Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/C1B25DB4182E11EB955AA35EC4F9AE02.roa
File: C1B25DB4182E11EB955AA35EC4F9AE02.roa (raw, json)
Hash identifier: U3vNNu0BJBagE6/okHNzv1EbTcMfDZ83a+YV71EmQag=
Subject key identifier: AC:0A:E8:56:5F:5B:0A:5F:F0:51:EC:3A:10:A9:69:44:F0:C2:FF:21
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 965A
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/C1B25DB4182E11EB955AA35EC4F9AE02.roa
Signing time: Thu 08 Aug 2024 08:03:20 +0000
ROA not before: Thu 08 Aug 2024 08:03:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 17625
IP address blocks: 14.102.160.0/22 maxlen: 24
36.255.8.0/22 maxlen: 24
43.252.192.0/22 maxlen: 24
45.64.196.0/22 maxlen: 24
45.64.204.0/22 maxlen: 24
45.114.56.0/22 maxlen: 24
45.114.64.0/22 maxlen: 24
45.114.212.0/22 maxlen: 24
45.116.56.0/24 maxlen: 24
45.116.57.0/24 maxlen: 24
45.116.58.0/24 maxlen: 24
45.116.59.0/24 maxlen: 24
103.19.196.0/22 maxlen: 24
103.54.12.0/22 maxlen: 24
103.54.20.0/22 maxlen: 24
103.54.188.0/22 maxlen: 24
103.91.132.0/22 maxlen: 24
103.206.56.0/22 maxlen: 24
103.208.224.0/22 maxlen: 24
103.254.32.0/22 maxlen: 24
103.254.244.0/22 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 38490 (0x965a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Aug 8 08:03:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=66b47bc7-d38c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:48:c2:14:e3:15:05:97:38:24:3e:28:c3:0a:
71:d0:d2:f5:9f:b4:c0:90:ca:d9:c9:72:73:ae:f7:
98:c8:9c:7e:4b:14:db:7d:f6:6a:df:e4:81:81:b8:
fb:79:cb:f0:24:2d:5d:2c:30:7e:54:da:c4:5e:4c:
24:74:01:7a:c3:8e:67:83:f4:a8:b3:92:f0:20:84:
b1:c6:92:43:27:52:2b:df:78:bc:f4:60:e1:9a:d1:
52:48:46:01:fa:70:d2:21:fe:9e:47:cd:8e:b7:3c:
91:66:e6:28:77:6f:0e:a2:86:f2:e6:06:37:4d:b5:
56:36:78:50:7b:49:0c:15:da:a3:f0:ad:e9:11:14:
02:8f:c8:77:82:79:23:c7:8a:c5:3a:7e:bc:66:f5:
4a:5f:10:99:92:19:f1:f0:95:5f:d6:3e:ce:93:2e:
76:67:10:98:e7:4a:b3:6e:7f:89:b6:cf:6e:cb:6b:
3c:bb:c5:5e:49:2f:c0:9a:62:cb:2a:88:47:8a:40:
78:ec:29:cf:74:e1:48:b0:2a:80:89:34:de:7c:0b:
7f:57:3d:a8:4c:31:a3:ba:91:99:df:cf:6d:76:eb:
20:25:77:2d:6c:0f:8f:86:53:d8:80:80:35:36:af:
c3:28:79:ac:03:48:f6:b8:48:c1:b8:c8:0d:bb:d8:
91:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:0A:E8:56:5F:5B:0A:5F:F0:51:EC:3A:10:A9:69:44:F0:C2:FF:21
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/C1B25DB4182E11EB955AA35EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.102.160.0/22
36.255.8.0/22
43.252.192.0/22
45.64.196.0/22
45.64.204.0/22
45.114.56.0/22
45.114.64.0/22
45.114.212.0/22
45.116.56.0/22
103.19.196.0/22
103.54.12.0/22
103.54.20.0/22
103.54.188.0/22
103.91.132.0/22
103.206.56.0/22
103.208.224.0/22
103.254.32.0/22
103.254.244.0/22
Signature Algorithm: sha256WithRSAEncryption
5f:46:cd:81:33:6d:a0:2f:19:e8:bc:9d:e2:97:eb:c3:63:1e:
67:a9:51:ee:f5:f4:f5:ed:1d:8c:b8:c6:7b:ae:d7:e3:2d:3b:
81:be:fa:58:7f:bc:02:07:3c:e4:13:3d:3e:0d:5d:9b:f9:10:
ca:26:19:e6:e5:37:9c:b6:3d:06:7a:df:bc:4a:49:ac:57:c8:
a4:77:75:e3:99:ef:7e:f1:d7:db:cf:2c:a7:89:20:76:cc:f2:
66:31:da:35:94:bd:f3:e2:f7:ed:fb:db:d9:11:84:3a:06:92:
84:9b:58:f6:09:2f:89:d4:b7:0f:44:f2:d6:77:7c:b8:8f:b3:
87:c0:ea:e9:eb:da:54:2c:0a:e8:3d:e3:2d:23:b0:bd:61:ae:
0b:97:4d:91:21:75:5b:79:fb:f7:ea:c5:a5:41:ad:76:d5:f6:
28:f9:88:33:fc:73:14:73:ba:f8:dc:fc:88:29:0d:b2:6f:4c:
2d:14:c0:e3:da:2c:6e:22:ae:77:8c:c1:e1:f7:22:4e:24:9f:
e5:19:44:0e:40:e9:e2:bf:ea:cf:5c:88:fa:8d:7d:e0:8b:29:
cd:7b:60:f5:f9:c2:ce:34:db:6a:1f:bf:b9:b1:4c:a5:4b:31:
a9:b5:fc:0d:4c:97:df:82:c9:f6:44:b7:1a:a1:de:6c:07:43:
16:af:35:f9
-----BEGIN CERTIFICATE-----
MIIF2TCCBMGgAwIBAgIDAJZaMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MDgwODA4MDMyMFoXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjZiNDdiYzctZDM4YzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMJIwhTjFQWXOCQ+KMMKcdDS9Z+0wJDK2clyc673mMicfksU2332at/kgYG4
+3nL8CQtXSwwflTaxF5MJHQBesOOZ4P0qLOS8CCEscaSQydSK994vPRg4ZrRUkhG
Afpw0iH+nkfNjrc8kWbmKHdvDqKG8uYGN021VjZ4UHtJDBXao/Ct6REUAo/Id4J5
I8eKxTp+vGb1Sl8QmZIZ8fCVX9Y+zpMudmcQmOdKs25/ibbPbstrPLvFXkkvwJpi
yyqIR4pAeOwpz3ThSLAqgIk03nwLf1c9qEwxo7qRmd/PbXbrICV3LWwPj4ZT2ICA
NTavwyh5rANI9rhIwbjIDbvYkW8CAwEAAaOCAvwwggL4MB0GA1UdDgQWBBSsCuhW
X1sKX/BR7DoQqWlE8ML/ITAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0MxQjI1REI0
MTgyRTExRUI5NTVBQTM1RUM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGFBggrBgEFBQcBBwEB
/wR2MHQwcgQCAAEwbAMEAg5moAMEAiT/CAMEAiv8wAMEAi1AxAMEAi1AzAMEAi1y
OAMEAi1yQAMEAi1y1AMEAi10OAMEAmcTxAMEAmc2DAMEAmc2FAMEAmc2vAMEAmdb
hAMEAmfOOAMEAmfQ4AMEAmf+IAMEAmf+9DANBgkqhkiG9w0BAQsFAAOCAQEAX0bN
gTNtoC8Z6Lyd4pfrw2MeZ6lR7vX09e0djLjGe67X4y07gb76WH+8Agc85BM9Pg1d
m/kQyiYZ5uU3nLY9BnrfvEpJrFfIpHd145nvfvHX288sp4kgdszyZjHaNZS98+L3
7fvb2RGEOgaShJtY9gkvidS3D0Ty1nd8uI+zh8Dq6evaVCwK6D3jLSOwvWGuC5dN
kSF1W3n79+rFpUGtdtX2KPmIM/xzFHO6+Nz8iCkNsm9MLRTA49osbiKud4zB4fci
TiSf5RlEDkDp4r/qz1yI+o194IspzXtg9fnCzjTbah+/ubFMpUsxqbX8DUyX34LJ
9kS3GqHebAdDFq81+Q==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:17:16 2025 by rpki-client