Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/4341A2F4C81611EF8EA3DA19C4F9AE02.roa
File: 4341A2F4C81611EF8EA3DA19C4F9AE02.roa (raw, json)
Hash identifier: mebjD2ryc387hDK92Y5o4O6y+k5irA7hNmzJSKyfXHE=
Subject key identifier: 22:75:F9:3D:07:69:54:08:98:1A:62:1B:73:EE:84:84:D3:C3:ED:C2
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: A12D
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/4341A2F4C81611EF8EA3DA19C4F9AE02.roa
Signing time: Wed 01 Jan 2025 12:22:06 +0000
ROA not before: Wed 01 Jan 2025 12:22:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 134294
IP address blocks: 43.246.140.0/24 maxlen: 24
43.246.141.0/24 maxlen: 24
43.246.142.0/24 maxlen: 24
43.246.143.0/24 maxlen: 24
103.133.58.0/23 maxlen: 24
103.152.40.0/23 maxlen: 24
103.164.0.0/24 maxlen: 24
103.164.1.0/24 maxlen: 24
103.172.130.0/23 maxlen: 24
103.194.248.0/24 maxlen: 24
103.194.249.0/24 maxlen: 24
103.194.250.0/24 maxlen: 24
103.194.251.0/24 maxlen: 24
2001:df6:a500::/48 maxlen: 48
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 41261 (0xa12d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Jan 1 12:22:06 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6775336d-af6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:33:ec:8f:e6:4d:c3:2a:9b:09:24:03:b6:0a:
5d:63:0a:4d:a1:57:ac:eb:1a:09:54:d3:28:ab:28:
1d:17:a7:26:1f:56:6d:db:a8:23:14:a5:f2:73:7c:
4f:90:b7:0d:d4:e2:a1:68:f4:8f:a5:d0:81:2b:29:
31:26:fa:3e:b2:10:0b:7e:9a:3a:cd:ec:5a:9d:1a:
e1:59:7f:a5:4c:29:c9:36:8a:26:6b:99:1e:e7:e6:
53:03:7a:6e:57:fa:99:d2:bd:9c:6c:2d:f9:b4:73:
47:48:90:e2:83:7d:ab:72:9a:ee:78:9e:41:23:dd:
e0:6c:a2:24:61:fc:e1:92:ab:3a:b4:b2:2a:56:bf:
ae:ef:f3:79:62:09:37:ac:6a:ab:36:36:78:a1:e7:
eb:c9:cc:04:b2:35:d4:f1:44:05:3a:bf:34:97:4a:
d1:d7:84:b5:c7:4b:d8:31:99:4e:70:55:32:1f:67:
24:7c:52:0a:ff:d9:33:3d:71:d0:5f:94:26:8c:5f:
25:92:c5:a6:e9:56:aa:16:c2:0e:aa:24:f0:35:7c:
4d:bc:5d:4a:47:3e:40:40:70:8c:42:e5:2e:e3:d7:
8f:d0:eb:d2:59:0c:42:6c:c9:fa:39:cb:60:f8:ce:
5d:c1:12:38:22:6e:ab:aa:c2:2c:db:41:fd:45:7d:
0a:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:75:F9:3D:07:69:54:08:98:1A:62:1B:73:EE:84:84:D3:C3:ED:C2
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/4341A2F4C81611EF8EA3DA19C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.246.140.0/22
103.133.58.0/23
103.152.40.0/23
103.164.0.0/23
103.172.130.0/23
103.194.248.0/22
IPv6:
2001:df6:a500::/48
Signature Algorithm: sha256WithRSAEncryption
3c:5f:b7:a8:fb:8c:6e:4e:fc:75:82:09:0c:11:77:bc:f7:e2:
21:46:30:02:e6:de:41:d7:b2:19:7d:3c:76:1c:4f:23:c6:38:
2c:eb:88:2d:b9:35:5e:f6:23:be:05:74:d0:82:19:e5:71:24:
87:00:88:19:82:d4:c7:09:40:4f:21:c6:22:98:17:f4:cf:3c:
29:44:05:d1:11:8a:82:24:52:21:5a:53:47:94:59:47:6f:e4:
07:92:61:30:e0:a4:d8:fc:16:3c:b8:de:84:78:68:6b:27:fb:
71:d1:ed:24:bb:4f:2b:42:15:ca:7e:a7:b5:00:86:7d:5f:19:
2f:87:33:14:f0:87:c5:90:c7:22:3f:01:0a:30:43:07:aa:69:
c1:c0:db:ec:d4:69:5a:b1:e5:4c:46:6a:03:95:a2:1a:58:a8:
0a:2d:d6:56:13:c6:3e:eb:5d:86:39:7c:70:ed:2e:0a:a6:b2:
66:6b:e8:ca:e8:a9:4b:4a:51:04:6e:39:56:3c:09:13:ad:56:
52:9c:66:cd:31:fe:2b:cc:1b:ea:e2:ba:0c:ca:1c:8f:96:ff:
78:f3:05:6f:4d:c7:55:37:1c:23:d8:a9:70:0e:a9:a2:c1:9b:
21:1e:db:9d:ed:b5:8b:04:61:75:ec:fa:ee:c8:15:74:77:a3:
95:c5:20:12
-----BEGIN CERTIFICATE-----
MIIFoTCCBImgAwIBAgIDAKEtMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDEwMTEyMjIwNloXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjc3NTMzNmQtYWY2ZDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMUz7I/mTcMqmwkkA7YKXWMKTaFXrOsaCVTTKKsoHRenJh9WbduoIxSl8nN8
T5C3DdTioWj0j6XQgSspMSb6PrIQC36aOs3sWp0a4Vl/pUwpyTaKJmuZHufmUwN6
blf6mdK9nGwt+bRzR0iQ4oN9q3Ka7nieQSPd4GyiJGH84ZKrOrSyKla/ru/zeWIJ
N6xqqzY2eKHn68nMBLI11PFEBTq/NJdK0deEtcdL2DGZTnBVMh9nJHxSCv/ZMz1x
0F+UJoxfJZLFpulWqhbCDqok8DV8TbxdSkc+QEBwjELlLuPXj9Dr0lkMQmzJ+jnL
YPjOXcESOCJuq6rCLNtB/UV9CkUCAwEAAaOCAsQwggLAMB0GA1UdDgQWBBQidfk9
B2lUCJgaYhtz7oSE08PtwjAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzQzNDFBMkY0
QzgxNjExRUY4RUEzREExOUM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sME4GCCsGAQUFBwEHAQH/
BD8wPTAqBAIAATAkAwQCK/aMAwQBZ4U6AwQBZ5goAwQBZ6QAAwQBZ6yCAwQCZ8L4
MA8EAgACMAkDBwAgAQ32pQAwDQYJKoZIhvcNAQELBQADggEBADxft6j7jG5O/HWC
CQwRd7z34iFGMALm3kHXshl9PHYcTyPGOCzriC25NV72I74FdNCCGeVxJIcAiBmC
1McJQE8hxiKYF/TPPClEBdERioIkUiFaU0eUWUdv5AeSYTDgpNj8Fjy43oR4aGsn
+3HR7SS7TytCFcp+p7UAhn1fGS+HMxTwh8WQxyI/AQowQweqacHA2+zUaVqx5UxG
agOVohpYqAot1lYTxj7rXYY5fHDtLgqmsmZr6MroqUtKUQRuOVY8CROtVlKcZs0x
/ivMG+riugzKHI+W/3jzBW9Nx1U3HCPYqXAOqaLBmyEe253ttYsEYXXs+u7IFXR3
o5XFIBI=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:06:43 2025 by rpki-client