Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/28C57AAA686E11EC939F873AC4F9AE02.roa
File: 28C57AAA686E11EC939F873AC4F9AE02.roa (raw, json)
Hash identifier: 9LSgSaMXn0mB8HIooNO9H4vJdvLjTyhgXjRfIk/2JUs=
Subject key identifier: D4:5E:D1:EB:4D:48:20:22:42:FC:34:66:1E:3D:2D:E8:2F:31:7B:C5
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 909B
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/28C57AAA686E11EC939F873AC4F9AE02.roa
Signing time: Thu 30 May 2024 16:28:39 +0000
ROA not before: Thu 30 May 2024 16:28:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 17483
IP address blocks: 45.123.24.0/24 maxlen: 24
45.123.25.0/24 maxlen: 24
45.123.26.0/24 maxlen: 24
45.123.27.0/24 maxlen: 24
49.156.128.0/24 maxlen: 24
49.156.129.0/24 maxlen: 24
49.156.130.0/24 maxlen: 24
49.156.131.0/24 maxlen: 24
49.156.132.0/22 maxlen: 22
49.156.136.0/23 maxlen: 23
49.156.138.0/23 maxlen: 23
49.156.140.0/24 maxlen: 24
49.156.141.0/24 maxlen: 24
49.156.142.0/24 maxlen: 24
49.156.143.0/24 maxlen: 24
49.156.144.0/24 maxlen: 24
49.156.145.0/24 maxlen: 24
49.156.146.0/24 maxlen: 24
49.156.147.0/24 maxlen: 24
49.156.148.0/24 maxlen: 24
49.156.149.0/24 maxlen: 24
49.156.150.0/24 maxlen: 24
49.156.151.0/24 maxlen: 24
49.156.152.0/24 maxlen: 24
49.156.153.0/24 maxlen: 24
49.156.154.0/24 maxlen: 24
49.156.155.0/24 maxlen: 24
49.156.156.0/24 maxlen: 24
49.156.157.0/24 maxlen: 24
49.156.158.0/24 maxlen: 24
49.156.159.0/24 maxlen: 24
103.5.16.0/24 maxlen: 24
103.5.17.0/24 maxlen: 24
103.5.18.0/24 maxlen: 24
103.5.19.0/24 maxlen: 24
103.152.179.0/24 maxlen: 24
103.158.242.0/24 maxlen: 24
202.62.64.0/24 maxlen: 24
202.62.65.0/24 maxlen: 24
202.62.66.0/24 maxlen: 24
202.62.67.0/24 maxlen: 24
202.62.68.0/24 maxlen: 24
202.62.69.0/24 maxlen: 24
202.62.70.0/24 maxlen: 24
202.62.71.0/24 maxlen: 24
202.62.72.0/24 maxlen: 24
202.62.73.0/24 maxlen: 24
202.62.74.0/24 maxlen: 24
202.62.75.0/24 maxlen: 24
202.62.76.0/24 maxlen: 24
202.62.77.0/24 maxlen: 24
202.62.78.0/24 maxlen: 24
202.62.79.0/24 maxlen: 24
202.62.80.0/24 maxlen: 24
202.62.81.0/24 maxlen: 24
202.62.82.0/24 maxlen: 24
202.62.83.0/24 maxlen: 24
202.62.84.0/24 maxlen: 24
202.62.85.0/24 maxlen: 24
202.62.86.0/24 maxlen: 24
202.62.87.0/24 maxlen: 24
202.62.88.0/24 maxlen: 24
202.62.89.0/24 maxlen: 24
202.62.90.0/24 maxlen: 24
202.62.91.0/24 maxlen: 24
202.62.92.0/24 maxlen: 24
202.62.93.0/24 maxlen: 24
202.62.94.0/24 maxlen: 24
202.62.95.0/24 maxlen: 24
2404:f100::/40 maxlen: 40
2404:f100:100::/40 maxlen: 40
2404:f100:200::/40 maxlen: 40
2404:f100:300::/40 maxlen: 40
2404:f100:400::/40 maxlen: 40
2404:f100:500::/40 maxlen: 40
2404:f100:e000::/40 maxlen: 40
2404:f100:e200::/40 maxlen: 40
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 37019 (0x909b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: May 30 16:28:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6658a937-065e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:b5:91:a2:68:53:96:77:e8:8d:16:9c:0a:63:
8c:8c:d2:96:78:8b:b4:82:2d:1e:6b:67:d0:3d:4a:
f1:ac:f8:42:4b:4c:0b:35:e2:79:38:4e:69:16:5b:
81:10:22:0c:03:90:a3:72:14:4a:e3:0c:44:c9:13:
3e:e0:27:7a:52:97:af:32:c5:9d:3b:35:af:90:f3:
eb:05:41:e3:9a:f0:81:06:d9:8d:f9:f2:ec:70:5b:
5a:d5:32:6e:df:50:c3:d2:f3:2d:82:02:21:92:29:
1e:3b:1f:13:f9:83:20:21:70:0b:16:67:a2:9c:54:
0d:c1:35:67:cd:50:de:a4:cc:9c:b9:cc:ed:9e:38:
17:99:52:03:e5:9e:4c:28:65:29:db:0d:14:9a:7f:
61:f2:8a:fb:f4:f6:53:8d:a9:d2:6a:e8:b2:f8:b2:
d3:de:17:2c:6a:8a:ea:1b:76:ba:d4:85:8e:65:9a:
72:2e:53:d7:16:ba:3d:07:ea:b3:f6:fc:95:0b:00:
fb:9a:18:db:35:79:6d:98:a5:ee:21:4e:e3:88:27:
99:fc:17:17:0e:8f:87:84:d8:c4:f9:7a:e3:f4:f6:
cc:29:22:b2:04:cd:79:a9:80:29:ba:f1:3d:2c:0d:
c2:59:47:64:e2:f0:97:e0:eb:0e:c8:fe:1a:d7:dd:
0c:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:5E:D1:EB:4D:48:20:22:42:FC:34:66:1E:3D:2D:E8:2F:31:7B:C5
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/28C57AAA686E11EC939F873AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.123.24.0/22
49.156.128.0/19
103.5.16.0/22
103.152.179.0/24
103.158.242.0/24
202.62.64.0/19
IPv6:
2404:f100::-2404:f100:5ff:ffff:ffff:ffff:ffff:ffff
2404:f100:e000::/40
2404:f100:e200::/40
Signature Algorithm: sha256WithRSAEncryption
44:8c:98:a7:af:91:e1:96:46:68:99:3b:28:77:14:50:b7:c7:
14:20:eb:b5:3b:f1:4e:ce:6f:01:0e:61:ba:50:13:f4:3a:47:
2f:12:71:31:cb:83:80:1c:1f:3b:63:17:14:55:17:b4:b4:06:
04:59:13:1f:05:e6:47:1e:d8:22:e5:e1:bd:86:03:97:60:fa:
80:43:ea:93:15:e5:a7:58:eb:4b:dc:50:71:1a:1f:ab:fb:a6:
4b:9f:d5:ea:fb:b7:74:bf:e8:ef:01:9f:db:82:09:c9:bc:38:
40:f4:fa:4f:6e:6c:56:96:89:f2:13:f2:02:32:fe:4b:fc:94:
9b:71:40:12:2d:43:3e:55:bf:08:91:9f:ac:9a:f8:0a:76:ff:
af:a9:4e:5b:de:8c:1b:99:c0:8c:6f:6d:0d:c6:b5:a8:e5:5d:
37:bf:5b:f4:f9:52:cb:3e:88:b3:29:e5:1b:e8:4e:8b:7d:d0:
f2:fe:e0:e6:d3:cb:e2:09:6b:b0:3e:f6:8a:8b:93:ba:bb:11:
50:d1:62:3f:5c:88:3b:d9:9a:d2:91:55:91:ef:a3:37:10:67:
96:2c:fb:bb:1f:33:a2:d4:f6:eb:7c:22:29:70:33:86:5b:11:
d1:7a:67:48:f4:54:34:73:f8:13:9b:49:c8:ee:c2:27:75:82:
e5:aa:76:a4
-----BEGIN CERTIFICATE-----
MIIFuDCCBKCgAwIBAgIDAJCbMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MDUzMDE2MjgzOVoXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjY1OGE5MzctMDY1ZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJm1kaJoU5Z36I0WnApjjIzSlniLtIItHmtn0D1K8az4QktMCzXieThOaRZb
gRAiDAOQo3IUSuMMRMkTPuAnelKXrzLFnTs1r5Dz6wVB45rwgQbZjfny7HBbWtUy
bt9Qw9LzLYICIZIpHjsfE/mDICFwCxZnopxUDcE1Z81Q3qTMnLnM7Z44F5lSA+We
TChlKdsNFJp/YfKK+/T2U42p0mrosviy094XLGqK6ht2utSFjmWaci5T1xa6PQfq
s/b8lQsA+5oY2zV5bZil7iFO44gnmfwXFw6Ph4TYxPl64/T2zCkisgTNeamAKbrx
PSwNwllHZOLwl+DrDsj+GtfdDNsCAwEAAaOCAtswggLXMB0GA1UdDgQWBBTUXtHr
TUggIkL8NGYePS3oLzF7xTAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzI4QzU3QUFB
Njg2RTExRUM5MzlGODczQUM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMGUGCCsGAQUFBwEHAQH/
BFYwVDAqBAIAATAkAwQCLXsYAwQFMZyAAwQCZwUQAwQAZ5izAwQAZ57yAwQFyj5A
MCYEAgACMCAwDgMEACQE8QMGASQE8QAEAwYAJATxAOADBgAkBPEA4jANBgkqhkiG
9w0BAQsFAAOCAQEARIyYp6+R4ZZGaJk7KHcUULfHFCDrtTvxTs5vAQ5hulAT9DpH
LxJxMcuDgBwfO2MXFFUXtLQGBFkTHwXmRx7YIuXhvYYDl2D6gEPqkxXlp1jrS9xQ
cRofq/umS5/V6vu3dL/o7wGf24IJybw4QPT6T25sVpaJ8hPyAjL+S/yUm3FAEi1D
PlW/CJGfrJr4Cnb/r6lOW96MG5nAjG9tDca1qOVdN79b9PlSyz6IsynlG+hOi33Q
8v7g5tPL4glrsD72iouTursRUNFiP1yIO9ma0pFVke+jNxBnliz7ux8zotT263wi
KXAzhlsR0XpnSPRUNHP4E5tJyO7CJ3WC5ap2pA==
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:00:51 2025 by rpki-client