Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/E137575C70BD11EF8D7CC70DC4F9AE02.roa
File: E137575C70BD11EF8D7CC70DC4F9AE02.roa (raw, json)
Hash identifier: S5Ry9Ir1j9io1tYvOQS3+XPuwr/jDzS7wq4VDw6/i2c=
Subject key identifier: 77:9D:73:C9:0F:50:D9:A1:D0:BC:7B:F3:91:58:FB:62:BF:E6:7C:6C
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 986C
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/E137575C70BD11EF8D7CC70DC4F9AE02.roa
Signing time: Thu 12 Sep 2024 04:17:11 +0000
ROA not before: Thu 12 Sep 2024 04:17:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 134858
IP address blocks: 103.39.116.0/22 maxlen: 24
103.80.22.0/23 maxlen: 24
103.105.96.0/23 maxlen: 24
103.127.224.0/22 maxlen: 24
103.148.8.0/23 maxlen: 23
103.148.8.0/24 maxlen: 24
103.158.239.0/24 maxlen: 24
2407:8c0::/32 maxlen: 32
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 39020 (0x986c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Sep 12 04:17:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=66e26b46-3d4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:c9:6b:1f:e8:7e:d6:a7:91:12:38:83:f9:11:
57:e0:b4:d4:1d:f5:f5:cc:9d:3c:8c:9a:e7:57:53:
7a:04:74:bf:81:01:83:52:10:2d:c9:9e:63:ff:d6:
bd:b5:ef:d8:ae:b0:f7:c2:16:c2:e2:31:f2:92:f9:
36:b6:78:51:a0:7c:6a:a9:a9:80:6a:fb:e1:0c:00:
58:fe:ab:4d:c5:ec:12:94:27:0d:ad:b9:70:c4:d5:
18:79:c1:f5:08:6e:fc:64:b7:a1:91:62:f5:3e:93:
41:78:f2:9f:5d:20:b2:e4:cd:0e:39:01:e1:6d:b4:
9b:09:6f:1b:de:b5:49:72:f4:ba:d8:68:25:91:ab:
11:c2:3c:6a:2f:c4:34:a1:be:a6:38:28:d3:60:89:
b2:23:33:38:a5:e2:3f:df:a0:8a:96:df:3e:92:65:
59:7e:fb:99:2a:9c:6a:4e:2a:47:82:ab:21:bb:a3:
a6:48:5a:3e:5f:d9:71:98:0c:10:c4:12:c4:9e:9b:
f1:cb:ff:a1:6f:aa:64:6c:90:d0:89:74:5f:31:ec:
ba:6e:f0:5d:19:bc:60:cd:a2:c8:35:38:3e:2d:c6:
05:de:3b:71:4b:e6:3f:91:bf:ff:94:64:0e:a9:33:
10:d5:1c:3d:bd:bd:87:c9:46:56:82:a9:c6:db:1b:
15:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:9D:73:C9:0F:50:D9:A1:D0:BC:7B:F3:91:58:FB:62:BF:E6:7C:6C
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/E137575C70BD11EF8D7CC70DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.39.116.0/22
103.80.22.0/23
103.105.96.0/23
103.127.224.0/22
103.148.8.0/23
103.158.239.0/24
IPv6:
2407:8c0::/32
Signature Algorithm: sha256WithRSAEncryption
49:49:bf:92:a7:ee:de:88:62:f7:64:ce:5c:28:3f:35:3b:bb:
5b:41:09:86:d4:2d:68:36:24:9d:d2:8b:a5:b3:b1:35:1c:f6:
d3:ae:c4:99:c3:af:a6:af:ea:29:fe:09:7b:e3:3a:77:3d:97:
1f:c7:da:1d:7a:c1:cb:c1:80:b9:fd:81:e6:40:f7:fe:59:49:
c2:3a:af:3d:f3:d6:13:ef:13:40:5d:a0:ed:ff:3c:cf:dc:c5:
0c:e6:cd:7a:d4:49:81:eb:f7:af:60:b8:5e:36:d6:c0:3b:d4:
4c:0b:83:5e:be:b3:53:e7:2e:72:f3:bf:25:68:42:c1:94:b1:
03:de:b0:73:1e:9f:da:87:0b:94:6a:fd:40:7c:fd:21:84:f6:
c8:eb:bc:1d:2b:14:04:bc:10:61:af:cf:31:61:4b:b1:57:29:
84:54:d7:8d:c0:85:2d:48:35:ed:4d:6b:66:9f:67:07:31:b0:
84:d2:08:99:ce:ae:11:5d:07:9b:5e:f4:03:89:d8:da:5e:74:
1b:31:4b:44:58:7a:f1:7c:5d:c5:3e:81:88:d3:b5:17:5a:02:
ef:5f:43:90:00:da:2c:07:58:ec:7b:fe:4a:78:fe:3c:56:b6:
fd:20:6e:32:80:ad:82:ea:e9:a3:aa:3f:31:47:c7:2e:a3:c8:
23:5f:51:1d
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIDAJhsMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MDkxMjA0MTcxMVoXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjZlMjZiNDYtM2Q0YjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMzJax/oftankRI4g/kRV+C01B319cydPIya51dTegR0v4EBg1IQLcmeY//W
vbXv2K6w98IWwuIx8pL5NrZ4UaB8aqmpgGr74QwAWP6rTcXsEpQnDa25cMTVGHnB
9Qhu/GS3oZFi9T6TQXjyn10gsuTNDjkB4W20mwlvG961SXL0uthoJZGrEcI8ai/E
NKG+pjgo02CJsiMzOKXiP9+gipbfPpJlWX77mSqcak4qR4KrIbujpkhaPl/ZcZgM
EMQSxJ6b8cv/oW+qZGyQ0Il0XzHsum7wXRm8YM2iyDU4Pi3GBd47cUvmP5G//5Rk
DqkzENUcPb29h8lGVoKpxtsbFTMCAwEAAaOCAsIwggK+MB0GA1UdDgQWBBR3nXPJ
D1DZodC8e/ORWPtiv+Z8bDAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0UxMzc1NzVD
NzBCRDExRUY4RDdDQzcwREM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMEwGCCsGAQUFBwEHAQH/
BD0wOzAqBAIAATAkAwQCZyd0AwQBZ1AWAwQBZ2lgAwQCZ3/gAwQBZ5QIAwQAZ57v
MA0EAgACMAcDBQAkBwjAMA0GCSqGSIb3DQEBCwUAA4IBAQBJSb+Sp+7eiGL3ZM5c
KD81O7tbQQmG1C1oNiSd0ouls7E1HPbTrsSZw6+mr+op/gl74zp3PZcfx9odesHL
wYC5/YHmQPf+WUnCOq8989YT7xNAXaDt/zzP3MUM5s161EmB6/evYLheNtbAO9RM
C4NevrNT5y5y878laELBlLED3rBzHp/ahwuUav1AfP0hhPbI67wdKxQEvBBhr88x
YUuxVymEVNeNwIUtSDXtTWtmn2cHMbCE0giZzq4RXQebXvQDidjaXnQbMUtEWHrx
fF3FPoGI07UXWgLvX0OQANosB1jse/5KeP48Vrb9IG4ygK2C6umjqj8xR8cuo8gj
X1Ed
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:04:37 2025 by rpki-client