Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F6D91/E517F2B69AE511EB837F135EC4F9AE02/0E2711E6830711ECB472CA0AC4F9AE02.roa
File: 0E2711E6830711ECB472CA0AC4F9AE02.roa (raw, json)
Hash identifier: 6bWPYL9HlnXbgKm1pf8hjZDzf0KdOhZ+kEEuV8xvMnc=
Subject key identifier: 19:C3:DF:40:8D:15:87:6E:42:B2:5F:AE:1F:42:8F:D4:14:7E:04:AA
Certificate issuer: /CN=A91F6D91/serialNumber=F6718A5E5E42D08E253A2FB300FF09C3F5351D32
Certificate serial: 05FD
Authority key identifier: F6:71:8A:5E:5E:42:D0:8E:25:3A:2F:B3:00:FF:09:C3:F5:35:1D:32
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9nGKXl5C0I4lOi-zAP8Jw_U1HTI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F6D91/E517F2B69AE511EB837F135EC4F9AE02/0E2711E6830711ECB472CA0AC4F9AE02.roa
Signing time: Thu 02 Jan 2025 22:52:19 +0000
ROA not before: Thu 02 Jan 2025 22:52:19 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 14618
IP address blocks: 203.175.0.0/24 maxlen: 24
203.175.1.0/24 maxlen: 24
203.175.2.0/24 maxlen: 24
203.175.3.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1533 (0x5fd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F6D91
Validity
Not Before: Jan 2 22:52:19 2025 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=677718a2-faca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:92:4b:c5:71:2e:af:84:2c:50:aa:51:1d:cd:
87:70:e3:59:b0:2c:9b:22:de:92:b4:60:36:c1:41:
b2:e4:dc:80:4b:a6:e0:52:38:48:69:31:c8:6f:b8:
ec:e3:73:96:9a:e7:93:e4:67:1e:1a:4b:1e:cb:84:
51:86:70:2d:82:06:c2:0a:d8:ff:a7:d7:2a:8f:9b:
32:ad:30:78:a5:75:d5:da:88:8f:c1:05:ea:39:4a:
34:5c:70:f8:86:45:57:b1:c8:45:ca:ee:75:55:1e:
db:83:f2:6f:aa:3d:52:50:29:d7:78:b2:4a:e4:73:
da:12:ea:f0:95:17:21:aa:06:c8:27:ce:0f:73:e8:
82:16:35:82:4c:81:f3:a9:1f:03:ae:9f:51:08:d3:
ba:38:9c:ea:20:c3:12:72:66:cd:a6:55:64:4f:a9:
16:7d:7a:6b:86:b8:78:a4:33:c6:9f:6e:f9:71:4c:
01:5c:b0:2c:65:3f:d9:ff:5d:da:94:e2:5f:68:64:
67:9d:94:66:23:1e:bd:29:30:6d:ec:6b:3c:2c:bc:
8c:56:f6:ac:56:4f:9a:68:66:54:69:45:99:d0:14:
5b:8b:45:4c:5b:5e:cb:93:e4:d7:32:55:38:ce:f2:
37:da:e3:32:93:74:60:c6:62:01:5f:25:ea:cf:12:
9c:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:C3:DF:40:8D:15:87:6E:42:B2:5F:AE:1F:42:8F:D4:14:7E:04:AA
X509v3 Authority Key Identifier:
keyid:F6:71:8A:5E:5E:42:D0:8E:25:3A:2F:B3:00:FF:09:C3:F5:35:1D:32
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F6D91/E517F2B69AE511EB837F135EC4F9AE02/9nGKXl5C0I4lOi-zAP8Jw_U1HTI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9nGKXl5C0I4lOi-zAP8Jw_U1HTI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F6D91/E517F2B69AE511EB837F135EC4F9AE02/0E2711E6830711ECB472CA0AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.175.0.0/22
Signature Algorithm: sha256WithRSAEncryption
07:30:25:78:66:12:1e:43:13:fb:7c:78:5f:dd:c9:59:21:9f:
06:36:ac:4b:a6:22:82:dd:c8:f4:f2:19:df:f0:61:c3:34:1b:
0d:11:e6:b1:0e:ba:b3:28:b3:48:9d:07:b8:63:05:83:8d:1c:
a9:af:fe:53:ad:f4:e9:14:ed:dc:ef:db:0d:1d:f9:8d:8b:52:
25:7c:f2:74:5f:63:bc:23:b0:c2:9d:5b:17:32:12:e6:ae:f0:
57:fa:7e:50:da:62:d5:80:03:40:19:40:bc:c0:2d:27:3d:5e:
e0:71:c7:5c:8f:53:c6:bf:98:af:58:71:9e:9c:2f:78:df:c3:
ce:67:59:e7:75:b5:47:6e:f0:73:78:08:f2:40:6e:39:26:7a:
30:13:02:bf:9d:54:cf:e5:6e:97:48:79:e7:71:74:90:6a:72:
67:60:22:be:c9:1a:ce:61:c9:99:5a:3d:2e:86:43:41:9b:49:
b5:04:d8:49:4b:b5:eb:47:ef:39:f8:d3:1c:5e:3f:f7:da:9c:
e0:43:76:58:4a:c0:72:ab:2e:ae:aa:cd:7f:c7:73:d4:59:44:
03:18:2c:e9:24:5d:09:b7:4c:1c:39:2a:68:70:ca:a2:43:b5:
e9:42:98:04:ac:7b:58:f3:2d:a9:7a:21:47:c9:86:e6:16:bd:
6b:e9:b3:d2
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBf0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjZEOTExMTAvBgNVBAUTKEY2NzE4QTVFNUU0MkQwOEUyNTNBMkZCMzAwRkYwOUMz
RjUzNTFEMzIwHhcNMjUwMTAyMjI1MjE5WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzc3MThhMi1mYWNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApJJLxXEur4QsUKpRHc2HcONZsCybIt6StGA2wUGy5NyAS6bgUjhIaTHIb7js
43OWmueT5GceGksey4RRhnAtggbCCtj/p9cqj5syrTB4pXXV2oiPwQXqOUo0XHD4
hkVXschFyu51VR7bg/Jvqj1SUCnXeLJK5HPaEurwlRchqgbIJ84Pc+iCFjWCTIHz
qR8Drp9RCNO6OJzqIMMScmbNplVkT6kWfXprhrh4pDPGn275cUwBXLAsZT/Z/13a
lOJfaGRnnZRmIx69KTBt7Gs8LLyMVvasVk+aaGZUaUWZ0BRbi0VMW17Lk+TXMlU4
zvI32uMyk3RgxmIBXyXqzxKclwIDAQABo4IClTCCApEwHQYDVR0OBBYEFBnD30CN
FYduQrJfrh9Cj9QUfgSqMB8GA1UdIwQYMBaAFPZxil5eQtCOJTovswD/CcP1NR0y
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNkQ5MS9FNTE3RjJCNjlB
RTUxMUVCODM3RjEzNUVDNEY5QUUwMi85bkdLWGw1QzBJNGxPaS16QVA4SndfVTFI
VEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzluR0tYbDVDMEk0bE9pLXpBUDhKd19VMUhUSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjZEOTEvRTUxN0YyQjY5QUU1MTFFQjgzN0YxMzVFQzRGOUFFMDIvMEUyNzExRTY4
MzA3MTFFQ0I0NzJDQTBBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBALLrwAwDQYJKoZIhvcNAQELBQADggEBAAcwJXhmEh5DE/t8
eF/dyVkhnwY2rEumIoLdyPTyGd/wYcM0Gw0R5rEOurMos0idB7hjBYONHKmv/lOt
9OkU7dzv2w0d+Y2LUiV88nRfY7wjsMKdWxcyEuau8Ff6flDaYtWAA0AZQLzALSc9
XuBxx1yPU8a/mK9YcZ6cL3jfw85nWed1tUdu8HN4CPJAbjkmejATAr+dVM/lbpdI
eedxdJBqcmdgIr7JGs5hyZlaPS6GQ0GbSbUE2ElLtetH7zn40xxeP/fanOBDdlhK
wHKrLq6qzX/Hc9RZRAMYLOkkXQm3TBw5KmhwyqJDtelCmASse1jzLal6IUfJhuYW
vWvps9I=
-----END CERTIFICATE-----
Generated at Fri Apr 4 23:55:45 2025 by rpki-client