Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911D3F3/B254481ACA3411EB8C90D941C4F9AE02/B902532EFEA211EDB9013076C4F9AE02.roa
File: B902532EFEA211EDB9013076C4F9AE02.roa (raw, json)
Hash identifier: +Adzl6dQW/LWPhNaA+sU3D3mSM91CUnI4jOcuyhxVQU=
Subject key identifier: 91:DA:77:87:CD:38:91:C5:67:69:BE:51:0A:82:93:49:56:7B:51:C9
Certificate issuer: /CN=A911D3F3/serialNumber=317C307FFC6ECB6CF656F26B8282FFB9E62F9365
Certificate serial: 05C2
Authority key identifier: 31:7C:30:7F:FC:6E:CB:6C:F6:56:F2:6B:82:82:FF:B9:E6:2F:93:65
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MXwwf_xuy2z2VvJrgoL_ueYvk2U.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911D3F3/B254481ACA3411EB8C90D941C4F9AE02/B902532EFEA211EDB9013076C4F9AE02.roa
Signing time: Tue 11 Mar 2025 00:10:27 +0000
ROA not before: Tue 11 Mar 2025 00:10:27 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 63956
IP address blocks: 45.112.244.0/22 maxlen: 24
103.20.17.0/24 maxlen: 24
103.21.108.0/24 maxlen: 24
103.52.116.0/22 maxlen: 24
103.97.52.0/22 maxlen: 22
103.97.52.0/24 maxlen: 24
103.97.53.0/24 maxlen: 24
103.97.54.0/24 maxlen: 24
103.97.55.0/24 maxlen: 24
103.225.96.0/24 maxlen: 24
202.46.160.0/20 maxlen: 24
203.12.129.0/24 maxlen: 24
203.18.194.0/24 maxlen: 24
203.210.102.0/24 maxlen: 24
2402:1b80::/32 maxlen: 36
2402:1b80::/40 maxlen: 40
2402:1b80:10::/48 maxlen: 48
2402:1b80:11::/48 maxlen: 48
2402:1b80:14::/48 maxlen: 48
2402:1b80:103::/48 maxlen: 48
2402:1b80:104::/48 maxlen: 48
2402:1b80:106::/48 maxlen: 48
2402:1b80:203::/48 maxlen: 48
2402:1b80:204::/48 maxlen: 48
2402:1b80:206::/48 maxlen: 48
2402:1b80:300::/40 maxlen: 40
2402:1b80:304::/48 maxlen: 48
2402:1b80:306::/48 maxlen: 48
2402:1b80:403::/48 maxlen: 48
2402:1b80:3000::/40 maxlen: 40
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1474 (0x5c2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911D3F3
Validity
Not Before: Mar 11 00:10:27 2025 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=67cf7f73-6201
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:9d:30:dd:3d:2c:f4:8f:10:c4:7b:d5:cf:fa:
59:12:aa:0a:03:e3:a4:02:45:af:eb:13:6f:ff:b9:
65:ae:ca:b3:15:f2:0b:5e:79:82:38:ea:d9:b8:17:
27:e5:ae:67:c3:0e:09:02:90:2a:cc:2d:26:cc:79:
af:76:e9:ff:4f:26:20:71:f1:84:37:db:d1:89:e1:
96:09:7f:22:67:27:4e:d4:bc:fa:c3:0b:0c:62:67:
e5:8c:90:a5:5d:37:cc:53:52:7c:57:f8:14:79:38:
24:f1:dd:64:55:fe:75:be:43:d5:fe:96:c1:7b:94:
c2:f9:2f:77:8a:6d:6b:54:b2:7a:94:13:47:b0:cc:
c6:8f:ff:47:51:1d:67:47:b6:4c:af:2c:da:8a:81:
17:93:e6:34:bd:8a:7d:5e:19:52:b5:3d:cb:ff:5f:
c1:b9:29:21:b0:7d:20:2e:4a:7a:c8:01:90:32:6a:
ed:14:6c:5e:64:23:55:b9:cb:bf:db:01:31:1b:ac:
5b:6a:e9:da:b0:3b:77:71:25:fb:b1:e2:65:88:3f:
2f:3a:d2:f8:d7:87:a6:9c:50:a0:27:f4:e3:4c:bd:
8f:8d:1b:35:98:b6:2f:2b:bb:0b:52:32:d2:38:43:
f3:c9:2b:53:f7:73:45:bc:8d:8f:ba:b2:df:c1:be:
3b:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:DA:77:87:CD:38:91:C5:67:69:BE:51:0A:82:93:49:56:7B:51:C9
X509v3 Authority Key Identifier:
keyid:31:7C:30:7F:FC:6E:CB:6C:F6:56:F2:6B:82:82:FF:B9:E6:2F:93:65
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911D3F3/B254481ACA3411EB8C90D941C4F9AE02/MXwwf_xuy2z2VvJrgoL_ueYvk2U.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MXwwf_xuy2z2VvJrgoL_ueYvk2U.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911D3F3/B254481ACA3411EB8C90D941C4F9AE02/B902532EFEA211EDB9013076C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.112.244.0/22
103.20.17.0/24
103.21.108.0/24
103.52.116.0/22
103.97.52.0/22
103.225.96.0/24
202.46.160.0/20
203.12.129.0/24
203.18.194.0/24
203.210.102.0/24
IPv6:
2402:1b80::/32
Signature Algorithm: sha256WithRSAEncryption
83:94:21:b0:b4:4c:4c:42:bd:a2:2b:b8:27:d7:7d:ae:ae:a9:
58:59:63:c3:a1:98:c3:92:a4:5b:f0:90:ad:7e:93:77:94:f6:
61:62:06:bc:ac:54:45:be:36:eb:07:44:d1:9f:00:98:c0:80:
f8:5c:d0:ba:10:50:53:2f:2c:15:fd:c9:32:10:be:64:28:69:
00:40:3b:0f:10:8b:d4:fc:39:d4:f2:e3:d9:b8:f5:65:c2:52:
56:19:33:cd:48:a1:63:de:7f:62:c6:cf:f4:3d:c7:f1:d2:43:
0f:66:92:3c:95:e2:84:02:8f:d2:3a:f4:89:c3:14:57:b5:49:
f9:27:dd:a8:39:df:d4:c4:8d:2a:02:5f:cc:fc:a1:66:b6:71:
f2:ef:52:28:1d:b4:d9:cb:15:1e:5d:42:37:9a:40:c8:15:e0:
0c:5f:01:24:0b:b8:6b:f1:80:cf:a8:7a:97:b9:34:f3:4c:98:
fe:5f:93:38:44:27:9f:98:d0:89:08:f3:4d:67:98:51:a7:74:
46:e6:d6:cf:fa:32:0d:d0:cc:b2:ed:6b:5e:60:23:4f:c6:3c:
b6:79:28:74:bb:0c:8e:e4:2d:22:3d:d9:ac:f4:55:46:fc:90:
f3:ec:c1:2e:4e:59:47:f1:14:c7:cf:21:ca:c7:6a:62:34:40:
3d:52:32:bb
-----BEGIN CERTIFICATE-----
MIIFtjCCBJ6gAwIBAgICBcIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUQzRjMxMTAvBgNVBAUTKDMxN0MzMDdGRkM2RUNCNkNGNjU2RjI2QjgyODJGRkI5
RTYyRjkzNjUwHhcNMjUwMzExMDAxMDI3WhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2NmN2Y3My02MjAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0J0w3T0s9I8QxHvVz/pZEqoKA+OkAkWv6xNv/7llrsqzFfILXnmCOOrZuBcn
5a5nww4JApAqzC0mzHmvdun/TyYgcfGEN9vRieGWCX8iZydO1Lz6wwsMYmfljJCl
XTfMU1J8V/gUeTgk8d1kVf51vkPV/pbBe5TC+S93im1rVLJ6lBNHsMzGj/9HUR1n
R7ZMryzaioEXk+Y0vYp9XhlStT3L/1/BuSkhsH0gLkp6yAGQMmrtFGxeZCNVucu/
2wExG6xbaunasDt3cSX7seJliD8vOtL414emnFCgJ/TjTL2PjRs1mLYvK7sLUjLS
OEPzyStT93NFvI2PurLfwb47+QIDAQABo4IC2jCCAtYwHQYDVR0OBBYEFJHad4fN
OJHFZ2m+UQqCk0lWe1HJMB8GA1UdIwQYMBaAFDF8MH/8bsts9lbya4KC/7nmL5Nl
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExRDNGMy9CMjU0NDgxQUNB
MzQxMUVCOEM5MEQ5NDFDNEY5QUUwMi9NWHd3Zl94dXkyejJWdkpyZ29MX3VlWXZr
MlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL01Yd3dmX3h1eTJ6MlZ2SnJnb0xfdWVZdmsyVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUQzRjMvQjI1NDQ4MUFDQTM0MTFFQjhDOTBEOTQxQzRGOUFFMDIvQjkwMjUzMkVG
RUEyMTFFREI5MDEzMDc2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwZAYIKwYBBQUHAQcBAf8E
VTBTMEIEAgABMDwDBAItcPQDBABnFBEDBABnFWwDBAJnNHQDBAJnYTQDBABn4WAD
BATKLqADBADLDIEDBADLEsIDBADL0mYwDQQCAAIwBwMFACQCG4AwDQYJKoZIhvcN
AQELBQADggEBAIOUIbC0TExCvaIruCfXfa6uqVhZY8OhmMOSpFvwkK1+k3eU9mFi
BrysVEW+NusHRNGfAJjAgPhc0LoQUFMvLBX9yTIQvmQoaQBAOw8Qi9T8OdTy49m4
9WXCUlYZM81IoWPef2LGz/Q9x/HSQw9mkjyV4oQCj9I69InDFFe1Sfkn3ag539TE
jSoCX8z8oWa2cfLvUigdtNnLFR5dQjeaQMgV4AxfASQLuGvxgM+oepe5NPNMmP5f
kzhEJ5+Y0IkI801nmFGndEbm1s/6Mg3QzLLta15gI0/GPLZ5KHS7DI7kLSI92az0
VUb8kPPswS5OWUfxFMfPIcrHamI0QD1SMrs=
-----END CERTIFICATE-----
Generated at Sat Apr 5 01:40:44 2025 by rpki-client