Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/4AC17558966411ED9ED6DC45C4F9AE02.roa
File: 4AC17558966411ED9ED6DC45C4F9AE02.roa (raw, json)
Hash identifier: azr1gneBTpUaumA5h+HZqxcOCNnaBUSUaPxEvnD1VEQ=
Subject key identifier: D8:CA:01:14:F3:C0:63:65:55:99:D4:6C:F6:58:AB:0D:E5:00:29:4B
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 6361
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/4AC17558966411ED9ED6DC45C4F9AE02.roa
Signing time: Wed 18 Jan 2023 10:01:50 +0000
ROA not before: Wed 18 Jan 2023 10:01:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 58762
IP address blocks: 45.117.180.0/24 maxlen: 24
45.117.181.0/24 maxlen: 24
45.117.182.0/24 maxlen: 24
45.117.183.0/24 maxlen: 24
103.18.72.0/24 maxlen: 24
103.18.73.0/24 maxlen: 24
103.18.74.0/24 maxlen: 24
103.18.75.0/24 maxlen: 24
103.69.12.0/22 maxlen: 24
103.84.184.0/22 maxlen: 24
103.85.16.0/22 maxlen: 24
103.88.56.0/22 maxlen: 22
103.88.56.0/24 maxlen: 24
103.88.57.0/24 maxlen: 24
103.88.58.0/24 maxlen: 24
103.88.59.0/24 maxlen: 24
103.138.8.0/24 maxlen: 24
103.147.0.0/24 maxlen: 24
103.147.1.0/24 maxlen: 24
103.153.12.0/24 maxlen: 24
103.157.4.0/23 maxlen: 24
103.157.10.0/23 maxlen: 24
103.164.46.0/23 maxlen: 24
103.165.28.0/23 maxlen: 24
103.165.102.0/23 maxlen: 24
103.170.158.0/23 maxlen: 24
103.225.56.0/22 maxlen: 22
103.225.56.0/24 maxlen: 24
103.225.57.0/24 maxlen: 24
103.225.58.0/24 maxlen: 24
103.225.59.0/24 maxlen: 24
150.129.44.0/24 maxlen: 24
150.129.45.0/24 maxlen: 24
150.129.46.0/24 maxlen: 24
150.129.47.0/24 maxlen: 24
2001:df0:8000::/48 maxlen: 56
2407:c140::/32 maxlen: 38
2407:c140::/36 maxlen: 40
2407:c140:1000::/37 maxlen: 40
2407:c140:1800::/38 maxlen: 40
2407:c140:1c00::/39 maxlen: 40
2407:c140:1e00::/40 maxlen: 40
2407:c140:1f00::/40 maxlen: 40
2407:c140:2000::/35 maxlen: 40
2407:c140:4000::/34 maxlen: 40
2407:c140:8000::/33 maxlen: 40
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25441 (0x6361)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Jan 18 10:01:49 2023 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=63c7c38d-b573
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:55:58:48:8e:cc:e6:e5:b4:09:05:49:cf:a4:
b9:1e:6e:d2:1f:70:d5:31:c5:7c:aa:fb:bb:0d:33:
98:02:f7:8f:43:ff:56:b0:7a:a3:6f:b5:a3:b4:1e:
d9:14:45:3a:93:fe:21:e5:3d:18:b5:c7:4a:ea:dc:
0a:72:1d:cd:8d:2f:b2:22:36:c7:32:b2:6e:d6:0a:
b7:72:60:2e:2d:24:df:da:f9:6e:17:ca:eb:50:a8:
ef:8a:54:79:ac:d1:07:6a:b3:3a:68:f7:0c:7f:dc:
c6:44:17:75:14:59:c8:c2:fe:35:fc:78:0b:07:c1:
47:8e:e2:64:b7:f0:cd:a6:9d:c4:24:1b:87:0d:c9:
62:00:73:fa:85:24:06:1a:fb:45:25:a3:3e:05:85:
46:39:6a:1a:64:79:45:b7:6a:cc:92:69:4b:1b:df:
21:a6:f0:24:fb:b2:8d:35:05:89:27:8f:c0:3e:1a:
48:f7:83:87:82:ce:8b:c5:4a:2d:78:2b:31:35:c5:
04:c4:09:7c:62:26:e4:9a:52:f9:c4:8a:8b:3b:24:
d9:8f:b2:fd:ee:90:d7:22:f8:61:db:e6:eb:e5:41:
75:57:58:a1:00:9d:88:c3:1d:4a:67:7a:f1:1a:ae:
03:9d:e3:79:e6:54:48:9f:39:39:6a:af:90:e0:11:
bc:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:CA:01:14:F3:C0:63:65:55:99:D4:6C:F6:58:AB:0D:E5:00:29:4B
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/4AC17558966411ED9ED6DC45C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.117.180.0/22
103.18.72.0/22
103.69.12.0/22
103.84.184.0/22
103.85.16.0/22
103.88.56.0/22
103.138.8.0/24
103.147.0.0/23
103.153.12.0/24
103.157.4.0/23
103.157.10.0/23
103.164.46.0/23
103.165.28.0/23
103.165.102.0/23
103.170.158.0/23
103.225.56.0/22
150.129.44.0/22
IPv6:
2001:df0:8000::/48
2407:c140::/32
Signature Algorithm: sha256WithRSAEncryption
96:29:bc:bb:b5:c0:05:31:f6:78:42:39:36:e8:e4:43:9b:a2:
7e:e5:f4:40:53:6f:24:01:d7:94:14:3e:1c:29:4d:9b:b2:6f:
4e:12:05:b6:94:47:4f:b0:4a:25:1f:31:f9:67:a7:3f:85:43:
9d:f0:6c:a9:ab:2a:b4:24:0e:17:5b:2c:4c:5a:65:2a:01:75:
6b:55:80:19:7d:b3:6f:3a:83:07:cb:65:a3:58:d8:1a:5b:22:
5a:cb:98:d2:3d:6f:fc:57:e7:f3:4b:ac:90:50:42:07:3a:d4:
a3:60:81:7d:ad:35:c1:d5:3b:a9:0b:f4:d6:8d:5a:64:20:68:
d9:16:f7:21:f8:cf:6a:47:00:57:f2:92:a2:41:2e:df:bb:d9:
48:63:c6:74:ad:56:d3:ca:48:e6:0a:c9:9f:7b:dc:10:71:f2:
8b:08:78:dd:56:4a:76:98:6b:b9:6a:28:a4:82:17:e8:8e:77:
a2:69:18:b1:ef:55:20:2d:a6:1e:1b:32:47:95:17:98:3b:81:
4d:83:ec:35:0f:7c:51:22:5c:a0:06:bc:14:93:ec:66:10:48:
bd:1a:6c:ae:c7:b4:4b:45:6e:c7:7a:c4:59:3a:ae:69:a1:b0:
9f:af:b9:c2:ef:cb:20:df:ea:22:cf:5f:86:cc:ca:8e:59:43:
0e:e6:e1:a4
-----BEGIN CERTIFICATE-----
MIIF7DCCBNSgAwIBAgICY2EwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMwMTE4MTAwMTQ5WhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2M3YzM4ZC1iNTczMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAr1VYSI7M5uW0CQVJz6S5Hm7SH3DVMcV8qvu7DTOYAvePQ/9WsHqjb7WjtB7Z
FEU6k/4h5T0YtcdK6twKch3NjS+yIjbHMrJu1gq3cmAuLSTf2vluF8rrUKjvilR5
rNEHarM6aPcMf9zGRBd1FFnIwv41/HgLB8FHjuJkt/DNpp3EJBuHDcliAHP6hSQG
GvtFJaM+BYVGOWoaZHlFt2rMkmlLG98hpvAk+7KNNQWJJ4/APhpI94OHgs6LxUot
eCsxNcUExAl8YibkmlL5xIqLOyTZj7L97pDXIvhh2+br5UF1V1ihAJ2Iwx1KZ3rx
Gq4DneN55lRInzk5aq+Q4BG8vwIDAQABo4IDEDCCAwwwHQYDVR0OBBYEFNjKARTz
wGNlVZnUbPZYqw3lAClLMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvNEFDMTc1NTg5
NjY0MTFFRDlFRDZEQzQ1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwgZkGCCsGAQUFBwEHAQH/
BIGJMIGGMGwEAgABMGYDBAItdbQDBAJnEkgDBAJnRQwDBAJnVLgDBAJnVRADBAJn
WDgDBABniggDBAFnkwADBABnmQwDBAFnnQQDBAFnnQoDBAFnpC4DBAFnpRwDBAFn
pWYDBAFnqp4DBAJn4TgDBAKWgSwwFgQCAAIwEAMHACABDfCAAAMFACQHwUAwDQYJ
KoZIhvcNAQELBQADggEBAJYpvLu1wAUx9nhCOTbo5EObon7l9EBTbyQB15QUPhwp
TZuyb04SBbaUR0+wSiUfMflnpz+FQ53wbKmrKrQkDhdbLExaZSoBdWtVgBl9s286
gwfLZaNY2BpbIlrLmNI9b/xX5/NLrJBQQgc61KNggX2tNcHVO6kL9NaNWmQgaNkW
9yH4z2pHAFfykqJBLt+72UhjxnStVtPKSOYKyZ973BBx8osIeN1WSnaYa7lqKKSC
F+iOd6JpGLHvVSAtph4bMkeVF5g7gU2D7DUPfFEiXKAGvBST7GYQSL0abK7HtEtF
bsd6xFk6rmmhsJ+vucLvyyDf6iLPX4bMyo5ZQw7m4aQ=
-----END CERTIFICATE-----
Generated at Fri Apr 4 21:58:33 2025 by rpki-client