Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/35657BDAD08A11EEA2891D36C4F9AE02.roa
File: 35657BDAD08A11EEA2891D36C4F9AE02.roa (raw, json)
Hash identifier: urThyZVlwDvzyHvADlUXgKa1VWXvprtlJFYqeIXwzvQ=
Subject key identifier: 45:ED:D1:72:CE:B6:1E:2E:79:AE:78:9C:9A:1F:CE:2F:81:CC:8B:D7
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 8359
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/35657BDAD08A11EEA2891D36C4F9AE02.roa
Signing time: Wed 21 Feb 2024 07:24:12 +0000
ROA not before: Wed 21 Feb 2024 07:24:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 17754
IP address blocks: 103.48.71.0/24 maxlen: 24
103.55.213.0/24 maxlen: 24
103.105.102.0/24 maxlen: 24
103.187.78.0/23 maxlen: 24
113.11.224.0/22 maxlen: 24
113.11.228.0/22 maxlen: 24
175.101.0.0/16 maxlen: 24
202.133.48.0/20 maxlen: 24
202.153.32.0/20 maxlen: 24
2401:fb00::/33 maxlen: 33
2401:fb00::/40 maxlen: 48
2401:fb00:100::/40 maxlen: 48
2401:fb00:200::/40 maxlen: 48
2401:fb00:300::/40 maxlen: 48
2401:fb00:400::/40 maxlen: 48
2401:fb00:500::/40 maxlen: 48
2401:fb00:600::/40 maxlen: 48
2401:fb00:700::/40 maxlen: 48
2401:fb00:800::/40 maxlen: 48
2401:fb00:900::/40 maxlen: 48
2401:fb00:7600::/40 maxlen: 48
2401:fb00:7700::/40 maxlen: 48
2401:fb00:7800::/40 maxlen: 48
2401:fb00:7900::/40 maxlen: 48
2401:fb00:7a00::/40 maxlen: 48
2401:fb00:7b00::/40 maxlen: 48
2401:fb00:7c00::/40 maxlen: 48
2401:fb00:7d00::/40 maxlen: 48
2401:fb00:7e00::/40 maxlen: 48
2401:fb00:7f00::/40 maxlen: 48
2401:fb00:8000::/33 maxlen: 33
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 33625 (0x8359)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Feb 21 07:24:12 2024 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=65d5a51b-554d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:3c:e0:dc:0f:ae:fa:82:48:c4:d1:37:fe:cd:
49:a5:72:64:7c:14:a5:2d:5a:3b:5c:df:1f:bb:82:
f8:82:69:b9:e9:5c:70:3b:08:b5:30:a5:14:e5:6d:
98:17:82:4b:f8:4d:c5:df:24:ab:45:99:f5:dc:3c:
b4:00:7e:55:db:48:02:2f:b3:cb:58:d9:b0:26:57:
a9:69:3a:d5:86:25:18:0b:51:a2:94:a1:17:c5:56:
a0:76:1d:08:65:91:55:b3:0f:6f:e6:a5:fc:d6:e7:
db:b0:17:c8:7e:09:19:33:f2:f3:76:1d:52:01:95:
17:da:ef:de:bf:e6:db:a0:f6:55:62:4d:d5:1f:17:
a9:7d:2a:c5:49:9a:6f:c3:08:8f:c1:16:24:a1:a6:
d1:a3:60:ab:47:b3:db:dd:1d:5f:2b:03:36:f5:d3:
d6:89:d0:21:c4:aa:da:c1:79:cd:94:d7:96:df:84:
67:2a:2e:3d:c6:10:9a:c9:77:8a:d2:0b:46:1e:76:
74:14:48:48:e5:41:68:3d:03:de:f4:c0:e6:24:30:
17:97:ce:3d:71:90:7a:af:d4:dc:c0:01:1e:cc:fa:
47:ad:d0:df:75:e9:50:5c:07:aa:7a:96:4c:14:33:
20:11:b8:2f:14:5f:36:92:3d:44:60:9d:b9:eb:95:
d7:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:ED:D1:72:CE:B6:1E:2E:79:AE:78:9C:9A:1F:CE:2F:81:CC:8B:D7
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/35657BDAD08A11EEA2891D36C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.48.71.0/24
103.55.213.0/24
103.105.102.0/24
103.187.78.0/23
113.11.224.0/21
175.101.0.0/16
202.133.48.0/20
202.153.32.0/20
IPv6:
2401:fb00::/32
Signature Algorithm: sha256WithRSAEncryption
6d:de:6e:49:52:6b:ee:a3:ac:2b:79:86:fa:2b:b4:ca:fa:6b:
3c:11:54:e5:b8:68:20:9a:fa:11:67:70:29:fc:ad:57:71:c4:
10:32:ca:64:b5:53:57:ae:3a:87:1c:5c:71:5f:f6:97:98:94:
07:c0:4f:5c:d0:4f:48:b2:dd:1e:b9:d8:a4:6c:0c:79:9b:d3:
fd:b2:64:34:48:6d:36:01:55:ea:a7:56:28:6c:19:14:07:17:
9b:73:53:7e:48:bb:19:76:d4:57:c6:be:c3:08:d4:e0:cc:03:
df:e2:11:f3:73:c2:89:11:a5:07:4a:fa:3a:3b:07:06:7b:8e:
5e:cb:25:89:bc:88:aa:53:41:4b:23:e9:32:3f:8b:b0:bd:91:
a8:85:dd:3b:79:59:1a:7d:56:aa:c4:ea:6e:d5:75:70:fb:2b:
dd:92:99:e0:6d:e3:45:a5:40:4d:f5:f5:02:1f:be:9f:63:bd:
e1:17:1c:59:ef:81:5b:8f:c5:15:a2:9a:7d:c1:76:5f:0f:e2:
e3:56:3a:ae:80:a6:f7:88:73:37:fa:6a:30:f8:be:3d:eb:b9:
a9:ba:3a:9c:b5:af:8c:c1:78:ac:57:e4:49:9e:17:09:90:8b:
c5:33:b9:9d:37:22:d7:3c:f4:51:b0:44:0d:89:d7:86:4d:4b:
49:08:80:5d
-----BEGIN CERTIFICATE-----
MIIFqjCCBJKgAwIBAgIDAINZMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MDIyMTA3MjQxMloXDTI0MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjVkNWE1MWItNTU0ZDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALU84NwPrvqCSMTRN/7NSaVyZHwUpS1aO1zfH7uC+IJpuelccDsItTClFOVt
mBeCS/hNxd8kq0WZ9dw8tAB+VdtIAi+zy1jZsCZXqWk61YYlGAtRopShF8VWoHYd
CGWRVbMPb+al/Nbn27AXyH4JGTPy83YdUgGVF9rv3r/m26D2VWJN1R8XqX0qxUma
b8MIj8EWJKGm0aNgq0ez290dXysDNvXT1onQIcSq2sF5zZTXlt+EZyouPcYQmsl3
itILRh52dBRISOVBaD0D3vTA5iQwF5fOPXGQeq/U3MABHsz6R63Q33XpUFwHqnqW
TBQzIBG4LxRfNpI9RGCdueuV16sCAwEAAaOCAs0wggLJMB0GA1UdDgQWBBRF7dFy
zrYeLnmueJyaH84vgcyL1zAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzM1NjU3QkRB
RDA4QTExRUVBMjg5MUQzNkM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMFcGCCsGAQUFBwEHAQH/
BEgwRjA1BAIAATAvAwQAZzBHAwQAZzfVAwQAZ2lmAwQBZ7tOAwQDcQvgAwMAr2UD
BATKhTADBATKmSAwDQQCAAIwBwMFACQB+wAwDQYJKoZIhvcNAQELBQADggEBAG3e
bklSa+6jrCt5hvortMr6azwRVOW4aCCa+hFncCn8rVdxxBAyymS1U1euOoccXHFf
9peYlAfAT1zQT0iy3R652KRsDHmb0/2yZDRIbTYBVeqnVihsGRQHF5tzU35Iuxl2
1FfGvsMI1ODMA9/iEfNzwokRpQdK+jo7BwZ7jl7LJYm8iKpTQUsj6TI/i7C9kaiF
3Tt5WRp9VqrE6m7VdXD7K92SmeBt40WlQE319QIfvp9jveEXHFnvgVuPxRWimn3B
dl8P4uNWOq6ApveIczf6ajD4vj3ruam6Opy1r4zBeKxX5EmeFwmQi8UzuZ03Itc8
9FGwRA2J14ZNS0kIgF0=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:04:08 2025 by rpki-client