Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/78E5428C043911EE8434502FC4F9AE02.roa
File: 78E5428C043911EE8434502FC4F9AE02.roa (raw, json)
Hash identifier: 1MrFH+y8t30ez544gEG9cg1RDGzGC2/wmz1YgAcbPpo=
Subject key identifier: A5:1E:C4:F0:27:48:91:AF:7B:F0:F4:E8:10:7F:01:D1:74:6E:8D:EB
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 790B
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/78E5428C043911EE8434502FC4F9AE02.roa
Signing time: Wed 30 Aug 2023 12:13:17 +0000
ROA not before: Wed 30 Aug 2023 12:13:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 140113
IP address blocks: 103.66.80.0/22 maxlen: 22
103.66.80.0/24 maxlen: 24
103.66.81.0/24 maxlen: 24
103.66.82.0/24 maxlen: 24
103.66.83.0/24 maxlen: 24
103.151.16.0/23 maxlen: 24
103.162.158.0/23 maxlen: 24
2400:3ce0::/32 maxlen: 32
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 30987 (0x790b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Aug 30 12:13:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=64ef325d-48ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:70:b8:1d:d5:07:9e:57:d7:cc:8b:24:67:3f:
67:00:fb:93:ce:c3:19:de:de:21:d9:b8:e9:59:9c:
d5:d4:8c:4f:8c:c3:09:cc:55:9f:3b:7c:b3:66:42:
d5:d5:10:91:43:7e:66:9a:2f:83:ed:31:66:22:38:
f0:40:d3:18:02:b6:09:e0:45:c2:7a:e2:91:cf:44:
d5:c2:4b:45:3e:fc:a0:45:aa:86:12:20:8d:23:12:
75:8d:60:9d:58:7a:75:f6:13:b2:7e:f4:25:97:7e:
7f:76:df:07:17:4a:18:6e:cb:dc:13:d3:c5:d7:d2:
21:de:88:1e:87:8c:05:19:01:d5:31:7c:58:51:7f:
4d:f4:96:51:82:d5:f7:8d:00:ec:e4:07:63:d3:02:
8a:6f:2e:d1:5e:0e:1c:82:d7:96:4e:32:1d:33:f3:
2e:f4:c6:84:10:34:69:05:59:27:85:b5:5a:a8:ce:
e4:54:8f:72:cb:55:bd:29:43:77:f8:c0:d7:3c:28:
06:87:ad:b7:d0:69:25:48:c5:92:d7:fb:65:a5:82:
80:ec:90:f6:77:16:43:da:01:1a:46:ef:de:70:26:
30:db:ea:6c:70:d0:65:41:61:32:90:bd:82:f6:b2:
d5:38:89:0b:be:41:70:a5:d8:e9:5d:04:f4:57:20:
a2:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:1E:C4:F0:27:48:91:AF:7B:F0:F4:E8:10:7F:01:D1:74:6E:8D:EB
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/78E5428C043911EE8434502FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.66.80.0/22
103.151.16.0/23
103.162.158.0/23
IPv6:
2400:3ce0::/32
Signature Algorithm: sha256WithRSAEncryption
7a:f0:a8:c0:e3:e6:d0:6a:25:f8:5e:7e:62:6d:12:3b:ea:e1:
aa:49:ab:05:73:60:c6:1f:ae:c3:45:96:71:5e:51:00:89:e4:
5a:6c:56:79:91:93:01:bc:f9:1a:be:35:19:24:a2:ee:18:1c:
b7:e1:fc:6b:86:ff:5c:9f:7a:e4:72:5b:61:89:c8:12:a4:04:
77:50:5c:22:3f:95:b9:bf:94:d6:2f:cc:a4:2b:3c:31:88:6f:
13:1c:48:b4:b8:80:4c:5e:d2:29:59:02:c4:c0:78:02:00:fc:
f8:18:3e:52:2e:4a:dd:61:a1:a2:da:8f:90:08:c0:99:fd:9e:
9e:a4:d0:5f:5e:30:bc:6c:0b:ed:16:78:fc:8e:2d:3f:45:47:
b2:05:3e:67:84:bf:1c:e9:82:8b:cb:33:85:46:4d:c6:a9:e8:
be:a9:ed:1b:45:61:2a:a8:81:c4:e8:85:31:f5:f3:9f:9a:f8:
c0:34:f2:66:d1:30:e5:29:dc:92:a0:12:7d:bc:fc:32:fc:ab:
22:05:da:a4:b5:4e:16:5d:85:82:d6:b6:d1:a6:94:d7:43:01:
2d:25:a5:81:f6:7f:7e:6d:91:dc:6c:83:26:5e:59:9e:3f:bf:
d2:b9:46:17:d2:e5:dd:3e:26:39:bc:da:19:97:1e:38:d1:d9:
d7:43:5c:11
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgICeQswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMwODMwMTIxMzE3WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGVmMzI1ZC00OGFkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3HC4HdUHnlfXzIskZz9nAPuTzsMZ3t4h2bjpWZzV1IxPjMMJzFWfO3yzZkLV
1RCRQ35mmi+D7TFmIjjwQNMYArYJ4EXCeuKRz0TVwktFPvygRaqGEiCNIxJ1jWCd
WHp19hOyfvQll35/dt8HF0oYbsvcE9PF19Ih3ogeh4wFGQHVMXxYUX9N9JZRgtX3
jQDs5Adj0wKKby7RXg4cgteWTjIdM/Mu9MaEEDRpBVknhbVaqM7kVI9yy1W9KUN3
+MDXPCgGh6230GklSMWS1/tlpYKA7JD2dxZD2gEaRu/ecCYw2+pscNBlQWEykL2C
9rLVOIkLvkFwpdjpXQT0VyCiNQIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFKUexPAn
SJGve/D06BB/AdF0bo3rMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvNzhFNTQyOEMw
NDM5MTFFRTg0MzQ1MDJGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOgYIKwYBBQUHAQcBAf8E
KzApMBgEAgABMBIDBAJnQlADBAFnlxADBAFnop4wDQQCAAIwBwMFACQAPOAwDQYJ
KoZIhvcNAQELBQADggEBAHrwqMDj5tBqJfhefmJtEjvq4apJqwVzYMYfrsNFlnFe
UQCJ5FpsVnmRkwG8+Rq+NRkkou4YHLfh/GuG/1yfeuRyW2GJyBKkBHdQXCI/lbm/
lNYvzKQrPDGIbxMcSLS4gExe0ilZAsTAeAIA/PgYPlIuSt1hoaLaj5AIwJn9np6k
0F9eMLxsC+0WePyOLT9FR7IFPmeEvxzpgovLM4VGTcap6L6p7RtFYSqogcTohTH1
85+a+MA08mbRMOUp3JKgEn28/DL8qyIF2qS1ThZdhYLWttGmlNdDAS0lpYH2f35t
kdxsgyZeWZ4/v9K5RhfS5d0+Jjm82hmXHjjR2ddDXBE=
-----END CERTIFICATE-----
Generated at Fri Apr 4 21:58:15 2025 by rpki-client