Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/6D051F94F97B11EFA17D2A35C4F9AE02.roa
File: 6D051F94F97B11EFA17D2A35C4F9AE02.roa (raw, json)
Hash identifier: Vn5f14MRd4J8zRGz1ubuHwvg/xQmMXb9CWRu74DA3CQ=
Subject key identifier: 4B:BC:C1:2C:EC:02:6E:29:21:03:4E:0D:1F:91:63:C2:B7:B9:96:3D
Certificate issuer: /CN=A911B412/serialNumber=873D595AF5569C20239F53DD80EB1177D80B0934
Certificate serial: 0742
Authority key identifier: 87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/6D051F94F97B11EFA17D2A35C4F9AE02.roa
Signing time: Wed 05 Mar 2025 04:37:38 +0000
ROA not before: Wed 05 Mar 2025 04:37:38 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 64021
IP address blocks: 43.252.209.0/24 maxlen: 24
43.252.210.0/24 maxlen: 24
103.20.220.0/24 maxlen: 24
103.20.221.0/24 maxlen: 24
103.225.198.0/24 maxlen: 24
103.228.64.0/24 maxlen: 24
103.234.54.0/24 maxlen: 24
150.107.1.0/24 maxlen: 24
150.107.2.0/24 maxlen: 24
150.107.3.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1858 (0x742)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911B412
Validity
Not Before: Mar 5 04:37:38 2025 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=67c7d512-3e84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:81:9c:28:3f:87:30:36:e2:4e:c0:cc:6b:dd:
49:58:1a:bc:26:67:4a:ff:0e:0d:8b:03:f8:59:45:
56:0f:29:d6:5b:b4:38:90:58:8b:09:cc:72:9f:4f:
03:59:82:52:e8:d8:da:53:36:ea:4b:ab:f0:f5:b8:
8b:6b:fc:f7:ff:b7:39:2b:b5:64:b2:7c:95:1e:c7:
9a:d9:58:4a:97:01:a2:20:ab:71:a7:17:c4:ee:a2:
6d:48:08:f4:a2:de:d2:00:91:49:7a:c0:d6:f2:35:
9f:e5:dc:9a:0f:57:dd:ae:96:d0:0e:da:3e:a1:f9:
74:6d:7d:e8:ab:24:3a:ea:20:36:9c:7b:e7:80:94:
a0:14:f9:5e:c5:5c:a5:71:25:e8:ad:ac:39:e9:44:
5e:9c:9d:fa:23:38:c7:db:1f:62:c0:15:15:10:03:
ab:4c:e2:6f:40:24:a1:6c:23:97:c1:72:90:58:95:
ea:02:37:fc:48:58:29:3c:3e:78:1d:ac:9e:9e:16:
01:f3:e1:82:0f:7d:2c:d0:06:52:19:b5:0e:1d:c4:
ba:77:4f:4c:40:78:4c:f2:8e:36:3d:b5:ad:5a:45:
ee:25:78:64:f0:4e:f7:e5:fc:63:42:0c:7e:8f:7c:
16:92:11:d8:64:5e:59:07:69:05:1c:66:ec:12:92:
4c:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:BC:C1:2C:EC:02:6E:29:21:03:4E:0D:1F:91:63:C2:B7:B9:96:3D
X509v3 Authority Key Identifier:
keyid:87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/6D051F94F97B11EFA17D2A35C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.252.209.0-43.252.210.255
103.20.220.0/23
103.225.198.0/24
103.228.64.0/24
103.234.54.0/24
150.107.1.0-150.107.3.255
Signature Algorithm: sha256WithRSAEncryption
97:a8:df:82:e3:a8:c4:cd:93:30:1d:26:7d:9f:45:a6:d1:8f:
dd:cf:aa:83:0b:0b:f8:a2:fc:7b:75:c0:0a:a5:99:37:fa:17:
f0:67:77:bf:ed:4a:6a:da:c8:6c:e8:51:a1:41:ce:f8:b0:b0:
38:ca:cd:ba:05:63:e3:08:d9:8f:bb:74:0b:77:7f:f4:a9:af:
5f:5a:e4:ec:ec:75:a2:cd:ab:5c:b3:37:5d:12:29:d5:ca:74:
20:75:fe:11:03:b6:d2:b0:32:3f:59:03:23:06:9c:c2:c7:ae:
f2:ee:f6:b2:fa:d8:c2:20:45:70:de:c4:c1:fa:be:2f:28:7e:
8c:a0:1e:d2:6b:5c:a3:da:0a:dd:b3:5c:bf:09:61:50:dd:a3:
f3:9f:56:0f:97:4d:91:7d:a6:6c:a8:6d:7e:c6:45:9e:a8:04:
71:d6:a3:ad:ae:d8:db:15:85:01:a2:94:4b:17:47:87:53:d7:
cb:45:96:1e:3d:1f:4d:41:73:2e:1e:3e:ef:6f:ea:a9:3e:23:
66:3e:aa:8f:4a:33:67:3a:34:8d:54:cc:1d:aa:35:bc:cf:e0:
a1:a7:91:8d:f2:64:7f:fa:11:93:05:0e:3d:8a:32:cf:a9:a6:
ff:c3:f0:c2:8d:24:57:a0:cb:19:6a:9e:26:2c:b5:1d:cf:e0:
c9:24:9b:b9
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgICB0IwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUI0MTIxMTAvBgNVBAUTKDg3M0Q1OTVBRjU1NjlDMjAyMzlGNTNERDgwRUIxMTc3
RDgwQjA5MzQwHhcNMjUwMzA1MDQzNzM4WhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2M3ZDUxMi0zZTg0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyYGcKD+HMDbiTsDMa91JWBq8JmdK/w4NiwP4WUVWDynWW7Q4kFiLCcxyn08D
WYJS6NjaUzbqS6vw9biLa/z3/7c5K7VksnyVHsea2VhKlwGiIKtxpxfE7qJtSAj0
ot7SAJFJesDW8jWf5dyaD1fdrpbQDto+ofl0bX3oqyQ66iA2nHvngJSgFPlexVyl
cSXoraw56URenJ36IzjH2x9iwBUVEAOrTOJvQCShbCOXwXKQWJXqAjf8SFgpPD54
HayenhYB8+GCD30s0AZSGbUOHcS6d09MQHhM8o42PbWtWkXuJXhk8E735fxjQgx+
j3wWkhHYZF5ZB2kFHGbsEpJMMwIDAQABo4ICwzCCAr8wHQYDVR0OBBYEFEu8wSzs
Am4pIQNODR+RY8K3uZY9MB8GA1UdIwQYMBaAFIc9WVr1VpwgI59T3YDrEXfYCwk0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQjQxMi9DMUVBMDMzQ0Qy
RUExMUVCQTIwNkIxNzhDNEY5QUUwMi9oejFaV3ZWV25DQWpuMVBkZ09zUmQ5Z0xD
VFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2h6MVpXdlZXbkNBam4xUGRnT3NSZDlnTENUUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUI0MTIvQzFFQTAzM0NEMkVBMTFFQkEyMDZCMTc4QzRGOUFFMDIvNkQwNTFGOTRG
OTdCMTFFRkExN0QyQTM1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwTQYIKwYBBQUHAQcBAf8E
PjA8MDoEAgABMDQwDAMEACv80QMEACv80gMEAWcU3AMEAGfhxgMEAGfkQAMEAGfq
NjAMAwQAlmsBAwQClmsAMA0GCSqGSIb3DQEBCwUAA4IBAQCXqN+C46jEzZMwHSZ9
n0Wm0Y/dz6qDCwv4ovx7dcAKpZk3+hfwZ3e/7Upq2shs6FGhQc74sLA4ys26BWPj
CNmPu3QLd3/0qa9fWuTs7HWizatcszddEinVynQgdf4RA7bSsDI/WQMjBpzCx67y
7vay+tjCIEVw3sTB+r4vKH6MoB7Sa1yj2grds1y/CWFQ3aPzn1YPl02RfaZsqG1+
xkWeqARx1qOtrtjbFYUBopRLF0eHU9fLRZYePR9NQXMuHj7vb+qpPiNmPqqPSjNn
OjSNVMwdqjW8z+Chp5GN8mR/+hGTBQ49ijLPqab/w/DCjSRXoMsZap4mLLUdz+DJ
JJu5
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:18:19 2025 by rpki-client