Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/0359F460D17211EFA68D6975C4F9AE02.roa
File: 0359F460D17211EFA68D6975C4F9AE02.roa (raw, json)
Hash identifier: BmXGghWr4geAJGaqMRQ667ezbhcJ6AXpjmpfTt7M5aY=
Subject key identifier: CF:E2:AF:43:EA:8F:3D:20:D4:25:95:E1:4A:9F:21:E0:AE:42:4C:78
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: A284
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/0359F460D17211EFA68D6975C4F9AE02.roa
Signing time: Mon 13 Jan 2025 08:13:09 +0000
ROA not before: Mon 13 Jan 2025 08:13:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 43.225.0.0/22 maxlen: 24
43.231.116.0/22 maxlen: 24
45.114.156.0/22 maxlen: 24
103.14.196.0/22 maxlen: 24
103.16.140.0/22 maxlen: 24
103.27.168.0/24 maxlen: 24
103.27.170.0/23 maxlen: 23
103.47.152.0/24 maxlen: 24
103.51.92.0/22 maxlen: 24
103.52.48.0/22 maxlen: 24
103.54.96.0/22 maxlen: 24
103.55.84.0/22 maxlen: 24
103.70.90.0/23 maxlen: 24
103.82.144.0/22 maxlen: 24
103.86.20.0/22 maxlen: 24
103.88.124.0/22 maxlen: 24
103.91.86.0/24 maxlen: 24
103.102.119.0/24 maxlen: 24
103.102.144.0/23 maxlen: 24
103.108.76.0/22 maxlen: 24
103.111.128.0/22 maxlen: 24
103.116.60.0/22 maxlen: 24
103.118.8.0/22 maxlen: 24
103.118.34.0/23 maxlen: 24
103.124.38.0/23 maxlen: 24
103.142.64.0/23 maxlen: 24
103.147.128.0/24 maxlen: 24
103.153.208.0/23 maxlen: 24
103.155.130.0/23 maxlen: 24
103.155.194.0/23 maxlen: 24
103.163.60.0/24 maxlen: 24
103.167.157.0/24 maxlen: 24
103.171.236.0/23 maxlen: 24
103.173.14.0/23 maxlen: 24
103.173.41.0/24 maxlen: 24
103.180.216.0/23 maxlen: 24
103.192.72.0/22 maxlen: 24
103.195.196.0/22 maxlen: 24
103.200.48.0/22 maxlen: 24
103.206.64.0/22 maxlen: 24
103.212.132.0/22 maxlen: 24
103.226.224.0/22 maxlen: 24
103.228.172.0/24 maxlen: 24
103.228.173.0/24 maxlen: 24
103.228.174.0/24 maxlen: 24
103.228.175.0/24 maxlen: 24
103.254.200.0/22 maxlen: 24
139.5.96.0/22 maxlen: 24
203.191.56.0/22 maxlen: 24
2400:d180:66::/48 maxlen: 48
2400:d180:67::/48 maxlen: 48
2400:d180:68::/48 maxlen: 48
2400:d180:69::/48 maxlen: 48
2400:d180:70::/48 maxlen: 48
2400:d180:71::/48 maxlen: 48
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 41604 (0xa284)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Jan 13 08:13:09 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6784cb14-0981
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:04:19:8e:94:ce:01:c8:a4:1e:6a:44:da:1e:
3d:bb:44:01:ca:06:68:20:97:a7:b2:12:ea:2f:b3:
b5:7b:4e:bd:2b:b3:aa:16:0e:b3:cc:44:a1:0b:a6:
f2:77:66:33:b9:cd:cf:da:82:ae:2d:a7:84:ef:31:
25:bf:05:60:5c:b3:e9:b7:09:16:e6:97:64:84:aa:
f1:36:79:f6:75:e6:4d:16:51:ee:ee:74:9a:fe:28:
63:e3:8c:d0:e5:06:c8:89:63:38:44:90:bf:fd:d2:
1e:a6:3f:23:27:68:80:c9:56:c2:12:2e:a2:a0:bb:
bd:84:8c:ea:d2:fc:98:c9:7c:22:38:27:06:96:f9:
43:c9:f3:b5:8e:21:7a:eb:93:c0:b2:ce:2c:4d:67:
83:aa:e3:3c:ca:b1:48:06:37:10:98:58:1c:95:d3:
e5:99:92:59:93:b8:f9:58:7c:39:e7:39:73:67:66:
9d:99:44:c4:be:cd:07:4f:04:f2:5d:09:f2:ff:00:
03:1a:97:70:af:26:05:7c:0f:4c:a2:ff:55:57:f8:
9b:5b:5e:83:05:89:34:7f:e7:73:47:90:47:d8:26:
2a:e4:cf:6e:0b:54:49:34:7e:51:8a:19:63:46:ab:
4f:32:5d:d0:6c:27:cb:f7:44:d4:0c:7e:3b:22:f8:
85:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:E2:AF:43:EA:8F:3D:20:D4:25:95:E1:4A:9F:21:E0:AE:42:4C:78
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/0359F460D17211EFA68D6975C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.225.0.0/22
43.231.116.0/22
45.114.156.0/22
103.14.196.0/22
103.16.140.0/22
103.27.168.0/24
103.27.170.0/23
103.47.152.0/24
103.51.92.0/22
103.52.48.0/22
103.54.96.0/22
103.55.84.0/22
103.70.90.0/23
103.82.144.0/22
103.86.20.0/22
103.88.124.0/22
103.91.86.0/24
103.102.119.0/24
103.102.144.0/23
103.108.76.0/22
103.111.128.0/22
103.116.60.0/22
103.118.8.0/22
103.118.34.0/23
103.124.38.0/23
103.142.64.0/23
103.147.128.0/24
103.153.208.0/23
103.155.130.0/23
103.155.194.0/23
103.163.60.0/24
103.167.157.0/24
103.171.236.0/23
103.173.14.0/23
103.173.41.0/24
103.180.216.0/23
103.192.72.0/22
103.195.196.0/22
103.200.48.0/22
103.206.64.0/22
103.212.132.0/22
103.226.224.0/22
103.228.172.0/22
103.254.200.0/22
139.5.96.0/22
203.191.56.0/22
IPv6:
2400:d180:66::-2400:d180:69:ffff:ffff:ffff:ffff:ffff
2400:d180:70::/47
Signature Algorithm: sha256WithRSAEncryption
60:6b:08:13:3a:c7:b2:6f:fd:ce:cb:19:5f:4e:f6:48:18:b5:
07:fb:f2:46:96:8e:06:7c:a0:8e:7a:7f:43:36:cc:72:82:22:
0f:ed:49:57:70:22:dd:d6:41:0f:bd:fc:27:49:19:bd:09:ef:
14:e7:2b:c3:6a:73:50:e7:17:ac:35:43:48:a7:bd:1b:34:1a:
33:bb:75:b4:63:69:c8:c1:43:0e:f9:28:57:0c:39:3d:fb:60:
54:86:4a:00:35:54:c0:fb:7a:9e:ff:c5:e6:dd:8d:13:e8:65:
8e:83:f8:e1:d5:61:43:91:3c:de:73:e4:4a:02:45:9d:9e:e6:
a8:34:79:a6:96:e0:db:28:b5:5a:2a:43:f0:81:5a:b4:62:51:
7c:21:65:f8:24:1f:9c:27:d4:3e:4b:09:c1:0c:08:4c:10:34:
e2:c6:c4:25:e3:97:c8:71:f7:c2:8b:3f:0b:3a:4f:80:53:7c:
5e:a2:80:94:a7:94:65:2b:22:82:a4:64:bb:e4:cc:f6:55:e5:
f8:6d:10:32:df:e3:c9:92:55:40:83:ee:86:e2:d5:08:8c:08:
f6:0f:6f:93:d6:63:8f:bd:f7:ec:25:59:72:2a:06:dc:c4:11:
6e:fd:0a:4f:9c:50:7d:f6:d4:e5:5e:5e:fa:5f:1e:fa:5a:17:
c4:43:c1:9e
-----BEGIN CERTIFICATE-----
MIIGrzCCBZegAwIBAgIDAKKEMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDExMzA4MTMwOVoXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjc4NGNiMTQtMDk4MTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMAEGY6UzgHIpB5qRNoePbtEAcoGaCCXp7IS6i+ztXtOvSuzqhYOs8xEoQum
8ndmM7nNz9qCri2nhO8xJb8FYFyz6bcJFuaXZISq8TZ59nXmTRZR7u50mv4oY+OM
0OUGyIljOESQv/3SHqY/IydogMlWwhIuoqC7vYSM6tL8mMl8IjgnBpb5Q8nztY4h
euuTwLLOLE1ng6rjPMqxSAY3EJhYHJXT5ZmSWZO4+Vh8Oec5c2dmnZlExL7NB08E
8l0J8v8AAxqXcK8mBXwPTKL/VVf4m1tegwWJNH/nc0eQR9gmKuTPbgtUSTR+UYoZ
Y0arTzJd0Gwny/dE1Ax+OyL4hbECAwEAAaOCA9IwggPOMB0GA1UdDgQWBBTP4q9D
6o89INQlleFKnyHgrkJMeDAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzAzNTlGNDYw
RDE3MjExRUZBNjhENjk3NUM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIIBWgYIKwYBBQUHAQcB
Af8EggFJMIIBRTCCARwEAgABMIIBFAMEAivhAAMEAivndAMEAi1ynAMEAmcOxAME
AmcQjAMEAGcbqAMEAWcbqgMEAGcvmAMEAmczXAMEAmc0MAMEAmc2YAMEAmc3VAME
AWdGWgMEAmdSkAMEAmdWFAMEAmdYfAMEAGdbVgMEAGdmdwMEAWdmkAMEAmdsTAME
AmdvgAMEAmd0PAMEAmd2CAMEAWd2IgMEAWd8JgMEAWeOQAMEAGeTgAMEAWeZ0AME
AWebggMEAWebwgMEAGejPAMEAGennQMEAWer7AMEAWetDgMEAGetKQMEAWe02AME
AmfASAMEAmfDxAMEAmfIMAMEAmfOQAMEAmfUhAMEAmfi4AMEAmfkrAMEAmf+yAME
AosFYAMEAsu/ODAjBAIAAjAdMBIDBwEkANGAAGYDBwEkANGAAGgDBwEkANGAAHAw
DQYJKoZIhvcNAQELBQADggEBAGBrCBM6x7Jv/c7LGV9O9kgYtQf78kaWjgZ8oI56
f0M2zHKCIg/tSVdwIt3WQQ+9/CdJGb0J7xTnK8Nqc1DnF6w1Q0invRs0GjO7dbRj
acjBQw75KFcMOT37YFSGSgA1VMD7ep7/xebdjRPoZY6D+OHVYUORPN5z5EoCRZ2e
5qg0eaaW4NsotVoqQ/CBWrRiUXwhZfgkH5wn1D5LCcEMCEwQNOLGxCXjl8hx98KL
Pws6T4BTfF6igJSnlGUrIoKkZLvkzPZV5fhtEDLf48mSVUCD7obi1QiMCPYPb5PW
Y4+99+wlWXIqBtzEEW79Ck+cUH321OVeXvpfHvpaF8RDwZ4=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:10:56 2025 by rpki-client