Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/A2B81CFEDF5411EF8D94E673C4F9AE02.roa
File: A2B81CFEDF5411EF8D94E673C4F9AE02.roa (raw, json)
Hash identifier: W44uUp8IiKyhaJ35z5rTJvgk5BN1a4zGVl2m6bcZOc0=
Subject key identifier: 0A:B4:D8:1B:1F:26:33:3F:9D:E7:A7:69:76:3C:00:82:5C:8C:6B:1F
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: A433
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/A2B81CFEDF5411EF8D94E673C4F9AE02.roa
Signing time: Thu 30 Jan 2025 21:53:27 +0000
ROA not before: Thu 30 Jan 2025 21:53:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 43.225.0.0/22 maxlen: 24
43.227.184.0/23 maxlen: 24
43.231.116.0/22 maxlen: 24
43.239.112.0/22 maxlen: 24
45.114.156.0/22 maxlen: 24
103.14.196.0/22 maxlen: 24
103.16.140.0/22 maxlen: 24
103.26.169.0/24 maxlen: 24
103.27.168.0/24 maxlen: 24
103.27.170.0/23 maxlen: 23
103.47.152.0/24 maxlen: 24
103.51.92.0/22 maxlen: 24
103.52.48.0/22 maxlen: 24
103.54.96.0/22 maxlen: 24
103.55.84.0/22 maxlen: 24
103.82.144.0/22 maxlen: 24
103.86.20.0/22 maxlen: 24
103.88.124.0/22 maxlen: 24
103.108.76.0/22 maxlen: 24
103.111.128.0/22 maxlen: 24
103.116.60.0/22 maxlen: 24
103.118.8.0/22 maxlen: 24
103.132.203.0/24 maxlen: 24
103.133.116.0/24 maxlen: 24
103.142.64.0/23 maxlen: 24
103.143.109.0/24 maxlen: 24
103.144.112.0/23 maxlen: 24
103.153.208.0/23 maxlen: 24
103.155.194.0/23 maxlen: 24
103.164.0.0/23 maxlen: 24
103.167.157.0/24 maxlen: 24
103.171.8.0/23 maxlen: 24
103.171.236.0/23 maxlen: 24
103.173.14.0/23 maxlen: 24
103.173.41.0/24 maxlen: 24
103.174.42.0/23 maxlen: 24
103.180.216.0/23 maxlen: 24
103.192.72.0/22 maxlen: 24
103.199.92.0/22 maxlen: 24
103.200.48.0/22 maxlen: 24
103.206.64.0/22 maxlen: 24
103.212.132.0/22 maxlen: 24
103.224.50.0/23 maxlen: 24
103.226.224.0/22 maxlen: 24
103.228.172.0/24 maxlen: 24
103.228.173.0/24 maxlen: 24
103.228.174.0/24 maxlen: 24
103.228.175.0/24 maxlen: 24
103.236.112.0/22 maxlen: 24
103.242.236.0/22 maxlen: 24
103.254.200.0/22 maxlen: 24
137.59.204.0/22 maxlen: 24
139.5.96.0/22 maxlen: 24
203.191.56.0/22 maxlen: 24
220.158.140.0/22 maxlen: 24
2400:d180:66::/48 maxlen: 48
2400:d180:67::/48 maxlen: 48
2400:d180:68::/48 maxlen: 48
2400:d180:69::/48 maxlen: 48
2400:d180:70::/48 maxlen: 48
2400:d180:71::/48 maxlen: 48
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 42035 (0xa433)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Jan 30 21:53:27 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=679bf4d7-462c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:fe:ea:c8:37:67:b7:df:03:56:22:7d:20:27:
e2:73:c5:55:11:72:0b:27:3c:2a:d2:5b:eb:81:67:
d0:f6:0e:20:2f:5e:e2:30:d0:70:ff:ef:ef:dc:75:
bf:56:6c:e7:36:c6:83:e6:f0:74:38:e0:fb:28:b5:
a5:92:8f:3a:a4:78:0c:b1:6d:c3:d9:fc:cf:60:b7:
fe:3b:16:09:bc:0b:97:f4:33:97:fd:cf:c4:dd:e4:
6a:31:1b:8a:be:8a:12:e5:15:48:16:eb:70:32:c3:
4b:eb:71:a7:84:89:41:8f:aa:67:bc:f2:f5:07:fb:
14:b9:50:1f:3d:8d:a3:3f:9c:67:09:8c:64:be:bf:
65:e7:e6:78:22:5c:4f:d4:93:83:d9:cf:f9:fc:4c:
fe:47:5f:23:db:29:f9:d9:ea:df:9c:72:51:26:f1:
a2:fa:5b:18:f1:a8:5b:4a:87:9f:57:b6:97:de:7b:
2b:a9:e7:29:9d:44:80:72:79:a8:8b:8d:42:25:44:
3b:bb:1b:5e:30:54:78:b9:29:a5:ee:f7:ab:81:7a:
a7:a6:d6:82:5a:4a:fb:7d:8f:ce:fc:1f:a2:bd:a8:
3f:6f:2b:90:50:7c:3c:a5:37:86:41:8c:94:c1:28:
2f:95:8a:ab:03:a3:39:fd:37:8d:74:d6:33:99:6a:
6d:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:B4:D8:1B:1F:26:33:3F:9D:E7:A7:69:76:3C:00:82:5C:8C:6B:1F
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/A2B81CFEDF5411EF8D94E673C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.225.0.0/22
43.227.184.0/23
43.231.116.0/22
43.239.112.0/22
45.114.156.0/22
103.14.196.0/22
103.16.140.0/22
103.26.169.0/24
103.27.168.0/24
103.27.170.0/23
103.47.152.0/24
103.51.92.0/22
103.52.48.0/22
103.54.96.0/22
103.55.84.0/22
103.82.144.0/22
103.86.20.0/22
103.88.124.0/22
103.108.76.0/22
103.111.128.0/22
103.116.60.0/22
103.118.8.0/22
103.132.203.0/24
103.133.116.0/24
103.142.64.0/23
103.143.109.0/24
103.144.112.0/23
103.153.208.0/23
103.155.194.0/23
103.164.0.0/23
103.167.157.0/24
103.171.8.0/23
103.171.236.0/23
103.173.14.0/23
103.173.41.0/24
103.174.42.0/23
103.180.216.0/23
103.192.72.0/22
103.199.92.0/22
103.200.48.0/22
103.206.64.0/22
103.212.132.0/22
103.224.50.0/23
103.226.224.0/22
103.228.172.0/22
103.236.112.0/22
103.242.236.0/22
103.254.200.0/22
137.59.204.0/22
139.5.96.0/22
203.191.56.0/22
220.158.140.0/22
IPv6:
2400:d180:66::-2400:d180:69:ffff:ffff:ffff:ffff:ffff
2400:d180:70::/47
Signature Algorithm: sha256WithRSAEncryption
96:6f:de:a3:ef:9c:ab:4c:21:c9:cb:43:69:b8:da:b1:2b:e1:
c8:d4:40:19:6d:68:5e:1a:a4:b2:d6:a3:29:c6:27:1b:3a:1e:
c5:f0:d1:b3:41:a7:ba:0b:94:b2:ea:2a:fa:a3:4b:57:b5:13:
a4:fb:89:8b:dc:bc:00:06:59:a6:16:ca:f5:19:f2:7d:29:35:
f3:b3:53:4e:2c:00:df:f5:f4:45:35:d9:63:df:db:e9:66:0c:
4b:c8:19:80:7c:52:32:dd:fb:50:6e:2f:11:bd:48:17:d8:a7:
b7:43:f1:c9:ed:9c:bd:67:e2:46:d4:d6:26:ef:db:f4:83:f2:
e7:32:91:44:b6:ec:3f:32:4d:38:43:35:20:8a:82:f3:a2:46:
6e:b6:d4:fe:d9:e6:c1:59:5a:43:4f:42:ba:5a:71:44:fa:5f:
c5:6c:0c:a2:4f:2d:51:f7:ac:37:ed:32:c3:1f:84:01:ac:7a:
16:a3:a8:65:bc:7a:30:a7:0c:da:0b:49:18:19:0b:ae:5c:1c:
22:80:c2:fb:41:fc:6c:2d:e4:ca:3a:d2:0b:22:16:d7:1c:ea:
9b:68:67:81:1b:95:cc:00:45:23:aa:52:84:a2:a2:ac:95:97:
49:98:03:9e:e3:41:58:76:b0:79:d7:7e:ac:05:c3:ae:75:d3:
66:4b:bc:30
-----BEGIN CERTIFICATE-----
MIIG0zCCBbugAwIBAgIDAKQzMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDEzMDIxNTMyN1oXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjc5YmY0ZDctNDYyYzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALL+6sg3Z7ffA1YifSAn4nPFVRFyCyc8KtJb64Fn0PYOIC9e4jDQcP/v79x1
v1Zs5zbGg+bwdDjg+yi1pZKPOqR4DLFtw9n8z2C3/jsWCbwLl/Qzl/3PxN3kajEb
ir6KEuUVSBbrcDLDS+txp4SJQY+qZ7zy9Qf7FLlQHz2Noz+cZwmMZL6/ZefmeCJc
T9STg9nP+fxM/kdfI9sp+dnq35xyUSbxovpbGPGoW0qHn1e2l957K6nnKZ1EgHJ5
qIuNQiVEO7sbXjBUeLkppe73q4F6p6bWglpK+32Pzvwfor2oP28rkFB8PKU3hkGM
lMEoL5WKqwOjOf03jXTWM5lqbZcCAwEAAaOCA/YwggPyMB0GA1UdDgQWBBQKtNgb
HyYzP53np2l2PACCXIxrHzAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0EyQjgxQ0ZF
REY1NDExRUY4RDk0RTY3M0M0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIIBfgYIKwYBBQUHAQcB
Af8EggFtMIIBaTCCAUAEAgABMIIBOAMEAivhAAMEASvjuAMEAivndAMEAivvcAME
Ai1ynAMEAmcOxAMEAmcQjAMEAGcaqQMEAGcbqAMEAWcbqgMEAGcvmAMEAmczXAME
Amc0MAMEAmc2YAMEAmc3VAMEAmdSkAMEAmdWFAMEAmdYfAMEAmdsTAMEAmdvgAME
Amd0PAMEAmd2CAMEAGeEywMEAGeFdAMEAWeOQAMEAGePbQMEAWeQcAMEAWeZ0AME
AWebwgMEAWekAAMEAGennQMEAWerCAMEAWer7AMEAWetDgMEAGetKQMEAWeuKgME
AWe02AMEAmfASAMEAmfHXAMEAmfIMAMEAmfOQAMEAmfUhAMEAWfgMgMEAmfi4AME
AmfkrAMEAmfscAMEAmfy7AMEAmf+yAMEAok7zAMEAosFYAMEAsu/OAMEAtyejDAj
BAIAAjAdMBIDBwEkANGAAGYDBwEkANGAAGgDBwEkANGAAHAwDQYJKoZIhvcNAQEL
BQADggEBAJZv3qPvnKtMIcnLQ2m42rEr4cjUQBltaF4apLLWoynGJxs6HsXw0bNB
p7oLlLLqKvqjS1e1E6T7iYvcvAAGWaYWyvUZ8n0pNfOzU04sAN/19EU12WPf2+lm
DEvIGYB8UjLd+1BuLxG9SBfYp7dD8cntnL1n4kbU1ibv2/SD8ucykUS27D8yTThD
NSCKgvOiRm621P7Z5sFZWkNPQrpacUT6X8VsDKJPLVH3rDftMsMfhAGsehajqGW8
ejCnDNoLSRgZC65cHCKAwvtB/Gwt5Mo60gsiFtcc6ptoZ4EblcwARSOqUoSioqyV
l0mYA57jQVh2sHnXfqwFw65102ZLvDA=
-----END CERTIFICATE-----
Generated at Fri Apr 4 21:58:24 2025 by rpki-client