Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/0E43397C02FA11EB92647930C4F9AE02.roa
File: 0E43397C02FA11EB92647930C4F9AE02.roa (raw, json)
Hash identifier: ssAtbyl5SoNQkfST8UMR+4PC1Pyy6E2qdc5PXqqYsCc=
Subject key identifier: 5C:AF:46:B1:E5:05:55:85:C3:A7:D0:44:8B:1E:0C:EC:05:29:4A:8F
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 71D9
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/0E43397C02FA11EB92647930C4F9AE02.roa
Signing time: Wed 10 May 2023 16:50:14 +0000
ROA not before: Wed 10 May 2023 16:50:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59196
IP address blocks: 45.114.36.0/22 maxlen: 24
103.44.156.0/22 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 29145 (0x71d9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: May 10 16:50:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=645bcb46-ff82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:d7:dd:34:59:1c:67:30:ca:c2:13:4e:50:15:
96:34:2d:b3:df:06:e7:2f:0b:73:b5:86:5c:a0:73:
d1:87:04:db:3d:75:94:1b:37:77:54:c1:cd:6a:e5:
c5:c9:d2:8d:ac:ac:e5:d7:84:42:75:ec:6a:16:bd:
70:bd:91:05:0f:8c:91:ca:2d:ba:62:e0:18:b5:03:
cb:ea:fd:e0:5c:5b:83:f6:1f:7c:00:39:1f:7f:df:
68:4c:71:ae:d6:43:e2:56:cf:01:d7:25:2f:17:5e:
36:05:94:cd:c3:5d:73:e3:6b:b2:37:44:c6:ec:b6:
20:18:dc:cb:c1:d8:4c:3c:40:2a:bb:79:f7:19:40:
42:8d:c7:b6:0c:7c:33:96:65:79:87:14:a4:16:81:
e3:f0:82:7a:ca:f5:63:53:aa:8d:24:8f:a4:7c:f2:
85:9a:ea:99:a9:d4:80:b8:83:6d:64:e2:25:3e:3e:
32:32:f1:eb:d8:5f:6d:55:17:76:7e:b2:f3:97:00:
fc:a8:cb:4e:6b:72:c9:42:c8:ca:e5:02:0a:4a:6a:
dd:c0:22:22:7a:2e:58:97:7a:4d:dc:86:01:eb:69:
8b:dc:b0:be:6f:7a:2e:fb:24:50:f8:a5:0d:ec:1a:
ed:c7:f2:49:c2:4d:9b:ac:f6:5b:19:c5:9b:a5:59:
10:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:AF:46:B1:E5:05:55:85:C3:A7:D0:44:8B:1E:0C:EC:05:29:4A:8F
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/0E43397C02FA11EB92647930C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.114.36.0/22
103.44.156.0/22
Signature Algorithm: sha256WithRSAEncryption
90:62:57:3f:88:e5:db:0c:d3:a4:02:8e:11:ad:e4:99:13:0b:
52:7c:78:19:1c:04:ad:8c:f2:a3:e6:27:59:3c:6d:be:aa:7b:
57:3a:06:d7:00:38:1c:65:e1:fd:9c:88:15:c7:40:e7:2f:07:
cb:a6:d4:72:2a:7f:e0:d9:41:f5:92:45:7f:54:0a:4b:87:33:
47:35:fa:d3:9e:8f:f5:41:a3:11:22:4d:ab:67:74:61:38:8a:
af:65:64:80:a6:3a:b8:29:bf:58:d5:bb:11:0f:c5:79:40:00:
6e:2c:87:b6:bc:c5:e8:09:5f:22:97:1a:09:e1:05:f5:3b:aa:
5e:bd:fd:a6:1e:88:56:56:2c:4a:38:a2:c7:d3:b3:3a:8f:7f:
0a:3a:d9:5b:d6:c6:3d:e2:35:a4:46:49:33:95:08:6c:97:9f:
b0:95:28:17:2a:a1:68:ce:af:79:3b:75:85:24:03:02:6a:6b:
a6:ac:46:60:0b:e2:f9:74:ca:83:42:5b:12:9b:d8:5b:b2:a0:
86:7b:3f:0b:f3:4b:36:52:7c:05:91:0d:98:62:73:7e:69:89:
22:f4:da:42:48:57:de:40:b9:1d:78:60:86:33:8b:70:8c:8e:
d0:e7:13:0f:8d:bb:55:64:b3:4c:18:d2:e0:6f:77:09:7d:95:
12:85:34:9d
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICcdkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMwNTEwMTY1MDE0WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDViY2I0Ni1mZjgyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwNfdNFkcZzDKwhNOUBWWNC2z3wbnLwtztYZcoHPRhwTbPXWUGzd3VMHNauXF
ydKNrKzl14RCdexqFr1wvZEFD4yRyi26YuAYtQPL6v3gXFuD9h98ADkff99oTHGu
1kPiVs8B1yUvF142BZTNw11z42uyN0TG7LYgGNzLwdhMPEAqu3n3GUBCjce2DHwz
lmV5hxSkFoHj8IJ6yvVjU6qNJI+kfPKFmuqZqdSAuINtZOIlPj4yMvHr2F9tVRd2
frLzlwD8qMtOa3LJQsjK5QIKSmrdwCIiei5Yl3pN3IYB62mL3LC+b3ou+yRQ+KUN
7Brtx/JJwk2brPZbGcWbpVkQmwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFFyvRrHl
BVWFw6fQRIseDOwFKUqPMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvMEU0MzM5N0Mw
MkZBMTFFQjkyNjQ3OTMwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAItciQDBAJnLJwwDQYJKoZIhvcNAQELBQADggEBAJBiVz+I
5dsM06QCjhGt5JkTC1J8eBkcBK2M8qPmJ1k8bb6qe1c6BtcAOBxl4f2ciBXHQOcv
B8um1HIqf+DZQfWSRX9UCkuHM0c1+tOej/VBoxEiTatndGE4iq9lZICmOrgpv1jV
uxEPxXlAAG4sh7a8xegJXyKXGgnhBfU7ql69/aYeiFZWLEo4osfTszqPfwo62VvW
xj3iNaRGSTOVCGyXn7CVKBcqoWjOr3k7dYUkAwJqa6asRmAL4vl0yoNCWxKb2Fuy
oIZ7PwvzSzZSfAWRDZhic35piSL02kJIV95AuR14YIYzi3CMjtDnEw+Nu1Vks0wY
0uBvdwl9lRKFNJ0=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:04:26 2025 by rpki-client