Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/227BA3B0CE4911EFB8D02C51C4F9AE02.roa
File: 227BA3B0CE4911EFB8D02C51C4F9AE02.roa (raw, json)
Hash identifier: FbsRtFfPDzom6jwrDIf/y+gpc2o2pqta3N07O04e940=
Subject key identifier: 27:A5:6F:A1:29:D7:78:37:67:D7:37:96:62:1F:CB:F5:F6:47:76:9A
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: A225
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/227BA3B0CE4911EFB8D02C51C4F9AE02.roa
Signing time: Fri 10 Jan 2025 11:58:21 +0000
ROA not before: Fri 10 Jan 2025 11:58:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 43.225.0.0/22 maxlen: 24
43.231.116.0/22 maxlen: 24
45.114.156.0/22 maxlen: 24
103.14.196.0/22 maxlen: 24
103.16.140.0/22 maxlen: 24
103.27.168.0/24 maxlen: 24
103.27.170.0/23 maxlen: 23
103.47.152.0/24 maxlen: 24
103.51.92.0/22 maxlen: 24
103.52.48.0/22 maxlen: 24
103.54.96.0/22 maxlen: 24
103.55.84.0/22 maxlen: 24
103.62.16.0/22 maxlen: 24
103.82.144.0/22 maxlen: 24
103.86.20.0/22 maxlen: 24
103.88.124.0/22 maxlen: 24
103.102.119.0/24 maxlen: 24
103.102.144.0/23 maxlen: 24
103.108.76.0/22 maxlen: 24
103.111.128.0/22 maxlen: 24
103.118.8.0/22 maxlen: 24
103.124.38.0/23 maxlen: 24
103.138.104.0/24 maxlen: 24
103.142.64.0/23 maxlen: 24
103.153.208.0/23 maxlen: 24
103.155.194.0/23 maxlen: 24
103.155.208.0/23 maxlen: 24
103.171.236.0/23 maxlen: 24
103.172.130.0/23 maxlen: 24
103.173.14.0/23 maxlen: 24
103.173.41.0/24 maxlen: 24
103.173.120.0/23 maxlen: 24
103.180.216.0/23 maxlen: 24
103.183.228.0/23 maxlen: 24
103.192.72.0/22 maxlen: 24
103.195.196.0/22 maxlen: 24
103.200.48.0/22 maxlen: 24
103.206.64.0/22 maxlen: 24
103.206.220.0/22 maxlen: 24
103.212.132.0/22 maxlen: 24
103.226.224.0/22 maxlen: 24
103.228.172.0/24 maxlen: 24
103.228.173.0/24 maxlen: 24
103.228.174.0/24 maxlen: 24
103.228.175.0/24 maxlen: 24
103.254.200.0/22 maxlen: 24
139.5.96.0/22 maxlen: 24
203.191.56.0/22 maxlen: 24
2400:d180:66::/48 maxlen: 48
2400:d180:67::/48 maxlen: 48
2400:d180:68::/48 maxlen: 48
2400:d180:69::/48 maxlen: 48
2400:d180:70::/48 maxlen: 48
2400:d180:71::/48 maxlen: 48
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 41509 (0xa225)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Jan 10 11:58:21 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67810b5d-1ef6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:4c:4f:af:0b:7d:13:94:52:83:a7:c8:3c:ad:
81:65:71:8d:cb:37:90:4c:bf:41:b6:c8:25:e9:38:
5a:4a:3e:22:44:f7:d8:4e:43:d1:8d:54:6c:89:4d:
03:8f:8b:7b:f6:aa:5e:99:25:94:18:8b:19:51:2b:
d2:2a:1f:b6:af:8a:0e:28:a7:91:80:65:92:d5:84:
8d:df:c7:e3:6e:d4:16:9a:c2:25:69:e2:2f:8d:af:
1f:0c:41:66:fd:1f:75:39:02:d5:82:36:ff:2d:7d:
97:bf:62:17:63:f6:4a:60:20:4b:b3:dc:97:a9:2e:
5a:f6:63:3e:5a:38:9b:25:94:f5:fb:ef:b9:ca:54:
fc:52:b8:42:a8:4b:c4:69:77:52:e4:3e:ec:5a:a6:
6a:c7:c9:40:43:6b:d8:d1:1a:ae:97:00:53:7a:58:
9d:4f:ad:52:38:06:b8:4f:d7:51:34:67:b2:c8:54:
38:b7:65:6b:c9:4d:04:81:02:cf:e0:0f:d5:b9:79:
25:b5:56:67:f6:52:a7:df:ba:5e:3d:29:8a:49:0f:
01:e8:10:c0:13:0e:ce:fd:28:a8:9d:e6:13:80:b4:
99:cb:81:2a:10:5b:f8:9c:67:78:8a:e4:9a:ee:8d:
f3:ed:11:74:46:7f:dc:c2:8b:2b:78:63:b6:c8:b2:
43:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:A5:6F:A1:29:D7:78:37:67:D7:37:96:62:1F:CB:F5:F6:47:76:9A
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/227BA3B0CE4911EFB8D02C51C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.225.0.0/22
43.231.116.0/22
45.114.156.0/22
103.14.196.0/22
103.16.140.0/22
103.27.168.0/24
103.27.170.0/23
103.47.152.0/24
103.51.92.0/22
103.52.48.0/22
103.54.96.0/22
103.55.84.0/22
103.62.16.0/22
103.82.144.0/22
103.86.20.0/22
103.88.124.0/22
103.102.119.0/24
103.102.144.0/23
103.108.76.0/22
103.111.128.0/22
103.118.8.0/22
103.124.38.0/23
103.138.104.0/24
103.142.64.0/23
103.153.208.0/23
103.155.194.0/23
103.155.208.0/23
103.171.236.0/23
103.172.130.0/23
103.173.14.0/23
103.173.41.0/24
103.173.120.0/23
103.180.216.0/23
103.183.228.0/23
103.192.72.0/22
103.195.196.0/22
103.200.48.0/22
103.206.64.0/22
103.206.220.0/22
103.212.132.0/22
103.226.224.0/22
103.228.172.0/22
103.254.200.0/22
139.5.96.0/22
203.191.56.0/22
IPv6:
2400:d180:66::-2400:d180:69:ffff:ffff:ffff:ffff:ffff
2400:d180:70::/47
Signature Algorithm: sha256WithRSAEncryption
35:b8:c5:8c:4c:5e:08:dd:80:95:0a:f7:59:ad:e8:d7:b3:40:
44:f1:77:b3:e0:3e:bb:e2:f8:95:0c:9f:00:66:38:51:2a:2a:
0e:58:0e:da:93:df:15:ea:62:ea:13:b0:d7:18:ba:14:e6:f3:
bb:4c:aa:84:2d:ca:34:b5:13:56:4a:fd:e7:2a:4a:ba:ad:d6:
9c:1d:b0:6f:66:c0:b7:43:af:eb:9f:b3:2c:37:56:e1:e7:e2:
a3:1c:c7:f9:ec:72:1c:6e:6c:6b:63:38:cb:89:21:9b:7c:f8:
08:c9:ae:24:85:ac:c9:1f:63:f9:15:17:cf:80:79:2d:f3:c8:
55:dc:1e:4f:8e:23:7c:68:f7:34:d1:9f:52:eb:d5:c2:a9:b2:
c5:1b:d6:52:c4:39:5c:69:db:44:43:88:f5:62:fe:28:fa:11:
cc:47:ae:17:ee:13:1b:01:e3:17:97:23:6b:af:27:88:68:a9:
d7:21:bc:25:d3:fe:97:04:85:6a:52:61:2a:86:9a:c8:3e:38:
03:b2:8f:b8:92:01:ff:dd:03:5b:8f:00:00:a0:5e:54:10:1f:
cd:27:11:13:75:d2:1b:2e:3c:91:56:f5:a2:c0:17:66:65:2e:
44:f0:27:e3:2a:b3:e6:1d:40:d2:01:26:83:52:37:aa:fb:57:
5a:21:80:8c
-----BEGIN CERTIFICATE-----
MIIGqTCCBZGgAwIBAgIDAKIlMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDExMDExNTgyMVoXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjc4MTBiNWQtMWVmNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANFMT68LfROUUoOnyDytgWVxjcs3kEy/QbbIJek4Wko+IkT32E5D0Y1UbIlN
A4+Le/aqXpkllBiLGVEr0ioftq+KDiinkYBlktWEjd/H427UFprCJWniL42vHwxB
Zv0fdTkC1YI2/y19l79iF2P2SmAgS7Pcl6kuWvZjPlo4myWU9fvvucpU/FK4QqhL
xGl3UuQ+7FqmasfJQENr2NEarpcAU3pYnU+tUjgGuE/XUTRnsshUOLdla8lNBIEC
z+AP1bl5JbVWZ/ZSp9+6Xj0pikkPAegQwBMOzv0oqJ3mE4C0mcuBKhBb+JxneIrk
mu6N8+0RdEZ/3MKLK3hjtsiyQycCAwEAAaOCA8wwggPIMB0GA1UdDgQWBBQnpW+h
Kdd4N2fXN5ZiH8v19kd2mjAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzIyN0JBM0Iw
Q0U0OTExRUZCOEQwMkM1MUM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIIBVAYIKwYBBQUHAQcB
Af8EggFDMIIBPzCCARYEAgABMIIBDgMEAivhAAMEAivndAMEAi1ynAMEAmcOxAME
AmcQjAMEAGcbqAMEAWcbqgMEAGcvmAMEAmczXAMEAmc0MAMEAmc2YAMEAmc3VAME
Amc+EAMEAmdSkAMEAmdWFAMEAmdYfAMEAGdmdwMEAWdmkAMEAmdsTAMEAmdvgAME
Amd2CAMEAWd8JgMEAGeKaAMEAWeOQAMEAWeZ0AMEAWebwgMEAWeb0AMEAWer7AME
AWesggMEAWetDgMEAGetKQMEAWeteAMEAWe02AMEAWe35AMEAmfASAMEAmfDxAME
AmfIMAMEAmfOQAMEAmfO3AMEAmfUhAMEAmfi4AMEAmfkrAMEAmf+yAMEAosFYAME
Asu/ODAjBAIAAjAdMBIDBwEkANGAAGYDBwEkANGAAGgDBwEkANGAAHAwDQYJKoZI
hvcNAQELBQADggEBADW4xYxMXgjdgJUK91mt6NezQETxd7PgPrvi+JUMnwBmOFEq
Kg5YDtqT3xXqYuoTsNcYuhTm87tMqoQtyjS1E1ZK/ecqSrqt1pwdsG9mwLdDr+uf
syw3VuHn4qMcx/nschxubGtjOMuJIZt8+AjJriSFrMkfY/kVF8+AeS3zyFXcHk+O
I3xo9zTRn1Lr1cKpssUb1lLEOVxp20RDiPVi/ij6EcxHrhfuExsB4xeXI2uvJ4ho
qdchvCXT/pcEhWpSYSqGmsg+OAOyj7iSAf/dA1uPAACgXlQQH80nERN10hsuPJFW
9aLAF2ZlLkTwJ+Mqs+YdQNIBJoNSN6r7V1ohgIw=
-----END CERTIFICATE-----
Generated at Fri Apr 4 21:49:12 2025 by rpki-client