Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/8AB95F5CF4D811EFB585A973C4F9AE02.roa
File: 8AB95F5CF4D811EFB585A973C4F9AE02.roa (raw, json)
Hash identifier: Ha/t49CnP7tNyMeAEb94bLFqHBORTj7977KZnj8uu9Y=
Subject key identifier: 6C:6F:7E:6E:89:29:E1:FE:5B:04:57:A1:C6:AA:39:B4:B6:70:7A:34
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: A84B
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/8AB95F5CF4D811EFB585A973C4F9AE02.roa
Signing time: Fri 28 Feb 2025 07:21:55 +0000
ROA not before: Fri 28 Feb 2025 07:21:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 134297
IP address blocks: 103.177.130.0/23 maxlen: 24
2400:3a20::/32 maxlen: 32
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 43083 (0xa84b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Feb 28 07:21:55 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67c16413-f630
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:a0:f3:77:99:c0:f9:5d:86:41:2f:40:03:ee:
92:cf:9a:07:24:e8:73:17:8f:3d:09:7f:4f:35:b5:
c8:e6:40:04:a2:4a:9d:62:d2:82:a3:e3:27:28:a1:
5b:8f:f9:30:d7:ff:a2:f2:4a:60:a1:83:e8:07:13:
94:ec:8b:b7:20:92:4d:fb:7f:47:09:cd:9b:c8:12:
38:8c:d2:e7:00:5f:1e:cb:62:4d:ec:65:e0:d9:99:
5e:e9:d0:e4:b7:45:e4:de:89:b1:09:3a:25:69:37:
57:b2:2d:06:6c:c4:4e:db:72:57:e3:dc:2e:bd:40:
e6:8b:76:e2:64:33:00:0b:4d:7f:64:7f:f9:16:0e:
bf:2a:a2:a1:f4:60:94:05:c2:e0:2c:b7:4a:b1:81:
e1:a3:3b:fb:d1:c5:bf:fa:d4:21:9c:53:e0:01:06:
71:52:93:23:4b:e5:4b:a0:5b:81:58:76:d9:64:df:
8e:e1:ff:af:21:be:c8:11:e4:ec:86:3e:38:f1:68:
06:73:d3:64:a1:d9:4a:c1:2e:de:54:e4:48:f0:59:
92:36:7b:cf:61:2b:46:e2:b8:b6:cf:84:65:5c:19:
43:f6:73:bc:e2:df:6d:c3:0b:4f:32:30:ab:30:ab:
4a:22:fd:1e:d1:b2:3d:72:53:b6:a8:94:19:b2:11:
7b:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:6F:7E:6E:89:29:E1:FE:5B:04:57:A1:C6:AA:39:B4:B6:70:7A:34
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/8AB95F5CF4D811EFB585A973C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.177.130.0/23
IPv6:
2400:3a20::/32
Signature Algorithm: sha256WithRSAEncryption
01:ba:53:b4:6c:0a:c6:a2:ac:81:2a:46:80:0b:df:f6:26:d2:
0c:7c:de:0c:f3:96:17:88:ec:77:a7:76:97:9c:1a:a6:dc:fa:
c5:c6:43:4c:38:8e:d1:8e:1b:af:a9:21:08:bd:b9:39:7b:e6:
72:24:78:3e:e5:fd:33:45:7a:2e:20:70:8c:c0:7e:d9:f7:aa:
76:14:f0:6b:b4:26:5b:f8:22:86:d6:ec:40:f1:cd:d4:a1:47:
5b:ea:39:02:ee:21:22:85:72:b6:6f:18:1d:f2:be:7d:c4:a9:
30:16:1e:da:50:99:42:b8:9b:e9:b5:cb:a6:87:6e:a4:20:e3:
11:7e:1d:99:5f:8b:92:c4:e8:00:83:35:b0:ff:1b:04:b2:44:
26:72:15:14:8e:12:c6:c2:d0:3b:99:03:13:b1:ce:35:c4:4d:
28:70:75:76:a1:69:7d:b6:94:7a:28:31:56:dc:70:cd:28:44:
23:49:a8:21:8f:10:bd:07:76:06:62:35:b5:2d:62:68:80:d2:
59:eb:60:ff:a8:97:f1:f8:6b:85:d7:df:62:d3:e9:ac:9a:80:
58:51:e4:da:a5:4c:97:80:48:c5:45:2e:10:e2:6f:03:bb:0a:
a9:17:fb:02:0c:77:bb:d6:55:86:f9:fe:0f:2b:11:e9:41:e7:
5c:95:5e:df
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAKhLMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDIyODA3MjE1NVoXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjdjMTY0MTMtZjYzMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMGg83eZwPldhkEvQAPuks+aByTocxePPQl/TzW1yOZABKJKnWLSgqPjJyih
W4/5MNf/ovJKYKGD6AcTlOyLtyCSTft/RwnNm8gSOIzS5wBfHstiTexl4NmZXunQ
5LdF5N6JsQk6JWk3V7ItBmzETttyV+PcLr1A5ot24mQzAAtNf2R/+RYOvyqiofRg
lAXC4Cy3SrGB4aM7+9HFv/rUIZxT4AEGcVKTI0vlS6BbgVh22WTfjuH/ryG+yBHk
7IY+OPFoBnPTZKHZSsEu3lTkSPBZkjZ7z2ErRuK4ts+EZVwZQ/ZzvOLfbcMLTzIw
qzCrSiL9HtGyPXJTtqiUGbIRe4kCAwEAAaOCAqQwggKgMB0GA1UdDgQWBBRsb35u
iSnh/lsEV6HGqjm0tnB6NDAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzhBQjk1RjVD
RjREODExRUZCNTg1QTk3M0M0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMC4GCCsGAQUFBwEHAQH/
BB8wHTAMBAIAATAGAwQBZ7GCMA0EAgACMAcDBQAkADogMA0GCSqGSIb3DQEBCwUA
A4IBAQABulO0bArGoqyBKkaAC9/2JtIMfN4M85YXiOx3p3aXnBqm3PrFxkNMOI7R
jhuvqSEIvbk5e+ZyJHg+5f0zRXouIHCMwH7Z96p2FPBrtCZb+CKG1uxA8c3UoUdb
6jkC7iEihXK2bxgd8r59xKkwFh7aUJlCuJvptcumh26kIOMRfh2ZX4uSxOgAgzWw
/xsEskQmchUUjhLGwtA7mQMTsc41xE0ocHV2oWl9tpR6KDFW3HDNKEQjSaghjxC9
B3YGYjW1LWJogNJZ62D/qJfx+GuF199i0+msmoBYUeTapUyXgEjFRS4Q4m8Duwqp
F/sCDHe71lWG+f4PKxHpQedclV7f
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:06:43 2025 by rpki-client