Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/A0F1B90CF04D11EFBCE5E85AC4F9AE02.roa
File: A0F1B90CF04D11EFBCE5E85AC4F9AE02.roa (raw, json)
Hash identifier: khQiw5QwKNWIR5zvmOZ/60jgdQ6rzRf5va9G0gzP75Y=
Subject key identifier: 08:6B:DE:A7:79:89:A8:30:4A:CE:62:F7:2E:FC:D3:94:C7:41:45:6B
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: A87D
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/A0F1B90CF04D11EFBCE5E85AC4F9AE02.roa
Signing time: Fri 28 Feb 2025 09:09:57 +0000
ROA not before: Fri 28 Feb 2025 09:09:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 133676
IP address blocks: 36.50.82.0/24 maxlen: 24
43.225.74.0/24 maxlen: 24
43.230.196.0/22 maxlen: 24
43.239.132.0/22 maxlen: 24
43.240.4.0/24 maxlen: 24
43.240.6.0/24 maxlen: 24
43.240.7.0/24 maxlen: 24
43.250.252.0/22 maxlen: 24
45.64.8.0/24 maxlen: 24
45.64.9.0/24 maxlen: 24
45.64.10.0/24 maxlen: 24
45.64.11.0/24 maxlen: 24
45.248.24.0/24 maxlen: 24
45.248.26.0/23 maxlen: 24
103.42.88.0/22 maxlen: 24
103.47.12.0/23 maxlen: 24
103.47.15.0/24 maxlen: 24
103.47.72.0/23 maxlen: 24
103.47.74.0/23 maxlen: 24
103.47.172.0/23 maxlen: 24
103.47.174.0/23 maxlen: 24
103.49.232.0/23 maxlen: 24
103.54.24.0/23 maxlen: 24
103.54.26.0/24 maxlen: 24
103.62.147.0/24 maxlen: 24
103.80.34.0/23 maxlen: 24
103.82.72.0/22 maxlen: 24
103.85.118.0/23 maxlen: 24
103.87.204.0/22 maxlen: 24
103.93.172.0/22 maxlen: 24
103.93.212.0/23 maxlen: 24
103.98.53.0/24 maxlen: 24
103.101.116.0/24 maxlen: 24
103.101.117.0/24 maxlen: 24
103.101.118.0/23 maxlen: 24
103.103.163.0/24 maxlen: 24
103.105.228.0/22 maxlen: 24
103.109.180.0/23 maxlen: 24
103.109.182.0/23 maxlen: 24
103.114.188.0/23 maxlen: 24
103.118.180.0/22 maxlen: 24
103.147.88.0/23 maxlen: 24
103.148.66.0/23 maxlen: 24
103.153.208.0/23 maxlen: 24
103.173.218.0/24 maxlen: 24
103.177.202.0/23 maxlen: 24
103.178.58.0/23 maxlen: 24
103.181.90.0/23 maxlen: 24
103.182.44.0/23 maxlen: 24
103.184.184.0/23 maxlen: 24
103.186.44.0/23 maxlen: 24
103.189.146.0/24 maxlen: 24
103.189.147.0/24 maxlen: 24
103.191.182.0/23 maxlen: 24
103.191.234.0/23 maxlen: 24
103.204.168.0/22 maxlen: 24
103.211.56.0/23 maxlen: 24
103.211.58.0/24 maxlen: 24
103.211.190.0/23 maxlen: 24
103.212.136.0/23 maxlen: 24
103.212.138.0/23 maxlen: 24
103.213.6.0/23 maxlen: 24
103.225.205.0/24 maxlen: 24
103.225.206.0/23 maxlen: 24
103.226.200.0/22 maxlen: 24
103.227.95.0/24 maxlen: 24
103.248.120.0/24 maxlen: 24
103.248.121.0/24 maxlen: 24
139.5.16.0/23 maxlen: 24
139.5.18.0/23 maxlen: 24
2405:5540::/32 maxlen: 32
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 43133 (0xa87d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Feb 28 09:09:57 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67c17d65-d253
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:f1:e4:27:04:25:47:10:20:89:df:16:be:df:
f6:f4:70:e3:dc:1b:be:12:a5:67:1b:30:7d:a1:d6:
6d:1f:66:1b:f8:1d:e3:69:8f:79:d1:df:f8:79:95:
f0:fe:97:f2:5c:2f:ba:af:e8:8b:8d:fb:19:97:53:
fc:ca:52:69:b2:e2:21:66:98:01:30:3a:cf:ff:28:
99:b7:2a:c8:c6:c3:13:bb:92:79:35:a9:90:6f:d8:
da:b0:53:66:7c:5d:f9:62:7d:d9:a6:fb:ee:21:ef:
c0:48:08:5a:cd:85:b7:e2:31:6e:b8:b0:39:79:aa:
26:51:06:f1:35:22:ee:82:51:49:ea:c4:6a:95:8e:
13:cc:0a:db:79:5c:d2:18:e9:97:ca:47:2e:3a:22:
1b:c6:65:d8:73:81:80:d9:4b:23:5e:6e:9a:03:40:
41:0e:cb:50:88:bf:66:e3:49:31:ec:70:e0:47:80:
0c:cb:86:fe:ec:87:10:ff:dd:94:a6:7c:e8:bb:67:
5a:00:87:a8:f1:44:d3:bb:cc:7e:50:ed:54:f4:20:
2c:79:fa:20:56:01:d4:f1:fb:88:3f:12:73:b6:fb:
0f:ff:22:42:65:22:34:d8:8e:12:c5:a8:20:29:f8:
74:3a:5c:a3:60:a4:a7:80:81:db:9f:3f:13:b0:ca:
79:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:6B:DE:A7:79:89:A8:30:4A:CE:62:F7:2E:FC:D3:94:C7:41:45:6B
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/A0F1B90CF04D11EFBCE5E85AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
36.50.82.0/24
43.225.74.0/24
43.230.196.0/22
43.239.132.0/22
43.240.4.0/24
43.240.6.0/23
43.250.252.0/22
45.64.8.0/22
45.248.24.0/24
45.248.26.0/23
103.42.88.0/22
103.47.12.0/23
103.47.15.0/24
103.47.72.0/22
103.47.172.0/22
103.49.232.0/23
103.54.24.0-103.54.26.255
103.62.147.0/24
103.80.34.0/23
103.82.72.0/22
103.85.118.0/23
103.87.204.0/22
103.93.172.0/22
103.93.212.0/23
103.98.53.0/24
103.101.116.0/22
103.103.163.0/24
103.105.228.0/22
103.109.180.0/22
103.114.188.0/23
103.118.180.0/22
103.147.88.0/23
103.148.66.0/23
103.153.208.0/23
103.173.218.0/24
103.177.202.0/23
103.178.58.0/23
103.181.90.0/23
103.182.44.0/23
103.184.184.0/23
103.186.44.0/23
103.189.146.0/23
103.191.182.0/23
103.191.234.0/23
103.204.168.0/22
103.211.56.0-103.211.58.255
103.211.190.0/23
103.212.136.0/22
103.213.6.0/23
103.225.205.0-103.225.207.255
103.226.200.0/22
103.227.95.0/24
103.248.120.0/23
139.5.16.0/22
IPv6:
2405:5540::/32
Signature Algorithm: sha256WithRSAEncryption
8a:67:cd:a2:83:d4:53:97:a9:bb:66:2d:49:92:52:b1:a4:2c:
c5:38:45:7f:b6:c9:3b:ef:97:13:e7:ab:e3:ac:ea:a4:5e:8e:
4a:c9:d3:be:0d:57:b3:38:48:f2:7c:12:32:03:25:12:62:0f:
d6:eb:86:e9:35:ba:83:83:20:4e:37:2c:1c:d3:e0:6a:18:cf:
00:2f:98:37:ca:6f:e1:cb:1f:ec:01:43:bc:2c:ba:f0:83:45:
a5:8d:df:5e:d4:17:41:91:b0:7d:61:76:9d:13:f5:fb:8f:c3:
d5:60:28:8f:ce:2e:98:b4:dc:57:72:b2:76:33:ec:34:f8:59:
10:36:ba:01:ae:92:f4:17:c0:1d:13:9e:6a:e6:9c:a9:51:71:
81:ba:a6:c3:72:a7:6d:65:20:66:e1:75:44:6c:45:bd:3f:a9:
45:eb:a6:e6:5a:2d:f6:eb:e4:6e:55:fb:c5:4b:36:20:1a:e7:
f6:e2:d4:ad:15:0e:a1:5a:e5:50:9c:f2:0d:89:60:da:87:89:
72:2b:28:4d:68:7c:99:73:4d:99:86:05:bc:b1:ca:b6:95:d4:
13:99:72:3f:7b:96:ff:31:33:43:d5:0e:b7:3c:c1:6a:f2:ff:
c1:8c:c8:a1:01:4e:fb:51:9a:b2:86:fa:ca:5c:62:b0:69:aa:
95:8f:43:0e
-----BEGIN CERTIFICATE-----
MIIG4TCCBcmgAwIBAgIDAKh9MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDIyODA5MDk1N1oXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjdjMTdkNjUtZDI1MzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMHx5CcEJUcQIInfFr7f9vRw49wbvhKlZxswfaHWbR9mG/gd42mPedHf+HmV
8P6X8lwvuq/oi437GZdT/MpSabLiIWaYATA6z/8ombcqyMbDE7uSeTWpkG/Y2rBT
Znxd+WJ92ab77iHvwEgIWs2Ft+IxbriwOXmqJlEG8TUi7oJRSerEapWOE8wK23lc
0hjpl8pHLjoiG8Zl2HOBgNlLI15umgNAQQ7LUIi/ZuNJMexw4EeADMuG/uyHEP/d
lKZ86LtnWgCHqPFE07vMflDtVPQgLHn6IFYB1PH7iD8Sc7b7D/8iQmUiNNiOEsWo
ICn4dDpco2Ckp4CB258/E7DKeQcCAwEAAaOCBAQwggQAMB0GA1UdDgQWBBQIa96n
eYmoMErOYvcu/NOUx0FFazAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0EwRjFCOTBD
RjA0RDExRUZCQ0U1RTg1QUM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIIBjAYIKwYBBQUHAQcB
Af8EggF7MIIBdzCCAWQEAgABMIIBXAMEACQyUgMEACvhSgMEAivmxAMEAivvhAME
ACvwBAMEASvwBgMEAiv6/AMEAi1ACAMEAC34GAMEAS34GgMEAmcqWAMEAWcvDAME
AGcvDwMEAmcvSAMEAmcvrAMEAWcx6DAMAwQDZzYYAwQAZzYaAwQAZz6TAwQBZ1Ai
AwQCZ1JIAwQBZ1V2AwQCZ1fMAwQCZ12sAwQBZ13UAwQAZ2I1AwQCZ2V0AwQAZ2ej
AwQCZ2nkAwQCZ220AwQBZ3K8AwQCZ3a0AwQBZ5NYAwQBZ5RCAwQBZ5nQAwQAZ63a
AwQBZ7HKAwQBZ7I6AwQBZ7VaAwQBZ7YsAwQBZ7i4AwQBZ7osAwQBZ72SAwQBZ7+2
AwQBZ7/qAwQCZ8yoMAwDBANn0zgDBABn0zoDBAFn074DBAJn1IgDBAFn1QYwDAME
AGfhzQMEBGfhwAMEAmfiyAMEAGfjXwMEAWf4eAMEAosFEDANBAIAAjAHAwUAJAVV
QDANBgkqhkiG9w0BAQsFAAOCAQEAimfNooPUU5epu2YtSZJSsaQsxThFf7bJO++X
E+er46zqpF6OSsnTvg1XszhI8nwSMgMlEmIP1uuG6TW6g4MgTjcsHNPgahjPAC+Y
N8pv4csf7AFDvCy68INFpY3fXtQXQZGwfWF2nRP1+4/D1WAoj84umLTcV3KydjPs
NPhZEDa6Aa6S9BfAHROeauacqVFxgbqmw3KnbWUgZuF1RGxFvT+pReum5lot9uvk
blX7xUs2IBrn9uLUrRUOoVrlUJzyDYlg2oeJcisoTWh8mXNNmYYFvLHKtpXUE5ly
P3uW/zEzQ9UOtzzBavL/wYzIoQFO+1Gasob6ylxisGmqlY9DDg==
-----END CERTIFICATE-----
Generated at Fri Apr 4 21:17:24 2025 by rpki-client