
LTArMBgEAgABMBIDBAIr/HADBAJn0hgDBAK06XwwDwQCAAIwCQMHACQEeMAAADAN
BgkqhkiG9w0BAQsFAAOCAQEAI0TVKkVpYD/lAGWaDeMDWvYHtCpvoTYxYH6yqn7t
Kor6kjFIOo7bTgIiQLkrV+LtT5XGm2wXAx6PUnESz2rCHlhZcie55F9Zg3w4ucaZ
OVmpOTO7g4sIjykFu2AkKZwy6AgzBincPdWaBgng48LXNsF14gy7bMHUmPCpX+sr
3yCD9xLo2AS52yPDMFDfEXRqtQg9jkw1B92+4t6E8G/H5kcF43wVIShwV7AyZcYX
isqgHbFYu0htA+IW1ss0vaiVc2tWsnoHCbY2NL0/UXEloOyVGYAph7kYCwePZQhA
Fq0YsIK98lW4eL+QpPcCZE7AnrpDYeoURW3JZERPUYX53A==
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:11:08 2025 by rpki-client