Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/92DEB946F80E11EF820B662FC4F9AE02.roa
File: 92DEB946F80E11EF820B662FC4F9AE02.roa (raw, json)
Hash identifier: Ea9bLljj4Whh+xMUfi81Hea4tvXHCHXtUN0empJDwLs=
Subject key identifier: E0:E9:D3:33:84:B1:36:DD:9C:EB:5D:DA:FF:1F:21:B6:56:62:27:1D
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: ABEA
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/92DEB946F80E11EF820B662FC4F9AE02.roa
Signing time: Fri 21 Mar 2025 10:51:04 +0000
ROA not before: Fri 21 Mar 2025 10:51:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 150027
IP address blocks: 43.243.80.0/24 maxlen: 24
43.243.81.0/24 maxlen: 24
43.243.83.0/24 maxlen: 24
45.250.227.0/24 maxlen: 24
103.69.220.0/24 maxlen: 24
103.69.223.0/24 maxlen: 24
103.131.92.0/23 maxlen: 24
103.167.75.0/24 maxlen: 24
103.167.246.0/23 maxlen: 24
103.230.220.0/22 maxlen: 24
103.232.239.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 44010 (0xabea)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Mar 21 10:51:04 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67dd4498-c4e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:7a:a6:d8:76:6e:78:5b:27:84:67:97:f1:2b:
89:95:e5:93:98:cc:30:9f:83:d6:b9:95:f8:50:a5:
c6:6b:e2:36:13:43:8b:12:39:15:de:a8:52:1a:0f:
14:ba:5d:83:d2:6f:30:37:9a:26:b4:56:02:51:cd:
aa:ed:d2:21:6c:64:56:74:c1:f3:7c:ef:e3:28:c9:
b8:66:75:02:04:16:0b:4c:8f:70:50:d0:32:e1:ba:
0c:ea:ab:35:46:da:13:6b:3c:31:0a:ac:3c:e8:98:
8c:3a:5e:cb:45:be:26:ed:6e:ac:f7:41:d3:86:5f:
68:aa:19:b6:bb:d8:cf:51:15:f8:ed:b2:bc:70:50:
45:ad:ec:d4:b8:42:76:f9:90:90:f0:4e:1b:a0:b9:
c8:dc:08:71:6a:b3:8e:2a:6a:ad:01:0a:30:60:c4:
a9:d9:bd:bd:ff:69:6e:ec:49:f7:77:12:26:37:fb:
a9:27:0b:bc:cd:af:ad:27:32:42:8f:46:34:8f:d0:
e1:bf:51:45:2a:4c:31:fb:0e:03:05:60:79:db:91:
30:11:bd:50:4a:2b:9e:ad:e5:ab:07:cb:f1:73:09:
06:26:3c:ef:85:07:d5:c1:b6:00:4a:e0:91:66:4c:
bd:1e:05:dc:44:67:53:89:75:57:71:f5:92:78:dc:
22:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:E9:D3:33:84:B1:36:DD:9C:EB:5D:DA:FF:1F:21:B6:56:62:27:1D
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/92DEB946F80E11EF820B662FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.243.80.0/23
43.243.83.0/24
45.250.227.0/24
103.69.220.0/24
103.69.223.0/24
103.131.92.0/23
103.167.75.0/24
103.167.246.0/23
103.230.220.0/22
103.232.239.0/24
Signature Algorithm: sha256WithRSAEncryption
73:68:b0:83:04:8f:59:79:5a:58:15:a3:16:9e:0a:80:a7:e8:
36:8b:f8:d2:a5:31:67:50:ac:10:e6:c5:76:4c:f5:94:51:c6:
73:9a:0f:3f:09:6b:21:50:34:c5:25:2d:c7:1c:09:3e:74:d2:
0e:be:b5:16:fb:5f:f4:a3:68:f1:29:36:4b:c0:d9:10:49:ea:
d2:31:95:01:b5:4b:7a:3f:ed:94:55:93:84:a1:00:a6:3f:b0:
c6:66:f8:89:59:f5:c1:38:62:f2:8a:31:cc:38:cc:eb:a7:84:
0d:1b:04:a8:77:8b:9c:60:59:63:85:92:68:cd:0d:07:10:64:
2e:2c:96:58:9b:d6:a5:a8:a4:ef:36:f1:8c:2f:1f:a9:cf:a5:
a0:ab:6e:4f:95:97:af:b9:9b:ef:75:b4:6b:dd:b8:25:bc:7b:
4c:fc:d9:c0:40:f7:46:1a:47:bc:75:cf:50:4e:30:76:d5:6a:
44:02:3a:8e:88:9f:51:12:6c:34:ec:36:2c:a1:ba:07:bc:09:
77:05:21:4b:26:cc:c8:11:37:19:55:6e:4a:69:56:61:16:24:
17:68:5f:a5:df:15:41:ec:8d:30:68:75:da:ab:56:5d:52:7c:
f0:6b:d1:b7:df:ac:d8:34:c3:1d:2b:ab:5d:95:b6:1c:b7:1b:
46:a9:e4:6c
-----BEGIN CERTIFICATE-----
MIIFqDCCBJCgAwIBAgIDAKvqMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDMyMTEwNTEwNFoXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjdkZDQ0OTgtYzRlMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMh6pth2bnhbJ4Rnl/EriZXlk5jMMJ+D1rmV+FClxmviNhNDixI5Fd6oUhoP
FLpdg9JvMDeaJrRWAlHNqu3SIWxkVnTB83zv4yjJuGZ1AgQWC0yPcFDQMuG6DOqr
NUbaE2s8MQqsPOiYjDpey0W+Ju1urPdB04ZfaKoZtrvYz1EV+O2yvHBQRa3s1LhC
dvmQkPBOG6C5yNwIcWqzjipqrQEKMGDEqdm9vf9pbuxJ93cSJjf7qScLvM2vrScy
Qo9GNI/Q4b9RRSpMMfsOAwVgeduRMBG9UEornq3lqwfL8XMJBiY874UH1cG2AErg
kWZMvR4F3ERnU4l1V3H1knjcIvMCAwEAAaOCAsswggLHMB0GA1UdDgQWBBTg6dMz
hLE23ZzrXdr/HyG2VmInHTAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzkyREVCOTQ2
RjgwRTExRUY4MjBCNjYyRkM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMFUGCCsGAQUFBwEHAQH/
BEYwRDBCBAIAATA8AwQBK/NQAwQAK/NTAwQALfrjAwQAZ0XcAwQAZ0XfAwQBZ4Nc
AwQAZ6dLAwQBZ6f2AwQCZ+bcAwQAZ+jvMA0GCSqGSIb3DQEBCwUAA4IBAQBzaLCD
BI9ZeVpYFaMWngqAp+g2i/jSpTFnUKwQ5sV2TPWUUcZzmg8/CWshUDTFJS3HHAk+
dNIOvrUW+1/0o2jxKTZLwNkQSerSMZUBtUt6P+2UVZOEoQCmP7DGZviJWfXBOGLy
ijHMOMzrp4QNGwSod4ucYFljhZJozQ0HEGQuLJZYm9alqKTvNvGMLx+pz6Wgq25P
lZevuZvvdbRr3bglvHtM/NnAQPdGGke8dc9QTjB21WpEAjqOiJ9REmw07DYsoboH
vAl3BSFLJszIETcZVW5KaVZhFiQXaF+l3xVB7I0waHXaq1ZdUnzwa9G336zYNMMd
K6tdlbYctxtGqeRs
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:23:52 2025 by rpki-client