Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/5EDD927C508C11EFA28BBB1CC4F9AE02.roa
File: 5EDD927C508C11EFA28BBB1CC4F9AE02.roa (raw, json)
Hash identifier: SWy60Oisu9z4sSidQ3nmTptH2chbj/KpStAhpqmIL4U=
Subject key identifier: F7:59:5C:40:13:E2:98:BB:19:54:F5:FE:6D:C3:54:74:47:D3:A5:C6
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 95DF
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/5EDD927C508C11EFA28BBB1CC4F9AE02.roa
Signing time: Fri 02 Aug 2024 05:02:09 +0000
ROA not before: Fri 02 Aug 2024 05:02:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 137085
IP address blocks: 27.123.240.0/23 maxlen: 24
43.225.248.0/22 maxlen: 24
43.228.164.0/23 maxlen: 24
103.37.98.0/23 maxlen: 24
103.49.56.0/22 maxlen: 24
103.68.140.0/23 maxlen: 24
103.69.239.0/24 maxlen: 24
103.72.196.0/24 maxlen: 24
103.91.72.0/24 maxlen: 24
103.91.73.0/24 maxlen: 24
103.91.74.0/24 maxlen: 24
103.91.75.0/24 maxlen: 24
103.91.76.0/22 maxlen: 24
103.92.107.0/24 maxlen: 24
103.93.39.0/24 maxlen: 24
103.101.112.0/22 maxlen: 24
103.113.110.0/23 maxlen: 24
103.115.128.0/24 maxlen: 24
103.115.131.0/24 maxlen: 24
103.120.152.0/24 maxlen: 24
103.120.153.0/24 maxlen: 24
103.124.174.0/24 maxlen: 24
103.138.9.0/24 maxlen: 24
103.148.119.0/24 maxlen: 24
103.154.8.0/23 maxlen: 24
103.157.188.0/23 maxlen: 24
103.158.41.0/24 maxlen: 24
103.159.104.0/23 maxlen: 24
103.160.25.0/24 maxlen: 24
103.160.222.0/24 maxlen: 24
103.164.140.0/24 maxlen: 24
103.170.48.0/23 maxlen: 24
103.173.238.0/23 maxlen: 24
103.174.28.0/24 maxlen: 24
103.174.29.0/24 maxlen: 24
103.178.117.0/24 maxlen: 24
103.181.66.0/24 maxlen: 24
103.181.119.0/24 maxlen: 24
103.184.41.0/24 maxlen: 24
103.184.205.0/24 maxlen: 24
103.204.70.0/24 maxlen: 24
103.206.51.0/24 maxlen: 24
103.206.96.0/23 maxlen: 24
103.216.141.0/24 maxlen: 24
103.225.70.0/24 maxlen: 24
103.232.232.0/22 maxlen: 24
202.4.169.0/24 maxlen: 24
2001:df1:d240::/48 maxlen: 48
2001:df1:ed40::/48 maxlen: 48
2001:df2:3ac0::/48 maxlen: 48
2001:df2:3f40::/48 maxlen: 48
2001:df2:9640::/48 maxlen: 48
2001:df3:1340::/48 maxlen: 48
2400:d660::/32 maxlen: 32
2405:e100:a::/48 maxlen: 48
2405:e100:b::/48 maxlen: 48
2405:e100:c::/48 maxlen: 48
2405:e100:d::/48 maxlen: 48
2405:e100:e::/48 maxlen: 48
2405:e100:f::/48 maxlen: 48
2405:e100:1d::/48 maxlen: 48
2405:e100:1e::/48 maxlen: 48
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 38367 (0x95df)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Aug 2 05:02:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=66ac6851-6b3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:90:71:0c:ae:09:db:fc:e1:28:c9:40:41:e2:
be:20:ee:98:5c:2d:c4:68:39:a5:6d:33:e1:7a:dc:
28:29:6c:77:81:7a:91:09:a8:20:e5:8a:d2:e8:9f:
5c:7a:a0:69:06:09:31:93:9b:40:a3:76:a4:a9:47:
94:02:96:b7:bc:86:7d:f4:58:09:ef:36:3f:7d:3c:
19:e4:cd:d6:d6:63:cb:41:1c:e8:d4:43:4a:90:9a:
09:aa:c1:19:59:68:f6:f3:99:58:0b:09:1e:68:60:
4e:a3:35:62:b8:f5:7d:49:8a:6d:ca:3a:92:25:35:
2a:62:fa:a0:4b:63:b5:45:88:6a:e4:64:5d:07:3d:
26:9f:96:65:46:0d:53:b6:ed:cc:67:f1:aa:21:32:
6a:a6:34:c1:9d:49:4b:65:f3:39:a7:99:2a:c5:09:
cf:7f:68:1f:21:0c:b1:a1:ea:88:44:71:72:09:19:
30:39:42:b3:76:38:a2:9c:10:47:50:83:bd:a4:ff:
90:0e:d4:8a:c6:71:0c:dd:21:31:d3:74:2e:7b:bf:
8d:0a:65:d5:d2:2d:22:8c:a8:2e:e6:1d:ac:9d:ed:
10:c2:b4:de:85:f2:dd:79:c0:b6:4e:49:5c:b0:ee:
42:f4:57:31:07:d4:61:bc:ad:bb:7f:77:a8:a6:dc:
26:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:59:5C:40:13:E2:98:BB:19:54:F5:FE:6D:C3:54:74:47:D3:A5:C6
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/5EDD927C508C11EFA28BBB1CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.123.240.0/23
43.225.248.0/22
43.228.164.0/23
103.37.98.0/23
103.49.56.0/22
103.68.140.0/23
103.69.239.0/24
103.72.196.0/24
103.91.72.0/21
103.92.107.0/24
103.93.39.0/24
103.101.112.0/22
103.113.110.0/23
103.115.128.0/24
103.115.131.0/24
103.120.152.0/23
103.124.174.0/24
103.138.9.0/24
103.148.119.0/24
103.154.8.0/23
103.157.188.0/23
103.158.41.0/24
103.159.104.0/23
103.160.25.0/24
103.160.222.0/24
103.164.140.0/24
103.170.48.0/23
103.173.238.0/23
103.174.28.0/23
103.178.117.0/24
103.181.66.0/24
103.181.119.0/24
103.184.41.0/24
103.184.205.0/24
103.204.70.0/24
103.206.51.0/24
103.206.96.0/23
103.216.141.0/24
103.225.70.0/24
103.232.232.0/22
202.4.169.0/24
IPv6:
2001:df1:d240::/48
2001:df1:ed40::/48
2001:df2:3ac0::/48
2001:df2:3f40::/48
2001:df2:9640::/48
2001:df3:1340::/48
2400:d660::/32
2405:e100:a::-2405:e100:f:ffff:ffff:ffff:ffff:ffff
2405:e100:1d::-2405:e100:1e:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
6b:0c:2c:b8:85:2a:31:a1:41:2f:ea:72:ae:e2:88:3b:96:c2:
9a:ea:83:48:ff:31:a1:62:55:f5:af:16:e6:c6:da:bd:9a:3b:
4d:2a:f4:c0:08:1d:0b:d2:99:a8:c0:f8:8c:2e:ed:e0:04:77:
29:c3:4c:a7:49:4c:37:4e:32:82:86:59:79:e7:47:3d:e2:82:
71:a6:cf:4a:90:7a:4e:2a:11:c0:c0:8d:53:69:62:ba:25:c3:
4a:73:20:b3:35:25:e6:cf:56:b3:e3:72:29:46:77:a1:fd:9a:
63:b7:5f:ec:31:18:ef:b2:69:79:1a:f2:24:38:79:c8:47:9d:
13:8c:56:b9:94:04:27:2e:c8:fb:f7:8f:e9:00:c7:16:bc:17:
7c:38:48:92:c6:35:c0:ec:84:0b:6a:2c:a5:7e:80:77:7c:e3:
92:2b:19:0a:17:58:75:83:da:57:97:3b:9c:41:26:10:54:c4:
3e:08:18:db:b0:ba:12:fb:c5:eb:07:d3:b6:e1:82:d1:b5:09:
a8:b5:2f:fd:3e:12:ba:51:4a:67:b1:99:de:58:6d:77:34:9c:
72:0c:89:25:34:d8:92:52:bb:b6:8d:31:1d:5c:2a:8f:e5:9d:
b1:e3:0a:36:21:bf:5b:08:10:de:d0:59:bf:51:c3:6a:35:68:
a4:17:49:a8
-----BEGIN CERTIFICATE-----
MIIG1zCCBb+gAwIBAgIDAJXfMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MDgwMjA1MDIwOVoXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjZhYzY4NTEtNmIzZjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOWQcQyuCdv84SjJQEHiviDumFwtxGg5pW0z4XrcKClsd4F6kQmoIOWK0uif
XHqgaQYJMZObQKN2pKlHlAKWt7yGffRYCe82P308GeTN1tZjy0Ec6NRDSpCaCarB
GVlo9vOZWAsJHmhgTqM1Yrj1fUmKbco6kiU1KmL6oEtjtUWIauRkXQc9Jp+WZUYN
U7btzGfxqiEyaqY0wZ1JS2XzOaeZKsUJz39oHyEMsaHqiERxcgkZMDlCs3Y4opwQ
R1CDvaT/kA7UisZxDN0hMdN0Lnu/jQpl1dItIoyoLuYdrJ3tEMK03oXy3XnAtk5J
XLDuQvRXMQfUYbytu393qKbcJrcCAwEAAaOCA/owggP2MB0GA1UdDgQWBBT3WVxA
E+KYuxlU9f5tw1R0R9OlxjAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzVFREQ5MjdD
NTA4QzExRUZBMjhCQkIxQ0M0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIIBggYIKwYBBQUHAQcB
Af8EggFxMIIBbTCB/QQCAAEwgfYDBAEbe/ADBAIr4fgDBAEr5KQDBAFnJWIDBAJn
MTgDBAFnRIwDBABnRe8DBABnSMQDBANnW0gDBABnXGsDBABnXScDBAJnZXADBAFn
cW4DBABnc4ADBABnc4MDBAFneJgDBABnfK4DBABnigkDBABnlHcDBAFnmggDBAFn
nbwDBABnnikDBAFnn2gDBABnoBkDBABnoN4DBABnpIwDBAFnqjADBAFnre4DBAFn
rhwDBABnsnUDBABntUIDBABntXcDBABnuCkDBABnuM0DBABnzEYDBABnzjMDBAFn
zmADBABn2I0DBABn4UYDBAJn6OgDBADKBKkwawQCAAIwZQMHACABDfHSQAMHACAB
DfHtQAMHACABDfI6wAMHACABDfI/QAMHACABDfKWQAMHACABDfMTQAMFACQA1mAw
EgMHASQF4QAACgMHBCQF4QAAADASAwcAJAXhAAAdAwcAJAXhAAAeMA0GCSqGSIb3
DQEBCwUAA4IBAQBrDCy4hSoxoUEv6nKu4og7lsKa6oNI/zGhYlX1rxbmxtq9mjtN
KvTACB0L0pmowPiMLu3gBHcpw0ynSUw3TjKChll550c94oJxps9KkHpOKhHAwI1T
aWK6JcNKcyCzNSXmz1az43IpRneh/Zpjt1/sMRjvsml5GvIkOHnIR50TjFa5lAQn
Lsj794/pAMcWvBd8OEiSxjXA7IQLaiylfoB3fOOSKxkKF1h1g9pXlzucQSYQVMQ+
CBjbsLoS+8XrB9O24YLRtQmotS/9PhK6UUpnsZneWG13NJxyDIklNNiSUru2jTEd
XCqP5Z2x4wo2Ib9bCBDe0Fm/UcNqNWikF0mo
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:10:56 2025 by rpki-client