Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/32D77D2A310A11EE8717E40AC4F9AE02.roa
File: 32D77D2A310A11EE8717E40AC4F9AE02.roa (raw, json)
Hash identifier: 0tMc6n77OnfkU7fVRJNUmtTu45FsSjYD3YPVJ1V3pnk=
Subject key identifier: 0B:55:3A:7E:85:BB:4A:AB:75:B9:F0:43:2E:BB:AD:41:95:4E:13:BC
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 8A81
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/32D77D2A310A11EE8717E40AC4F9AE02.roa
Signing time: Thu 30 May 2024 16:03:19 +0000
ROA not before: Thu 30 May 2024 16:03:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 135766
IP address blocks: 103.111.158.0/24 maxlen: 24
103.127.100.0/22 maxlen: 24
103.144.115.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 35457 (0x8a81)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: May 30 16:03:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6658a346-e87d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:c9:33:4d:1c:74:70:ec:4a:80:f0:5b:e2:6c:
ee:de:34:e8:eb:ce:63:b6:04:93:41:74:4b:4a:51:
fb:2d:9e:13:cd:5a:0d:ba:26:c3:49:47:34:c8:2d:
8e:75:79:f0:7e:9a:a8:b9:30:db:ed:f6:38:8e:e5:
29:a2:85:87:bf:8f:f3:5f:b0:41:cb:1c:af:cf:ad:
43:17:19:8e:9b:53:88:c2:d2:7c:b8:2a:cd:46:c5:
91:0a:cd:6c:73:fb:0b:1b:35:ec:ef:11:2a:1b:77:
80:b9:a5:f5:0e:28:60:30:61:34:ab:41:76:60:37:
62:ca:ec:97:7a:e6:fd:4e:f8:8b:95:bd:a9:d4:5e:
b5:84:e6:85:65:a1:d7:e0:7c:53:67:77:47:66:a4:
18:c1:3d:9f:26:2b:d8:be:ec:60:cc:09:e8:0c:c6:
44:62:f0:f9:8b:01:f8:2d:09:c9:b1:72:0e:23:02:
a3:77:5e:6b:c1:9a:f6:a3:50:f6:5f:2b:2f:70:43:
99:2d:1e:0b:d4:59:76:d2:52:dd:8e:68:00:cc:02:
82:41:d0:92:24:18:25:3c:82:38:5a:30:62:32:8f:
b2:4b:3c:2f:76:75:7b:09:93:3f:f9:d2:bd:fb:90:
79:a8:33:94:5f:bd:e0:f2:5e:7d:37:67:e3:a7:5d:
73:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:55:3A:7E:85:BB:4A:AB:75:B9:F0:43:2E:BB:AD:41:95:4E:13:BC
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/32D77D2A310A11EE8717E40AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.111.158.0/24
103.127.100.0/22
103.144.115.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:04:e0:d5:f5:75:ae:ef:90:1b:95:3d:dc:32:99:7d:fd:ca:
a4:16:77:73:0e:3c:8f:7a:25:ca:1a:c0:fd:f7:28:ed:af:b2:
ec:81:a4:82:30:a5:31:be:62:38:d0:7e:b5:f3:70:b7:c4:2b:
e4:fd:ca:a0:c8:62:f3:59:d3:db:2d:4c:a8:2a:74:f1:ed:08:
7b:3b:01:e8:f8:6f:5d:b8:62:dd:95:b5:21:bf:a3:3f:21:f3:
2e:f1:b7:ea:63:74:67:86:6c:f3:90:be:d1:11:55:fd:e3:e5:
d3:14:0b:d4:9e:af:a7:e5:e0:b0:bf:a7:f3:26:f5:e2:20:4c:
52:52:8c:d3:07:09:65:ab:68:ce:7d:24:56:f8:32:57:8d:9a:
13:b8:a4:0c:39:24:79:20:1d:4c:33:23:d9:b9:d2:b1:ba:95:
ea:4c:29:4a:1a:9c:e7:39:e4:16:4b:7e:30:35:32:f4:a5:03:
be:87:2b:6d:e5:b1:00:7f:87:44:b1:da:c6:37:22:f8:fe:61:
e0:24:08:25:23:ab:b7:fa:23:4f:6f:99:15:6a:f6:20:ad:c1:
27:84:e7:2d:5b:2e:06:3d:a5:7f:93:9c:07:18:19:f8:57:33:
b6:d7:fd:21:58:9e:0f:45:45:f9:7c:04:f6:3b:4b:73:93:c4:
c2:98:57:4c
-----BEGIN CERTIFICATE-----
MIIFfjCCBGagAwIBAgIDAIqBMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MDUzMDE2MDMxOVoXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjY1OGEzNDYtZTg3ZDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKfJM00cdHDsSoDwW+Js7t406OvOY7YEk0F0S0pR+y2eE81aDbomw0lHNMgt
jnV58H6aqLkw2+32OI7lKaKFh7+P81+wQcscr8+tQxcZjptTiMLSfLgqzUbFkQrN
bHP7Cxs17O8RKht3gLml9Q4oYDBhNKtBdmA3Ysrsl3rm/U74i5W9qdRetYTmhWWh
1+B8U2d3R2akGME9nyYr2L7sYMwJ6AzGRGLw+YsB+C0JybFyDiMCo3dea8Ga9qNQ
9l8rL3BDmS0eC9RZdtJS3Y5oAMwCgkHQkiQYJTyCOFowYjKPsks8L3Z1ewmTP/nS
vfuQeagzlF+94PJefTdn46ddc0cCAwEAAaOCAqEwggKdMB0GA1UdDgQWBBQLVTp+
hbtKq3W58EMuu61BlU4TvDAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzMyRDc3RDJB
MzEwQTExRUU4NzE3RTQwQUM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMCsGCCsGAQUFBwEHAQH/
BBwwGjAYBAIAATASAwQAZ2+eAwQCZ39kAwQAZ5BzMA0GCSqGSIb3DQEBCwUAA4IB
AQCcBODV9XWu75AblT3cMpl9/cqkFndzDjyPeiXKGsD99yjtr7LsgaSCMKUxvmI4
0H6183C3xCvk/cqgyGLzWdPbLUyoKnTx7Qh7OwHo+G9duGLdlbUhv6M/IfMu8bfq
Y3RnhmzzkL7REVX94+XTFAvUnq+n5eCwv6fzJvXiIExSUozTBwllq2jOfSRW+DJX
jZoTuKQMOSR5IB1MMyPZudKxupXqTClKGpznOeQWS34wNTL0pQO+hytt5bEAf4dE
sdrGNyL4/mHgJAglI6u3+iNPb5kVavYgrcEnhOctWy4GPaV/k5wHGBn4VzO21/0h
WJ4PRUX5fAT2O0tzk8TCmFdM
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:17:37 2025 by rpki-client