Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/9B335A58D35411EB8A72C837C4F9AE02.roa
File: 9B335A58D35411EB8A72C837C4F9AE02.roa (raw, json)
Hash identifier: za41hW5vL0HwDM5yVVqQEDsrNz/dwVGBpnXFKfzikLM=
Subject key identifier: 05:00:BE:A4:64:A8:AE:1C:07:9D:3C:E9:19:9D:B0:E7:65:85:73:E7
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 432A
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/9B335A58D35411EB8A72C837C4F9AE02.roa
Signing time: Wed 08 Dec 2021 12:11:25 +0000
ROA not before: Wed 08 Dec 2021 12:11:25 +0000
ROA not after: Fri 01 Jul 2022 00:00:00 +0000
asID: 45235
IP address blocks: 43.231.52.0/22 maxlen: 24
45.127.136.0/22 maxlen: 24
45.248.28.0/22 maxlen: 24
45.250.212.0/22 maxlen: 24
103.8.40.0/22 maxlen: 24
103.48.64.0/22 maxlen: 24
103.49.224.0/22 maxlen: 24
103.50.144.0/22 maxlen: 24
103.98.36.0/22 maxlen: 24
103.216.176.0/22 maxlen: 24
103.219.132.0/22 maxlen: 24
119.42.152.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17194 (0x432a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Dec 8 12:11:25 2021 GMT
Not After : Jul 1 00:00:00 2022 GMT
Subject: CN=61b0a0ed-6338
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:2e:d1:36:de:9b:fb:c9:48:3b:d3:d8:09:93:
22:0f:55:8f:14:2b:e6:96:d8:8b:97:05:0e:6c:24:
12:06:6d:36:ce:85:76:5c:00:37:da:f7:13:42:e3:
16:6d:38:57:d1:ef:f9:c8:39:29:af:0c:3d:91:9a:
e3:74:ed:46:6f:05:5e:75:bd:16:86:db:5c:e3:99:
36:06:7e:72:39:5b:27:38:9d:16:48:74:c3:0a:bd:
fb:df:50:a8:91:a8:70:86:15:07:76:3c:e5:ac:2d:
9c:92:fd:6e:3b:44:5e:dd:71:d4:40:e6:43:38:e1:
0f:f2:f8:dd:94:f9:02:a8:2d:ec:3a:18:a6:83:0d:
6d:b7:71:36:ce:ce:b4:cc:d9:de:e3:cb:ea:69:05:
b7:31:f9:40:0c:98:c9:14:d3:f0:e2:6d:a1:37:60:
89:f9:e0:bf:0e:78:b4:98:73:08:a5:a3:ab:bc:12:
a7:4a:7d:37:d1:b5:18:19:3d:75:c9:aa:e8:69:8d:
63:f5:5c:6d:70:f0:f4:1d:7b:02:08:6c:0c:cb:9a:
0e:00:a9:a7:c5:96:ed:34:5f:e1:d0:a0:af:8c:24:
00:a4:24:d1:f4:58:5f:dd:f6:30:75:38:c6:4c:3b:
2a:5b:bb:7b:58:09:00:22:f2:43:9b:df:21:75:cf:
7d:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:00:BE:A4:64:A8:AE:1C:07:9D:3C:E9:19:9D:B0:E7:65:85:73:E7
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/9B335A58D35411EB8A72C837C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.231.52.0/22
45.127.136.0/22
45.248.28.0/22
45.250.212.0/22
103.8.40.0/22
103.48.64.0/22
103.49.224.0/22
103.50.144.0/22
103.98.36.0/22
103.216.176.0/22
103.219.132.0/22
119.42.152.0/21
Signature Algorithm: sha256WithRSAEncryption
2e:72:34:09:97:09:83:6e:32:fc:4a:f0:b9:4f:8f:9b:c5:2b:
da:e9:12:77:5a:5a:f8:77:39:4b:69:67:f2:ea:3a:83:99:6a:
0e:7f:1a:0e:46:a5:5e:0a:7f:04:aa:84:24:5b:7b:60:74:42:
23:b0:47:68:14:fd:ba:c5:90:04:aa:8d:35:9e:46:d0:bb:5b:
ab:df:b0:10:1c:fb:20:e7:18:95:cf:2d:b1:c0:ef:89:45:b8:
e4:31:5b:ec:d4:76:45:ab:b5:19:ce:98:95:f9:6a:1e:25:ef:
9e:7d:cd:50:05:25:a0:19:ed:9f:eb:17:b2:6f:ed:75:09:0b:
a0:1f:f4:e0:1d:be:be:71:05:05:48:d8:b6:3b:c7:5f:3e:b3:
48:2c:00:2c:1c:73:42:49:14:84:d9:14:67:e3:f3:8a:6d:5a:
3f:ae:be:f1:76:e9:af:75:64:ac:ec:33:1d:9a:3f:dc:16:2a:
6b:46:86:38:c2:7f:6e:5b:00:6c:6f:bd:f5:ee:a8:26:21:1e:
6b:2c:24:d3:b6:4f:bf:fc:99:e3:9c:8f:17:a0:72:a8:95:f7:
37:03:1c:1c:b0:32:a0:70:61:aa:83:9c:75:3f:77:43:a6:c8:
08:ab:32:bf:b3:2a:1b:e2:2e:79:ad:00:37:5b:21:e4:ec:38:
8e:d8:c2:a0
-----BEGIN CERTIFICATE-----
MIIFszCCBJugAwIBAgICQyowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjExMjA4MTIxMTI1WhcNMjIwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MWIwYTBlZC02MzM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvC7RNt6b+8lIO9PYCZMiD1WPFCvmltiLlwUObCQSBm02zoV2XAA32vcTQuMW
bThX0e/5yDkprww9kZrjdO1GbwVedb0Whttc45k2Bn5yOVsnOJ0WSHTDCr3731Co
kahwhhUHdjzlrC2ckv1uO0Re3XHUQOZDOOEP8vjdlPkCqC3sOhimgw1tt3E2zs60
zNne48vqaQW3MflADJjJFNPw4m2hN2CJ+eC/Dni0mHMIpaOrvBKnSn030bUYGT11
yaroaY1j9VxtcPD0HXsCCGwMy5oOAKmnxZbtNF/h0KCvjCQApCTR9Fhf3fYwdTjG
TDsqW7t7WAkAIvJDm98hdc99BwIDAQABo4IC1zCCAtMwHQYDVR0OBBYEFAUAvqRk
qK4cB5086RmdsOdlhXPnMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvOUIzMzVBNThE
MzU0MTFFQjhBNzJDODM3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwYQYIKwYBBQUHAQcBAf8E
UjBQME4EAgABMEgDBAIr5zQDBAItf4gDBAIt+BwDBAIt+tQDBAJnCCgDBAJnMEAD
BAJnMeADBAJnMpADBAJnYiQDBAJn2LADBAJn24QDBAN3KpgwDQYJKoZIhvcNAQEL
BQADggEBAC5yNAmXCYNuMvxK8LlPj5vFK9rpEndaWvh3OUtpZ/LqOoOZag5/Gg5G
pV4KfwSqhCRbe2B0QiOwR2gU/brFkASqjTWeRtC7W6vfsBAc+yDnGJXPLbHA74lF
uOQxW+zUdkWrtRnOmJX5ah4l7559zVAFJaAZ7Z/rF7Jv7XUJC6Af9OAdvr5xBQVI
2LY7x18+s0gsACwcc0JJFITZFGfj84ptWj+uvvF26a91ZKzsMx2aP9wWKmtGhjjC
f25bAGxvvfXuqCYhHmssJNO2T7/8meOcjxegcqiV9zcDHBywMqBwYaqDnHU/d0Om
yAirMr+zKhviLnmtADdbIeTsOI7YwqA=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:17:45 2025 by rpki-client