Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/7DBBC230BB9E11EBB1B8813BC4F9AE02.roa
File: 7DBBC230BB9E11EBB1B8813BC4F9AE02.roa (raw, json)
Hash identifier: h1nAq/n7rGvXoBQFCRrl4jIAK9ylr9keMUaYtH0Rsfg=
Subject key identifier: 25:3E:83:86:27:68:41:2E:FB:27:D8:CE:D9:20:C3:25:B6:91:9A:14
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 8A3D
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/7DBBC230BB9E11EBB1B8813BC4F9AE02.roa
Signing time: Thu 30 May 2024 16:02:10 +0000
ROA not before: Thu 30 May 2024 16:02:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 135267
IP address blocks: 103.215.164.0/22 maxlen: 24
157.119.44.0/22 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 35389 (0x8a3d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: May 30 16:02:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6658a302-428f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:ea:65:87:54:f1:05:48:0c:4c:cf:cd:d5:6a:
1b:79:44:31:6c:f6:f5:95:72:7a:9c:d6:f5:f6:d6:
9f:b8:9f:50:ac:f7:bb:cf:70:1b:6d:1b:5c:05:35:
65:25:1b:48:88:80:18:f7:ed:90:cd:84:64:3e:b5:
2b:36:7e:69:a2:17:7c:58:8e:e0:dd:f1:b3:17:ce:
f5:ad:a0:a0:58:e6:e6:36:8d:88:ef:c9:52:58:6e:
1f:60:4c:35:17:37:da:b7:71:e8:ce:9c:8c:1f:58:
92:23:ea:f5:6a:91:c1:06:ca:6d:5c:44:0d:bd:5f:
5f:69:3a:31:74:35:d9:90:16:10:5c:fc:79:89:35:
c5:0d:7c:8c:2e:c3:98:c1:0e:39:09:82:20:b5:a4:
ad:8d:42:3d:bb:db:3d:3b:54:90:9f:4e:43:7d:8d:
12:5b:51:b9:96:1c:3d:83:5d:6e:c8:95:c3:f9:e1:
4b:fe:89:86:05:06:36:06:09:dc:87:50:7a:80:d5:
08:3b:87:39:de:53:5b:b3:25:70:f7:5a:2b:b6:7b:
f3:6a:f0:75:b9:e8:43:18:aa:df:94:35:b7:9b:8f:
61:97:16:de:6b:af:7a:6a:4e:88:0d:06:30:20:6d:
d6:c3:17:20:aa:0d:a8:33:21:82:cb:90:d3:9a:00:
b9:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:3E:83:86:27:68:41:2E:FB:27:D8:CE:D9:20:C3:25:B6:91:9A:14
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/7DBBC230BB9E11EBB1B8813BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.215.164.0/22
157.119.44.0/22
Signature Algorithm: sha256WithRSAEncryption
b9:8c:84:85:6c:33:08:a5:ce:58:03:bb:f9:d5:27:de:6d:18:
ff:3c:8b:b1:aa:f6:bb:00:17:4f:99:3f:a8:32:05:61:6e:98:
0f:88:35:0a:8d:5f:9e:33:fa:e7:ea:4b:ee:c7:42:16:0b:36:
90:58:92:14:08:21:21:af:e8:d1:06:31:07:ed:b3:fd:b1:b7:
a8:7e:4b:bb:bf:5d:48:d5:95:a9:25:4e:dd:23:c8:f7:62:d5:
12:29:06:0b:c5:ec:b9:c9:42:f4:60:bd:97:5a:27:3b:cd:92:
b9:b7:5f:b5:68:f0:cc:02:11:ed:27:c7:b6:9c:5d:04:1c:6e:
28:1c:bf:6c:02:69:c5:e1:37:c6:ab:bf:ad:da:a9:be:73:51:
ef:91:46:ae:7a:d1:f5:81:44:5a:bd:53:66:2d:95:6b:45:71:
39:5d:78:a0:68:72:33:66:81:1f:2c:b6:53:49:b0:c2:c4:53:
09:c3:b2:61:d5:69:b1:02:01:6d:20:e7:25:96:c9:92:30:19:
e9:03:62:53:30:c6:47:47:49:00:55:ad:3f:e6:bc:c8:c3:29:
a8:a4:c7:04:e9:9a:fa:5f:d0:0a:e3:4a:25:a2:ac:f5:28:ea:
fa:2b:19:74:39:67:28:c7:bb:b6:36:66:f9:87:50:bf:4a:d2:
fa:0f:05:ad
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgIDAIo9MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MDUzMDE2MDIxMFoXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjY1OGEzMDItNDI4ZjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOzqZYdU8QVIDEzPzdVqG3lEMWz29ZVyepzW9fbWn7ifUKz3u89wG20bXAU1
ZSUbSIiAGPftkM2EZD61KzZ+aaIXfFiO4N3xsxfO9a2goFjm5jaNiO/JUlhuH2BM
NRc32rdx6M6cjB9YkiPq9WqRwQbKbVxEDb1fX2k6MXQ12ZAWEFz8eYk1xQ18jC7D
mMEOOQmCILWkrY1CPbvbPTtUkJ9OQ32NEltRuZYcPYNdbsiVw/nhS/6JhgUGNgYJ
3IdQeoDVCDuHOd5TW7MlcPdaK7Z782rwdbnoQxiq35Q1t5uPYZcW3muvempOiA0G
MCBt1sMXIKoNqDMhgsuQ05oAuTsCAwEAAaOCApswggKXMB0GA1UdDgQWBBQlPoOG
J2hBLvsn2M7ZIMMltpGaFDAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzdEQkJDMjMw
QkI5RTExRUJCMUI4ODEzQkM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMCUGCCsGAQUFBwEHAQH/
BBYwFDASBAIAATAMAwQCZ9ekAwQCnXcsMA0GCSqGSIb3DQEBCwUAA4IBAQC5jISF
bDMIpc5YA7v51SfebRj/PIuxqva7ABdPmT+oMgVhbpgPiDUKjV+eM/rn6kvux0IW
CzaQWJIUCCEhr+jRBjEH7bP9sbeofku7v11I1ZWpJU7dI8j3YtUSKQYLxey5yUL0
YL2XWic7zZK5t1+1aPDMAhHtJ8e2nF0EHG4oHL9sAmnF4TfGq7+t2qm+c1HvkUau
etH1gURavVNmLZVrRXE5XXigaHIzZoEfLLZTSbDCxFMJw7Jh1WmxAgFtIOcllsmS
MBnpA2JTMMZHR0kAVa0/5rzIwymopMcE6Zr6X9AK40oloqz1KOr6Kxl0OWcox7u2
Nmb5h1C/StL6DwWt
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:22:08 2025 by rpki-client