Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/34DC5CDACEE811EFBF937449C4F9AE02.roa
File: 34DC5CDACEE811EFBF937449C4F9AE02.roa (raw, json)
Hash identifier: ivs4C9DQhFqd6I1TS98inc1DAc+9B/sCI/2ZzxIAJRY=
Subject key identifier: D2:C4:84:70:7E:C3:2F:2B:C4:0F:37:E4:C7:BE:B4:71:A2:29:58:6B
Certificate issuer: /CN=A9149F3E/serialNumber=EB389FB339B3908D549A65390C92E15F9DF7C54B
Certificate serial: 36FB
Authority key identifier: EB:38:9F:B3:39:B3:90:8D:54:9A:65:39:0C:92:E1:5F:9D:F7:C5:4B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6zifszmzkI1UmmU5DJLhX533xUs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/34DC5CDACEE811EFBF937449C4F9AE02.roa
Signing time: Tue 14 Jan 2025 01:29:43 +0000
ROA not before: Tue 14 Jan 2025 01:29:43 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 38661
IP address blocks: 101.79.0.0/22 maxlen: 24
101.79.72.0/22 maxlen: 24
101.79.136.0/23 maxlen: 24
101.79.240.0/21 maxlen: 24
101.79.248.0/22 maxlen: 24
101.79.254.0/23 maxlen: 24
110.4.104.0/22 maxlen: 24
180.210.60.0/22 maxlen: 24
182.252.140.0/22 maxlen: 24
182.252.176.0/22 maxlen: 24
210.4.220.0/22 maxlen: 24
211.172.228.0/22 maxlen: 24
211.172.232.0/22 maxlen: 24
211.236.160.0/22 maxlen: 24
211.236.168.0/21 maxlen: 24
211.236.180.0/22 maxlen: 24
211.236.184.0/21 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14075 (0x36fb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9149F3E
Validity
Not Before: Jan 14 01:29:43 2025 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=6785be07-657a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:05:3b:69:ca:96:e6:db:fc:d5:1c:b1:53:34:
65:74:3e:01:3a:14:5e:c3:1b:33:51:e6:b1:21:5f:
01:23:1f:31:a1:40:e1:5e:3a:43:8c:8a:f8:eb:2c:
b7:27:cb:5d:bc:7a:9a:f5:a3:49:a6:00:c2:2e:93:
ed:c0:59:a6:59:09:bb:d7:8b:1b:3a:fa:67:3c:44:
49:92:5c:e3:22:8f:20:04:55:13:40:f0:0a:be:b3:
97:f6:fd:e8:4f:43:ed:7c:fc:54:8d:bf:c5:09:00:
f4:84:b2:34:e1:24:f4:56:6c:d3:9b:cc:b7:81:ed:
00:76:37:98:8b:bc:d9:fc:78:61:84:1b:45:63:1f:
73:2e:52:57:25:15:f8:90:7d:8f:12:07:e9:46:78:
4a:2f:0f:dd:ae:51:08:52:45:07:d0:46:ac:de:c3:
50:67:3c:8d:69:05:04:57:be:12:b8:a2:62:7c:00:
2a:b3:fa:55:9a:44:ff:9a:50:8d:8b:3f:59:df:04:
94:e1:5f:8b:41:65:33:bc:6f:64:11:cc:0e:31:d4:
7e:c1:49:3b:7a:bd:50:18:39:3a:03:66:af:a2:04:
32:2f:96:cf:13:50:5a:55:ab:dc:c4:62:87:5c:7c:
f3:c8:15:7d:b1:27:0f:08:1f:9d:de:bd:24:66:24:
63:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:C4:84:70:7E:C3:2F:2B:C4:0F:37:E4:C7:BE:B4:71:A2:29:58:6B
X509v3 Authority Key Identifier:
keyid:EB:38:9F:B3:39:B3:90:8D:54:9A:65:39:0C:92:E1:5F:9D:F7:C5:4B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/6zifszmzkI1UmmU5DJLhX533xUs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6zifszmzkI1UmmU5DJLhX533xUs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9149F3E/AC52B7481D8211E2BC6417D708B02CD2/34DC5CDACEE811EFBF937449C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
101.79.0.0/22
101.79.72.0/22
101.79.136.0/23
101.79.240.0-101.79.251.255
101.79.254.0/23
110.4.104.0/22
180.210.60.0/22
182.252.140.0/22
182.252.176.0/22
210.4.220.0/22
211.172.228.0-211.172.235.255
211.236.160.0/22
211.236.168.0/21
211.236.180.0-211.236.191.255
Signature Algorithm: sha256WithRSAEncryption
7f:0f:0d:5a:cc:7a:f7:56:8c:43:fc:32:ce:95:03:2c:7d:5e:
e6:b6:d1:5c:89:1f:b9:40:fa:46:d7:d8:13:23:8b:c0:ef:91:
ab:1b:21:fd:9d:99:96:82:43:64:aa:f6:ca:ce:62:30:40:26:
09:c9:fd:85:bf:65:f0:38:f1:1f:f7:be:b0:23:3d:66:32:ee:
13:e0:0f:c3:58:6e:c7:00:d1:a7:06:42:a7:1b:4c:d4:a4:35:
6e:7d:83:c7:a7:8e:23:43:4d:e1:1e:47:49:80:84:b8:48:6a:
4e:0f:54:b3:41:57:6f:d6:cd:8c:35:ec:93:d8:0b:13:51:10:
0b:39:4e:97:06:92:73:39:59:c0:43:d9:09:8d:e6:c7:af:2e:
61:36:05:04:41:5d:72:87:9f:e5:5a:94:31:46:89:28:61:f2:
b3:2b:e6:ac:45:d5:99:a4:bf:ba:52:30:2b:7c:d8:cc:c4:a2:
bd:71:0f:26:04:6a:b4:85:d5:5b:85:3f:05:2a:08:79:f1:96:
2a:d2:30:cf:94:9f:5e:1d:3a:4f:8f:60:75:38:5d:d3:b0:63:
d1:04:6c:ce:5d:7f:a8:d2:78:fd:27:65:58:79:bc:21:6f:13:
dc:ce:92:96:ab:42:e1:08:2c:c8:97:aa:40:42:58:bf:e6:98:
b2:f2:ec:1d
-----BEGIN CERTIFICATE-----
MIIF2DCCBMCgAwIBAgICNvswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDlGM0UxMTAvBgNVBAUTKEVCMzg5RkIzMzlCMzkwOEQ1NDlBNjUzOTBDOTJFMTVG
OURGN0M1NEIwHhcNMjUwMTE0MDEyOTQzWhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzg1YmUwNy02NTdhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwQU7acqW5tv81RyxUzRldD4BOhRewxszUeaxIV8BIx8xoUDhXjpDjIr46yy3
J8tdvHqa9aNJpgDCLpPtwFmmWQm714sbOvpnPERJklzjIo8gBFUTQPAKvrOX9v3o
T0PtfPxUjb/FCQD0hLI04ST0VmzTm8y3ge0AdjeYi7zZ/HhhhBtFYx9zLlJXJRX4
kH2PEgfpRnhKLw/drlEIUkUH0Eas3sNQZzyNaQUEV74SuKJifAAqs/pVmkT/mlCN
iz9Z3wSU4V+LQWUzvG9kEcwOMdR+wUk7er1QGDk6A2avogQyL5bPE1BaVavcxGKH
XHzzyBV9sScPCB+d3r0kZiRjDQIDAQABo4IC/DCCAvgwHQYDVR0OBBYEFNLEhHB+
wy8rxA835Me+tHGiKVhrMB8GA1UdIwQYMBaAFOs4n7M5s5CNVJplOQyS4V+d98VL
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0OUYzRS9BQzUyQjc0ODFE
ODIxMUUyQkM2NDE3RDcwOEIwMkNEMi82emlmc3ptemtJMVVtbVU1REpMaFg1MzN4
VXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzZ6aWZzem16a0kxVW1tVTVESkxoWDUzM3hVcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDlGM0UvQUM1MkI3NDgxRDgyMTFFMkJDNjQxN0Q3MDhCMDJDRDIvMzREQzVDREFD
RUU4MTFFRkJGOTM3NDQ5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgYUGCCsGAQUFBwEHAQH/
BHYwdDByBAIAATBsAwQCZU8AAwQCZU9IAwQBZU+IMAwDBARlT/ADBAJlT/gDBAFl
T/4DBAJuBGgDBAK00jwDBAK2/IwDBAK2/LADBALSBNwwDAMEAtOs5AMEAtOs6AME
AtPsoAMEA9PsqDAMAwQC0+y0AwQG0+yAMA0GCSqGSIb3DQEBCwUAA4IBAQB/Dw1a
zHr3VoxD/DLOlQMsfV7mttFciR+5QPpG19gTI4vA75GrGyH9nZmWgkNkqvbKzmIw
QCYJyf2Fv2XwOPEf976wIz1mMu4T4A/DWG7HANGnBkKnG0zUpDVufYPHp44jQ03h
HkdJgIS4SGpOD1SzQVdv1s2MNeyT2AsTURALOU6XBpJzOVnAQ9kJjebHry5hNgUE
QV1yh5/lWpQxRokoYfKzK+asRdWZpL+6UjArfNjMxKK9cQ8mBGq0hdVbhT8FKgh5
8ZYq0jDPlJ9eHTpPj2B1OF3TsGPRBGzOXX+o0nj9J2VYebwhbxPczpKWq0LhCCzI
l6pAQli/5piy8uwd
-----END CERTIFICATE-----
Generated at Sat Apr 5 00:34:51 2025 by rpki-client