Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/4A602FE4C19911EEB7380485C4F9AE02.roa
File: 4A602FE4C19911EEB7380485C4F9AE02.roa (raw, json)
Hash identifier: d3VJX03w4TSm4LpeAjowfAWQns4Prl1By7b+h2IMzKM=
Subject key identifier: FB:40:BA:01:B2:1D:48:CC:8C:6B:A6:AE:60:5D:44:0E:C2:FF:42:2A
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 92FC
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/4A602FE4C19911EEB7380485C4F9AE02.roa
Signing time: Fri 21 Jun 2024 07:29:57 +0000
ROA not before: Fri 21 Jun 2024 07:29:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 135817
IP address blocks: 43.255.164.0/22 maxlen: 24
103.11.80.0/22 maxlen: 24
103.52.32.0/23 maxlen: 24
103.139.70.0/23 maxlen: 23
103.139.70.0/24 maxlen: 24
103.147.150.0/23 maxlen: 24
103.148.144.0/24 maxlen: 24
103.170.56.0/23 maxlen: 24
103.182.142.0/23 maxlen: 24
103.197.78.0/23 maxlen: 24
103.201.136.0/24 maxlen: 24
103.201.137.0/24 maxlen: 24
103.201.138.0/23 maxlen: 24
2001:df6:f180::/48 maxlen: 48
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 37628 (0x92fc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Jun 21 07:29:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=66752bf5-c94d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:70:e0:4e:f2:01:5d:f5:b6:94:3b:d9:86:e5:
91:88:62:ad:85:4c:2d:61:d7:32:3e:9a:24:9c:11:
af:a7:8b:36:68:5b:a1:0c:4c:73:68:31:11:33:05:
83:53:1f:bc:8b:92:c0:8c:1c:a1:53:88:00:7f:f1:
10:d8:36:15:6a:cc:34:3b:f4:72:2d:5f:05:39:86:
2a:fb:71:69:08:b5:ab:d7:94:c0:29:14:de:f2:67:
2b:5b:d2:a1:d8:61:1e:d4:ac:be:a0:aa:e5:17:f7:
0a:19:7c:da:e8:c0:4b:d7:96:bb:bd:5d:f8:6e:52:
5b:2d:f4:a5:91:ed:ec:64:cf:3c:bd:66:24:c0:81:
8c:a3:55:b6:33:49:be:0f:68:d7:05:31:4b:f3:11:
99:18:eb:47:d7:53:5a:56:3b:35:2d:99:93:5a:89:
c7:f4:1a:d5:70:95:a8:02:ad:52:23:f4:27:be:54:
11:63:69:45:d5:f7:a7:40:26:a4:7e:e3:09:cc:2a:
6b:56:fa:5c:80:8f:77:97:53:a3:d3:78:e1:df:22:
7d:78:b3:3e:de:69:ec:01:4c:19:8d:8e:86:af:67:
56:56:62:65:61:df:3e:91:99:46:73:50:68:d7:ed:
b8:b7:36:b3:7f:bd:c3:62:e7:66:7c:00:cd:cb:9b:
3f:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:40:BA:01:B2:1D:48:CC:8C:6B:A6:AE:60:5D:44:0E:C2:FF:42:2A
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/4A602FE4C19911EEB7380485C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.255.164.0/22
103.11.80.0/22
103.52.32.0/23
103.139.70.0/23
103.147.150.0/23
103.148.144.0/24
103.170.56.0/23
103.182.142.0/23
103.197.78.0/23
103.201.136.0/22
IPv6:
2001:df6:f180::/48
Signature Algorithm: sha256WithRSAEncryption
53:0d:89:af:f8:6c:67:b5:49:ca:3d:ff:d9:20:fd:b9:60:1b:
72:fa:c0:05:5e:6c:f8:3d:2d:63:d0:76:09:ad:1a:29:c1:a0:
cf:c0:af:eb:1e:55:26:df:fa:52:36:e3:29:ae:05:56:92:04:
6d:b8:6d:4b:62:61:ee:55:d0:17:ac:c0:87:2f:f0:be:1a:35:
bc:ec:47:06:6e:bf:5e:70:07:d4:2a:ac:c8:22:b8:23:84:e9:
55:fa:5b:d4:bc:97:cd:0b:6e:5a:e1:fe:ba:7a:7c:d5:b7:10:
5b:67:77:11:75:77:49:ac:cd:19:04:6b:03:0f:0f:10:4c:17:
ba:60:ba:18:7d:c6:be:c9:58:e1:3e:6c:55:ba:66:63:01:1a:
86:e5:46:23:49:ab:f9:19:15:af:65:a1:a6:79:ea:5b:08:c9:
9f:91:a2:70:f8:e5:21:0b:54:29:52:98:4b:59:cb:eb:52:84:
2c:bb:60:60:cf:ab:6f:6b:fe:ed:a5:8c:3b:e9:0a:a0:48:00:
d1:a7:0d:2b:87:2e:9e:ec:78:78:9b:a0:9b:6e:a1:fa:fd:44:
7b:8f:85:a5:0c:58:c5:5b:0a:fa:02:4d:ef:32:90:d8:cd:06:
df:34:06:26:c8:66:36:47:df:62:f8:54:d9:58:ca:51:73:f7:
74:73:3f:34
-----BEGIN CERTIFICATE-----
MIIFuTCCBKGgAwIBAgIDAJL8MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MDYyMTA3Mjk1N1oXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjY3NTJiZjUtYzk0ZDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPRw4E7yAV31tpQ72YblkYhirYVMLWHXMj6aJJwRr6eLNmhboQxMc2gxETMF
g1MfvIuSwIwcoVOIAH/xENg2FWrMNDv0ci1fBTmGKvtxaQi1q9eUwCkU3vJnK1vS
odhhHtSsvqCq5Rf3Chl82ujAS9eWu71d+G5SWy30pZHt7GTPPL1mJMCBjKNVtjNJ
vg9o1wUxS/MRmRjrR9dTWlY7NS2Zk1qJx/Qa1XCVqAKtUiP0J75UEWNpRdX3p0Am
pH7jCcwqa1b6XICPd5dTo9N44d8ifXizPt5p7AFMGY2Ohq9nVlZiZWHfPpGZRnNQ
aNftuLc2s3+9w2LnZnwAzcubPzMCAwEAAaOCAtwwggLYMB0GA1UdDgQWBBT7QLoB
sh1IzIxrpq5gXUQOwv9CKjAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzRBNjAyRkU0
QzE5OTExRUVCNzM4MDQ4NUM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMGYGCCsGAQUFBwEHAQH/
BFcwVTBCBAIAATA8AwQCK/+kAwQCZwtQAwQBZzQgAwQBZ4tGAwQBZ5OWAwQAZ5SQ
AwQBZ6o4AwQBZ7aOAwQBZ8VOAwQCZ8mIMA8EAgACMAkDBwAgAQ328YAwDQYJKoZI
hvcNAQELBQADggEBAFMNia/4bGe1Sco9/9kg/blgG3L6wAVebPg9LWPQdgmtGinB
oM/Ar+seVSbf+lI24ymuBVaSBG24bUtiYe5V0BeswIcv8L4aNbzsRwZuv15wB9Qq
rMgiuCOE6VX6W9S8l80Lblrh/rp6fNW3EFtndxF1d0mszRkEawMPDxBMF7pguhh9
xr7JWOE+bFW6ZmMBGoblRiNJq/kZFa9loaZ56lsIyZ+RonD45SELVClSmEtZy+tS
hCy7YGDPq29r/u2ljDvpCqBIANGnDSuHLp7seHiboJtuofr9RHuPhaUMWMVbCvoC
Te8ykNjNBt80BibIZjZH32L4VNlYylFz93RzPzQ=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:01:52 2025 by rpki-client