Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/3DBF87BADEEA11EB9AC14312C4F9AE02.roa
File: 3DBF87BADEEA11EB9AC14312C4F9AE02.roa (raw, json)
Hash identifier: YT/XtEKxBQDv3s8HogIGLsEYvoHUrI5aRV34Y+uY+eM=
Subject key identifier: 39:99:87:AB:3B:A7:62:6B:C4:92:3A:B3:08:1E:33:5F:7F:36:B2:B0
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 484C
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/3DBF87BADEEA11EB9AC14312C4F9AE02.roa
Signing time: Mon 14 Feb 2022 11:21:26 +0000
ROA not before: Mon 14 Feb 2022 11:21:26 +0000
ROA not after: Fri 01 Jul 2022 00:00:00 +0000
asID: 132116
IP address blocks: 27.123.240.0/22 maxlen: 24
43.247.40.0/24 maxlen: 24
43.247.41.0/24 maxlen: 24
43.247.42.0/24 maxlen: 24
43.247.43.0/24 maxlen: 24
45.248.172.0/24 maxlen: 24
45.248.173.0/24 maxlen: 24
45.248.174.0/24 maxlen: 24
45.248.175.0/24 maxlen: 24
103.16.28.0/24 maxlen: 24
103.16.29.0/24 maxlen: 24
103.16.30.0/24 maxlen: 24
103.16.31.0/24 maxlen: 24
103.28.252.0/22 maxlen: 24
103.69.24.0/24 maxlen: 24
103.69.25.0/24 maxlen: 24
103.69.26.0/24 maxlen: 24
103.69.27.0/24 maxlen: 24
103.70.80.0/24 maxlen: 24
103.70.81.0/24 maxlen: 24
103.70.82.0/24 maxlen: 24
103.70.83.0/24 maxlen: 24
103.94.83.0/24 maxlen: 24
103.100.4.0/22 maxlen: 24
103.164.141.0/24 maxlen: 24
103.198.172.0/22 maxlen: 24
103.217.132.0/22 maxlen: 24
103.224.144.0/24 maxlen: 24
103.224.145.0/24 maxlen: 24
103.224.146.0/24 maxlen: 24
103.224.147.0/24 maxlen: 24
163.53.84.0/22 maxlen: 24
180.149.225.0/24 maxlen: 24
180.149.226.0/24 maxlen: 24
180.149.227.0/24 maxlen: 24
2405:e100::/48 maxlen: 48
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18508 (0x484c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Feb 14 11:21:26 2022 GMT
Not After : Jul 1 00:00:00 2022 GMT
Subject: CN=620a3b36-45a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:53:96:24:67:d1:b4:85:04:66:c1:eb:c8:b4:
b6:ff:75:ba:1b:e8:99:ed:2b:e4:fd:e6:1c:ea:22:
ba:f5:27:23:85:a4:5b:c2:09:9a:1d:de:d3:23:4d:
a9:40:d8:e0:31:34:7a:fa:24:09:86:8d:b1:23:bb:
6b:13:6b:bd:91:70:a5:71:92:a9:66:b7:d4:9c:d4:
02:e4:34:83:09:e5:88:e3:70:c9:85:d6:f3:54:fb:
97:08:4b:46:f6:af:16:2e:b0:8b:6a:c9:49:3b:f7:
a7:a0:6a:96:bf:d0:74:1a:83:58:1a:f0:69:38:04:
20:60:09:2f:9f:8a:cd:2d:82:6b:aa:13:33:34:78:
21:e3:7e:15:e8:19:4f:9d:7e:37:41:29:b1:4b:e2:
58:7c:09:09:a4:d2:72:1e:6b:56:a5:71:66:2b:d5:
97:db:73:73:c8:ba:3e:6f:01:d1:87:d2:a3:e2:4c:
8c:28:8d:a6:71:cd:82:dd:95:d6:61:9c:f2:91:3d:
f2:c4:92:a1:06:9b:5b:47:f1:81:67:6c:14:a8:27:
32:aa:22:da:1d:bb:46:43:c9:bb:60:9a:eb:1e:3e:
6a:c0:15:8d:41:2e:37:57:61:d9:e8:cd:8b:fc:d8:
da:3c:38:e5:2e:43:57:83:5d:73:9a:36:01:4e:fa:
43:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:99:87:AB:3B:A7:62:6B:C4:92:3A:B3:08:1E:33:5F:7F:36:B2:B0
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/3DBF87BADEEA11EB9AC14312C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.123.240.0/22
43.247.40.0/22
45.248.172.0/22
103.16.28.0/22
103.28.252.0/22
103.69.24.0/22
103.70.80.0/22
103.94.83.0/24
103.100.4.0/22
103.164.141.0/24
103.198.172.0/22
103.217.132.0/22
103.224.144.0/22
163.53.84.0/22
180.149.225.0-180.149.227.255
IPv6:
2405:e100::/48
Signature Algorithm: sha256WithRSAEncryption
4c:f4:79:eb:87:c6:1d:88:46:4c:b8:5d:fc:70:21:83:f3:87:
70:25:f8:a5:54:b1:6d:e2:28:0c:eb:e6:8f:55:ef:68:dc:de:
ca:0e:d3:6a:6e:15:39:0f:48:dd:a5:7d:85:19:c1:ae:d8:6b:
0c:c0:bc:82:84:7f:dc:62:2e:54:9d:9b:42:35:18:dc:82:e9:
ad:c0:82:76:e0:54:15:59:87:dd:53:e8:9b:fe:99:f8:d4:c7:
e4:17:ff:ff:ea:34:69:c6:44:03:29:5d:99:1e:ad:57:f3:b8:
87:f1:86:f6:97:d4:ff:fc:6d:80:19:1c:17:44:b1:0f:a7:1b:
35:cb:98:40:8a:88:2a:18:53:7e:55:af:46:68:6d:96:68:33:
c7:f1:12:4b:a7:48:76:02:6c:7b:e4:59:75:7b:be:67:d8:e7:
91:4c:9f:ad:31:71:d8:d4:ed:06:3b:0f:ca:cc:db:12:df:f2:
f2:7b:8d:96:d4:6a:66:2e:d5:89:9e:27:48:43:0a:83:ad:c9:
a3:f5:44:2e:8c:8d:28:1a:58:04:96:4b:c0:bc:33:92:54:7a:
66:80:24:22:28:f9:78:c7:62:13:a6:a1:67:bf:23:a7:d5:7e:
29:45:70:94:0d:4b:d7:ea:ef:89:9c:1b:7c:e1:f9:99:6e:68:
0d:ab:69:8e
-----BEGIN CERTIFICATE-----
MIIF3zCCBMegAwIBAgICSEwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjIwMjE0MTEyMTI2WhcNMjIwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjBhM2IzNi00NWE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyVOWJGfRtIUEZsHryLS2/3W6G+iZ7Svk/eYc6iK69ScjhaRbwgmaHd7TI02p
QNjgMTR6+iQJho2xI7trE2u9kXClcZKpZrfUnNQC5DSDCeWI43DJhdbzVPuXCEtG
9q8WLrCLaslJO/enoGqWv9B0GoNYGvBpOAQgYAkvn4rNLYJrqhMzNHgh434V6BlP
nX43QSmxS+JYfAkJpNJyHmtWpXFmK9WX23NzyLo+bwHRh9Kj4kyMKI2mcc2C3ZXW
YZzykT3yxJKhBptbR/GBZ2wUqCcyqiLaHbtGQ8m7YJrrHj5qwBWNQS43V2HZ6M2L
/NjaPDjlLkNXg11zmjYBTvpDvwIDAQABo4IDAzCCAv8wHQYDVR0OBBYEFDmZh6s7
p2JrxJI6swgeM19/NrKwMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvM0RCRjg3QkFE
RUVBMTFFQjlBQzE0MzEyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgYwGCCsGAQUFBwEHAQH/
BH0wezBoBAIAATBiAwQCG3vwAwQCK/coAwQCLfisAwQCZxAcAwQCZxz8AwQCZ0UY
AwQCZ0ZQAwQAZ15TAwQCZ2QEAwQAZ6SNAwQCZ8asAwQCZ9mEAwQCZ+CQAwQCozVU
MAwDBAC0leEDBAK0leAwDwQCAAIwCQMHACQF4QAAADANBgkqhkiG9w0BAQsFAAOC
AQEATPR564fGHYhGTLhd/HAhg/OHcCX4pVSxbeIoDOvmj1XvaNzeyg7Tam4VOQ9I
3aV9hRnBrthrDMC8goR/3GIuVJ2bQjUY3ILprcCCduBUFVmH3VPom/6Z+NTH5Bf/
/+o0acZEAyldmR6tV/O4h/GG9pfU//xtgBkcF0SxD6cbNcuYQIqIKhhTflWvRmht
lmgzx/ESS6dIdgJse+RZdXu+Z9jnkUyfrTFx2NTtBjsPyszbEt/y8nuNltRqZi7V
iZ4nSEMKg63Jo/VELoyNKBpYBJZLwLwzklR6ZoAkIij5eMdiE6ahZ78jp9V+KUVw
lA1L1+rviZwbfOH5mW5oDatpjg==
-----END CERTIFICATE-----
Generated at Fri Apr 4 21:54:05 2025 by rpki-client