Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/76DAD2DCD4A311EE8EF13B5EC4F9AE02.roa
File: 76DAD2DCD4A311EE8EF13B5EC4F9AE02.roa (raw, json)
Hash identifier: PRJzn8L5Gld4AdkDaBioRHC5amvsI4HuWC0EfVgvXr0=
Subject key identifier: 76:DD:A0:94:11:C5:12:ED:19:FB:B1:9A:E5:45:81:F1:C0:1B:18:E1
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 8957
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/76DAD2DCD4A311EE8EF13B5EC4F9AE02.roa
Signing time: Thu 30 May 2024 15:58:27 +0000
ROA not before: Thu 30 May 2024 15:58:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 134014
IP address blocks: 45.126.168.0/22 maxlen: 24
103.59.200.0/22 maxlen: 24
103.66.232.0/22 maxlen: 24
103.137.94.0/24 maxlen: 24
103.185.178.0/24 maxlen: 24
103.185.236.0/23 maxlen: 23
103.185.237.0/24 maxlen: 24
103.198.100.0/24 maxlen: 24
103.198.101.0/24 maxlen: 24
103.198.102.0/24 maxlen: 24
103.198.103.0/24 maxlen: 24
182.54.148.0/22 maxlen: 24
2001:df0:99c0::/48 maxlen: 48
2402:fbc0::/32 maxlen: 48
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 35159 (0x8957)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: May 30 15:58:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6658a222-cf56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:74:99:39:7a:3f:72:dc:12:ee:b5:27:9b:3a:
0c:53:69:9f:d1:aa:a8:7a:ee:7d:2a:eb:41:d4:0c:
2a:1c:14:56:30:4e:c3:59:c1:37:0b:fd:ec:87:8d:
bf:91:e5:a3:69:34:fc:b9:e3:13:66:19:95:4f:d2:
bf:61:c9:a4:3c:31:ec:36:37:53:81:d5:a5:db:5e:
33:58:49:ea:4f:35:6e:6b:06:fd:92:e8:4d:b4:22:
23:cb:29:fa:7f:73:93:81:b9:34:c1:6c:34:97:5a:
4c:e9:f0:56:a0:c1:09:49:29:72:eb:c5:51:7a:ad:
3a:44:42:b9:70:3d:66:1e:e7:f8:08:a0:34:db:96:
4a:d9:a6:6d:1b:b5:66:27:e9:c6:db:1a:4b:c8:24:
da:29:67:ba:07:2d:fb:1e:3d:a9:9a:b4:8a:d9:3d:
c6:29:40:49:79:22:18:1f:af:ab:e9:9c:cd:ed:6b:
87:a1:cb:b4:a4:f4:1b:33:6a:ea:72:b0:ae:bd:cc:
2f:aa:a9:e4:e5:e6:ea:47:94:12:81:71:dd:02:7f:
38:82:14:e6:e1:1f:55:99:b8:19:d6:a6:d2:34:15:
a1:29:f8:dd:ac:21:10:b5:ec:2d:4f:2a:7b:f7:f5:
97:38:6a:21:58:9e:34:38:8a:70:11:4e:66:da:cb:
a8:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:DD:A0:94:11:C5:12:ED:19:FB:B1:9A:E5:45:81:F1:C0:1B:18:E1
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/76DAD2DCD4A311EE8EF13B5EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.126.168.0/22
103.59.200.0/22
103.66.232.0/22
103.137.94.0/24
103.185.178.0/24
103.185.236.0/23
103.198.100.0/22
182.54.148.0/22
IPv6:
2001:df0:99c0::/48
2402:fbc0::/32
Signature Algorithm: sha256WithRSAEncryption
61:85:93:3d:78:b2:61:2f:68:b9:74:4b:b0:e5:9f:c1:18:dd:
7d:33:79:5a:3f:55:f6:f2:4b:18:f5:58:26:ce:93:dc:fd:5c:
3c:d7:0e:e6:aa:a2:0e:a3:e2:6a:5c:1f:1b:b1:4b:28:e7:c9:
4f:c1:7d:cb:50:89:c6:a1:08:2e:9a:45:ef:da:3d:be:eb:93:
a7:f8:2e:92:84:a8:2a:a9:76:79:78:ff:1e:1e:85:9c:6f:28:
af:d6:d1:c6:61:2b:ca:8e:db:4a:53:f0:1a:82:4f:fa:0d:b0:
57:c3:32:dc:97:8e:44:20:bf:3e:a4:91:e0:31:58:ad:6b:6f:
f5:e6:a7:ce:7f:44:5b:a3:fd:a7:be:9a:8e:eb:f4:e0:40:ea:
8a:83:a0:8d:67:37:f8:b0:e6:3e:f1:39:21:0d:37:c4:51:8d:
00:2a:3c:5b:8a:69:42:09:e0:bf:6d:75:4a:0c:ad:ea:61:21:
49:21:9b:29:ff:17:a4:0d:a2:be:07:9c:ee:70:4c:41:f8:37:
58:96:47:58:3a:1d:23:61:68:02:a9:82:f4:a2:eb:3f:09:01:
a8:51:b0:97:a2:06:e6:64:a6:5d:ba:e4:ba:90:e0:9a:aa:f7:
4e:47:57:33:c6:7d:d7:d8:62:8e:4c:74:0a:29:11:ad:87:9e:
fa:68:93:ab
-----BEGIN CERTIFICATE-----
MIIFtDCCBJygAwIBAgIDAIlXMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MDUzMDE1NTgyN1oXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjY1OGEyMjItY2Y1NjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALV0mTl6P3LcEu61J5s6DFNpn9GqqHrufSrrQdQMKhwUVjBOw1nBNwv97IeN
v5Hlo2k0/LnjE2YZlU/Sv2HJpDwx7DY3U4HVpdteM1hJ6k81bmsG/ZLoTbQiI8sp
+n9zk4G5NMFsNJdaTOnwVqDBCUkpcuvFUXqtOkRCuXA9Zh7n+AigNNuWStmmbRu1
ZifpxtsaS8gk2ilnugct+x49qZq0itk9xilASXkiGB+vq+mcze1rh6HLtKT0GzNq
6nKwrr3ML6qp5OXm6keUEoFx3QJ/OIIU5uEfVZm4Gdam0jQVoSn43awhELXsLU8q
e/f1lzhqIVieNDiKcBFOZtrLqKMCAwEAAaOCAtcwggLTMB0GA1UdDgQWBBR23aCU
EcUS7Rn7sZrlRYHxwBsY4TAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzc2REFEMkRD
RDRBMzExRUU4RUYxM0I1RUM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMGEGCCsGAQUFBwEHAQH/
BFIwUDA2BAIAATAwAwQCLX6oAwQCZzvIAwQCZ0LoAwQAZ4leAwQAZ7myAwQBZ7ns
AwQCZ8ZkAwQCtjaUMBYEAgACMBADBwAgAQ3wmcADBQAkAvvAMA0GCSqGSIb3DQEB
CwUAA4IBAQBhhZM9eLJhL2i5dEuw5Z/BGN19M3laP1X28ksY9VgmzpPc/Vw81w7m
qqIOo+JqXB8bsUso58lPwX3LUInGoQgumkXv2j2+65On+C6ShKgqqXZ5eP8eHoWc
byiv1tHGYSvKjttKU/Aagk/6DbBXwzLcl45EIL8+pJHgMVita2/15qfOf0Rbo/2n
vpqO6/TgQOqKg6CNZzf4sOY+8TkhDTfEUY0AKjxbimlCCeC/bXVKDK3qYSFJIZsp
/xekDaK+B5zucExB+DdYlkdYOh0jYWgCqYL0ous/CQGoUbCXogbmZKZduuS6kOCa
qvdOR1czxn3X2GKOTHQKKRGth576aJOr
-----END CERTIFICATE-----
Generated at Fri Apr 4 21:47:30 2025 by rpki-client