Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/3E93F298DEEA11EB9AC14312C4F9AE02.roa
File: 3E93F298DEEA11EB9AC14312C4F9AE02.roa (raw, json)
Hash identifier: +wDkR7EyMROn4aXp5K65fd67g9ylhkfA0M1GyXflne4=
Subject key identifier: AA:11:F6:01:42:3C:9F:32:92:47:83:39:81:2A:4B:0E:64:3F:40:04
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 8C5A
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/3E93F298DEEA11EB9AC14312C4F9AE02.roa
Signing time: Thu 30 May 2024 16:10:57 +0000
ROA not before: Thu 30 May 2024 16:10:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 138783
IP address blocks: 103.136.44.0/22 maxlen: 24
2001:df2:12c0::/48 maxlen: 48
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 35930 (0x8c5a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: May 30 16:10:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6658a511-6782
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:45:49:de:c8:fe:0e:6a:fd:14:e3:6b:14:0d:
0c:f4:9a:db:af:80:c3:88:d6:ad:0e:f0:9b:e8:d0:
62:22:8a:b4:7d:d0:4e:7c:c3:95:4e:81:7b:fe:58:
71:92:ce:d0:10:86:53:10:52:ff:2d:04:7d:a1:27:
5a:e3:d0:13:3c:97:46:1d:2f:ce:7c:e1:dc:c8:a1:
fe:58:68:65:e8:e1:dd:a8:f4:41:2e:c3:41:e6:59:
27:64:2a:25:99:01:e5:e6:af:73:d3:b0:81:cd:e7:
14:18:50:95:a4:43:b5:26:1f:13:8a:74:63:42:0f:
59:ef:2b:d2:b4:ff:0c:32:e0:39:1f:3f:34:8f:4d:
6c:71:27:e3:ed:c0:8f:54:fe:04:86:20:9c:e4:44:
de:38:54:09:23:5f:f9:51:13:b6:bf:0a:f1:d0:49:
08:6f:03:b2:6b:3b:99:42:98:9c:76:54:57:01:52:
5f:bd:2f:47:f0:7a:4c:d1:b2:63:6a:b6:3c:bc:9a:
9f:7f:fb:b4:57:38:ad:2e:bc:7e:c3:39:c9:a8:ff:
90:d2:5b:0b:50:67:3f:c5:df:29:40:66:56:a7:7d:
48:e4:9f:73:93:f2:18:ca:da:f0:3b:ab:8e:c2:60:
f5:0f:f3:b9:6a:d3:28:95:f7:88:86:9d:4e:58:eb:
27:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:11:F6:01:42:3C:9F:32:92:47:83:39:81:2A:4B:0E:64:3F:40:04
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/3E93F298DEEA11EB9AC14312C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.136.44.0/22
IPv6:
2001:df2:12c0::/48
Signature Algorithm: sha256WithRSAEncryption
36:40:48:6b:5c:4d:a9:99:a0:b4:e8:a4:ce:1b:f2:57:bd:47:
69:f7:59:0a:68:33:f1:84:06:ff:d2:fc:4d:44:80:ea:b5:77:
2b:32:f0:63:95:0f:6b:7c:0f:d9:6a:0d:b9:bd:61:e4:97:cb:
22:a1:37:fd:f3:77:27:bd:9a:69:bb:f6:82:1a:a5:88:4f:91:
bd:9b:0a:b5:c4:67:f5:10:30:8f:cb:3c:13:b9:b7:37:ef:a9:
c2:ca:05:92:34:2e:ca:4b:1d:ef:5b:b4:fe:b1:03:b5:92:83:
e1:20:d1:5e:69:71:76:54:56:e7:6a:04:fe:49:74:9d:d6:19:
30:2b:14:16:7c:ea:20:87:36:3e:19:03:dc:5b:0e:d1:63:eb:
58:b6:49:f4:36:1c:23:8a:d3:57:8d:98:90:97:c6:01:e4:99:
83:35:4f:8d:00:03:55:ae:10:6c:ff:10:8c:01:bf:e2:ed:c6:
9b:a4:43:d2:6f:6e:9d:da:77:35:42:81:38:8d:3f:8f:ef:a9:
a0:85:36:46:8b:e2:93:17:83:4d:25:90:57:5e:77:5f:3d:ea:
9b:c9:95:13:4d:20:30:d1:ca:15:48:35:53:c7:ed:78:48:7c:
10:46:19:2b:6a:b1:32:66:a0:0a:06:5b:e3:54:70:a5:81:60:
cc:bb:ca:c1
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgIDAIxaMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MDUzMDE2MTA1N1oXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjY1OGE1MTEtNjc4MjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL9FSd7I/g5q/RTjaxQNDPSa26+Aw4jWrQ7wm+jQYiKKtH3QTnzDlU6Be/5Y
cZLO0BCGUxBS/y0EfaEnWuPQEzyXRh0vznzh3Mih/lhoZejh3aj0QS7DQeZZJ2Qq
JZkB5eavc9Owgc3nFBhQlaRDtSYfE4p0Y0IPWe8r0rT/DDLgOR8/NI9NbHEn4+3A
j1T+BIYgnORE3jhUCSNf+VETtr8K8dBJCG8Dsms7mUKYnHZUVwFSX70vR/B6TNGy
Y2q2PLyan3/7tFc4rS68fsM5yaj/kNJbC1BnP8XfKUBmVqd9SOSfc5PyGMra8Dur
jsJg9Q/zuWrTKJX3iIadTljrJ/8CAwEAAaOCAqYwggKiMB0GA1UdDgQWBBSqEfYB
QjyfMpJHgzmBKksOZD9ABDAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzNFOTNGMjk4
REVFQTExRUI5QUMxNDMxMkM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMDAGCCsGAQUFBwEHAQH/
BCEwHzAMBAIAATAGAwQCZ4gsMA8EAgACMAkDBwAgAQ3yEsAwDQYJKoZIhvcNAQEL
BQADggEBADZASGtcTamZoLTopM4b8le9R2n3WQpoM/GEBv/S/E1EgOq1dysy8GOV
D2t8D9lqDbm9YeSXyyKhN/3zdye9mmm79oIapYhPkb2bCrXEZ/UQMI/LPBO5tzfv
qcLKBZI0LspLHe9btP6xA7WSg+Eg0V5pcXZUVudqBP5JdJ3WGTArFBZ86iCHNj4Z
A9xbDtFj61i2SfQ2HCOK01eNmJCXxgHkmYM1T40AA1WuEGz/EIwBv+LtxpukQ9Jv
bp3adzVCgTiNP4/vqaCFNkaL4pMXg00lkFded1896pvJlRNNIDDRyhVINVPH7XhI
fBBGGStqsTJmoAoGW+NUcKWBYMy7ysE=
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:22:47 2025 by rpki-client