Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/5CF94CE0FF1D11EFB665791AC4F9AE02.roa
File: 5CF94CE0FF1D11EFB665791AC4F9AE02.roa (raw, json)
Hash identifier: DRJJlCMMuxO7+McZbMzqXSyfpgVMC0RiGE+n2u+jLTk=
Subject key identifier: C3:22:B7:8B:EC:DB:36:D0:F8:BA:26:85:5B:63:63:BA:47:9C:15:6C
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: AAFF
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/5CF94CE0FF1D11EFB665791AC4F9AE02.roa
Signing time: Thu 13 Mar 2025 08:10:33 +0000
ROA not before: Thu 13 Mar 2025 08:10:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 133648
IP address blocks: 43.231.56.0/22 maxlen: 24
103.44.18.0/24 maxlen: 24
103.50.148.0/24 maxlen: 24
103.50.150.0/23 maxlen: 24
103.79.168.0/22 maxlen: 24
103.79.248.0/22 maxlen: 24
103.95.164.0/22 maxlen: 24
103.163.62.0/23 maxlen: 24
103.167.98.0/23 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 43775 (0xaaff)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Mar 13 08:10:33 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67d292f9-6c91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:8c:2d:a6:bb:3c:ab:6a:30:04:bc:b8:93:5e:
fc:2e:fd:43:e5:d0:b0:70:cf:44:17:08:79:97:e1:
a2:a4:a8:6f:1f:47:90:10:f7:df:44:cc:ae:f0:5a:
42:32:87:df:07:df:5a:c2:ff:31:e1:fc:7c:2f:ed:
25:2d:3e:71:c8:0c:55:9f:51:2c:7e:ea:a1:b3:73:
b4:b0:10:b2:2e:75:77:53:bb:e8:29:39:84:92:c4:
c8:b5:e6:29:56:e1:27:22:3e:d9:69:2a:4e:ea:b6:
e3:a7:f2:d8:94:be:eb:4c:05:1f:05:6d:af:e5:b0:
98:31:50:cc:f8:9b:d8:64:ff:6c:86:60:ce:97:9d:
26:6b:bb:78:0f:27:35:c2:ba:39:47:c2:2f:14:b5:
fb:11:d5:7b:64:6e:2a:0d:cf:fe:62:82:42:ff:76:
1c:54:06:2f:8c:c6:34:c3:f7:a9:24:d6:17:f4:19:
84:1e:bb:b2:f2:83:af:81:94:cf:bf:b6:8c:bd:ae:
32:7d:75:c2:ea:72:34:74:da:c3:9c:f4:23:28:5a:
d9:95:77:e1:e4:d3:33:0e:81:7c:74:af:7b:aa:f8:
e6:4b:37:d8:bb:4f:e8:36:7c:f1:94:7a:d6:a7:25:
e7:53:2c:a9:1f:a8:1d:05:f1:43:b8:93:d9:df:2f:
1d:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:22:B7:8B:EC:DB:36:D0:F8:BA:26:85:5B:63:63:BA:47:9C:15:6C
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/5CF94CE0FF1D11EFB665791AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.231.56.0/22
103.44.18.0/24
103.50.148.0/24
103.50.150.0/23
103.79.168.0/22
103.79.248.0/22
103.95.164.0/22
103.163.62.0/23
103.167.98.0/23
Signature Algorithm: sha256WithRSAEncryption
66:40:ab:ee:c3:2a:9e:04:e1:32:fc:55:70:12:e5:6a:c8:9d:
86:bc:32:13:33:f4:99:d1:a5:d9:6c:1b:85:b2:98:60:f8:79:
39:59:fc:37:c0:a1:18:86:6b:8b:8e:c5:f8:7e:bc:bd:89:08:
05:c4:f9:3e:f8:b5:7f:eb:b7:35:38:f8:6a:04:62:9f:58:9a:
15:9a:fa:90:ca:22:ff:f4:3c:f0:52:c5:da:b4:5a:e9:6c:0c:
18:44:13:8a:ef:a9:8d:44:af:7d:2b:8a:25:0e:1f:c3:cc:d2:
db:fe:54:31:db:34:f4:5a:b8:4f:7a:7d:45:f1:89:b6:20:b0:
88:2b:7c:ad:4c:d5:07:c1:e0:a9:0f:18:6e:42:c2:ef:37:e4:
3a:1b:62:64:9e:4a:ff:25:77:aa:07:bd:1a:ac:8b:ae:ce:7b:
50:2e:31:87:ad:fe:92:22:98:fa:ad:59:06:9a:72:80:29:f3:
06:19:f1:7a:f7:7e:55:7b:4d:20:c2:ec:80:45:2e:81:4d:be:
31:05:e2:36:d0:51:e7:0c:27:a8:48:03:ef:f5:95:32:5c:42:
90:b6:46:b7:4b:fb:30:f5:64:52:f2:d0:6a:af:42:2f:28:3b:
7c:b6:f3:f4:4e:66:67:ae:d2:d1:11:d7:51:c8:13:a1:82:b0:
ff:61:69:dc
-----BEGIN CERTIFICATE-----
MIIFojCCBIqgAwIBAgIDAKr/MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDMxMzA4MTAzM1oXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjdkMjkyZjktNmM5MTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN+MLaa7PKtqMAS8uJNe/C79Q+XQsHDPRBcIeZfhoqSobx9HkBD330TMrvBa
QjKH3wffWsL/MeH8fC/tJS0+ccgMVZ9RLH7qobNztLAQsi51d1O76Ck5hJLEyLXm
KVbhJyI+2WkqTuq246fy2JS+60wFHwVtr+WwmDFQzPib2GT/bIZgzpedJmu7eA8n
NcK6OUfCLxS1+xHVe2RuKg3P/mKCQv92HFQGL4zGNMP3qSTWF/QZhB67svKDr4GU
z7+2jL2uMn11wupyNHTaw5z0Iyha2ZV34eTTMw6BfHSve6r45ks32LtP6DZ88ZR6
1qcl51MsqR+oHQXxQ7iT2d8vHRcCAwEAAaOCAsUwggLBMB0GA1UdDgQWBBTDIreL
7Ns20Pi6JoVbY2O6R5wVbDAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzVDRjk0Q0Uw
RkYxRDExRUZCNjY1NzkxQUM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sME8GCCsGAQUFBwEHAQH/
BEAwPjA8BAIAATA2AwQCK+c4AwQAZywSAwQAZzKUAwQBZzKWAwQCZ0+oAwQCZ0/4
AwQCZ1+kAwQBZ6M+AwQBZ6diMA0GCSqGSIb3DQEBCwUAA4IBAQBmQKvuwyqeBOEy
/FVwEuVqyJ2GvDITM/SZ0aXZbBuFsphg+Hk5Wfw3wKEYhmuLjsX4fry9iQgFxPk+
+LV/67c1OPhqBGKfWJoVmvqQyiL/9DzwUsXatFrpbAwYRBOK76mNRK99K4olDh/D
zNLb/lQx2zT0WrhPen1F8Ym2ILCIK3ytTNUHweCpDxhuQsLvN+Q6G2Jknkr/JXeq
B70arIuuzntQLjGHrf6SIpj6rVkGmnKAKfMGGfF6935Ve00gwuyARS6BTb4xBeI2
0FHnDCeoSAPv9ZUyXEKQtka3S/sw9WRS8tBqr0IvKDt8tvP0TmZnrtLREddRyBOh
grD/YWnc
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:58:16 2025 by rpki-client