Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/D5AF094253B411EEAC774753C4F9AE02.roa
File: D5AF094253B411EEAC774753C4F9AE02.roa (raw, json)
Hash identifier: hvRCDcRh4p1dTBVR4wcVXSA88qLc/KGFcWmBiEYaa+Q=
Subject key identifier: D8:D4:23:BB:09:FF:65:9C:A4:53:EC:BF:01:9D:59:1A:D2:9D:96:2E
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 88F8
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/D5AF094253B411EEAC774753C4F9AE02.roa
Signing time: Thu 30 May 2024 15:56:51 +0000
ROA not before: Thu 30 May 2024 15:56:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 133594
IP address blocks: 14.102.3.0/24 maxlen: 24
14.102.12.0/24 maxlen: 24
14.102.43.0/24 maxlen: 24
14.102.57.0/24 maxlen: 24
14.102.66.0/24 maxlen: 24
14.102.78.0/24 maxlen: 24
14.102.123.0/24 maxlen: 24
110.172.136.0/24 maxlen: 24
110.172.150.0/24 maxlen: 24
110.172.168.0/24 maxlen: 24
111.235.64.0/22 maxlen: 24
118.91.176.0/24 maxlen: 24
202.89.70.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 35064 (0x88f8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: May 30 15:56:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6658a1c3-661b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:a6:a6:eb:4e:41:d4:9c:63:be:62:8b:9d:19:
f7:68:54:ce:3b:28:bf:8c:5c:49:9c:e5:69:4d:1b:
2b:67:1a:65:22:43:e8:13:5f:37:9d:10:d4:24:c6:
f6:20:12:37:0b:a6:64:d9:12:3c:fb:5e:bb:c9:8d:
64:44:07:ae:42:13:67:f6:06:da:3d:88:01:9b:63:
04:0a:3c:f7:c8:fa:2c:d8:bd:29:ae:88:26:c0:1c:
6a:97:0c:03:31:76:4a:c9:95:0d:ae:2b:2d:27:e1:
3a:0c:90:d6:60:43:75:e1:7c:32:ab:ca:00:f1:6c:
b9:5e:0d:ee:f9:1a:0b:aa:bb:6e:6a:07:ec:15:ee:
a0:fb:96:f4:ac:00:d4:07:7c:84:99:7c:d0:fa:41:
44:1b:33:47:20:84:36:96:c9:0f:e7:67:aa:ed:e0:
12:60:c9:7b:89:55:28:f0:51:e3:94:60:d9:d7:68:
33:17:36:7a:be:a7:48:1c:ee:26:4c:7c:a0:2e:9d:
79:0a:f4:a6:1a:3b:3c:c1:ca:0e:81:90:f4:6c:11:
66:43:ed:10:6e:48:53:a7:3f:4f:d4:15:91:c2:21:
3b:de:23:c5:f7:61:c5:73:32:7a:98:8b:ed:74:17:
e7:5b:db:ca:90:e6:2d:6a:9a:e0:15:22:66:ba:e6:
04:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:D4:23:BB:09:FF:65:9C:A4:53:EC:BF:01:9D:59:1A:D2:9D:96:2E
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/D5AF094253B411EEAC774753C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.102.3.0/24
14.102.12.0/24
14.102.43.0/24
14.102.57.0/24
14.102.66.0/24
14.102.78.0/24
14.102.123.0/24
110.172.136.0/24
110.172.150.0/24
110.172.168.0/24
111.235.64.0/22
118.91.176.0/24
202.89.70.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:61:05:7b:5d:8c:2f:26:db:72:68:b3:7e:3c:53:26:c9:ec:
76:1e:b1:0e:d9:e4:67:d0:ca:c6:67:81:de:1d:4c:a7:bf:19:
13:a5:0d:8e:03:7d:62:3e:cf:ac:98:7a:2e:0d:5d:94:74:7b:
d6:28:68:14:71:a6:ee:f6:ca:33:43:18:f0:f8:d8:a5:bf:a8:
a1:33:e6:fb:62:a4:7d:33:de:aa:74:c9:7a:41:da:7e:c0:e1:
51:37:33:58:77:81:f5:e2:aa:56:15:a8:e0:60:ee:08:78:f2:
c3:6c:5c:87:99:30:9c:b6:df:64:4e:e6:03:1c:b1:45:69:39:
a9:24:9b:d8:05:89:fe:e3:0a:20:9b:32:b9:0a:ea:0b:81:88:
90:3b:46:1c:6c:6b:ef:75:0c:37:8f:85:65:51:35:bd:b1:9f:
9c:d6:d1:b5:5d:a7:ed:46:03:d6:df:52:bf:c9:b3:5e:41:c3:
0d:f2:b7:85:56:1a:96:cc:a4:11:a6:d9:67:9e:08:d3:74:c5:
f9:29:c4:94:34:d7:ab:41:b2:ea:f8:8e:db:32:df:f8:fd:5f:
b6:5b:bb:88:bf:1e:29:2f:42:4f:58:aa:4a:e7:e3:2c:ee:5d:
bb:ea:e7:3a:73:f3:7f:12:26:cb:f3:43:ad:ac:f0:75:88:07:
40:82:de:92
-----BEGIN CERTIFICATE-----
MIIFujCCBKKgAwIBAgIDAIj4MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MDUzMDE1NTY1MVoXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjY1OGExYzMtNjYxYjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM+mputOQdScY75ii50Z92hUzjsov4xcSZzlaU0bK2caZSJD6BNfN50Q1CTG
9iASNwumZNkSPPteu8mNZEQHrkITZ/YG2j2IAZtjBAo898j6LNi9Ka6IJsAcapcM
AzF2SsmVDa4rLSfhOgyQ1mBDdeF8MqvKAPFsuV4N7vkaC6q7bmoH7BXuoPuW9KwA
1Ad8hJl80PpBRBszRyCENpbJD+dnqu3gEmDJe4lVKPBR45Rg2ddoMxc2er6nSBzu
Jkx8oC6deQr0pho7PMHKDoGQ9GwRZkPtEG5IU6c/T9QVkcIhO94jxfdhxXMyepiL
7XQX51vbypDmLWqa4BUiZrrmBIUCAwEAAaOCAt0wggLZMB0GA1UdDgQWBBTY1CO7
Cf9lnKRT7L8BnVka0p2WLjAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0Q1QUYwOTQy
NTNCNDExRUVBQzc3NDc1M0M0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMGcGCCsGAQUFBwEHAQH/
BFgwVjBUBAIAATBOAwQADmYDAwQADmYMAwQADmYrAwQADmY5AwQADmZCAwQADmZO
AwQADmZ7AwQAbqyIAwQAbqyWAwQAbqyoAwQCb+tAAwQAdluwAwQAyllGMA0GCSqG
SIb3DQEBCwUAA4IBAQCLYQV7XYwvJttyaLN+PFMmyex2HrEO2eRn0MrGZ4HeHUyn
vxkTpQ2OA31iPs+smHouDV2UdHvWKGgUcabu9sozQxjw+Nilv6ihM+b7YqR9M96q
dMl6Qdp+wOFRNzNYd4H14qpWFajgYO4IePLDbFyHmTCctt9kTuYDHLFFaTmpJJvY
BYn+4wogmzK5CuoLgYiQO0YcbGvvdQw3j4VlUTW9sZ+c1tG1XaftRgPW31K/ybNe
QcMN8reFVhqWzKQRptlnngjTdMX5KcSUNNerQbLq+I7bMt/4/V+2W7uIvx4pL0JP
WKpK5+Ms7l276uc6c/N/EibL80OtrPB1iAdAgt6S
-----END CERTIFICATE-----
Generated at Fri Apr 4 21:54:09 2025 by rpki-client