Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/3C10EB38F27911EF87505D42C4F9AE02.roa
File: 3C10EB38F27911EF87505D42C4F9AE02.roa (raw, json)
Hash identifier: l214btz6dls/8WT5MUFpce5oFHnGCf2DvDXZNXR2w+0=
Subject key identifier: 2D:A1:8F:AF:7C:96:26:0B:11:F0:86:7A:B5:2A:EA:DB:81:DC:68:0E
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: A770
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/3C10EB38F27911EF87505D42C4F9AE02.roa
Signing time: Mon 24 Feb 2025 06:33:19 +0000
ROA not before: Mon 24 Feb 2025 06:33:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 136634
IP address blocks: 36.255.241.0/24 maxlen: 24
103.48.146.0/24 maxlen: 24
103.48.147.0/24 maxlen: 24
103.102.56.0/22 maxlen: 24
103.172.132.0/24 maxlen: 24
103.174.164.0/23 maxlen: 24
103.230.178.0/23 maxlen: 24
103.235.90.0/23 maxlen: 24
2001:df2:4e40::/48 maxlen: 48
2001:df2:52c0::/48 maxlen: 48
2001:df2:a240::/48 maxlen: 48
2400:8ee0::/48 maxlen: 48
2406:24c0::/32 maxlen: 40
2406:24c0::/48 maxlen: 48
2406:24c0:1::/48 maxlen: 48
2406:24c0:2::/48 maxlen: 48
2406:24c0:3::/48 maxlen: 48
2406:24c0:4::/48 maxlen: 48
2406:24c0:5::/48 maxlen: 48
2406:24c0:9::/48 maxlen: 48
2406:24c0:a::/48 maxlen: 48
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 42864 (0xa770)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Feb 24 06:33:19 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67bc12ae-de83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:40:1a:40:32:b9:fe:d3:d6:7c:7f:fc:44:e5:
c7:c5:e4:f0:3c:29:3a:ce:71:bc:22:74:c1:59:e5:
d8:ea:f2:8e:d9:63:c6:5b:7f:8d:69:ac:a7:f4:46:
f9:d7:f5:f9:1e:dd:c0:79:a1:34:b1:af:d9:2f:e0:
41:46:11:e8:48:ea:ae:93:17:33:3b:05:b7:80:20:
b6:62:0a:a7:73:22:de:1f:46:b7:c7:97:8d:84:c3:
a8:ac:44:3f:d9:5d:b3:24:d2:f5:f3:5a:ca:8f:38:
58:be:eb:64:8f:9c:9f:2a:ad:1a:1d:b6:29:77:69:
e9:6d:4c:76:d9:e2:f6:d4:89:c5:37:86:d2:d9:12:
f1:48:4a:22:7d:33:e5:30:80:4e:7d:a3:89:68:99:
c1:82:e7:a7:8e:08:2e:15:86:d9:9f:b4:80:a8:7f:
29:c6:d2:dc:9b:cc:a9:91:e1:6f:d0:13:1a:8b:bb:
bd:ff:5a:12:7c:2d:17:13:48:60:c4:95:a7:86:75:
10:15:21:05:f5:29:90:f4:2f:be:49:62:38:13:f6:
6d:39:b4:d6:bb:7e:bd:f1:3d:70:eb:38:28:6d:c7:
88:03:eb:bf:c5:a5:47:ba:79:24:14:aa:52:62:c3:
4c:10:ef:f5:64:df:57:33:37:ba:df:38:86:d0:d6:
9c:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:A1:8F:AF:7C:96:26:0B:11:F0:86:7A:B5:2A:EA:DB:81:DC:68:0E
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/3C10EB38F27911EF87505D42C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
36.255.241.0/24
103.48.146.0/23
103.102.56.0/22
103.172.132.0/24
103.174.164.0/23
103.230.178.0/23
103.235.90.0/23
IPv6:
2001:df2:4e40::/48
2001:df2:52c0::/48
2001:df2:a240::/48
2400:8ee0::/48
2406:24c0::/32
Signature Algorithm: sha256WithRSAEncryption
a7:e9:a9:75:d1:9f:df:40:ed:0f:dc:f6:56:32:2d:ec:d1:bb:
8c:7c:75:d4:45:30:12:21:17:fd:91:ee:fb:77:b3:61:01:e0:
5a:7f:b8:7b:00:45:aa:ed:56:68:be:bd:3e:ee:46:c2:55:cb:
dd:94:4c:a7:a4:00:36:08:4b:92:16:e0:df:cd:fc:97:83:3b:
90:96:9a:8c:67:a0:55:4e:ee:19:3c:b3:bb:e3:e7:2e:0e:d9:
d3:47:a6:14:5b:d7:4e:df:11:44:53:dc:b2:9f:98:25:3d:09:
2f:44:8a:10:a3:ff:2d:43:fe:68:ae:3b:2d:4d:7c:72:ef:48:
28:fa:ca:2a:86:0c:5f:60:31:ac:ec:7c:46:37:96:4d:ab:be:
f1:4a:88:79:ab:03:e6:57:41:3d:b0:b2:8d:8e:23:b9:67:0e:
d6:f5:62:d9:55:70:b3:3c:ed:c5:de:4d:4b:e7:5f:17:86:46:
57:bf:7a:6b:95:57:8a:55:3a:77:23:71:b9:b4:3b:4c:7f:61:
6c:de:f0:fe:4a:78:fc:3f:73:d4:08:39:c1:12:58:7f:51:41:
38:d9:e8:c4:58:a6:3d:5f:6d:fb:28:a1:cc:50:35:6d:f5:3b:
a7:1d:65:99:14:1d:17:26:af:d2:6f:86:20:bc:38:b0:33:02:
e4:22:7b:99
-----BEGIN CERTIFICATE-----
MIIFyTCCBLGgAwIBAgIDAKdwMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDIyNDA2MzMxOVoXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjdiYzEyYWUtZGU4MzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMtAGkAyuf7T1nx//ETlx8Xk8DwpOs5xvCJ0wVnl2Oryjtljxlt/jWmsp/RG
+df1+R7dwHmhNLGv2S/gQUYR6EjqrpMXMzsFt4AgtmIKp3Mi3h9Gt8eXjYTDqKxE
P9ldsyTS9fNayo84WL7rZI+cnyqtGh22KXdp6W1Mdtni9tSJxTeG0tkS8UhKIn0z
5TCATn2jiWiZwYLnp44ILhWG2Z+0gKh/KcbS3JvMqZHhb9ATGou7vf9aEnwtFxNI
YMSVp4Z1EBUhBfUpkPQvvkliOBP2bTm01rt+vfE9cOs4KG3HiAPrv8WlR7p5JBSq
UmLDTBDv9WTfVzM3ut84htDWnBcCAwEAAaOCAuwwggLoMB0GA1UdDgQWBBQtoY+v
fJYmCxHwhnq1KurbgdxoDjAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzNDMTBFQjM4
RjI3OTExRUY4NzUwNUQ0MkM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMHYGCCsGAQUFBwEHAQH/
BGcwZTAwBAIAATAqAwQAJP/xAwQBZzCSAwQCZ2Y4AwQAZ6yEAwQBZ66kAwQBZ+ay
AwQBZ+taMDEEAgACMCsDBwAgAQ3yTkADBwAgAQ3yUsADBwAgAQ3yokADBwAkAI7g
AAADBQAkBiTAMA0GCSqGSIb3DQEBCwUAA4IBAQCn6al10Z/fQO0P3PZWMi3s0buM
fHXURTASIRf9ke77d7NhAeBaf7h7AEWq7VZovr0+7kbCVcvdlEynpAA2CEuSFuDf
zfyXgzuQlpqMZ6BVTu4ZPLO74+cuDtnTR6YUW9dO3xFEU9yyn5glPQkvRIoQo/8t
Q/5orjstTXxy70go+soqhgxfYDGs7HxGN5ZNq77xSoh5qwPmV0E9sLKNjiO5Zw7W
9WLZVXCzPO3F3k1L518XhkZXv3prlVeKVTp3I3G5tDtMf2Fs3vD+Snj8P3PUCDnB
Elh/UUE42ejEWKY9X237KKHMUDVt9TunHWWZFB0XJq/Sb4YgvDiwMwLkInuZ
-----END CERTIFICATE-----
Generated at Fri Apr 4 21:55:41 2025 by rpki-client