Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917F247/6D22EAF08F0311ECA5C9FE12C4F9AE02/9AE9EDA80C8511ED84E8033BC4F9AE02.roa
File: 9AE9EDA80C8511ED84E8033BC4F9AE02.roa (raw, json)
Hash identifier: MiTM/OnmNw8Y3MLmDYJJW/ZDZiTZUq/zESvxipVzvwI=
Subject key identifier: 9B:80:A3:C5:8F:4F:93:8E:77:05:AD:53:A5:9A:3E:52:D2:31:83:27
Certificate issuer: /CN=A917F247/serialNumber=904A235CB4747E08600FC1D26B93F51C4674EBAA
Certificate serial: 037A
Authority key identifier: 90:4A:23:5C:B4:74:7E:08:60:0F:C1:D2:6B:93:F5:1C:46:74:EB:AA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kEojXLR0fghgD8HSa5P1HEZ066o.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917F247/6D22EAF08F0311ECA5C9FE12C4F9AE02/9AE9EDA80C8511ED84E8033BC4F9AE02.roa
Signing time: Sun 01 Dec 2024 01:04:08 +0000
ROA not before: Sun 01 Dec 2024 01:04:08 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 135409
IP address blocks: 14.137.32.0/19 maxlen: 24
103.70.64.0/22 maxlen: 24
103.103.60.0/22 maxlen: 24
182.54.144.0/22 maxlen: 24
182.255.28.0/22 maxlen: 24
202.5.112.0/20 maxlen: 24
203.2.130.0/23 maxlen: 24
203.8.206.0/23 maxlen: 24
203.21.140.0/22 maxlen: 24
203.24.104.0/22 maxlen: 24
203.27.96.0/23 maxlen: 24
2001:df2:2600::/48 maxlen: 64
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 890 (0x37a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917F247
Validity
Not Before: Dec 1 01:04:08 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=674bb608-d1c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:9f:3e:86:90:45:01:63:cc:8b:80:d8:2f:a0:
67:d2:dd:cc:81:7d:2c:3d:ce:7c:e2:17:36:ad:85:
31:a5:4d:f5:cb:a9:97:b9:4f:4e:f7:01:b3:2f:b5:
e9:aa:a0:af:e6:5c:a4:1a:30:ae:70:37:a3:6a:40:
33:50:44:ae:db:ec:c8:cb:63:96:76:51:20:b3:b2:
c4:c1:80:5b:da:61:ec:fb:32:2a:de:f6:3c:84:f4:
58:d0:6d:82:5f:01:ac:52:43:60:7a:92:0a:84:37:
1d:ec:fd:e0:ac:24:28:79:ce:9f:a5:59:21:ce:09:
0c:15:23:15:fe:a9:d7:5c:8a:40:9d:8e:82:73:34:
ea:12:d2:86:b1:95:cb:29:4d:91:a9:11:46:09:12:
00:9e:1d:7e:a9:31:c3:09:c7:42:1c:01:b3:1e:9a:
4b:d5:f9:50:1b:74:01:5e:c8:6b:87:17:10:82:05:
f9:c8:56:43:a6:91:d6:74:9c:e6:e9:37:cc:6f:13:
48:13:45:3f:a2:0b:51:2b:4a:fa:ca:30:5a:b2:59:
38:64:3e:65:28:56:bc:41:e3:10:ac:96:98:65:c6:
45:13:d4:30:e2:81:c1:98:62:16:ba:7b:38:a6:52:
23:32:10:a1:36:68:1c:c7:6a:3e:87:29:7a:ad:27:
3b:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:80:A3:C5:8F:4F:93:8E:77:05:AD:53:A5:9A:3E:52:D2:31:83:27
X509v3 Authority Key Identifier:
keyid:90:4A:23:5C:B4:74:7E:08:60:0F:C1:D2:6B:93:F5:1C:46:74:EB:AA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917F247/6D22EAF08F0311ECA5C9FE12C4F9AE02/kEojXLR0fghgD8HSa5P1HEZ066o.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kEojXLR0fghgD8HSa5P1HEZ066o.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917F247/6D22EAF08F0311ECA5C9FE12C4F9AE02/9AE9EDA80C8511ED84E8033BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.137.32.0/19
103.70.64.0/22
103.103.60.0/22
182.54.144.0/22
182.255.28.0/22
202.5.112.0/20
203.2.130.0/23
203.8.206.0/23
203.21.140.0/22
203.24.104.0/22
203.27.96.0/23
IPv6:
2001:df2:2600::/48
Signature Algorithm: sha256WithRSAEncryption
37:1f:5f:c2:3a:ec:d5:69:fd:5d:a4:9d:f6:86:ac:72:90:39:
83:e5:31:18:48:c6:70:2a:2f:f7:2d:16:92:68:84:6f:1c:fc:
6c:ec:f2:85:9e:b3:4d:1c:8f:5f:6f:9a:19:34:38:ad:71:52:
34:6b:a3:26:31:56:85:0e:f2:6e:ad:8f:4a:03:36:1e:ef:b5:
c9:90:28:fd:5f:12:2b:5a:5b:b8:be:20:2a:ad:d4:2f:a6:5e:
7a:8c:b7:d8:67:ed:94:61:ce:7d:78:a8:a1:a6:3c:ce:4c:60:
ae:b4:1a:0a:69:f7:4a:1f:15:af:04:8c:03:e6:0a:2e:3e:b5:
6b:1a:8b:14:63:76:99:02:36:52:d3:fe:4c:c4:71:6d:13:73:
94:0a:19:c1:6d:54:b0:2b:a5:e0:0a:64:52:bf:c4:d3:47:5b:
66:2e:5f:bd:c2:3d:79:8b:f5:04:78:ee:1d:ad:9b:4a:15:79:
9b:62:6b:5d:81:4b:03:d6:08:0e:32:98:bb:fd:67:f6:09:d5:
67:40:45:71:4c:ff:d1:a8:4b:c3:10:52:5c:bc:97:6d:ed:37:
10:a0:dd:b5:3a:b1:19:b7:b2:e0:d6:f6:b6:d0:e8:0e:29:40:
bc:3d:36:02:d4:aa:f2:24:c7:4e:17:c9:14:2a:72:80:2c:31:
fd:a6:4b:30
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgICA3owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0YyNDcxMTAvBgNVBAUTKDkwNEEyMzVDQjQ3NDdFMDg2MDBGQzFEMjZCOTNGNTFD
NDY3NEVCQUEwHhcNMjQxMjAxMDEwNDA4WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzRiYjYwOC1kMWM0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAq58+hpBFAWPMi4DYL6Bn0t3MgX0sPc584hc2rYUxpU31y6mXuU9O9wGzL7Xp
qqCv5lykGjCucDejakAzUESu2+zIy2OWdlEgs7LEwYBb2mHs+zIq3vY8hPRY0G2C
XwGsUkNgepIKhDcd7P3grCQoec6fpVkhzgkMFSMV/qnXXIpAnY6CczTqEtKGsZXL
KU2RqRFGCRIAnh1+qTHDCcdCHAGzHppL1flQG3QBXshrhxcQggX5yFZDppHWdJzm
6TfMbxNIE0U/ogtRK0r6yjBaslk4ZD5lKFa8QeMQrJaYZcZFE9Qw4oHBmGIWuns4
plIjMhChNmgcx2o+hyl6rSc74wIDAQABo4IC4jCCAt4wHQYDVR0OBBYEFJuAo8WP
T5OOdwWtU6WaPlLSMYMnMB8GA1UdIwQYMBaAFJBKI1y0dH4IYA/B0muT9RxGdOuq
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RjI0Ny82RDIyRUFGMDhG
MDMxMUVDQTVDOUZFMTJDNEY5QUUwMi9rRW9qWExSMGZnaGdEOEhTYTVQMUhFWjA2
Nm8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2tFb2pYTFIwZmdoZ0Q4SFNhNVAxSEVaMDY2by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0YyNDcvNkQyMkVBRjA4RjAzMTFFQ0E1QzlGRTEyQzRGOUFFMDIvOUFFOUVEQTgw
Qzg1MTFFRDg0RTgwMzNCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwbAYIKwYBBQUHAQcBAf8E
XTBbMEgEAgABMEIDBAUOiSADBAJnRkADBAJnZzwDBAK2NpADBAK2/xwDBATKBXAD
BAHLAoIDBAHLCM4DBALLFYwDBALLGGgDBAHLG2AwDwQCAAIwCQMHACABDfImADAN
BgkqhkiG9w0BAQsFAAOCAQEANx9fwjrs1Wn9XaSd9oascpA5g+UxGEjGcCov9y0W
kmiEbxz8bOzyhZ6zTRyPX2+aGTQ4rXFSNGujJjFWhQ7ybq2PSgM2Hu+1yZAo/V8S
K1pbuL4gKq3UL6Zeeoy32GftlGHOfXiooaY8zkxgrrQaCmn3Sh8VrwSMA+YKLj61
axqLFGN2mQI2UtP+TMRxbRNzlAoZwW1UsCul4ApkUr/E00dbZi5fvcI9eYv1BHju
Ha2bShV5m2JrXYFLA9YIDjKYu/1n9gnVZ0BFcUz/0ahLwxBSXLyXbe03EKDdtTqx
Gbey4Nb2ttDoDilAvD02AtSq8iTHThfJFCpygCwx/aZLMA==
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:10:21 2025 by rpki-client