Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/D8EC69F2AE9A11ED823BD55FC4F9AE02.roa
File: D8EC69F2AE9A11ED823BD55FC4F9AE02.roa (raw, json)
Hash identifier: Hgp3W5TREwB9D7vFKcYPziGGbPMZakXIAu9bPnmXFCg=
Subject key identifier: B1:64:7C:A6:A3:23:C5:E6:19:1F:02:39:1E:BD:8C:6E:3D:94:D2:47
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 650B
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/D8EC69F2AE9A11ED823BD55FC4F9AE02.roa
Signing time: Fri 17 Feb 2023 08:12:41 +0000
ROA not before: Fri 17 Feb 2023 08:12:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 24554
IP address blocks: 36.255.108.0/22 maxlen: 24
36.255.180.0/22 maxlen: 24
36.255.184.0/22 maxlen: 22
43.224.172.0/22 maxlen: 24
43.241.116.0/22 maxlen: 24
45.116.44.0/22 maxlen: 24
45.117.48.0/22 maxlen: 22
45.117.108.0/22 maxlen: 24
45.117.148.0/22 maxlen: 22
45.117.148.0/24 maxlen: 24
45.117.149.0/24 maxlen: 24
45.117.150.0/24 maxlen: 24
45.117.151.0/24 maxlen: 24
45.117.248.0/22 maxlen: 22
45.117.248.0/24 maxlen: 24
45.117.249.0/24 maxlen: 24
45.117.250.0/24 maxlen: 24
45.117.251.0/24 maxlen: 24
58.146.96.0/19 maxlen: 24
103.29.208.0/22 maxlen: 24
103.51.208.0/22 maxlen: 24
103.53.60.0/22 maxlen: 22
103.53.232.0/22 maxlen: 22
103.53.232.0/24 maxlen: 24
103.53.233.0/24 maxlen: 24
103.53.234.0/24 maxlen: 24
103.53.235.0/24 maxlen: 24
103.54.104.0/22 maxlen: 24
103.57.172.0/22 maxlen: 24
103.195.76.0/22 maxlen: 24
103.199.92.0/22 maxlen: 24
103.200.100.0/22 maxlen: 24
103.200.212.0/22 maxlen: 24
103.203.60.0/22 maxlen: 24
103.214.230.0/23 maxlen: 24
103.234.212.0/22 maxlen: 22
103.234.240.0/22 maxlen: 24
111.125.236.0/24 maxlen: 24
111.125.241.0/24 maxlen: 24
111.125.242.0/24 maxlen: 24
111.125.249.0/24 maxlen: 24
120.138.0.0/22 maxlen: 24
137.59.204.0/22 maxlen: 24
180.148.32.0/19 maxlen: 24
182.237.128.0/18 maxlen: 24
183.87.0.0/19 maxlen: 19
183.87.0.0/22 maxlen: 22
183.87.4.0/22 maxlen: 22
183.87.8.0/22 maxlen: 22
183.87.16.0/22 maxlen: 22
183.87.20.0/22 maxlen: 22
183.87.24.0/22 maxlen: 22
183.87.28.0/22 maxlen: 22
183.87.224.0/20 maxlen: 24
202.148.60.0/22 maxlen: 22
202.177.224.0/22 maxlen: 22
202.177.228.0/24 maxlen: 24
202.177.229.0/24 maxlen: 24
202.177.230.0/24 maxlen: 24
202.177.231.0/24 maxlen: 24
202.177.232.0/22 maxlen: 22
202.177.236.0/22 maxlen: 22
202.177.240.0/24 maxlen: 24
202.177.241.0/24 maxlen: 24
202.177.242.0/24 maxlen: 24
202.177.243.0/24 maxlen: 24
202.177.244.0/24 maxlen: 24
202.177.245.0/24 maxlen: 24
202.177.246.0/24 maxlen: 24
202.177.247.0/24 maxlen: 24
202.177.248.0/22 maxlen: 22
202.177.252.0/22 maxlen: 22
2402:b00::/32 maxlen: 32
2402:b00::/48 maxlen: 48
2402:b00:1::/48 maxlen: 48
2402:b00:2::/48 maxlen: 48
2402:b00:3::/48 maxlen: 48
2402:b00:4::/48 maxlen: 48
2402:b00:5::/48 maxlen: 48
2402:b00:6::/48 maxlen: 48
2402:b00:7::/48 maxlen: 48
2402:b00:8::/48 maxlen: 48
2402:b00:9::/48 maxlen: 48
2402:b00:a::/48 maxlen: 48
2402:b00:b::/48 maxlen: 48
2402:b00:c::/48 maxlen: 48
2402:b00:d::/48 maxlen: 48
2402:b00:e::/48 maxlen: 48
2402:b00:f::/48 maxlen: 48
2402:b00:fffb::/48 maxlen: 48
2402:b00:fffc::/48 maxlen: 48
2402:b00:fffd::/48 maxlen: 48
2402:b00:fffe::/48 maxlen: 48
2402:b00:ffff::/48 maxlen: 48
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25867 (0x650b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Feb 17 08:12:41 2023 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=63ef36f8-2798
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:26:de:ce:2e:f8:ce:cf:62:9b:60:2f:e1:4d:
b3:0c:1e:a1:89:d0:65:c3:0b:15:f7:0d:1b:85:8a:
6e:c4:51:8f:fe:b4:c5:d8:10:da:69:d4:cd:75:c3:
ea:3f:93:f8:f9:96:c2:00:ab:57:20:a7:1d:cb:d0:
18:95:a9:f6:d2:70:46:fa:5e:a6:60:c0:ab:a7:2d:
70:0f:f6:31:38:82:1a:e4:fa:eb:46:56:68:40:04:
9c:9d:f6:3b:a5:de:01:a8:fb:d9:10:7a:3e:c9:ac:
92:3a:89:2c:13:94:26:df:4b:49:e4:19:93:28:a7:
3f:b9:c7:9e:89:f2:04:41:c7:5d:22:ea:fc:ff:93:
74:17:46:f5:09:a6:d1:74:cc:74:0f:f5:22:b9:ea:
c4:38:8a:58:26:4c:1e:15:7c:89:01:7d:47:83:cd:
b0:2b:bc:3a:f0:d0:c6:74:9a:4c:25:3a:39:bd:06:
0f:31:db:78:40:68:83:89:28:8b:60:1a:b6:72:9d:
c0:ed:99:b8:3c:84:a7:9d:04:3b:bc:cd:bd:17:0f:
42:93:dd:de:a2:45:e6:4e:58:21:25:d9:4d:4d:e0:
3b:de:2c:2c:b4:a6:4c:a6:b0:4c:f7:08:f7:e5:5a:
14:c0:5f:4b:ed:07:93:f0:70:54:4c:3e:19:85:d8:
a1:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:64:7C:A6:A3:23:C5:E6:19:1F:02:39:1E:BD:8C:6E:3D:94:D2:47
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/D8EC69F2AE9A11ED823BD55FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
36.255.108.0/22
36.255.180.0-36.255.187.255
43.224.172.0/22
43.241.116.0/22
45.116.44.0/22
45.117.48.0/22
45.117.108.0/22
45.117.148.0/22
45.117.248.0/22
58.146.96.0/19
103.29.208.0/22
103.51.208.0/22
103.53.60.0/22
103.53.232.0/22
103.54.104.0/22
103.57.172.0/22
103.195.76.0/22
103.199.92.0/22
103.200.100.0/22
103.200.212.0/22
103.203.60.0/22
103.214.230.0/23
103.234.212.0/22
103.234.240.0/22
111.125.236.0/24
111.125.241.0-111.125.242.255
111.125.249.0/24
120.138.0.0/22
137.59.204.0/22
180.148.32.0/19
182.237.128.0/18
183.87.0.0/19
183.87.224.0/20
202.148.60.0/22
202.177.224.0/19
IPv6:
2402:b00::/32
Signature Algorithm: sha256WithRSAEncryption
74:df:30:b2:52:3d:93:74:9a:0c:23:f1:63:b8:f5:d0:d5:fe:
cc:2d:10:9d:b1:67:da:56:d5:d4:e4:9c:9f:12:86:6c:a2:ec:
51:44:8c:b5:78:a5:0f:f3:cc:0d:f3:32:ba:c1:4f:54:80:05:
95:1c:36:97:d8:9d:33:1c:76:1a:2c:35:49:e4:aa:bd:76:e0:
1e:b2:28:e5:1c:8f:f5:df:05:a6:32:7a:c6:57:62:4c:14:47:
40:0d:cb:27:ab:92:a3:a9:25:48:d3:b0:76:26:a3:a1:65:ee:
f4:b5:74:6e:11:2b:a3:3c:6c:3b:73:58:0a:ac:60:a0:fa:04:
78:4b:7d:7e:06:e7:6a:e6:51:0e:0b:1f:b7:f9:d7:67:58:cb:
1c:3d:90:73:f8:69:b0:f3:73:c5:b9:56:f2:0f:8a:0c:ae:e4:
78:13:83:9e:96:b5:48:ab:88:fe:3d:d1:80:ed:68:e0:ee:6c:
cf:13:bf:b6:88:24:fb:7d:6f:7b:b0:cd:0b:2a:c2:f8:e2:f4:
79:5e:87:84:aa:a6:82:9c:da:e2:17:8f:be:d6:06:1c:09:91:
67:e2:9b:4b:58:d4:06:22:97:5c:7d:76:f3:bf:9a:6c:b6:e0:
91:be:bc:14:9c:a1:32:67:1b:cc:1b:32:d0:f8:3a:1e:f0:a4:
88:6a:6f:87
-----BEGIN CERTIFICATE-----
MIIGYjCCBUqgAwIBAgICZQswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMwMjE3MDgxMjQxWhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2VmMzZmOC0yNzk4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0Sbezi74zs9im2Av4U2zDB6hidBlwwsV9w0bhYpuxFGP/rTF2BDaadTNdcPq
P5P4+ZbCAKtXIKcdy9AYlan20nBG+l6mYMCrpy1wD/YxOIIa5PrrRlZoQAScnfY7
pd4BqPvZEHo+yaySOoksE5Qm30tJ5BmTKKc/uceeifIEQcddIur8/5N0F0b1CabR
dMx0D/UiuerEOIpYJkweFXyJAX1Hg82wK7w68NDGdJpMJTo5vQYPMdt4QGiDiSiL
YBq2cp3A7Zm4PISnnQQ7vM29Fw9Ck93eokXmTlghJdlNTeA73iwstKZMprBM9wj3
5VoUwF9L7QeT8HBUTD4ZhdihLwIDAQABo4IDhjCCA4IwHQYDVR0OBBYEFLFkfKaj
I8XmGR8COR69jG49lNJHMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvRDhFQzY5RjJB
RTlBMTFFRDgyM0JENTVGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggEOBggrBgEFBQcBBwEB
/wSB/jCB+zCB6QQCAAEwgeIDBAIk/2wwDAMEAiT/tAMEAiT/uAMEAivgrAMEAivx
dAMEAi10LAMEAi11MAMEAi11bAMEAi11lAMEAi11+AMEBTqSYAMEAmcd0AMEAmcz
0AMEAmc1PAMEAmc16AMEAmc2aAMEAmc5rAMEAmfDTAMEAmfHXAMEAmfIZAMEAmfI
1AMEAmfLPAMEAWfW5gMEAmfq1AMEAmfq8AMEAG997DAMAwQAb33xAwQAb33yAwQA
b335AwQCeIoAAwQCiTvMAwQFtJQgAwQGtu2AAwQFt1cAAwQEt1fgAwQCypQ8AwQF
yrHgMA0EAgACMAcDBQAkAgsAMA0GCSqGSIb3DQEBCwUAA4IBAQB03zCyUj2TdJoM
I/FjuPXQ1f7MLRCdsWfaVtXU5JyfEoZsouxRRIy1eKUP88wN8zK6wU9UgAWVHDaX
2J0zHHYaLDVJ5Kq9duAesijlHI/13wWmMnrGV2JMFEdADcsnq5KjqSVI07B2JqOh
Ze70tXRuESujPGw7c1gKrGCg+gR4S31+Budq5lEOCx+3+ddnWMscPZBz+Gmw83PF
uVbyD4oMruR4E4OelrVIq4j+PdGA7Wjg7mzPE7+2iCT7fW97sM0LKsL44vR5XoeE
qqaCnNriF4++1gYcCZFn4ptLWNQGIpdcfXbzv5pstuCRvrwUnKEyZxvMGzLQ+Doe
8KSIam+H
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:00:28 2025 by rpki-client