Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/097A7C26812311ED9367FC43C4F9AE02.roa
File: 097A7C26812311ED9367FC43C4F9AE02.roa (raw, json)
Hash identifier: EwMU0bgdTpxdp9TViUBngKhtaZl/4bODlQkk3se7bsk=
Subject key identifier: D8:BB:5A:65:02:5A:51:7C:4C:ED:56:C2:FD:AE:2D:FD:7E:D2:F2:5F
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 66CD
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/097A7C26812311ED9367FC43C4F9AE02.roa
Signing time: Fri 17 Mar 2023 10:21:39 +0000
ROA not before: Fri 17 Mar 2023 10:21:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 17665
IP address blocks: 36.255.88.0/22 maxlen: 24
43.230.40.0/22 maxlen: 24
45.118.104.0/22 maxlen: 24
59.152.120.0/22 maxlen: 24
103.10.224.0/22 maxlen: 24
103.38.68.0/23 maxlen: 24
103.38.128.0/22 maxlen: 24
103.58.152.0/22 maxlen: 24
103.59.204.0/22 maxlen: 24
103.86.68.0/24 maxlen: 24
103.88.56.0/24 maxlen: 24
103.88.57.0/24 maxlen: 24
103.88.58.0/24 maxlen: 24
103.88.59.0/24 maxlen: 24
103.98.36.0/24 maxlen: 24
103.99.196.0/23 maxlen: 24
103.99.198.0/23 maxlen: 24
103.147.1.0/24 maxlen: 24
103.159.98.0/24 maxlen: 24
103.159.212.0/24 maxlen: 24
103.164.46.0/23 maxlen: 24
103.165.28.0/23 maxlen: 24
103.168.177.0/24 maxlen: 24
103.169.156.0/23 maxlen: 24
103.171.9.0/24 maxlen: 24
103.174.159.0/24 maxlen: 24
103.175.30.0/24 maxlen: 24
103.175.31.0/24 maxlen: 24
103.176.176.0/24 maxlen: 24
103.177.174.0/23 maxlen: 24
103.179.122.0/24 maxlen: 24
103.181.140.0/24 maxlen: 24
103.181.141.0/24 maxlen: 24
103.182.130.0/23 maxlen: 24
103.183.54.0/23 maxlen: 24
103.189.146.0/24 maxlen: 24
103.203.36.0/22 maxlen: 24
103.206.8.0/24 maxlen: 24
103.206.9.0/24 maxlen: 24
103.206.10.0/24 maxlen: 24
103.206.11.0/24 maxlen: 24
103.209.68.0/22 maxlen: 22
103.209.68.0/24 maxlen: 24
103.209.69.0/24 maxlen: 24
103.209.70.0/24 maxlen: 24
103.209.71.0/24 maxlen: 24
103.251.52.0/22 maxlen: 24
203.192.192.0/20 maxlen: 24
203.192.208.0/22 maxlen: 24
203.192.220.0/22 maxlen: 24
203.192.224.0/23 maxlen: 24
203.192.226.0/24 maxlen: 24
203.192.228.0/22 maxlen: 24
203.192.232.0/22 maxlen: 24
203.192.237.0/24 maxlen: 24
203.192.238.0/23 maxlen: 24
203.192.240.0/20 maxlen: 20
203.192.240.0/24 maxlen: 24
203.192.241.0/24 maxlen: 24
203.192.242.0/24 maxlen: 24
203.192.243.0/24 maxlen: 24
203.192.244.0/24 maxlen: 24
203.192.245.0/24 maxlen: 24
203.192.246.0/24 maxlen: 24
203.192.247.0/24 maxlen: 24
203.192.248.0/24 maxlen: 24
203.192.249.0/24 maxlen: 24
203.192.250.0/24 maxlen: 24
203.192.251.0/24 maxlen: 24
203.192.252.0/24 maxlen: 24
203.192.253.0/24 maxlen: 24
203.192.254.0/24 maxlen: 24
203.192.255.0/24 maxlen: 24
203.194.96.0/24 maxlen: 24
203.194.97.0/24 maxlen: 24
203.194.98.0/24 maxlen: 24
203.194.99.0/24 maxlen: 24
203.194.100.0/24 maxlen: 24
203.194.101.0/24 maxlen: 24
203.194.102.0/24 maxlen: 24
203.194.103.0/24 maxlen: 24
203.194.104.0/24 maxlen: 24
203.194.105.0/24 maxlen: 24
203.194.106.0/24 maxlen: 24
203.194.107.0/24 maxlen: 24
203.194.108.0/24 maxlen: 24
203.194.109.0/24 maxlen: 24
203.194.110.0/24 maxlen: 24
2404:ba00::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 26317 (0x66cd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Mar 17 10:21:39 2023 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=64143f33-364f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:c9:a5:e2:e6:c6:ea:d1:cf:92:6d:7e:21:00:
da:cb:c9:26:2a:b2:18:18:a5:b1:78:1f:24:16:d4:
6b:f8:f4:4b:18:47:2c:c7:14:dc:3d:81:e5:2c:74:
a3:c9:1a:5b:54:12:eb:a9:a0:d6:be:14:f1:35:cb:
32:0d:05:83:57:3d:b0:bf:7d:f8:16:47:81:a7:55:
12:7b:d9:6f:d3:22:1f:59:2b:b6:46:f9:c4:dd:ce:
40:08:44:4c:5e:29:a9:fb:fc:7c:30:02:19:93:c7:
a4:c0:b1:dc:fe:db:a6:aa:5e:b1:40:80:c3:a0:20:
98:4a:c2:5d:b3:69:7b:aa:41:59:f9:54:cc:b5:4b:
72:c9:c3:df:6f:88:86:3a:b5:8f:8a:54:91:52:5a:
91:5c:fa:92:ad:ce:7e:eb:86:09:35:49:69:6b:8b:
a4:98:fb:e3:c6:38:30:93:36:18:14:64:6d:24:44:
40:cc:2a:a3:b3:c0:94:4e:e3:7b:a5:42:60:13:71:
58:42:42:4c:8e:59:45:2a:33:f6:7c:0a:03:12:0f:
24:01:a9:db:2e:ee:9d:d6:2b:76:8a:c1:e4:1f:10:
ec:76:fb:9a:e8:a9:a6:fc:04:8d:e4:62:dc:5b:d6:
55:88:2c:a1:48:7f:31:b3:9d:32:96:4d:09:56:90:
61:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:BB:5A:65:02:5A:51:7C:4C:ED:56:C2:FD:AE:2D:FD:7E:D2:F2:5F
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/097A7C26812311ED9367FC43C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
36.255.88.0/22
43.230.40.0/22
45.118.104.0/22
59.152.120.0/22
103.10.224.0/22
103.38.68.0/23
103.38.128.0/22
103.58.152.0/22
103.59.204.0/22
103.86.68.0/24
103.88.56.0/22
103.98.36.0/24
103.99.196.0/22
103.147.1.0/24
103.159.98.0/24
103.159.212.0/24
103.164.46.0/23
103.165.28.0/23
103.168.177.0/24
103.169.156.0/23
103.171.9.0/24
103.174.159.0/24
103.175.30.0/23
103.176.176.0/24
103.177.174.0/23
103.179.122.0/24
103.181.140.0/23
103.182.130.0/23
103.183.54.0/23
103.189.146.0/24
103.203.36.0/22
103.206.8.0/22
103.209.68.0/22
103.251.52.0/22
203.192.192.0-203.192.211.255
203.192.220.0-203.192.226.255
203.192.228.0-203.192.235.255
203.192.237.0-203.192.255.255
203.194.96.0-203.194.110.255
IPv6:
2404:ba00::/32
Signature Algorithm: sha256WithRSAEncryption
7b:e5:6e:7b:76:3c:be:c6:28:60:2d:93:ee:7d:53:ce:10:a8:
f4:9b:d0:66:08:9f:11:54:a7:6c:b4:a1:53:aa:79:a7:83:e5:
e4:26:16:25:c4:bc:cb:26:35:e6:67:b0:65:d7:5a:57:c0:c0:
60:b1:4e:6f:39:29:53:df:0c:e9:41:c3:d9:8e:64:a4:4c:0d:
38:69:50:ab:60:58:0e:16:9f:6f:df:36:73:7e:13:d2:1f:76:
74:1b:0a:a3:42:0e:d3:15:c4:6b:56:b4:5e:78:4d:5e:72:ef:
17:81:8b:84:4e:d4:01:53:bf:53:ad:63:aa:9e:c6:a8:dc:e8:
d6:23:75:a8:e1:c6:c1:a2:5d:8a:ac:93:e9:ff:20:07:99:9a:
8e:af:74:11:94:c8:b8:6b:e9:db:c6:c3:c1:df:57:fe:08:d9:
fe:bd:20:10:54:0d:51:62:74:84:47:16:66:38:3a:51:e6:a9:
6b:bf:68:f8:0d:e8:7e:cf:5c:d6:b4:ab:b7:e9:2e:46:f5:86:
b9:23:b4:48:f7:0c:de:aa:7c:2f:73:97:e1:ce:01:d9:f5:4a:
c2:59:2e:b3:18:b5:7c:f9:14:31:02:22:e5:a6:9b:af:9a:ea:
04:53:08:6a:cb:e7:88:84:51:9c:85:53:4d:d7:0f:6d:3d:da:
65:06:2d:22
-----BEGIN CERTIFICATE-----
MIIGlTCCBX2gAwIBAgICZs0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMwMzE3MTAyMTM5WhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDE0M2YzMy0zNjRmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA38ml4ubG6tHPkm1+IQDay8kmKrIYGKWxeB8kFtRr+PRLGEcsxxTcPYHlLHSj
yRpbVBLrqaDWvhTxNcsyDQWDVz2wv334FkeBp1USe9lv0yIfWSu2RvnE3c5ACERM
Ximp+/x8MAIZk8ekwLHc/tumql6xQIDDoCCYSsJds2l7qkFZ+VTMtUtyycPfb4iG
OrWPilSRUlqRXPqSrc5+64YJNUlpa4ukmPvjxjgwkzYYFGRtJERAzCqjs8CUTuN7
pUJgE3FYQkJMjllFKjP2fAoDEg8kAanbLu6d1it2isHkHxDsdvua6Kmm/ASN5GLc
W9ZViCyhSH8xs50ylk0JVpBhawIDAQABo4IDuTCCA7UwHQYDVR0OBBYEFNi7WmUC
WlF8TO1Wwv2uLf1+0vJfMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvMDk3QTdDMjY4
MTIzMTFFRDkzNjdGQzQzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggFBBggrBgEFBQcBBwEB
/wSCATAwggEsMIIBGQQCAAEwggERAwQCJP9YAwQCK+YoAwQCLXZoAwQCO5h4AwQC
ZwrgAwQBZyZEAwQCZyaAAwQCZzqYAwQCZzvMAwQAZ1ZEAwQCZ1g4AwQAZ2IkAwQC
Z2PEAwQAZ5MBAwQAZ59iAwQAZ5/UAwQBZ6QuAwQBZ6UcAwQAZ6ixAwQBZ6mcAwQA
Z6sJAwQAZ66fAwQBZ68eAwQAZ7CwAwQBZ7GuAwQAZ7N6AwQBZ7WMAwQBZ7aCAwQB
Z7c2AwQAZ72SAwQCZ8skAwQCZ84IAwQCZ9FEAwQCZ/s0MAwDBAbLwMADBALLwNAw
DAMEAsvA3AMEAMvA4jAMAwQCy8DkAwQCy8DoMAsDBADLwO0DAwDLwDAMAwQFy8Jg
AwQAy8JuMA0EAgACMAcDBQAkBLoAMA0GCSqGSIb3DQEBCwUAA4IBAQB75W57djy+
xihgLZPufVPOEKj0m9BmCJ8RVKdstKFTqnmng+XkJhYlxLzLJjXmZ7Bl11pXwMBg
sU5vOSlT3wzpQcPZjmSkTA04aVCrYFgOFp9v3zZzfhPSH3Z0GwqjQg7TFcRrVrRe
eE1ecu8XgYuETtQBU79TrWOqnsao3OjWI3Wo4cbBol2KrJPp/yAHmZqOr3QRlMi4
a+nbxsPB31f+CNn+vSAQVA1RYnSERxZmODpR5qlrv2j4Deh+z1zWtKu36S5G9Ya5
I7RI9wzeqnwvc5fhzgHZ9UrCWS6zGLV8+RQxAiLlppuvmuoEUwhqy+eIhFGchVNN
1w9tPdplBi0i
-----END CERTIFICATE-----
Generated at Fri Apr 11 11:40:15 2025 by rpki-client