Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/C8BD4C00CE5911EFB7789430C4F9AE02.roa
File: C8BD4C00CE5911EFB7789430C4F9AE02.roa (raw, json)
Hash identifier: dhQxfPHFnnPFAJdT6c+KEAQBI5pERobZp5kZOme23LI=
Subject key identifier: 89:24:47:F0:BD:49:80:5A:9E:A5:C6:AD:13:46:61:C7:D8:8C:42:51
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: A23F
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/C8BD4C00CE5911EFB7789430C4F9AE02.roa
Signing time: Mon 13 Jan 2025 04:55:49 +0000
ROA not before: Mon 13 Jan 2025 04:55:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 141514
IP address blocks: 103.160.126.0/23 maxlen: 24
103.170.214.0/23 maxlen: 24
103.173.240.0/23 maxlen: 24
103.175.134.0/23 maxlen: 24
103.175.190.0/23 maxlen: 24
103.177.82.0/23 maxlen: 24
103.177.112.0/23 maxlen: 24
103.177.204.0/23 maxlen: 24
103.178.122.0/23 maxlen: 24
103.178.126.0/23 maxlen: 24
103.181.112.0/23 maxlen: 24
103.183.204.0/23 maxlen: 24
103.183.228.0/23 maxlen: 24
103.184.104.0/23 maxlen: 24
103.184.154.0/23 maxlen: 24
103.185.234.0/23 maxlen: 24
103.186.54.0/23 maxlen: 24
103.187.228.0/23 maxlen: 24
2400:7f60::/32 maxlen: 32
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 41535 (0xa23f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Jan 13 04:55:49 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67849cd5-f786
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:52:64:49:38:cb:5f:b9:3a:12:5e:57:9c:6a:
51:4b:e1:b2:d6:cc:01:6e:ca:ea:ce:b3:ad:28:bc:
0e:43:6c:a5:25:92:1f:bf:08:c3:7b:56:aa:91:b7:
e9:ad:0f:03:0a:0b:fc:9a:fa:71:d3:29:a9:fd:1a:
d2:e4:24:e2:28:dc:ce:20:da:a0:ea:37:a4:88:fa:
8b:55:ad:77:36:c0:d7:2f:41:84:c7:0e:7e:fd:c0:
34:e8:5c:a1:67:03:6a:7d:1c:8f:43:f6:c2:3f:20:
1c:52:b7:ea:80:0e:d5:d7:1b:4a:3e:b1:e8:61:bc:
56:de:bf:25:af:6a:8d:0d:b0:63:c1:11:c3:c5:76:
d3:46:02:4c:70:b6:86:50:d0:59:6a:f4:08:91:b6:
c1:4d:06:e0:e5:4f:52:a6:b0:58:c9:d0:b1:80:bf:
61:d1:ca:30:00:4a:ac:5f:04:61:54:20:81:1d:b4:
5b:e2:40:9a:0b:39:82:39:bd:47:50:92:07:3e:4c:
7d:40:92:3d:e9:74:0b:5f:c0:aa:e4:b9:fb:44:c7:
d1:8b:40:3f:d9:18:5b:05:61:ec:a6:04:a2:48:e5:
a9:40:b3:38:36:5c:29:e8:73:6a:56:1e:6b:77:3d:
59:61:60:3f:0f:84:79:2a:da:85:f5:d8:f3:a5:5a:
7d:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:24:47:F0:BD:49:80:5A:9E:A5:C6:AD:13:46:61:C7:D8:8C:42:51
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/C8BD4C00CE5911EFB7789430C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.160.126.0/23
103.170.214.0/23
103.173.240.0/23
103.175.134.0/23
103.175.190.0/23
103.177.82.0/23
103.177.112.0/23
103.177.204.0/23
103.178.122.0/23
103.178.126.0/23
103.181.112.0/23
103.183.204.0/23
103.183.228.0/23
103.184.104.0/23
103.184.154.0/23
103.185.234.0/23
103.186.54.0/23
103.187.228.0/23
IPv6:
2400:7f60::/32
Signature Algorithm: sha256WithRSAEncryption
77:1b:3c:55:d4:aa:0f:12:ba:2d:f6:c3:01:06:66:ae:6f:31:
06:5c:68:2a:73:53:52:dd:cf:e0:6e:bb:8e:d2:d3:e3:2e:dc:
37:ba:c5:5b:ba:73:43:ac:d1:95:8a:a9:5c:6d:a2:1b:07:3c:
b7:c7:b7:cf:e1:41:78:20:ea:44:43:11:cb:3f:1f:11:a0:5a:
81:39:5b:0c:32:fe:4d:9a:dd:0e:73:26:ac:83:e8:83:7d:10:
18:11:b6:93:e2:ec:32:29:12:40:a6:c4:f6:19:12:50:63:b6:
14:7a:3e:c7:51:1a:58:ec:80:df:4b:3f:04:b8:55:39:28:04:
e3:da:15:39:ae:e9:3e:2e:61:a3:4f:a0:30:52:6f:ac:c7:b9:
c0:e5:6e:b8:6a:d8:d1:40:da:b8:ef:b9:cb:48:d3:77:7f:09:
c6:94:3d:a9:be:95:64:14:5e:7b:8b:5f:11:c1:0f:f2:1c:dd:
65:ff:c4:1a:31:80:f5:7a:e7:04:ee:c1:3c:16:84:4d:f7:6c:
68:f1:b3:e5:9a:fa:91:fb:00:37:45:f4:9d:26:62:1b:09:45:
28:54:90:a7:02:c3:0d:b4:67:bc:35:68:8f:bd:df:a6:a4:2f:
23:44:c3:13:c6:2d:a9:3f:09:38:e8:81:42:93:9a:6b:31:3c:
9c:1d:ed:50
-----BEGIN CERTIFICATE-----
MIIF6jCCBNKgAwIBAgIDAKI/MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDExMzA0NTU0OVoXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjc4NDljZDUtZjc4NjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL5SZEk4y1+5OhJeV5xqUUvhstbMAW7K6s6zrSi8DkNspSWSH78Iw3tWqpG3
6a0PAwoL/Jr6cdMpqf0a0uQk4ijcziDaoOo3pIj6i1WtdzbA1y9BhMcOfv3ANOhc
oWcDan0cj0P2wj8gHFK36oAO1dcbSj6x6GG8Vt6/Ja9qjQ2wY8ERw8V200YCTHC2
hlDQWWr0CJG2wU0G4OVPUqawWMnQsYC/YdHKMABKrF8EYVQggR20W+JAmgs5gjm9
R1CSBz5MfUCSPel0C1/AquS5+0TH0YtAP9kYWwVh7KYEokjlqUCzODZcKehzalYe
a3c9WWFgPw+EeSrahfXY86VafTsCAwEAAaOCAw0wggMJMB0GA1UdDgQWBBSJJEfw
vUmAWp6lxq0TRmHH2IxCUTAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0M4QkQ0QzAw
Q0U1OTExRUZCNzc4OTQzMEM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGWBggrBgEFBQcBBwEB
/wSBhjCBgzByBAIAATBsAwQBZ6B+AwQBZ6rWAwQBZ63wAwQBZ6+GAwQBZ6++AwQB
Z7FSAwQBZ7FwAwQBZ7HMAwQBZ7J6AwQBZ7J+AwQBZ7VwAwQBZ7fMAwQBZ7fkAwQB
Z7hoAwQBZ7iaAwQBZ7nqAwQBZ7o2AwQBZ7vkMA0EAgACMAcDBQAkAH9gMA0GCSqG
SIb3DQEBCwUAA4IBAQB3GzxV1KoPErot9sMBBmaubzEGXGgqc1NS3c/gbruO0tPj
Ltw3usVbunNDrNGViqlcbaIbBzy3x7fP4UF4IOpEQxHLPx8RoFqBOVsMMv5Nmt0O
cyasg+iDfRAYEbaT4uwyKRJApsT2GRJQY7YUej7HURpY7IDfSz8EuFU5KATj2hU5
ruk+LmGjT6AwUm+sx7nA5W64atjRQNq477nLSNN3fwnGlD2pvpVkFF57i18RwQ/y
HN1l/8QaMYD1eucE7sE8FoRN92xo8bPlmvqR+wA3RfSdJmIbCUUoVJCnAsMNtGe8
NWiPvd+mpC8jRMMTxi2pPwk46IFCk5prMTycHe1Q
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:04:17 2025 by rpki-client