Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9156342/BDF8908099E411EA89A4C240C4F9AE02/3A58D9F499E611EAB3C00943C4F9AE02.roa
File: 3A58D9F499E611EAB3C00943C4F9AE02.roa (raw, json)
Hash identifier: +eSXmzBbgmezGg93b3TG7JXzkYgFkvNOYfX8lsh6cSU=
Subject key identifier: 05:4A:7F:11:B3:E4:36:13:9A:2B:65:D2:84:3D:9A:27:DB:8D:92:5D
Certificate issuer: /CN=A9156342/serialNumber=77DA248004E8C5872BDF72BAC1222C7CCB6E8E37
Certificate serial: 0951
Authority key identifier: 77:DA:24:80:04:E8:C5:87:2B:DF:72:BA:C1:22:2C:7C:CB:6E:8E:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d9okgAToxYcr33K6wSIsfMtujjc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9156342/BDF8908099E411EA89A4C240C4F9AE02/3A58D9F499E611EAB3C00943C4F9AE02.roa
Signing time: Thu 20 Mar 2025 20:30:38 +0000
ROA not before: Thu 20 Mar 2025 20:30:38 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 134520
IP address blocks: 43.245.220.0/22 maxlen: 22
103.209.100.0/24 maxlen: 24
103.209.101.0/24 maxlen: 24
103.209.102.0/24 maxlen: 24
103.209.103.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2385 (0x951)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9156342
Validity
Not Before: Mar 20 20:30:38 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67dc7aee-a237
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:7b:19:c6:f2:89:7f:b8:05:e7:c8:e4:be:53:
d8:6d:da:63:55:b6:41:83:50:13:21:0a:23:39:c3:
8b:ad:11:b2:83:f3:1b:cd:d6:21:e3:56:51:51:94:
6b:34:24:77:0d:83:42:a1:77:b1:50:62:fd:be:2c:
e7:cc:84:5c:e4:5a:ae:19:2e:fc:dc:3e:48:ee:97:
6c:e0:1e:c8:34:ae:1c:91:8b:45:1f:af:88:9a:de:
4c:1d:c1:38:80:39:53:1c:b0:ab:11:76:41:40:61:
d0:f7:f4:58:ce:cd:8b:3f:58:53:c8:dc:bf:b3:57:
e9:e7:ad:9e:8a:a3:4a:87:d0:26:6f:cb:60:8c:36:
94:55:be:c9:89:50:95:2d:6a:34:b1:f0:66:66:c2:
9c:07:33:82:b9:fe:b1:df:33:8d:49:ee:ff:7a:b6:
e1:d2:e2:e0:a0:f4:47:c8:af:d2:7e:2c:9d:93:70:
d9:38:f3:42:67:e9:2a:6a:17:2c:e5:aa:48:72:1e:
05:4f:5f:94:c1:80:94:43:bf:5c:9e:c9:2b:f5:03:
c7:fd:a8:ca:47:f0:ff:20:bf:1d:af:43:4a:e1:d5:
f0:7a:bb:ab:92:e5:24:ab:2d:fa:81:f0:a0:1b:0d:
3c:79:c0:d7:97:ca:49:25:30:33:9e:8d:92:da:bd:
39:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:4A:7F:11:B3:E4:36:13:9A:2B:65:D2:84:3D:9A:27:DB:8D:92:5D
X509v3 Authority Key Identifier:
keyid:77:DA:24:80:04:E8:C5:87:2B:DF:72:BA:C1:22:2C:7C:CB:6E:8E:37
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9156342/BDF8908099E411EA89A4C240C4F9AE02/d9okgAToxYcr33K6wSIsfMtujjc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d9okgAToxYcr33K6wSIsfMtujjc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9156342/BDF8908099E411EA89A4C240C4F9AE02/3A58D9F499E611EAB3C00943C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.245.220.0/22
103.209.100.0/22
Signature Algorithm: sha256WithRSAEncryption
05:d5:c2:ef:5a:da:2a:e8:9c:03:02:dc:4a:30:65:62:47:b6:
93:23:90:ac:af:eb:45:c5:e8:0e:dc:7a:4f:3a:ed:f3:31:5c:
70:8f:01:6b:85:61:12:56:a4:13:28:5e:b9:21:cb:c7:c6:24:
7b:31:10:70:0c:55:fb:c3:6a:86:d0:39:d6:f9:1f:93:8d:ac:
03:c5:76:99:d7:f4:54:05:d3:54:da:aa:8e:30:e0:bb:e1:84:
9e:f6:c3:74:5d:9b:b2:0f:e1:6c:17:c1:3e:fe:14:c7:80:dd:
b9:51:27:f3:70:c0:1e:2a:b3:86:58:8a:53:bd:2b:76:db:e3:
c8:88:f1:9e:e7:d3:64:86:27:ac:bf:35:fd:89:49:54:c8:28:
e9:6b:b2:e7:b7:d2:5f:61:3c:b1:23:fa:52:92:51:55:d9:f1:
14:94:1c:43:3d:d0:c7:e3:75:6b:72:8c:d7:0c:fd:e7:f8:6f:
4c:19:ae:5b:15:80:69:c0:a7:24:14:04:1d:88:5b:25:83:17:
ed:8e:98:91:e6:9f:fb:27:07:9a:f7:72:be:bd:c6:14:50:e3:
bf:db:b8:80:a7:72:1c:94:43:64:f4:74:f1:5b:36:5d:4d:a1:
36:28:01:41:4a:68:16:97:0b:fa:1b:bb:c5:bb:d8:e4:ee:48:
ed:04:a4:2a
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICCVEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTYzNDIxMTAvBgNVBAUTKDc3REEyNDgwMDRFOEM1ODcyQkRGNzJCQUMxMjIyQzdD
Q0I2RThFMzcwHhcNMjUwMzIwMjAzMDM4WhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2RjN2FlZS1hMjM3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAt3sZxvKJf7gF58jkvlPYbdpjVbZBg1ATIQojOcOLrRGyg/MbzdYh41ZRUZRr
NCR3DYNCoXexUGL9viznzIRc5FquGS783D5I7pds4B7INK4ckYtFH6+Imt5MHcE4
gDlTHLCrEXZBQGHQ9/RYzs2LP1hTyNy/s1fp562eiqNKh9Amb8tgjDaUVb7JiVCV
LWo0sfBmZsKcBzOCuf6x3zONSe7/erbh0uLgoPRHyK/Sfiydk3DZOPNCZ+kqahcs
5apIch4FT1+UwYCUQ79cnskr9QPH/ajKR/D/IL8dr0NK4dXwerurkuUkqy36gfCg
Gw08ecDXl8pJJTAzno2S2r05XwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFAVKfxGz
5DYTmitl0oQ9mifbjZJdMB8GA1UdIwQYMBaAFHfaJIAE6MWHK99yusEiLHzLbo43
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1NjM0Mi9CREY4OTA4MDk5
RTQxMUVBODlBNEMyNDBDNEY5QUUwMi9kOW9rZ0FUb3hZY3IzM0s2d1NJc2ZNdHVq
amMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2Q5b2tnQVRveFljcjMzSzZ3U0lzZk10dWpqYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTYzNDIvQkRGODkwODA5OUU0MTFFQTg5QTRDMjQwQzRGOUFFMDIvM0E1OEQ5RjQ5
OUU2MTFFQUIzQzAwOTQzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAIr9dwDBAJn0WQwDQYJKoZIhvcNAQELBQADggEBAAXVwu9a
2ironAMC3EowZWJHtpMjkKyv60XF6A7cek867fMxXHCPAWuFYRJWpBMoXrkhy8fG
JHsxEHAMVfvDaobQOdb5H5ONrAPFdpnX9FQF01Taqo4w4LvhhJ72w3Rdm7IP4WwX
wT7+FMeA3blRJ/NwwB4qs4ZYilO9K3bb48iI8Z7n02SGJ6y/Nf2JSVTIKOlrsue3
0l9hPLEj+lKSUVXZ8RSUHEM90MfjdWtyjNcM/ef4b0wZrlsVgGnApyQUBB2IWyWD
F+2OmJHmn/snB5r3cr69xhRQ47/buICnchyUQ2T0dPFbNl1NoTYoAUFKaBaXC/ob
u8W72OTuSO0EpCo=
-----END CERTIFICATE-----
Generated at Sat Apr 5 01:44:59 2025 by rpki-client