Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9156342/BDF8908099E411EA89A4C240C4F9AE02/3BABBD7699E611EAB3C00943C4F9AE02.roa
File: 3BABBD7699E611EAB3C00943C4F9AE02.roa (raw, json)
Hash identifier: hhUYjpSKNDr9BFxXK1UJmQWhlN0RGm+4+TzTlDKxlz8=
Subject key identifier: 04:2F:F9:2F:4E:23:C1:D8:5F:EA:88:DE:5D:BA:74:42:82:16:22:29
Certificate issuer: /CN=A9156342/serialNumber=77DA248004E8C5872BDF72BAC1222C7CCB6E8E37
Certificate serial: 0953
Authority key identifier: 77:DA:24:80:04:E8:C5:87:2B:DF:72:BA:C1:22:2C:7C:CB:6E:8E:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d9okgAToxYcr33K6wSIsfMtujjc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9156342/BDF8908099E411EA89A4C240C4F9AE02/3BABBD7699E611EAB3C00943C4F9AE02.roa
Signing time: Thu 20 Mar 2025 20:30:40 +0000
ROA not before: Thu 20 Mar 2025 20:30:40 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 63916
IP address blocks: 43.245.220.0/22 maxlen: 22
43.245.220.0/24 maxlen: 24
43.245.221.0/24 maxlen: 24
43.245.223.0/24 maxlen: 24
103.209.100.0/24 maxlen: 24
103.209.101.0/24 maxlen: 24
103.209.102.0/24 maxlen: 24
103.209.103.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2387 (0x953)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9156342
Validity
Not Before: Mar 20 20:30:40 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67dc7af0-7f45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:1c:91:32:14:f0:36:11:72:06:59:14:f5:0f:
64:88:39:4d:95:14:6c:a6:70:a3:63:1f:bc:e7:c2:
e8:17:02:6c:75:c1:f7:3a:f7:1a:ca:93:2e:db:aa:
48:d2:1c:a2:46:54:df:df:99:04:70:c1:6d:a9:20:
62:6a:00:d4:cb:d6:fe:2a:db:4a:cd:24:c0:15:04:
c9:44:65:8e:6f:a8:a7:9a:ef:05:e0:eb:e5:c2:49:
51:4d:83:6b:2e:ee:a8:86:22:12:53:3c:74:49:b0:
82:31:c1:d8:eb:69:b1:ae:37:49:40:8c:b6:ce:18:
66:bd:48:7a:89:63:ed:c4:08:21:e0:83:24:ef:50:
c0:40:6e:e1:56:2f:72:10:04:10:0f:8a:96:2c:14:
6c:70:8f:d5:95:1d:7e:df:5d:fb:23:4d:b7:21:ab:
db:ba:34:fd:f5:e3:cc:78:9d:71:26:18:7b:0c:1e:
82:1a:74:84:72:05:32:4f:8e:1e:3c:84:9e:7b:cb:
a6:14:96:8a:1f:a5:0a:81:0c:0d:6e:51:59:2f:b9:
2b:c0:a9:db:5f:fb:83:54:e8:53:0a:39:82:1c:0d:
cf:c8:01:ea:ab:d7:cd:dc:60:df:8c:bd:8c:19:64:
54:7b:fc:b0:d7:1d:fe:22:e1:98:4a:c7:8b:d4:e1:
2e:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:2F:F9:2F:4E:23:C1:D8:5F:EA:88:DE:5D:BA:74:42:82:16:22:29
X509v3 Authority Key Identifier:
keyid:77:DA:24:80:04:E8:C5:87:2B:DF:72:BA:C1:22:2C:7C:CB:6E:8E:37
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9156342/BDF8908099E411EA89A4C240C4F9AE02/d9okgAToxYcr33K6wSIsfMtujjc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d9okgAToxYcr33K6wSIsfMtujjc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9156342/BDF8908099E411EA89A4C240C4F9AE02/3BABBD7699E611EAB3C00943C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.245.220.0/22
103.209.100.0/22
Signature Algorithm: sha256WithRSAEncryption
3d:28:45:73:5f:f1:ef:96:82:79:1f:de:ed:78:2e:1d:9c:a0:
40:69:cb:ee:54:53:96:42:3c:f3:16:60:5d:b4:d8:05:58:93:
8e:a3:79:b3:64:d7:c1:ce:c7:9f:60:9e:5d:96:c9:9c:4a:64:
d5:9e:e4:a9:04:a6:08:9e:e3:8e:4a:5a:98:09:97:28:81:5c:
fb:15:47:30:2a:78:3d:be:3d:7f:b8:9d:1a:9b:86:0e:0d:f6:
d0:bd:ab:bd:73:70:40:c6:54:0c:bb:46:b9:04:b7:03:9b:44:
f9:27:5b:5a:2e:d2:f5:66:47:8c:a0:f6:90:22:c0:98:22:df:
0d:15:c1:7c:25:e9:b8:97:80:75:2b:8e:e8:91:fc:85:65:57:
6b:61:86:f3:ef:7a:2f:4f:81:c6:c4:2f:2b:86:71:61:9d:02:
e9:9c:c7:e1:ed:f1:f7:1b:28:eb:c8:97:21:9f:8c:ab:f3:17:
d4:ce:08:ac:80:ca:c5:00:74:e4:75:e7:40:c5:ea:82:fc:fe:
08:ae:8c:fe:87:b3:76:dd:84:85:7c:a8:21:f9:d3:9e:77:a7:
ff:ff:ee:82:ae:af:16:33:87:db:d3:f5:f4:27:da:12:31:e2:
b8:5c:a2:7f:f0:70:5b:cc:d7:05:62:1a:22:77:ed:98:a3:ea:
29:20:7c:60
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICCVMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTYzNDIxMTAvBgNVBAUTKDc3REEyNDgwMDRFOEM1ODcyQkRGNzJCQUMxMjIyQzdD
Q0I2RThFMzcwHhcNMjUwMzIwMjAzMDQwWhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2RjN2FmMC03ZjQ1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsByRMhTwNhFyBlkU9Q9kiDlNlRRspnCjYx+858LoFwJsdcH3OvcaypMu26pI
0hyiRlTf35kEcMFtqSBiagDUy9b+KttKzSTAFQTJRGWOb6inmu8F4OvlwklRTYNr
Lu6ohiISUzx0SbCCMcHY62mxrjdJQIy2zhhmvUh6iWPtxAgh4IMk71DAQG7hVi9y
EAQQD4qWLBRscI/VlR1+3137I023IavbujT99ePMeJ1xJhh7DB6CGnSEcgUyT44e
PISee8umFJaKH6UKgQwNblFZL7krwKnbX/uDVOhTCjmCHA3PyAHqq9fN3GDfjL2M
GWRUe/yw1x3+IuGYSseL1OEuPQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFAQv+S9O
I8HYX+qI3l26dEKCFiIpMB8GA1UdIwQYMBaAFHfaJIAE6MWHK99yusEiLHzLbo43
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1NjM0Mi9CREY4OTA4MDk5
RTQxMUVBODlBNEMyNDBDNEY5QUUwMi9kOW9rZ0FUb3hZY3IzM0s2d1NJc2ZNdHVq
amMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2Q5b2tnQVRveFljcjMzSzZ3U0lzZk10dWpqYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTYzNDIvQkRGODkwODA5OUU0MTFFQTg5QTRDMjQwQzRGOUFFMDIvM0JBQkJENzY5
OUU2MTFFQUIzQzAwOTQzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAIr9dwDBAJn0WQwDQYJKoZIhvcNAQELBQADggEBAD0oRXNf
8e+Wgnkf3u14Lh2coEBpy+5UU5ZCPPMWYF202AVYk46jebNk18HOx59gnl2WyZxK
ZNWe5KkEpgie445KWpgJlyiBXPsVRzAqeD2+PX+4nRqbhg4N9tC9q71zcEDGVAy7
RrkEtwObRPknW1ou0vVmR4yg9pAiwJgi3w0VwXwl6biXgHUrjuiR/IVlV2thhvPv
ei9PgcbELyuGcWGdAumcx+Ht8fcbKOvIlyGfjKvzF9TOCKyAysUAdOR150DF6oL8
/giujP6Hs3bdhIV8qCH50553p///7oKurxYzh9vT9fQn2hIx4rhcon/wcFvM1wVi
GiJ37Zij6ikgfGA=
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:10:19 2025 by rpki-client