Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/9560BFA6D97D11EBBD7FEC4AC4F9AE02.roa
File: 9560BFA6D97D11EBBD7FEC4AC4F9AE02.roa (raw, json)
Hash identifier: gnqi1iqi4uoxWexbubX1rNxbIWuRiNG652LGBlIGVzo=
Subject key identifier: 5D:38:93:72:9A:83:B4:E9:1A:AB:58:6B:D7:5D:ED:23:B0:73:0F:D2
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 7E70
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/9560BFA6D97D11EBBD7FEC4AC4F9AE02.roa
Signing time: Tue 21 Nov 2023 10:23:27 +0000
ROA not before: Tue 21 Nov 2023 10:23:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 135269
IP address blocks: 103.173.42.0/23 maxlen: 24
103.182.113.0/24 maxlen: 24
103.216.68.0/23 maxlen: 24
103.216.70.0/23 maxlen: 24
157.119.200.0/23 maxlen: 24
157.119.203.0/24 maxlen: 24
2400:c7a0::/32 maxlen: 36
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 32368 (0x7e70)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Nov 21 10:23:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=655c851f-b367
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:8f:01:21:93:18:fb:5e:d8:39:2d:da:8f:9a:
a5:a1:a4:c8:40:0b:1b:f0:db:6a:7b:ad:cd:56:fd:
79:e4:7c:92:d0:eb:d9:a6:a9:ca:c0:5d:51:57:36:
27:f3:ef:98:74:a6:fe:5b:a3:fd:a7:fc:0d:a1:c6:
84:e3:3f:f0:f0:5c:28:90:2d:09:2a:41:40:95:84:
55:2f:48:fe:bc:6c:83:91:39:e3:b9:a4:26:0f:58:
f4:fa:df:33:26:84:da:5f:85:10:31:b8:59:e1:3b:
b9:46:e6:4c:1a:d4:b0:e9:d8:60:c5:47:12:41:9a:
95:34:05:8d:14:a0:14:b3:f1:29:3e:46:20:1c:81:
76:8c:2b:78:20:39:f7:59:87:4a:67:0b:6c:7e:00:
7e:49:be:09:e1:df:b5:9b:5b:2a:b7:77:cf:c7:ff:
cc:b0:42:b8:6f:8b:ac:7d:ab:21:3e:a9:ae:94:cd:
79:67:99:f0:91:32:1d:dc:ac:fe:bc:70:d1:cf:f5:
53:40:f9:63:e6:df:85:aa:49:2c:05:10:c0:53:6b:
1b:f7:2e:b6:2a:78:18:80:d4:fd:d7:75:6a:1b:47:
da:57:36:3c:76:ee:22:04:16:53:c4:a2:bd:60:1c:
2c:41:63:b7:6b:2f:aa:de:27:46:26:fe:b1:7a:8c:
9b:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:38:93:72:9A:83:B4:E9:1A:AB:58:6B:D7:5D:ED:23:B0:73:0F:D2
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/9560BFA6D97D11EBBD7FEC4AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.173.42.0/23
103.182.113.0/24
103.216.68.0/22
157.119.200.0/23
157.119.203.0/24
IPv6:
2400:c7a0::/32
Signature Algorithm: sha256WithRSAEncryption
b2:9c:24:1b:b5:da:ea:45:b7:cd:ad:eb:41:b1:61:d8:13:f8:
2a:e6:a8:e7:0a:a9:67:c0:35:9f:d4:83:0e:67:4b:c6:2a:df:
43:2e:02:ad:87:cb:7a:53:60:cd:1e:64:6f:b0:5a:1e:ee:1a:
a8:c9:12:6a:2f:8b:49:1b:62:3a:28:e8:95:ea:64:c5:63:4a:
ca:99:8b:a5:9c:30:8d:57:ea:a0:dc:79:3a:ae:6a:7d:18:77:
b6:0b:d3:0d:cf:77:99:23:e8:b0:6b:9a:8d:ab:bb:71:99:c9:
a0:ac:ce:be:02:fe:35:97:8e:0b:3d:23:75:13:dd:3a:a8:0a:
a4:62:ca:60:17:10:a5:8b:4e:b1:1b:e2:30:05:d6:b1:39:f8:
44:8c:6a:46:3e:d1:ef:e9:47:68:5a:4b:5b:77:c3:1c:29:2e:
7a:50:64:ab:a9:e7:d3:e1:06:5c:a4:68:09:d2:1a:93:ad:80:
08:51:dd:be:1c:aa:6e:48:b4:73:d9:86:f2:e7:cd:fc:fe:e5:
26:d9:6c:27:15:fe:52:c3:68:dd:5e:10:43:bf:68:b4:5d:24:
e1:3a:02:f0:57:cc:32:1e:d7:f4:a2:0e:44:f8:67:40:cb:f4:
ad:e4:d0:a1:02:9a:43:c7:89:b0:f8:58:e0:22:3b:0c:fe:e2:
d1:9c:ad:31
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgICfnAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMxMTIxMTAyMzI3WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTVjODUxZi1iMzY3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxY8BIZMY+17YOS3aj5qloaTIQAsb8Ntqe63NVv155HyS0OvZpqnKwF1RVzYn
8++YdKb+W6P9p/wNocaE4z/w8FwokC0JKkFAlYRVL0j+vGyDkTnjuaQmD1j0+t8z
JoTaX4UQMbhZ4Tu5RuZMGtSw6dhgxUcSQZqVNAWNFKAUs/EpPkYgHIF2jCt4IDn3
WYdKZwtsfgB+Sb4J4d+1m1sqt3fPx//MsEK4b4usfashPqmulM15Z5nwkTId3Kz+
vHDRz/VTQPlj5t+FqkksBRDAU2sb9y62KngYgNT913VqG0faVzY8du4iBBZTxKK9
YBwsQWO3ay+q3idGJv6xeoybdwIDAQABo4ICvDCCArgwHQYDVR0OBBYEFF04k3Ka
g7TpGqtYa9dd7SOwcw/SMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvOTU2MEJGQTZE
OTdEMTFFQkJEN0ZFQzRBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRgYIKwYBBQUHAQcBAf8E
NzA1MCQEAgABMB4DBAFnrSoDBABntnEDBAJn2EQDBAGdd8gDBACdd8swDQQCAAIw
BwMFACQAx6AwDQYJKoZIhvcNAQELBQADggEBALKcJBu12upFt82t60GxYdgT+Crm
qOcKqWfANZ/Ugw5nS8Yq30MuAq2Hy3pTYM0eZG+wWh7uGqjJEmovi0kbYjoo6JXq
ZMVjSsqZi6WcMI1X6qDceTquan0Yd7YL0w3Pd5kj6LBrmo2ru3GZyaCszr4C/jWX
jgs9I3UT3TqoCqRiymAXEKWLTrEb4jAF1rE5+ESMakY+0e/pR2haS1t3wxwpLnpQ
ZKup59PhBlykaAnSGpOtgAhR3b4cqm5ItHPZhvLnzfz+5SbZbCcV/lLDaN1eEEO/
aLRdJOE6AvBXzDIe1/SiDkT4Z0DL9K3k0KECmkPHibD4WOAiOwz+4tGcrTE=
-----END CERTIFICATE-----
Generated at Fri Apr 4 21:54:00 2025 by rpki-client