Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/ACF745204A7911EF8B0F8E72C4F9AE02.roa
File: ACF745204A7911EF8B0F8E72C4F9AE02.roa (raw, json)
Hash identifier: RqyPC2H7TnbHsoekJRhw2uJJhfMN9XkiuuO8os9ERVw=
Subject key identifier: 7C:3A:CB:98:C2:53:FD:39:61:38:85:B7:91:BB:94:E7:BD:19:04:D5
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 9536
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/ACF745204A7911EF8B0F8E72C4F9AE02.roa
Signing time: Thu 25 Jul 2024 11:33:13 +0000
ROA not before: Thu 25 Jul 2024 11:33:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 149240
IP address blocks: 36.50.118.0/23 maxlen: 24
103.3.234.0/23 maxlen: 24
103.61.242.0/23 maxlen: 24
103.88.56.0/24 maxlen: 24
103.88.57.0/24 maxlen: 24
103.124.172.0/24 maxlen: 24
103.139.191.0/24 maxlen: 24
103.148.119.0/24 maxlen: 24
103.152.158.0/24 maxlen: 24
103.157.112.0/23 maxlen: 24
103.159.99.0/24 maxlen: 24
103.162.196.0/23 maxlen: 24
103.163.166.0/23 maxlen: 24
103.167.172.0/24 maxlen: 24
103.170.1.0/24 maxlen: 24
103.174.108.0/23 maxlen: 24
103.178.176.0/23 maxlen: 24
103.184.40.0/24 maxlen: 24
103.184.236.0/23 maxlen: 24
103.191.203.0/24 maxlen: 24
2001:df0:3bc0::/48 maxlen: 48
2001:df0:8640::/48 maxlen: 48
2001:df0:9340::/48 maxlen: 48
2001:df1:9c40::/48 maxlen: 48
2001:df2:c3c0::/48 maxlen: 48
2001:df3:4940::/48 maxlen: 48
2001:df3:b6c0::/48 maxlen: 48
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 38198 (0x9536)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Jul 25 11:33:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=66a237f8-aa76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:59:4d:a9:2a:d3:08:5b:3d:b7:1c:e6:7c:12:
8d:e1:c4:9c:b2:20:44:49:df:27:7c:58:34:f6:de:
0c:55:fb:46:c8:17:b9:6b:2d:b5:4f:1b:c2:16:1e:
40:8c:70:6c:4e:22:b7:36:10:ed:4d:2d:68:8f:6d:
e9:f5:16:26:5f:41:2d:74:fb:8b:a4:21:ae:88:9a:
f6:c6:96:4b:01:cc:aa:07:44:e9:9c:18:f1:84:4c:
d8:98:35:08:dd:bf:f3:a9:6f:5d:88:7c:ba:b9:2b:
32:a8:21:61:2a:12:01:2a:02:63:5f:73:da:f6:f8:
12:fa:da:69:a7:a2:aa:c3:80:b2:fd:95:a2:41:93:
e8:87:fb:68:a3:89:4f:18:61:52:5e:d8:b6:3a:65:
b5:5b:93:a7:3b:74:64:db:c5:de:f4:f9:7c:d3:d6:
67:5e:cf:c4:25:73:02:46:81:39:d1:1e:aa:5f:90:
c2:9a:03:0a:28:8b:ad:f5:ad:bd:7c:f5:ae:21:71:
12:dc:39:d5:ec:f7:94:86:cf:3c:6d:6d:e6:f7:bb:
b8:0d:1c:1b:83:7c:a8:2b:d0:c3:df:14:d2:32:56:
48:16:c5:dc:2e:6d:3b:72:01:af:bb:f3:b1:c0:b4:
a5:43:a0:69:dd:46:12:c3:d5:21:62:66:b9:76:2f:
a0:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:3A:CB:98:C2:53:FD:39:61:38:85:B7:91:BB:94:E7:BD:19:04:D5
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/ACF745204A7911EF8B0F8E72C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
36.50.118.0/23
103.3.234.0/23
103.61.242.0/23
103.88.56.0/23
103.124.172.0/24
103.139.191.0/24
103.148.119.0/24
103.152.158.0/24
103.157.112.0/23
103.159.99.0/24
103.162.196.0/23
103.163.166.0/23
103.167.172.0/24
103.170.1.0/24
103.174.108.0/23
103.178.176.0/23
103.184.40.0/24
103.184.236.0/23
103.191.203.0/24
IPv6:
2001:df0:3bc0::/48
2001:df0:8640::/48
2001:df0:9340::/48
2001:df1:9c40::/48
2001:df2:c3c0::/48
2001:df3:4940::/48
2001:df3:b6c0::/48
Signature Algorithm: sha256WithRSAEncryption
96:b1:8d:96:bf:72:78:fb:18:69:c0:9a:70:c8:40:c0:a2:c8:
2d:68:2d:b9:22:be:b4:64:23:63:33:0a:11:1b:43:f4:a2:e2:
5c:90:0d:dc:92:4a:c4:b4:67:8e:6c:61:e7:8e:1f:a5:41:ee:
f4:92:56:2a:3b:8d:f4:d1:b5:3d:07:13:74:74:69:1a:8f:58:
78:bf:ce:ea:21:b2:b8:a2:75:61:d3:b3:19:b3:39:7e:22:aa:
fc:2c:36:27:a9:f9:9d:96:87:25:04:e2:25:4e:5d:bc:fd:bf:
cd:1f:f4:89:33:24:3c:39:e7:fe:2b:78:da:d3:23:73:9c:36:
cd:6a:37:2c:e5:e4:1b:fe:af:c0:6d:77:43:9c:75:86:b3:b5:
79:5a:b9:fd:ec:e1:11:57:f4:dd:ae:9a:72:f2:c7:9b:f6:ce:
9c:c1:48:50:8b:ab:63:cf:43:b8:8d:65:3d:8a:71:78:17:22:
cc:b4:76:cb:d5:9d:a6:e7:85:39:f8:86:83:75:38:8a:c4:8b:
73:e4:ec:38:19:2b:ad:5b:9b:c6:3f:a1:ae:a0:5a:63:96:68:
01:b1:4b:16:3b:e9:b5:39:f5:61:54:a1:d9:4b:30:96:6e:68:
6b:46:17:59:f2:d0:78:6d:30:ed:78:77:74:a4:c9:e7:70:af:
15:22:5c:1d
-----BEGIN CERTIFICATE-----
MIIGKDCCBRCgAwIBAgIDAJU2MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MDcyNTExMzMxM1oXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjZhMjM3ZjgtYWE3NjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMlZTakq0whbPbcc5nwSjeHEnLIgREnfJ3xYNPbeDFX7RsgXuWsttU8bwhYe
QIxwbE4itzYQ7U0taI9t6fUWJl9BLXT7i6Qhroia9saWSwHMqgdE6ZwY8YRM2Jg1
CN2/86lvXYh8urkrMqghYSoSASoCY19z2vb4EvraaaeiqsOAsv2VokGT6If7aKOJ
TxhhUl7YtjpltVuTpzt0ZNvF3vT5fNPWZ17PxCVzAkaBOdEeql+QwpoDCiiLrfWt
vXz1riFxEtw51ez3lIbPPG1t5ve7uA0cG4N8qCvQw98U0jJWSBbF3C5tO3IBr7vz
scC0pUOgad1GEsPVIWJmuXYvoKUCAwEAAaOCA0swggNHMB0GA1UdDgQWBBR8OsuY
wlP9OWE4hbeRu5TnvRkE1TAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0FDRjc0NTIw
NEE3OTExRUY4QjBGOEU3MkM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIHUBggrBgEFBQcBBwEB
/wSBxDCBwTB4BAIAATByAwQBJDJ2AwQBZwPqAwQBZz3yAwQBZ1g4AwQAZ3ysAwQA
Z4u/AwQAZ5R3AwQAZ5ieAwQBZ51wAwQAZ59jAwQBZ6LEAwQBZ6OmAwQAZ6esAwQA
Z6oBAwQBZ65sAwQBZ7KwAwQAZ7goAwQBZ7jsAwQAZ7/LMEUEAgACMD8DBwAgAQ3w
O8ADBwAgAQ3whkADBwAgAQ3wk0ADBwAgAQ3xnEADBwAgAQ3yw8ADBwAgAQ3zSUAD
BwAgAQ3ztsAwDQYJKoZIhvcNAQELBQADggEBAJaxjZa/cnj7GGnAmnDIQMCiyC1o
LbkivrRkI2MzChEbQ/Si4lyQDdySSsS0Z45sYeeOH6VB7vSSVio7jfTRtT0HE3R0
aRqPWHi/zuohsriidWHTsxmzOX4iqvwsNiep+Z2WhyUE4iVOXbz9v80f9IkzJDw5
5/4reNrTI3OcNs1qNyzl5Bv+r8Btd0OcdYaztXlauf3s4RFX9N2umnLyx5v2zpzB
SFCLq2PPQ7iNZT2KcXgXIsy0dsvVnabnhTn4hoN1OIrEi3Pk7DgZK61bm8Y/oa6g
WmOWaAGxSxY76bU59WFUodlLMJZuaGtGF1ny0HhtMO14d3SkyedwrxUiXB0=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:26:58 2025 by rpki-client