Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/371B3B52341B11ED80254C33C4F9AE02.roa
File: 371B3B52341B11ED80254C33C4F9AE02.roa (raw, json)
Hash identifier: XddVpduO/jycQIrX7RTRUpNNUKRbmmQNtn7b5pr35Js=
Subject key identifier: C7:C6:FF:C5:89:5D:61:DF:5C:DD:98:B2:72:44:DD:99:C5:B7:E5:DD
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 5D2A
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/371B3B52341B11ED80254C33C4F9AE02.roa
Signing time: Wed 14 Sep 2022 10:51:41 +0000
ROA not before: Wed 14 Sep 2022 10:51:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 134944
IP address blocks: 103.126.228.0/22 maxlen: 24
2404:ca40::/32 maxlen: 32
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 23850 (0x5d2a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Sep 14 10:51:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6321b23d-c02b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:ef:c8:94:39:82:a0:ba:55:3d:24:e9:85:b5:
ed:cc:1e:7f:ec:69:ba:80:4c:85:3b:62:94:e0:30:
1a:5b:b2:cf:56:ab:6d:6b:a3:e9:d5:22:cb:5e:bf:
66:04:d5:db:36:d0:97:79:e0:8f:3b:0c:4b:65:f5:
5b:10:6d:05:3f:4b:d3:bf:08:5e:a7:4a:5c:b5:b4:
8f:ef:34:90:c9:97:6f:69:af:59:ce:bf:31:3f:57:
53:92:8f:7a:6b:79:4c:c7:8a:0f:09:10:c6:c6:a8:
27:ef:9b:68:44:b7:64:48:ee:87:dc:87:5b:5c:eb:
65:52:78:4e:78:c7:c5:1f:d8:a8:0f:01:d3:f4:e7:
6a:60:1e:56:d3:3a:4d:ca:a7:a9:97:7b:a0:49:aa:
04:7e:ce:3e:e2:f1:39:4a:66:a8:d1:28:8d:d1:aa:
dc:33:2a:3b:9c:e0:39:e4:25:70:d0:ad:f0:9f:d8:
65:e5:02:d6:50:e8:9d:e6:85:e4:c8:65:b2:7d:a0:
d5:ae:29:ef:d8:e7:2f:2e:75:43:25:a6:76:f5:b5:
15:64:dc:23:df:1e:99:78:7e:3e:58:a5:55:3e:4a:
2f:af:9c:0e:06:e3:91:7b:50:44:f6:15:68:1a:f9:
93:57:3f:bb:d1:04:1d:08:b0:07:3f:bd:d4:dd:f7:
ac:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:C6:FF:C5:89:5D:61:DF:5C:DD:98:B2:72:44:DD:99:C5:B7:E5:DD
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/371B3B52341B11ED80254C33C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.126.228.0/22
IPv6:
2404:ca40::/32
Signature Algorithm: sha256WithRSAEncryption
3a:06:e6:72:ac:d9:4f:fc:78:20:6b:f1:a8:9c:8b:1b:95:2e:
05:3b:61:43:07:4d:0d:ad:38:9c:92:65:45:2f:9d:c2:29:a3:
f6:43:95:51:d4:8d:a3:9a:6b:41:6e:15:dd:64:aa:7e:d5:e9:
d0:95:9a:55:8f:cb:ff:1e:27:22:75:19:94:b5:c2:4c:6b:49:
63:3e:d6:3d:27:be:77:bf:bb:2b:73:f0:6a:07:c0:04:ca:81:
5b:03:0b:1a:9e:e4:0c:bc:ad:c8:92:a5:a6:8d:cb:3e:51:aa:
be:a2:07:f3:22:eb:ac:0b:e9:9b:de:49:49:02:f1:73:12:fd:
14:98:85:dc:56:0e:b2:27:56:6b:0f:cb:ab:5e:90:87:84:5a:
5c:65:00:cf:47:51:c2:b6:30:c1:9f:ff:c4:d8:d3:21:b9:81:
70:a6:e9:91:c5:af:52:e4:0f:a9:64:53:41:33:c1:9f:5e:b5:
0f:90:6e:05:9e:6c:c1:90:37:5b:bb:63:d9:27:2a:23:81:bb:
c2:b7:3c:66:0a:3b:6b:27:52:5e:cc:3b:39:72:cd:1b:7f:f6:
8a:25:2c:c1:ef:ef:ad:09:f7:24:be:23:73:cc:d3:de:f0:a5:
e0:34:dc:ef:cb:de:3c:88:6e:2e:4c:2a:e9:3d:ab:68:a9:66:
25:7c:40:a8
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICXSowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjIwOTE0MTA1MTQxWhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzIxYjIzZC1jMDJiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnO/IlDmCoLpVPSTphbXtzB5/7Gm6gEyFO2KU4DAaW7LPVqtta6Pp1SLLXr9m
BNXbNtCXeeCPOwxLZfVbEG0FP0vTvwhep0pctbSP7zSQyZdvaa9Zzr8xP1dTko96
a3lMx4oPCRDGxqgn75toRLdkSO6H3IdbXOtlUnhOeMfFH9ioDwHT9OdqYB5W0zpN
yqepl3ugSaoEfs4+4vE5Smao0SiN0arcMyo7nOA55CVw0K3wn9hl5QLWUOid5oXk
yGWyfaDVrinv2OcvLnVDJaZ29bUVZNwj3x6ZeH4+WKVVPkovr5wOBuORe1BE9hVo
GvmTVz+70QQdCLAHP73U3fesnwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFMfG/8WJ
XWHfXN2YsnJE3ZnFt+XdMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvMzcxQjNCNTIz
NDFCMTFFRDgwMjU0QzMzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAJnfuQwDQQCAAIwBwMFACQEykAwDQYJKoZIhvcNAQELBQAD
ggEBADoG5nKs2U/8eCBr8aicixuVLgU7YUMHTQ2tOJySZUUvncIpo/ZDlVHUjaOa
a0FuFd1kqn7V6dCVmlWPy/8eJyJ1GZS1wkxrSWM+1j0nvne/uytz8GoHwATKgVsD
Cxqe5Ay8rciSpaaNyz5Rqr6iB/Mi66wL6ZveSUkC8XMS/RSYhdxWDrInVmsPy6te
kIeEWlxlAM9HUcK2MMGf/8TY0yG5gXCm6ZHFr1LkD6lkU0EzwZ9etQ+QbgWebMGQ
N1u7Y9knKiOBu8K3PGYKO2snUl7MOzlyzRt/9oolLMHv760J9yS+I3PM097wpeA0
3O/L3jyIbi5MKuk9q2ipZiV8QKg=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:30:35 2025 by rpki-client