Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916378F/A5A9C4A8127111EB88D4BD80C4F9AE02/4D47DE5A127E11EB91021F3AC4F9AE02.roa
File: 4D47DE5A127E11EB91021F3AC4F9AE02.roa (raw, json)
Hash identifier: 0sTO565z2noH8B1LWmmqLTh0cgNZKxMSa14Hsw0ys7s=
Subject key identifier: 4A:61:04:E2:47:91:DD:FD:AF:6F:56:52:5F:5D:6D:7F:43:12:05:AA
Certificate issuer: /CN=A916378F/serialNumber=3588F1BB5CB699B034811D179279BF5B9BBC1E5B
Certificate serial: 072D
Authority key identifier: 35:88:F1:BB:5C:B6:99:B0:34:81:1D:17:92:79:BF:5B:9B:BC:1E:5B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NYjxu1y2mbA0gR0Xknm_W5u8Hls.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916378F/A5A9C4A8127111EB88D4BD80C4F9AE02/4D47DE5A127E11EB91021F3AC4F9AE02.roa
Signing time: Wed 02 Oct 2024 22:01:07 +0000
ROA not before: Wed 02 Oct 2024 22:01:07 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 45215
IP address blocks: 43.239.180.0/22 maxlen: 22
43.239.180.0/23 maxlen: 23
43.239.182.0/23 maxlen: 23
103.58.213.0/24 maxlen: 24
103.58.214.0/23 maxlen: 24
103.241.88.0/23 maxlen: 24
103.241.90.0/24 maxlen: 24
103.241.91.0/24 maxlen: 24
202.36.68.0/23 maxlen: 24
2403:40c0::/48 maxlen: 48
2403:40c0:4::/48 maxlen: 48
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1837 (0x72d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916378F
Validity
Not Before: Oct 2 22:01:07 2024 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=66fdc2a3-5b55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:f4:93:20:c8:32:9b:19:0d:43:dd:b5:e6:20:
e0:68:17:7e:0e:dd:69:7f:7b:b3:eb:41:0e:1f:82:
3b:36:31:e8:af:9e:7f:4c:2e:57:17:ed:94:58:99:
ec:4c:49:97:df:67:45:ea:27:30:a5:4b:ee:53:b9:
57:f5:0c:08:4e:58:9a:8d:ed:05:a5:8b:25:a3:5d:
43:15:3e:78:cb:31:a4:b7:bd:1d:aa:fb:6e:b7:73:
99:9b:4b:b8:ae:37:ae:01:83:45:6c:8c:ce:42:ee:
08:b5:bc:c1:d2:0e:0b:71:2b:3e:fb:97:37:59:f6:
a7:e7:82:96:67:7e:a3:c3:07:d3:d2:e2:cf:64:90:
9c:38:68:9a:8b:7a:cf:5b:c0:5a:cd:7e:1b:ca:2f:
c6:1a:54:b5:67:51:01:81:48:e4:68:34:b0:b1:17:
c5:31:54:fc:33:0d:f5:1f:8e:fd:0c:41:bf:d5:46:
aa:bb:2c:f9:21:c5:14:a9:4c:3e:35:82:1a:20:c4:
6a:4a:b3:83:d8:c4:fc:a3:91:2c:ad:e7:4c:b7:a2:
cf:b4:72:57:4f:81:6e:c9:fc:46:37:cc:50:e3:5c:
5c:28:ef:ae:4e:fe:9a:f7:d2:d4:4c:d0:f0:15:03:
b7:82:02:69:13:f7:ed:d0:6a:85:75:f2:5f:1b:62:
a7:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:61:04:E2:47:91:DD:FD:AF:6F:56:52:5F:5D:6D:7F:43:12:05:AA
X509v3 Authority Key Identifier:
keyid:35:88:F1:BB:5C:B6:99:B0:34:81:1D:17:92:79:BF:5B:9B:BC:1E:5B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916378F/A5A9C4A8127111EB88D4BD80C4F9AE02/NYjxu1y2mbA0gR0Xknm_W5u8Hls.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NYjxu1y2mbA0gR0Xknm_W5u8Hls.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916378F/A5A9C4A8127111EB88D4BD80C4F9AE02/4D47DE5A127E11EB91021F3AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.180.0/22
103.58.213.0-103.58.215.255
103.241.88.0/22
202.36.68.0/23
IPv6:
2403:40c0::/48
2403:40c0:4::/48
Signature Algorithm: sha256WithRSAEncryption
af:1a:da:0e:e1:5c:4a:01:d8:ff:b8:d4:d3:b7:91:09:05:ac:
a9:34:8d:a4:c3:64:d8:d2:18:f9:31:33:b6:a7:25:3f:92:b3:
44:c0:95:46:99:29:7b:8a:1d:87:d0:7f:dd:90:3a:e9:b1:b9:
7d:ec:0e:99:b2:2f:34:ac:d5:f3:67:7c:de:97:dc:e4:d4:67:
07:ff:0d:ae:8c:da:65:27:4e:ee:47:81:9d:37:56:09:65:a8:
b4:7b:01:76:98:41:c8:b9:07:08:65:a4:32:43:fc:0e:ea:1f:
b1:e9:07:20:4f:cf:6b:73:67:4e:d3:1a:92:9d:8d:b8:87:31:
8c:c5:d6:ce:10:52:86:5a:0c:98:d1:7f:dc:2a:64:1e:2a:ff:
7a:c4:c5:6e:b8:ad:b1:fa:aa:b5:c4:d9:61:fb:94:c9:3d:ab:
53:6d:ba:89:68:6d:ad:8a:8d:ff:77:8e:98:88:f8:54:e5:b0:
55:3b:c1:e6:e4:bc:e8:1d:28:9b:2e:a7:96:1c:9b:b8:f0:db:
02:75:69:ba:09:7c:2f:e1:6c:ef:d9:39:6e:bc:2f:97:16:23:
e9:95:f9:bc:ab:a4:3c:14:89:8b:d2:99:a9:75:d4:eb:70:f0:
18:7c:b2:47:c3:08:3d:d2:dc:16:03:aa:aa:bf:11:17:fc:2c:
87:e1:d2:9f
-----BEGIN CERTIFICATE-----
MIIFpTCCBI2gAwIBAgICBy0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjM3OEYxMTAvBgNVBAUTKDM1ODhGMUJCNUNCNjk5QjAzNDgxMUQxNzkyNzlCRjVC
OUJCQzFFNUIwHhcNMjQxMDAyMjIwMTA3WhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmZkYzJhMy01YjU1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqfSTIMgymxkNQ9215iDgaBd+Dt1pf3uz60EOH4I7NjHor55/TC5XF+2UWJns
TEmX32dF6icwpUvuU7lX9QwITliaje0FpYslo11DFT54yzGkt70dqvtut3OZm0u4
rjeuAYNFbIzOQu4ItbzB0g4LcSs++5c3Wfan54KWZ36jwwfT0uLPZJCcOGiai3rP
W8BazX4byi/GGlS1Z1EBgUjkaDSwsRfFMVT8Mw31H479DEG/1Uaquyz5IcUUqUw+
NYIaIMRqSrOD2MT8o5EsredMt6LPtHJXT4FuyfxGN8xQ41xcKO+uTv6a99LUTNDw
FQO3ggJpE/ft0GqFdfJfG2KnuQIDAQABo4ICyTCCAsUwHQYDVR0OBBYEFEphBOJH
kd39r29WUl9dbX9DEgWqMB8GA1UdIwQYMBaAFDWI8btctpmwNIEdF5J5v1ubvB5b
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2Mzc4Ri9BNUE5QzRBODEy
NzExMUVCODhENEJEODBDNEY5QUUwMi9OWWp4dTF5Mm1iQTBnUjBYa25tX1c1dThI
bHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL05Zanh1MXkybWJBMGdSMFhrbm1fVzV1OEhscy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjM3OEYvQTVBOUM0QTgxMjcxMTFFQjg4RDRCRDgwQzRGOUFFMDIvNEQ0N0RFNUEx
MjdFMTFFQjkxMDIxRjNBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwUwYIKwYBBQUHAQcBAf8E
RDBCMCYEAgABMCADBAIr77QwDAMEAGc61QMEA2c60AMEAmfxWAMEAcokRDAYBAIA
AjASAwcAJANAwAAAAwcAJANAwAAEMA0GCSqGSIb3DQEBCwUAA4IBAQCvGtoO4VxK
Adj/uNTTt5EJBaypNI2kw2TY0hj5MTO2pyU/krNEwJVGmSl7ih2H0H/dkDrpsbl9
7A6Zsi80rNXzZ3zel9zk1GcH/w2ujNplJ07uR4GdN1YJZai0ewF2mEHIuQcIZaQy
Q/wO6h+x6QcgT89rc2dO0xqSnY24hzGMxdbOEFKGWgyY0X/cKmQeKv96xMVuuK2x
+qq1xNlh+5TJPatTbbqJaG2tio3/d46YiPhU5bBVO8Hm5LzoHSibLqeWHJu48NsC
dWm6CXwv4Wzv2TluvC+XFiPplfm8q6Q8FImL0pmpddTrcPAYfLJHwwg90twWA6qq
vxEX/CyH4dKf
-----END CERTIFICATE-----
Generated at Sat Apr 5 01:57:48 2025 by rpki-client