Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/71D138168A8B11ED942E6F74C4F9AE02.roa
File: 71D138168A8B11ED942E6F74C4F9AE02.roa (raw, json)
Hash identifier: OdB1iuA1xItioD64LdX+fIeL1Hv4N6k2vfVcOLmT348=
Subject key identifier: 51:F2:3F:13:25:BF:77:74:85:0F:96:CD:F2:55:F6:69:08:17:E4:9F
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 6252
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/71D138168A8B11ED942E6F74C4F9AE02.roa
Signing time: Mon 02 Jan 2023 10:51:44 +0000
ROA not before: Mon 02 Jan 2023 10:51:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 58678
IP address blocks: 43.241.28.0/22 maxlen: 24
43.241.128.0/22 maxlen: 24
43.241.132.0/22 maxlen: 24
43.242.208.0/24 maxlen: 24
43.242.209.0/24 maxlen: 24
43.242.210.0/24 maxlen: 24
43.242.211.0/24 maxlen: 24
43.242.224.0/22 maxlen: 24
43.242.228.0/22 maxlen: 24
45.64.84.0/22 maxlen: 24
45.114.192.0/22 maxlen: 24
45.117.0.0/22 maxlen: 24
45.127.120.0/22 maxlen: 24
45.250.248.0/24 maxlen: 24
45.250.249.0/24 maxlen: 24
45.250.250.0/24 maxlen: 24
103.14.232.0/22 maxlen: 24
103.26.52.0/22 maxlen: 22
103.26.52.0/24 maxlen: 24
103.26.53.0/24 maxlen: 24
103.26.54.0/24 maxlen: 24
103.26.55.0/24 maxlen: 24
103.26.56.0/22 maxlen: 24
103.42.160.0/22 maxlen: 24
103.48.56.0/22 maxlen: 24
103.48.100.0/22 maxlen: 24
103.59.188.0/22 maxlen: 24
103.59.212.0/22 maxlen: 24
103.66.80.0/24 maxlen: 24
103.66.81.0/24 maxlen: 24
103.66.82.0/24 maxlen: 24
103.66.83.0/24 maxlen: 24
103.74.236.0/22 maxlen: 24
103.77.152.0/22 maxlen: 23
103.77.152.0/23 maxlen: 24
103.77.154.0/24 maxlen: 24
103.89.40.0/22 maxlen: 24
103.111.132.0/22 maxlen: 24
103.112.32.0/24 maxlen: 24
103.112.33.0/24 maxlen: 24
103.112.34.0/24 maxlen: 24
103.112.35.0/24 maxlen: 24
103.137.152.0/22 maxlen: 24
103.155.170.0/24 maxlen: 24
103.162.190.0/23 maxlen: 24
103.163.188.0/24 maxlen: 24
103.163.189.0/24 maxlen: 24
103.168.62.0/24 maxlen: 24
103.168.63.0/24 maxlen: 24
103.174.38.0/24 maxlen: 24
103.177.180.0/24 maxlen: 24
103.177.181.0/24 maxlen: 24
103.178.212.0/23 maxlen: 24
103.181.209.0/24 maxlen: 24
103.185.174.0/23 maxlen: 24
103.204.119.0/24 maxlen: 24
103.209.18.0/24 maxlen: 24
103.209.19.0/24 maxlen: 24
103.216.144.0/22 maxlen: 24
103.218.100.0/22 maxlen: 24
103.219.164.0/24 maxlen: 24
103.219.165.0/24 maxlen: 24
103.219.166.0/24 maxlen: 24
103.219.167.0/24 maxlen: 24
103.220.80.0/22 maxlen: 24
103.220.212.0/22 maxlen: 24
103.226.0.0/22 maxlen: 24
103.226.4.0/22 maxlen: 24
103.226.28.0/22 maxlen: 24
103.232.24.0/22 maxlen: 24
124.108.16.0/22 maxlen: 24
2404:bd00::/48 maxlen: 48
2404:bd00:1::/48 maxlen: 48
2404:bd00:2::/48 maxlen: 48
2404:bd00:3::/48 maxlen: 48
2404:bd00:4::/48 maxlen: 48
2404:bd00:5::/48 maxlen: 48
2404:bd00:6::/48 maxlen: 48
2404:bd00:7::/48 maxlen: 48
2404:bd00:8::/48 maxlen: 48
2404:bd00:a::/48 maxlen: 48
2404:bd00:b::/48 maxlen: 48
2404:bd00:c::/48 maxlen: 48
2404:bd00:d::/48 maxlen: 48
2404:bd00:e::/48 maxlen: 48
2404:bd00:f::/48 maxlen: 48
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25170 (0x6252)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Jan 2 10:51:44 2023 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=63b2b73f-d66b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:5d:49:99:77:87:f7:5b:e0:24:d0:76:a9:c6:
f4:96:24:4f:36:74:e4:9f:2f:c5:86:3f:8b:14:30:
0f:81:12:89:98:d7:2c:03:24:cc:ef:b0:84:44:a4:
b3:15:4f:8e:d8:1d:96:9a:e9:68:75:4f:f8:35:3a:
0c:f7:df:ac:1a:1d:bd:bc:ca:30:d6:01:6c:be:bd:
b7:e7:a1:f7:ff:de:32:c2:9d:7f:05:dc:0c:14:96:
ea:eb:6d:95:ae:c7:a5:f3:a4:e1:58:8d:8b:2c:65:
2a:12:a3:ae:f3:01:c3:0b:00:e1:ef:c3:ff:5f:88:
e5:78:68:8f:98:d0:67:fe:7a:db:76:04:80:5b:c7:
73:18:6b:d0:c7:b7:db:2f:f9:70:76:0c:f8:a1:1a:
94:fc:73:a0:51:8a:23:d3:55:be:95:a6:c3:3f:5f:
ae:b9:93:d8:07:1f:be:9e:d8:e6:e4:22:e5:e4:df:
e8:8d:5c:e7:ac:c5:ae:06:21:d4:b2:0d:61:b5:f9:
65:61:4a:14:43:da:0c:d8:f0:b8:fe:5e:62:ac:8a:
d5:89:77:9e:19:36:1b:bf:32:4c:9e:81:4d:48:28:
ea:ab:92:16:92:2d:6e:83:a0:38:32:51:15:11:80:
16:70:62:ac:29:ad:b7:13:63:69:42:d2:4d:f3:07:
9c:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:F2:3F:13:25:BF:77:74:85:0F:96:CD:F2:55:F6:69:08:17:E4:9F
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/71D138168A8B11ED942E6F74C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.241.28.0/22
43.241.128.0/21
43.242.208.0/22
43.242.224.0/21
45.64.84.0/22
45.114.192.0/22
45.117.0.0/22
45.127.120.0/22
45.250.248.0-45.250.250.255
103.14.232.0/22
103.26.52.0-103.26.59.255
103.42.160.0/22
103.48.56.0/22
103.48.100.0/22
103.59.188.0/22
103.59.212.0/22
103.66.80.0/22
103.74.236.0/22
103.77.152.0/22
103.89.40.0/22
103.111.132.0/22
103.112.32.0/22
103.137.152.0/22
103.155.170.0/24
103.162.190.0/23
103.163.188.0/23
103.168.62.0/23
103.174.38.0/24
103.177.180.0/23
103.178.212.0/23
103.181.209.0/24
103.185.174.0/23
103.204.119.0/24
103.209.18.0/23
103.216.144.0/22
103.218.100.0/22
103.219.164.0/22
103.220.80.0/22
103.220.212.0/22
103.226.0.0/21
103.226.28.0/22
103.232.24.0/22
124.108.16.0/22
IPv6:
2404:bd00::-2404:bd00:8:ffff:ffff:ffff:ffff:ffff
2404:bd00:a::-2404:bd00:f:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
28:c5:6a:6a:b3:86:b8:dd:eb:30:1f:49:0d:89:fa:fa:b9:05:
35:96:45:7c:63:59:3f:df:5b:5b:04:67:1d:db:7f:cd:77:2c:
a6:ad:9d:8b:5e:a9:9d:f7:ad:b1:45:c1:e3:29:b6:40:e0:37:
06:89:d7:3a:8d:da:dd:f8:1e:b2:b2:39:91:57:b1:53:a0:00:
a2:1b:2d:c8:02:ea:3c:ab:7f:64:90:c4:43:c6:a5:1c:6d:95:
c1:c8:fb:ee:d0:03:89:d8:9a:c3:c7:aa:e1:6f:d8:f0:0b:21:
c1:6e:e9:8d:24:bc:69:cf:a0:e9:c2:75:be:72:5a:cb:69:1d:
eb:7b:9b:d7:29:6c:c6:8a:63:11:ef:b9:b3:e2:4c:1f:0b:ac:
e5:36:be:fd:29:08:24:fc:1b:67:cd:5f:eb:47:6a:0e:b4:a0:
1a:1f:d8:75:e0:d7:05:9c:14:a2:32:f2:ff:3d:44:8c:2d:ce:
c9:e0:15:82:d3:a5:ee:88:50:5a:6c:56:c2:a0:eb:2b:8f:86:
98:a2:2d:df:8b:86:6b:6b:f1:b5:a2:87:61:06:f7:13:66:35:
bf:dc:b4:08:24:e7:92:cd:25:4d:9c:43:6d:d1:23:34:56:ba:
45:45:3e:97:eb:6f:d8:f7:a6:7b:dc:6b:65:a7:66:20:0d:ee:
d0:f0:48:9b
-----BEGIN CERTIFICATE-----
MIIGtDCCBZygAwIBAgICYlIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMwMTAyMTA1MTQ0WhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2IyYjczZi1kNjZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxV1JmXeH91vgJNB2qcb0liRPNnTkny/Fhj+LFDAPgRKJmNcsAyTM77CERKSz
FU+O2B2WmulodU/4NToM99+sGh29vMow1gFsvr2356H3/94ywp1/BdwMFJbq622V
rsel86ThWI2LLGUqEqOu8wHDCwDh78P/X4jleGiPmNBn/nrbdgSAW8dzGGvQx7fb
L/lwdgz4oRqU/HOgUYoj01W+labDP1+uuZPYBx++ntjm5CLl5N/ojVznrMWuBiHU
sg1htfllYUoUQ9oM2PC4/l5irIrViXeeGTYbvzJMnoFNSCjqq5IWki1ug6A4MlEV
EYAWcGKsKa23E2NpQtJN8wecJQIDAQABo4ID2DCCA9QwHQYDVR0OBBYEFFHyPxMl
v3d0hQ+WzfJV9mkIF+SfMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvNzFEMTM4MTY4
QThCMTFFRDk0MkU2Rjc0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggFgBggrBgEFBQcBBwEB
/wSCAU8wggFLMIIBGgQCAAEwggESAwQCK/EcAwQDK/GAAwQCK/LQAwQDK/LgAwQC
LUBUAwQCLXLAAwQCLXUAAwQCLX94MAwDBAMt+vgDBAAt+voDBAJnDugwDAMEAmca
NAMEAmcaOAMEAmcqoAMEAmcwOAMEAmcwZAMEAmc7vAMEAmc71AMEAmdCUAMEAmdK
7AMEAmdNmAMEAmdZKAMEAmdvhAMEAmdwIAMEAmeJmAMEAGebqgMEAWeivgMEAWej
vAMEAWeoPgMEAGeuJgMEAWextAMEAWey1AMEAGe10QMEAWe5rgMEAGfMdwMEAWfR
EgMEAmfYkAMEAmfaZAMEAmfbpAMEAmfcUAMEAmfc1AMEA2fiAAMEAmfiHAMEAmfo
GAMEAnxsEDArBAIAAjAlMA8DBAAkBL0DBwAkBL0AAAgwEgMHASQEvQAACgMHBCQE
vQAAADANBgkqhkiG9w0BAQsFAAOCAQEAKMVqarOGuN3rMB9JDYn6+rkFNZZFfGNZ
P99bWwRnHdt/zXcspq2di16pnfetsUXB4ym2QOA3BonXOo3a3fgesrI5kVexU6AA
ohstyALqPKt/ZJDEQ8alHG2Vwcj77tADidiaw8eq4W/Y8AshwW7pjSS8ac+g6cJ1
vnJay2kd63ub1ylsxopjEe+5s+JMHwus5Ta+/SkIJPwbZ81f60dqDrSgGh/YdeDX
BZwUojLy/z1EjC3OyeAVgtOl7ohQWmxWwqDrK4+GmKIt34uGa2vxtaKHYQb3E2Y1
v9y0CCTnks0lTZxDbdEjNFa6RUU+l+tv2Peme9xrZadmIA3u0PBImw==
-----END CERTIFICATE-----
Generated at Fri Apr 4 21:58:11 2025 by rpki-client