Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/A121A056A7EE11EFBC0D4F52C4F9AE02.roa
File: A121A056A7EE11EFBC0D4F52C4F9AE02.roa (raw, json)
Hash identifier: U/A65rT7H6Z7anEN1yNlb26S13LCPgJNMVXyciefRdc=
Subject key identifier: 0D:98:02:5F:57:12:3C:0B:62:F2:F6:59:C5:25:E5:30:AE:9F:DB:D5
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: A30D
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/A121A056A7EE11EFBC0D4F52C4F9AE02.roa
Signing time: Thu 16 Jan 2025 08:31:36 +0000
ROA not before: Thu 16 Jan 2025 08:31:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 4755
IP address blocks: 1.6.229.0/24 maxlen: 24
1.6.230.0/24 maxlen: 24
1.7.229.0/24 maxlen: 24
1.22.36.0/24 maxlen: 24
1.23.62.0/24 maxlen: 24
103.15.74.0/24 maxlen: 24
103.57.216.0/24 maxlen: 24
103.57.217.0/24 maxlen: 24
103.57.218.0/24 maxlen: 24
103.57.219.0/24 maxlen: 24
103.81.88.0/22 maxlen: 24
103.98.54.0/24 maxlen: 24
103.109.224.0/24 maxlen: 24
103.109.225.0/24 maxlen: 24
103.109.227.0/24 maxlen: 24
103.112.230.0/23 maxlen: 24
103.115.236.0/23 maxlen: 24
103.160.172.0/23 maxlen: 24
103.167.152.0/24 maxlen: 24
103.173.132.0/24 maxlen: 24
103.237.84.0/24 maxlen: 24
113.193.25.0/24 maxlen: 24
113.193.48.0/24 maxlen: 24
113.193.128.0/24 maxlen: 24
202.52.134.0/24 maxlen: 24
202.162.229.0/24 maxlen: 24
202.162.230.0/24 maxlen: 24
202.162.232.0/24 maxlen: 24
202.162.233.0/24 maxlen: 24
202.177.153.0/24 maxlen: 24
202.177.157.0/24 maxlen: 24
2001:df0:7400::/48 maxlen: 48
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 41741 (0xa30d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Jan 16 08:31:36 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6788c3e8-72b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:7f:5c:03:97:08:e0:73:c0:b8:5e:a0:85:21:
96:2b:6b:8a:e0:67:a8:c0:0e:bf:9e:a8:14:70:74:
18:c6:1b:fa:1c:b7:f3:e3:0f:2b:9c:aa:cf:6b:86:
35:e4:6b:42:6a:6d:67:da:84:07:0d:7e:d2:1d:a3:
2f:2d:52:7d:b3:7d:be:02:99:17:96:55:65:bf:04:
c7:7c:11:95:b3:fd:e4:e1:55:6f:01:6b:63:07:a2:
06:b0:92:7c:e6:ab:21:86:1a:a8:a4:b1:c4:f7:68:
d3:9c:6d:dd:14:e3:eb:9b:fe:e8:d2:f4:d3:ad:90:
34:84:6d:8a:1f:f2:d9:53:71:f4:12:e9:9f:50:ce:
13:32:91:61:9a:b0:30:14:57:9e:ac:f1:94:e9:3d:
0b:91:39:16:68:98:bf:da:c6:f0:1a:46:fd:98:fe:
71:91:b5:ef:05:c9:17:07:a2:56:50:5b:03:9a:f5:
3a:9d:bd:9e:7a:7c:5a:8d:f5:5a:9b:5c:a3:97:3d:
53:aa:0f:0c:34:80:99:cd:b7:21:d2:d7:9f:d4:54:
a1:d4:2f:10:08:cf:94:e4:91:d0:3b:d4:4c:a1:2b:
39:e5:18:a4:c0:62:80:12:08:cd:20:96:bb:ff:51:
88:50:01:ef:7a:89:27:6b:93:85:12:7c:f9:6b:95:
24:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:98:02:5F:57:12:3C:0B:62:F2:F6:59:C5:25:E5:30:AE:9F:DB:D5
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/A121A056A7EE11EFBC0D4F52C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
1.6.229.0-1.6.230.255
1.7.229.0/24
1.22.36.0/24
1.23.62.0/24
103.15.74.0/24
103.57.216.0/22
103.81.88.0/22
103.98.54.0/24
103.109.224.0/23
103.109.227.0/24
103.112.230.0/23
103.115.236.0/23
103.160.172.0/23
103.167.152.0/24
103.173.132.0/24
103.237.84.0/24
113.193.25.0/24
113.193.48.0/24
113.193.128.0/24
202.52.134.0/24
202.162.229.0-202.162.230.255
202.162.232.0/23
202.177.153.0/24
202.177.157.0/24
IPv6:
2001:df0:7400::/48
Signature Algorithm: sha256WithRSAEncryption
15:a6:0a:00:5b:ca:7a:53:f8:f1:cf:ab:53:cd:40:ad:36:a7:
62:5c:7a:be:d7:22:a6:0b:91:f7:00:c2:88:9b:cd:02:42:85:
57:e1:d3:66:97:7a:85:cb:d0:6b:fb:43:6e:d9:14:e3:1f:31:
8a:23:a3:89:10:7b:72:ab:96:ca:9a:c5:82:46:23:4f:12:82:
69:d1:1f:03:f5:af:5b:5c:8b:46:b1:09:66:74:fc:5a:31:6a:
e2:1e:87:46:b1:02:28:17:05:ce:4b:9f:ac:d6:d2:e4:80:70:
ae:b5:99:0c:83:93:23:cc:18:cc:a1:f7:b7:e1:e8:77:85:ac:
a0:23:a3:35:5f:07:96:42:29:33:5a:7e:19:0d:8e:f0:90:8c:
79:1d:ed:09:97:5d:25:69:58:f1:63:53:1f:7f:3b:7a:6a:4c:
a0:02:a8:b3:af:b1:54:20:b9:5a:01:7f:fe:17:87:17:9d:d6:
bb:3e:cc:29:be:47:92:8e:ce:48:f8:0f:7c:ab:d6:7a:87:63:
9b:2a:c4:26:80:bc:cd:51:1b:8d:7b:b4:99:64:5e:da:03:f1:
21:16:32:ff:65:29:a8:17:a6:41:1f:24:c1:ed:01:f0:6c:e1:
20:95:61:95:68:60:45:01:00:f4:70:dd:da:de:f2:f5:cd:b2:
0f:52:9b:a1
-----BEGIN CERTIFICATE-----
MIIGIjCCBQqgAwIBAgIDAKMNMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDExNjA4MzEzNloXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjc4OGMzZTgtNzJiODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALx/XAOXCOBzwLheoIUhlitriuBnqMAOv56oFHB0GMYb+hy38+MPK5yqz2uG
NeRrQmptZ9qEBw1+0h2jLy1SfbN9vgKZF5ZVZb8Ex3wRlbP95OFVbwFrYweiBrCS
fOarIYYaqKSxxPdo05xt3RTj65v+6NL0062QNIRtih/y2VNx9BLpn1DOEzKRYZqw
MBRXnqzxlOk9C5E5FmiYv9rG8BpG/Zj+cZG17wXJFweiVlBbA5r1Op29nnp8Wo31
Wptco5c9U6oPDDSAmc23IdLXn9RUodQvEAjPlOSR0DvUTKErOeUYpMBigBIIzSCW
u/9RiFAB73qJJ2uThRJ8+WuVJJ0CAwEAAaOCA0UwggNBMB0GA1UdDgQWBBQNmAJf
VxI8C2Ly9lnFJeUwrp/b1TAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0ExMjFBMDU2
QTdFRTExRUZCQzBENEY1MkM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIHOBggrBgEFBQcBBwEB
/wSBvjCBuzCBpwQCAAEwgaAwDAMEAAEG5QMEAAEG5gMEAAEH5QMEAAEWJAMEAAEX
PgMEAGcPSgMEAmc52AMEAmdRWAMEAGdiNgMEAWdt4AMEAGdt4wMEAWdw5gMEAWdz
7AMEAWegrAMEAGenmAMEAGethAMEAGftVAMEAHHBGQMEAHHBMAMEAHHBgAMEAMo0
hjAMAwQAyqLlAwQAyqLmAwQByqLoAwQAyrGZAwQAyrGdMA8EAgACMAkDBwAgAQ3w
dAAwDQYJKoZIhvcNAQELBQADggEBABWmCgBbynpT+PHPq1PNQK02p2Jcer7XIqYL
kfcAwoibzQJChVfh02aXeoXL0Gv7Q27ZFOMfMYojo4kQe3KrlsqaxYJGI08SgmnR
HwP1r1tci0axCWZ0/FoxauIeh0axAigXBc5Ln6zW0uSAcK61mQyDkyPMGMyh97fh
6HeFrKAjozVfB5ZCKTNafhkNjvCQjHkd7QmXXSVpWPFjUx9/O3pqTKACqLOvsVQg
uVoBf/4Xhxed1rs+zCm+R5KOzkj4D3yr1nqHY5sqxCaAvM1RG417tJlkXtoD8SEW
Mv9lKagXpkEfJMHtAfBs4SCVYZVoYEUBAPRw3dre8vXNsg9Sm6E=
-----END CERTIFICATE-----
Generated at Fri Apr 4 23:19:59 2025 by rpki-client