Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/57AC699EA2B711EDB06B6D65C4F9AE02.roa
File: 57AC699EA2B711EDB06B6D65C4F9AE02.roa (raw, json)
Hash identifier: pfHzrvxwbTXVk4CxRUvpcBhURW8Afxk0nP1MTanRrVo=
Subject key identifier: 43:12:B9:42:7C:73:67:FF:32:A6:4E:46:D3:79:C2:F0:91:46:20:51
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 8A2F
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/57AC699EA2B711EDB06B6D65C4F9AE02.roa
Signing time: Thu 30 May 2024 16:01:56 +0000
ROA not before: Thu 30 May 2024 16:01:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 135242
IP address blocks: 103.69.238.0/24 maxlen: 24
103.69.239.0/24 maxlen: 24
103.213.208.0/22 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 35375 (0x8a2f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: May 30 16:01:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6658a2f4-0313
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:09:60:48:ed:97:c9:64:c6:5f:0d:4a:19:34:
b6:d4:f9:dc:d8:a3:33:56:33:1b:60:bf:6f:2f:e1:
a2:10:2d:3c:3b:7a:99:c8:13:c0:60:34:c9:aa:83:
1f:98:70:33:62:bb:97:59:8b:0d:4f:f2:c6:03:32:
eb:94:ca:f5:97:1a:04:5c:29:73:cc:cc:5b:73:1b:
7d:42:45:18:48:d2:23:44:e2:56:f4:9b:ff:e1:80:
1a:b4:43:7e:56:ac:23:37:2c:14:09:e6:2f:7e:0f:
e7:b8:a7:f8:29:d5:05:29:61:75:52:3e:24:5d:a7:
60:04:f8:5f:42:10:24:42:21:32:c7:e7:fd:08:d6:
e5:cd:b9:81:d0:28:d7:5e:a2:2a:ef:9f:61:d2:bb:
25:a8:65:d3:c6:06:c9:9e:3d:cd:11:19:06:14:e4:
d9:c6:c1:a5:a8:f2:06:fe:d6:29:49:09:a8:9f:e1:
0b:88:68:51:7a:44:99:ec:77:19:81:e4:39:51:da:
a1:9f:46:42:1a:47:e0:22:81:17:36:c2:de:10:4b:
dd:ed:c5:2f:93:a6:1c:65:7f:b9:4f:45:88:28:96:
15:a1:8b:99:be:90:f1:0c:48:6d:e3:95:75:b4:28:
4a:66:7e:2f:67:b8:0d:5d:89:a8:05:c3:6f:86:df:
43:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:12:B9:42:7C:73:67:FF:32:A6:4E:46:D3:79:C2:F0:91:46:20:51
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/57AC699EA2B711EDB06B6D65C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.69.238.0/23
103.213.208.0/22
Signature Algorithm: sha256WithRSAEncryption
39:d8:28:b1:54:39:76:e6:df:7c:ff:17:d6:1f:a7:01:9d:f6:
ca:f7:18:08:3d:bf:06:4f:9b:55:9f:a8:66:21:67:c8:87:39:
58:eb:46:a4:ff:dd:fa:ac:9d:51:0f:78:14:c5:5a:3c:42:c8:
a2:00:53:c2:8a:65:9e:63:3b:11:c0:e3:f4:a8:b9:ce:19:78:
1e:6a:c5:d4:95:4d:c4:e9:1d:42:9e:90:f0:f2:6b:4b:30:4e:
21:4d:64:ac:85:ad:6b:a3:03:77:53:d3:0a:13:76:b0:93:2a:
04:42:63:29:74:79:0f:61:4b:4e:f0:87:1d:b4:4a:c7:33:c7:
03:0c:c5:1e:ff:29:99:17:09:be:6a:95:76:99:8c:ec:9d:9c:
ce:54:e1:47:cb:23:9b:a8:84:f0:8d:75:c0:24:7d:0d:b8:ec:
03:f3:a4:fa:31:28:70:6f:06:a5:6f:9d:5a:25:81:d9:b3:29:
2a:f5:60:ac:98:7b:b3:56:b1:96:27:7e:5c:cc:5f:42:d9:e7:
66:56:dd:a9:d1:d2:31:30:58:17:5c:6b:c7:92:20:2e:a9:59:
f3:db:e5:e1:e0:c0:4f:c6:ca:57:8f:9a:76:ad:46:0a:d6:e5:
9f:91:91:a3:fb:db:87:fc:e0:64:64:87:78:88:94:8c:fc:5d:
3d:69:3c:0a
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgIDAIovMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MDUzMDE2MDE1NloXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjY1OGEyZjQtMDMxMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK8JYEjtl8lkxl8NShk0ttT53NijM1YzG2C/by/hohAtPDt6mcgTwGA0yaqD
H5hwM2K7l1mLDU/yxgMy65TK9ZcaBFwpc8zMW3MbfUJFGEjSI0TiVvSb/+GAGrRD
flasIzcsFAnmL34P57in+CnVBSlhdVI+JF2nYAT4X0IQJEIhMsfn/QjW5c25gdAo
116iKu+fYdK7Jahl08YGyZ49zREZBhTk2cbBpajyBv7WKUkJqJ/hC4hoUXpEmex3
GYHkOVHaoZ9GQhpH4CKBFzbC3hBL3e3FL5OmHGV/uU9FiCiWFaGLmb6Q8QxIbeOV
dbQoSmZ+L2e4DV2JqAXDb4bfQ/8CAwEAAaOCApswggKXMB0GA1UdDgQWBBRDErlC
fHNn/zKmTkbTecLwkUYgUTAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzU3QUM2OTlF
QTJCNzExRURCMDZCNkQ2NUM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMCUGCCsGAQUFBwEHAQH/
BBYwFDASBAIAATAMAwQBZ0XuAwQCZ9XQMA0GCSqGSIb3DQEBCwUAA4IBAQA52Cix
VDl25t98/xfWH6cBnfbK9xgIPb8GT5tVn6hmIWfIhzlY60ak/936rJ1RD3gUxVo8
QsiiAFPCimWeYzsRwOP0qLnOGXgeasXUlU3E6R1CnpDw8mtLME4hTWSsha1rowN3
U9MKE3awkyoEQmMpdHkPYUtO8IcdtErHM8cDDMUe/ymZFwm+apV2mYzsnZzOVOFH
yyObqITwjXXAJH0NuOwD86T6MShwbwalb51aJYHZsykq9WCsmHuzVrGWJ35czF9C
2edmVt2p0dIxMFgXXGvHkiAuqVnz2+Xh4MBPxspXj5p2rUYK1uWfkZGj+9uH/OBk
ZId4iJSM/F09aTwK
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:58:09 2025 by rpki-client