Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/6B9CB51CA0E911EF83DDD22FC4F9AE02.roa
File: 6B9CB51CA0E911EF83DDD22FC4F9AE02.roa (raw, json)
Hash identifier: 3uHiHXVlZePuoP97b5QYT50ucgqtFSPLtoqz0B8YW4I=
Subject key identifier: 1E:B6:A9:CA:F3:A4:90:74:1B:93:C4:3B:A4:73:89:08:F8:6F:E5:C8
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: A7FA
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/6B9CB51CA0E911EF83DDD22FC4F9AE02.roa
Signing time: Thu 27 Feb 2025 09:06:25 +0000
ROA not before: Thu 27 Feb 2025 09:06:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 133255
IP address blocks: 45.124.144.0/22 maxlen: 24
103.39.139.0/24 maxlen: 24
103.39.236.0/23 maxlen: 24
103.84.128.0/22 maxlen: 24
103.97.246.0/23 maxlen: 24
103.137.174.0/23 maxlen: 24
103.170.20.0/24 maxlen: 24
103.234.94.0/24 maxlen: 24
2001:df5:1400::/48 maxlen: 48
2400:dbc0::/32 maxlen: 32
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 43002 (0xa7fa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Feb 27 09:06:25 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67c02b11-e5f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:5f:25:8d:0d:15:f9:ca:c4:fb:d3:7c:5d:5c:
b7:3e:fc:83:f7:9d:8c:82:95:07:dc:81:2a:fa:f3:
c4:4b:70:4d:59:3a:51:73:d3:ac:5d:aa:f6:4f:db:
b5:4c:62:46:75:90:35:7d:46:fe:af:7b:1e:68:93:
75:de:2e:ea:2a:2b:69:3c:15:c1:2f:35:5c:05:df:
9f:db:91:68:33:56:1c:6a:bf:45:13:90:58:94:fb:
a2:34:37:5c:0a:97:81:11:ce:5f:cf:7d:b9:cb:f2:
8c:12:f9:7d:a3:81:57:94:8f:d4:6a:78:85:a4:f4:
60:6e:e1:31:f0:25:bc:9e:d9:e1:fd:e5:c8:48:a6:
03:19:39:b7:bc:8a:97:45:48:44:07:c1:76:a1:65:
8f:4e:d1:09:cd:83:10:0b:29:59:b7:1c:13:cd:33:
ad:5a:9e:d7:da:7d:b5:5d:37:66:0c:7f:c2:bd:b1:
2a:47:62:ad:fc:12:51:fd:16:1c:51:b4:17:59:fe:
a1:f8:8a:7f:0e:f9:af:70:96:93:12:ff:d4:57:94:
50:87:cd:01:19:9f:94:f7:a5:c7:3c:c7:c7:fd:25:
cb:9f:a8:5f:79:67:8b:3e:b0:e6:77:20:91:3a:77:
00:0d:83:e6:e9:70:01:43:7b:2b:6c:16:6c:63:6a:
ba:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:B6:A9:CA:F3:A4:90:74:1B:93:C4:3B:A4:73:89:08:F8:6F:E5:C8
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/6B9CB51CA0E911EF83DDD22FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.124.144.0/22
103.39.139.0/24
103.39.236.0/23
103.84.128.0/22
103.97.246.0/23
103.137.174.0/23
103.170.20.0/24
103.234.94.0/24
IPv6:
2001:df5:1400::/48
2400:dbc0::/32
Signature Algorithm: sha256WithRSAEncryption
8d:ff:74:e0:d3:ec:3b:84:cb:b3:fe:11:d7:31:d4:8f:a7:d8:
c7:14:2d:78:4c:61:3f:a7:37:94:21:e4:50:73:9e:1a:17:f5:
8d:d4:b6:ec:09:0d:11:6d:f2:3a:f6:84:2e:55:b5:6b:01:b1:
b6:4c:f0:39:7d:42:ac:03:5e:1e:d0:87:ad:ca:3c:39:d2:12:
80:33:36:1e:1d:c6:c6:10:1a:4d:d6:61:49:80:fc:8b:18:35:
17:36:49:1a:e1:78:4d:21:d8:7b:b2:b1:f9:5c:03:00:b9:d3:
38:e5:04:f5:d8:a9:c8:9f:2e:18:92:fa:04:73:36:7b:0b:f4:
ce:b8:ea:eb:f5:22:43:6a:1b:25:ff:91:b8:a5:00:34:b7:6b:
0c:d9:8f:3b:73:c7:ea:ed:00:3d:57:85:f0:22:dd:c0:f6:6b:
42:eb:5f:e0:2c:dd:cb:46:5f:53:88:93:fe:62:77:08:e1:9d:
5e:45:5b:1d:3c:13:2e:04:2f:a3:84:c3:0b:db:87:78:7c:37:
e8:5b:55:3d:89:e7:51:62:49:82:95:66:7e:56:08:67:f4:1f:
85:81:4c:f4:b1:f9:fd:2b:ef:f7:36:f0:a9:49:c7:58:38:46:
e6:fc:47:9b:59:b4:4f:f2:b0:ea:93:62:9b:16:09:0d:71:cf:
a1:c5:b3:d3
-----BEGIN CERTIFICATE-----
MIIFtDCCBJygAwIBAgIDAKf6MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDIyNzA5MDYyNVoXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjdjMDJiMTEtZTVmNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALBfJY0NFfnKxPvTfF1ctz78g/edjIKVB9yBKvrzxEtwTVk6UXPTrF2q9k/b
tUxiRnWQNX1G/q97HmiTdd4u6ioraTwVwS81XAXfn9uRaDNWHGq/RROQWJT7ojQ3
XAqXgRHOX899ucvyjBL5faOBV5SP1Gp4haT0YG7hMfAlvJ7Z4f3lyEimAxk5t7yK
l0VIRAfBdqFlj07RCc2DEAspWbccE80zrVqe19p9tV03Zgx/wr2xKkdirfwSUf0W
HFG0F1n+ofiKfw75r3CWkxL/1FeUUIfNARmflPelxzzHx/0ly5+oX3lniz6w5ncg
kTp3AA2D5ulwAUN7K2wWbGNqujcCAwEAAaOCAtcwggLTMB0GA1UdDgQWBBQetqnK
86SQdBuTxDukc4kI+G/lyDAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzZCOUNCNTFD
QTBFOTExRUY4M0RERDIyRkM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMGEGCCsGAQUFBwEHAQH/
BFIwUDA2BAIAATAwAwQCLXyQAwQAZyeLAwQBZyfsAwQCZ1SAAwQBZ2H2AwQBZ4mu
AwQAZ6oUAwQAZ+peMBYEAgACMBADBwAgAQ31FAADBQAkANvAMA0GCSqGSIb3DQEB
CwUAA4IBAQCN/3Tg0+w7hMuz/hHXMdSPp9jHFC14TGE/pzeUIeRQc54aF/WN1Lbs
CQ0RbfI69oQuVbVrAbG2TPA5fUKsA14e0Ietyjw50hKAMzYeHcbGEBpN1mFJgPyL
GDUXNkka4XhNIdh7srH5XAMAudM45QT12KnIny4YkvoEczZ7C/TOuOrr9SJDahsl
/5G4pQA0t2sM2Y87c8fq7QA9V4XwIt3A9mtC61/gLN3LRl9TiJP+YncI4Z1eRVsd
PBMuBC+jhMML24d4fDfoW1U9iedRYkmClWZ+Vghn9B+FgUz0sfn9K+/3NvCpScdY
OEbm/EebWbRP8rDqk2KbFgkNcc+hxbPT
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:01:47 2025 by rpki-client