Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/CF11AAFC115911EDAB116778C4F9AE02.roa
File: CF11AAFC115911EDAB116778C4F9AE02.roa (raw, json)
Hash identifier: 7qy0gGe1pGJFOzkH8hVfnvimQmp7ktqdTLCoH8FFO/Y=
Subject key identifier: BF:6C:71:80:26:10:76:0C:FF:61:82:96:49:7C:09:3D:F6:7F:F6:C2
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 5B3C
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/CF11AAFC115911EDAB116778C4F9AE02.roa
Signing time: Fri 12 Aug 2022 06:41:36 +0000
ROA not before: Fri 12 Aug 2022 06:41:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 17665
IP address blocks: 36.255.88.0/22 maxlen: 24
43.230.40.0/22 maxlen: 24
59.152.120.0/22 maxlen: 24
103.10.224.0/22 maxlen: 24
103.38.68.0/23 maxlen: 24
103.38.128.0/22 maxlen: 24
103.46.192.0/23 maxlen: 24
103.88.56.0/24 maxlen: 24
103.88.57.0/24 maxlen: 24
103.88.58.0/24 maxlen: 24
103.88.59.0/24 maxlen: 24
103.99.196.0/23 maxlen: 24
103.99.198.0/23 maxlen: 24
103.147.1.0/24 maxlen: 24
103.159.212.0/24 maxlen: 24
103.163.148.0/23 maxlen: 24
103.164.46.0/23 maxlen: 24
103.165.28.0/23 maxlen: 24
103.169.156.0/23 maxlen: 24
103.174.159.0/24 maxlen: 24
103.175.31.0/24 maxlen: 24
103.177.174.0/23 maxlen: 24
103.181.140.0/24 maxlen: 24
103.181.141.0/24 maxlen: 24
103.183.54.0/23 maxlen: 24
103.189.146.0/24 maxlen: 24
103.203.36.0/22 maxlen: 24
103.206.8.0/24 maxlen: 24
103.206.9.0/24 maxlen: 24
103.206.10.0/24 maxlen: 24
103.206.11.0/24 maxlen: 24
103.209.68.0/22 maxlen: 22
103.209.68.0/24 maxlen: 24
103.209.69.0/24 maxlen: 24
103.209.70.0/24 maxlen: 24
103.209.71.0/24 maxlen: 24
103.251.52.0/22 maxlen: 24
203.192.192.0/20 maxlen: 24
203.192.208.0/22 maxlen: 22
203.192.213.0/24 maxlen: 24
203.192.215.0/24 maxlen: 24
203.192.217.0/24 maxlen: 24
203.192.218.0/24 maxlen: 24
203.192.219.0/24 maxlen: 24
203.192.220.0/22 maxlen: 22
203.192.224.0/23 maxlen: 23
203.192.226.0/24 maxlen: 24
203.192.228.0/22 maxlen: 22
203.192.232.0/22 maxlen: 22
203.192.237.0/24 maxlen: 24
203.192.238.0/23 maxlen: 23
203.192.240.0/20 maxlen: 20
203.194.96.0/24 maxlen: 24
203.194.97.0/24 maxlen: 24
203.194.98.0/24 maxlen: 24
203.194.99.0/24 maxlen: 24
203.194.100.0/24 maxlen: 24
203.194.101.0/24 maxlen: 24
203.194.102.0/24 maxlen: 24
203.194.103.0/24 maxlen: 24
203.194.104.0/24 maxlen: 24
203.194.105.0/24 maxlen: 24
203.194.106.0/24 maxlen: 24
203.194.107.0/24 maxlen: 24
203.194.108.0/24 maxlen: 24
203.194.109.0/24 maxlen: 24
203.194.110.0/24 maxlen: 24
2404:ba00::/32 maxlen: 48
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 23356 (0x5b3c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Aug 12 06:41:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=62f5f61f-c92d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:4a:b4:84:76:7f:18:c2:c5:6a:c3:b7:63:85:
7c:60:ef:a1:8d:10:a4:ab:c3:75:a1:74:b2:3e:58:
b7:8d:55:c3:d7:83:9b:af:9f:2a:a4:39:aa:b3:a8:
fc:fd:c5:e5:ce:08:b7:a5:58:f7:18:6f:fe:4c:3d:
9c:19:23:a3:22:4c:00:4d:af:99:f1:91:37:24:d6:
07:6d:52:f4:2f:1e:50:18:32:51:c3:08:83:94:ef:
db:35:dd:82:c7:fe:d2:88:40:79:fe:a4:16:6b:b8:
05:be:99:be:9b:a4:9e:7d:ff:64:f0:a2:fc:5b:e5:
89:d1:34:10:83:a1:dc:d0:ba:02:85:af:a7:69:e1:
3b:86:b0:16:d2:67:da:4b:76:4b:6f:e4:ee:6f:b5:
00:06:12:8c:b6:2f:b8:51:a7:80:0b:f6:77:6a:b9:
c5:f8:57:58:ba:6b:26:9c:12:21:6a:e7:7f:21:64:
ac:3b:87:95:8c:a9:7a:f2:97:89:31:e3:c8:78:87:
fc:3d:0b:d6:6f:b6:fe:63:29:63:c5:b1:a0:3d:74:
67:38:34:36:94:b5:ba:9e:97:44:46:19:3b:b4:c7:
38:9d:2d:34:ce:92:24:24:03:7a:5c:4d:bd:a8:be:
00:f3:60:b2:87:95:e3:4b:8b:da:12:7d:da:c4:b9:
f8:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:6C:71:80:26:10:76:0C:FF:61:82:96:49:7C:09:3D:F6:7F:F6:C2
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/CF11AAFC115911EDAB116778C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
36.255.88.0/22
43.230.40.0/22
59.152.120.0/22
103.10.224.0/22
103.38.68.0/23
103.38.128.0/22
103.46.192.0/23
103.88.56.0/22
103.99.196.0/22
103.147.1.0/24
103.159.212.0/24
103.163.148.0/23
103.164.46.0/23
103.165.28.0/23
103.169.156.0/23
103.174.159.0/24
103.175.31.0/24
103.177.174.0/23
103.181.140.0/23
103.183.54.0/23
103.189.146.0/24
103.203.36.0/22
103.206.8.0/22
103.209.68.0/22
103.251.52.0/22
203.192.192.0-203.192.211.255
203.192.213.0/24
203.192.215.0/24
203.192.217.0-203.192.226.255
203.192.228.0-203.192.235.255
203.192.237.0-203.192.255.255
203.194.96.0-203.194.110.255
IPv6:
2404:ba00::/32
Signature Algorithm: sha256WithRSAEncryption
93:c5:a1:b6:9d:b2:81:85:30:75:a9:4d:7e:01:c0:d1:52:23:
3b:ba:f0:34:48:a8:9a:c9:02:39:a8:4e:7f:08:5e:f9:17:67:
ad:b2:df:73:98:38:0b:2c:42:b1:85:54:75:03:da:1b:80:4c:
ef:7d:c7:a9:f0:2c:33:58:dd:71:2c:0c:4c:7e:12:a8:3d:8d:
ab:68:01:36:c9:bf:cb:a6:53:10:10:76:4d:a0:b2:ea:8c:27:
c9:a5:c6:3e:87:96:45:8a:e7:fd:f8:b0:b5:05:95:28:93:5f:
b8:3c:59:25:ec:dc:9f:8e:19:b2:08:6f:aa:59:01:e8:dc:54:
8d:a8:bb:d3:6a:93:19:2a:b4:8e:eb:0e:0c:d7:ba:e9:ec:69:
41:6c:ce:25:8c:b3:e8:2d:e9:5a:c0:85:8f:24:01:0f:4b:04:
4f:21:1f:9e:56:f4:63:4c:2a:c4:6f:58:4d:db:a2:41:2a:f3:
66:93:19:fb:15:95:8f:05:fb:d8:88:13:2c:84:68:2e:c8:b2:
cf:24:97:96:49:8e:78:eb:f1:42:2a:2a:75:73:ff:18:8d:f2:
53:27:91:b5:b9:28:c1:ee:30:72:49:4b:5b:81:49:f0:8d:71:
21:c7:a7:d6:b2:1e:3b:7f:60:a3:6c:52:33:ea:45:46:d1:fa:
8f:dd:79:46
-----BEGIN CERTIFICATE-----
MIIGaTCCBVGgAwIBAgICWzwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjIwODEyMDY0MTM2WhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmY1ZjYxZi1jOTJkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvkq0hHZ/GMLFasO3Y4V8YO+hjRCkq8N1oXSyPli3jVXD14Obr58qpDmqs6j8
/cXlzgi3pVj3GG/+TD2cGSOjIkwATa+Z8ZE3JNYHbVL0Lx5QGDJRwwiDlO/bNd2C
x/7SiEB5/qQWa7gFvpm+m6Seff9k8KL8W+WJ0TQQg6Hc0LoCha+naeE7hrAW0mfa
S3ZLb+Tub7UABhKMti+4UaeAC/Z3arnF+FdYumsmnBIhaud/IWSsO4eVjKl68peJ
MePIeIf8PQvWb7b+YyljxbGgPXRnODQ2lLW6npdERhk7tMc4nS00zpIkJAN6XE29
qL4A82Cyh5XjS4vaEn3axLn4VQIDAQABo4IDjTCCA4kwHQYDVR0OBBYEFL9scYAm
EHYM/2GClkl8CT32f/bCMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvQ0YxMUFBRkMx
MTU5MTFFREFCMTE2Nzc4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggEVBggrBgEFBQcBBwEB
/wSCAQQwggEAMIHuBAIAATCB5wMEAiT/WAMEAivmKAMEAjuYeAMEAmcK4AMEAWcm
RAMEAmcmgAMEAWcuwAMEAmdYOAMEAmdjxAMEAGeTAQMEAGef1AMEAWejlAMEAWek
LgMEAWelHAMEAWepnAMEAGeunwMEAGevHwMEAWexrgMEAWe1jAMEAWe3NgMEAGe9
kgMEAmfLJAMEAmfOCAMEAmfRRAMEAmf7NDAMAwQGy8DAAwQCy8DQAwQAy8DVAwQA
y8DXMAwDBADLwNkDBADLwOIwDAMEAsvA5AMEAsvA6DALAwQAy8DtAwMAy8AwDAME
BcvCYAMEAMvCbjANBAIAAjAHAwUAJAS6ADANBgkqhkiG9w0BAQsFAAOCAQEAk8Wh
tp2ygYUwdalNfgHA0VIjO7rwNEiomskCOahOfwhe+RdnrbLfc5g4CyxCsYVUdQPa
G4BM733HqfAsM1jdcSwMTH4SqD2Nq2gBNsm/y6ZTEBB2TaCy6ownyaXGPoeWRYrn
/fiwtQWVKJNfuDxZJezcn44ZsghvqlkB6NxUjai702qTGSq0jusODNe66expQWzO
JYyz6C3pWsCFjyQBD0sETyEfnlb0Y0wqxG9YTduiQSrzZpMZ+xWVjwX72IgTLIRo
LsiyzySXlkmOeOvxQioqdXP/GI3yUyeRtbkowe4wcklLW4FJ8I1xIcen1rIeO39g
o2xSM+pFRtH6j915Rg==
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:10:53 2025 by rpki-client