Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/7354642E8A8B11ED942E6F74C4F9AE02.roa
File: 7354642E8A8B11ED942E6F74C4F9AE02.roa (raw, json)
Hash identifier: zwyW3skKjihzfL6Ht9IEzMk7NAY3gQxa9BAbbm/Aj/I=
Subject key identifier: 6B:96:75:D4:F5:00:36:04:03:28:5E:6B:0D:57:DC:07:71:EC:AB:6D
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 916F
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/7354642E8A8B11ED942E6F74C4F9AE02.roa
Signing time: Fri 31 May 2024 13:22:32 +0000
ROA not before: Fri 31 May 2024 13:22:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58965
IP address blocks: 43.225.192.0/24 maxlen: 24
43.225.193.0/24 maxlen: 24
43.225.194.0/24 maxlen: 24
43.225.195.0/24 maxlen: 24
103.70.162.0/24 maxlen: 24
103.70.163.0/24 maxlen: 24
103.74.144.0/22 maxlen: 24
103.77.40.0/24 maxlen: 24
103.77.41.0/24 maxlen: 24
103.77.42.0/24 maxlen: 24
103.77.43.0/24 maxlen: 24
103.83.144.0/22 maxlen: 22
103.83.144.0/24 maxlen: 24
103.83.145.0/24 maxlen: 24
103.83.146.0/24 maxlen: 24
103.83.147.0/24 maxlen: 24
103.83.220.0/22 maxlen: 22
103.83.220.0/24 maxlen: 24
103.83.221.0/24 maxlen: 24
103.83.222.0/24 maxlen: 24
103.83.223.0/24 maxlen: 24
103.110.16.0/22 maxlen: 24
103.125.128.0/24 maxlen: 24
103.125.129.0/24 maxlen: 24
103.125.130.0/24 maxlen: 24
103.125.131.0/24 maxlen: 24
103.129.194.0/24 maxlen: 24
103.134.114.0/24 maxlen: 24
103.134.115.0/24 maxlen: 24
103.141.90.0/23 maxlen: 24
103.157.52.0/23 maxlen: 24
103.161.198.0/24 maxlen: 24
103.163.144.0/23 maxlen: 24
103.164.46.0/24 maxlen: 24
103.164.47.0/24 maxlen: 24
103.165.28.0/23 maxlen: 24
103.180.42.0/23 maxlen: 24
103.233.116.0/24 maxlen: 24
103.233.117.0/24 maxlen: 24
103.233.118.0/24 maxlen: 24
103.233.119.0/24 maxlen: 24
103.243.7.0/24 maxlen: 24
103.254.204.0/23 maxlen: 24
2001:df0:4940::/48 maxlen: 48
2001:df1:5640::/48 maxlen: 48
2001:df3:69c0::/48 maxlen: 48
2001:df7:2b00::/48 maxlen: 48
2407:45c0::/32 maxlen: 32
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 37231 (0x916f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: May 31 13:22:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6659cf18-2a5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:c9:3e:82:8a:35:8d:69:18:36:4d:d7:58:9d:
75:28:4f:7f:6b:ff:32:71:bd:4b:45:94:54:6d:03:
45:79:b4:cf:3d:55:3c:67:5c:12:fd:85:f4:60:63:
b0:a2:5b:3d:72:15:bb:70:bd:90:2d:26:cf:ce:c3:
7d:c6:4a:6e:72:7a:be:b7:34:9f:fa:c8:36:fc:60:
60:85:5e:01:f6:a0:62:0c:8a:c4:83:5a:06:a9:b1:
44:f6:6f:fc:a3:ad:f3:13:f2:c7:6e:d4:0e:20:ab:
4d:de:3c:6b:23:39:de:9e:68:08:3f:a9:d9:71:79:
e6:4b:d1:c6:ca:1a:21:d0:3f:28:56:5f:1f:6a:19:
b2:7f:22:ab:41:b1:a8:a5:3f:af:a7:cf:f7:6b:29:
f8:4f:10:82:26:30:d9:f7:4e:fa:74:8d:77:ec:03:
af:7f:20:a6:f2:a0:6e:aa:f1:12:bf:e4:f8:a6:cc:
9b:89:58:e5:58:7e:ff:60:79:b1:b2:df:db:16:e3:
51:3c:15:3b:c6:a8:96:ad:0b:6b:5a:e3:55:ef:ad:
81:c4:ef:8a:94:91:67:00:a6:f7:94:5f:b2:bf:de:
fb:4b:44:b4:b9:09:d6:54:b0:92:a7:c4:68:93:8e:
33:58:c7:19:f8:c3:fe:34:e2:f5:e4:b7:b9:b4:58:
5a:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:96:75:D4:F5:00:36:04:03:28:5E:6B:0D:57:DC:07:71:EC:AB:6D
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/7354642E8A8B11ED942E6F74C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.225.192.0/22
103.70.162.0/23
103.74.144.0/22
103.77.40.0/22
103.83.144.0/22
103.83.220.0/22
103.110.16.0/22
103.125.128.0/22
103.129.194.0/24
103.134.114.0/23
103.141.90.0/23
103.157.52.0/23
103.161.198.0/24
103.163.144.0/23
103.164.46.0/23
103.165.28.0/23
103.180.42.0/23
103.233.116.0/22
103.243.7.0/24
103.254.204.0/23
IPv6:
2001:df0:4940::/48
2001:df1:5640::/48
2001:df3:69c0::/48
2001:df7:2b00::/48
2407:45c0::/32
Signature Algorithm: sha256WithRSAEncryption
12:18:57:71:8c:4d:89:24:95:27:42:04:20:04:ae:fc:6a:8e:
11:91:de:60:ed:ec:58:2d:4a:96:c0:22:06:69:1a:97:9d:06:
e7:d6:81:9e:17:37:dc:60:98:09:51:6b:70:46:83:af:0b:1a:
98:13:2c:c9:4a:e6:86:24:2f:c0:71:48:2b:cd:05:20:ba:ce:
61:2d:c8:9d:a0:86:3b:05:2f:5d:ac:a0:01:c2:cd:f0:13:1b:
e0:70:97:75:44:c8:bb:9d:f3:4a:2d:f4:ad:9a:4f:71:97:6a:
38:b2:1c:6c:5e:55:f7:7d:63:f7:02:c1:a9:30:39:81:bb:3a:
0c:36:de:0a:e5:17:2a:5f:91:a2:20:81:53:fa:c8:73:92:db:
50:54:e1:02:72:0d:be:98:4a:20:90:33:8b:ec:42:7e:59:3d:
c8:78:ba:c4:4b:1f:56:76:38:8b:33:ca:55:6a:41:21:e9:3e:
08:f1:34:e4:75:01:83:fa:88:9b:ef:4a:d5:33:54:e8:08:20:
bf:90:31:2a:7b:98:c6:9f:ad:7a:37:fb:d5:0a:5a:34:66:da:
62:b3:ee:c2:cb:61:e1:93:eb:02:bc:2d:f9:f1:78:d9:74:9c:
bc:b5:20:62:ae:16:7b:f5:95:9a:c9:5a:03:42:df:07:f2:0c:
b4:2a:7e:a8
-----BEGIN CERTIFICATE-----
MIIGGjCCBQKgAwIBAgIDAJFvMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MDUzMTEzMjIzMloXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjY1OWNmMTgtMmE1ZDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKXJPoKKNY1pGDZN11iddShPf2v/MnG9S0WUVG0DRXm0zz1VPGdcEv2F9GBj
sKJbPXIVu3C9kC0mz87DfcZKbnJ6vrc0n/rINvxgYIVeAfagYgyKxINaBqmxRPZv
/KOt8xPyx27UDiCrTd48ayM53p5oCD+p2XF55kvRxsoaIdA/KFZfH2oZsn8iq0Gx
qKU/r6fP92sp+E8QgiYw2fdO+nSNd+wDr38gpvKgbqrxEr/k+KbMm4lY5Vh+/2B5
sbLf2xbjUTwVO8aolq0La1rjVe+tgcTvipSRZwCm95Rfsr/e+0tEtLkJ1lSwkqfE
aJOOM1jHGfjD/jTi9eS3ubRYWp0CAwEAAaOCAz0wggM5MB0GA1UdDgQWBBRrlnXU
9QA2BAMoXmsNV9wHceyrbTAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzczNTQ2NDJF
OEE4QjExRUQ5NDJFNkY3NEM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIHGBggrBgEFBQcBBwEB
/wSBtjCBszB+BAIAATB4AwQCK+HAAwQBZ0aiAwQCZ0qQAwQCZ00oAwQCZ1OQAwQC
Z1PcAwQCZ24QAwQCZ32AAwQAZ4HCAwQBZ4ZyAwQBZ41aAwQBZ500AwQAZ6HGAwQB
Z6OQAwQBZ6QuAwQBZ6UcAwQBZ7QqAwQCZ+l0AwQAZ/MHAwQBZ/7MMDEEAgACMCsD
BwAgAQ3wSUADBwAgAQ3xVkADBwAgAQ3zacADBwAgAQ33KwADBQAkB0XAMA0GCSqG
SIb3DQEBCwUAA4IBAQASGFdxjE2JJJUnQgQgBK78ao4Rkd5g7exYLUqWwCIGaRqX
nQbn1oGeFzfcYJgJUWtwRoOvCxqYEyzJSuaGJC/AcUgrzQUgus5hLcidoIY7BS9d
rKABws3wExvgcJd1RMi7nfNKLfStmk9xl2o4shxsXlX3fWP3AsGpMDmBuzoMNt4K
5RcqX5GiIIFT+shzkttQVOECcg2+mEogkDOL7EJ+WT3IeLrESx9WdjiLM8pVakEh
6T4I8TTkdQGD+oib70rVM1ToCCC/kDEqe5jGn616N/vVClo0Ztpis+7Cy2Hhk+sC
vC358XjZdJy8tSBirhZ79ZWayVoDQt8H8gy0Kn6o
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:10:46 2025 by rpki-client