Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/E63B297C876B11EEA0F37E4DC4F9AE02.roa
File: E63B297C876B11EEA0F37E4DC4F9AE02.roa (raw, json)
Hash identifier: CpdlXufCMQYNBAEdAFRxY+dIeCW3TKilBysY6T9HNPo=
Subject key identifier: 12:84:EC:45:FC:E1:94:3B:71:28:12:C7:EB:2E:EB:1B:BA:A6:04:2B
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 7E13
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/E63B297C876B11EEA0F37E4DC4F9AE02.roa
Signing time: Mon 20 Nov 2023 06:13:19 +0000
ROA not before: Mon 20 Nov 2023 06:13:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 137085
IP address blocks: 27.123.240.0/23 maxlen: 24
43.225.248.0/22 maxlen: 24
43.228.164.0/23 maxlen: 24
103.37.98.0/23 maxlen: 24
103.52.32.0/24 maxlen: 24
103.68.140.0/23 maxlen: 24
103.69.239.0/24 maxlen: 24
103.72.196.0/24 maxlen: 24
103.79.48.0/23 maxlen: 24
103.91.72.0/24 maxlen: 24
103.91.73.0/24 maxlen: 24
103.91.74.0/24 maxlen: 24
103.91.75.0/24 maxlen: 24
103.91.76.0/22 maxlen: 24
103.93.39.0/24 maxlen: 24
103.101.112.0/22 maxlen: 24
103.113.110.0/23 maxlen: 24
103.120.152.0/24 maxlen: 24
103.120.153.0/24 maxlen: 24
103.124.174.0/24 maxlen: 24
103.138.9.0/24 maxlen: 24
103.146.232.0/24 maxlen: 24
103.154.8.0/23 maxlen: 24
103.158.41.0/24 maxlen: 24
103.160.25.0/24 maxlen: 24
103.160.222.0/24 maxlen: 24
103.163.14.0/24 maxlen: 24
103.173.238.0/23 maxlen: 24
103.174.28.0/24 maxlen: 24
103.174.29.0/24 maxlen: 24
103.178.117.0/24 maxlen: 24
103.181.4.0/24 maxlen: 24
103.181.119.0/24 maxlen: 24
103.184.41.0/24 maxlen: 24
103.184.205.0/24 maxlen: 24
103.204.70.0/24 maxlen: 24
103.206.51.0/24 maxlen: 24
103.206.96.0/23 maxlen: 24
103.225.70.0/24 maxlen: 24
103.232.232.0/22 maxlen: 24
202.4.169.0/24 maxlen: 24
2001:df1:d240::/48 maxlen: 48
2001:df1:ed40::/48 maxlen: 48
2001:df2:3ac0::/48 maxlen: 48
2001:df2:3f40::/48 maxlen: 48
2001:df2:9640::/48 maxlen: 48
2001:df3:1340::/48 maxlen: 48
2400:d660::/32 maxlen: 32
2405:e100:1d::/48 maxlen: 48
2405:e100:1e::/48 maxlen: 48
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 32275 (0x7e13)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Nov 20 06:13:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=655af8ff-2864
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:50:dc:da:c3:e4:d7:64:ca:8d:c6:d5:6e:c7:
6a:8c:d6:05:0c:65:76:d6:ca:ab:d6:6d:9c:04:49:
89:44:33:06:60:c7:f8:30:fd:49:77:ee:72:9c:a3:
33:eb:99:7d:be:90:93:4c:3b:d2:23:6b:00:d2:71:
fb:ec:9d:e1:66:34:ad:58:a4:5a:9f:e3:33:83:0d:
89:ea:44:a7:68:2e:2e:7f:02:23:fb:c2:25:e1:53:
3d:96:d8:6b:45:66:ea:4b:16:73:90:7e:79:4b:5a:
7f:05:86:69:96:d6:12:a5:c8:04:31:e8:e1:6d:dd:
40:ce:ff:72:cc:e7:56:b7:29:d9:a0:b4:bd:08:10:
94:8a:e8:c5:53:de:0d:0a:39:1d:2e:cd:ac:76:8f:
35:6c:cf:c8:81:e1:2b:c2:ee:07:eb:87:ae:06:39:
89:de:d5:4b:79:1b:49:e0:b6:ce:89:71:6c:e5:53:
fd:b0:31:50:77:b4:c3:e8:e3:02:c4:73:c6:2f:58:
4f:0d:2e:26:86:ed:7f:f4:6d:e8:6f:d2:f0:8e:b5:
3a:8d:31:6b:c2:57:0b:e9:9f:c4:4a:63:56:7d:19:
0b:0b:c2:96:d9:92:31:3b:68:99:cb:9b:6a:09:93:
a7:b3:ae:d0:a6:a5:1c:ea:a7:84:08:0f:a6:af:fd:
80:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:84:EC:45:FC:E1:94:3B:71:28:12:C7:EB:2E:EB:1B:BA:A6:04:2B
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/E63B297C876B11EEA0F37E4DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.123.240.0/23
43.225.248.0/22
43.228.164.0/23
103.37.98.0/23
103.52.32.0/24
103.68.140.0/23
103.69.239.0/24
103.72.196.0/24
103.79.48.0/23
103.91.72.0/21
103.93.39.0/24
103.101.112.0/22
103.113.110.0/23
103.120.152.0/23
103.124.174.0/24
103.138.9.0/24
103.146.232.0/24
103.154.8.0/23
103.158.41.0/24
103.160.25.0/24
103.160.222.0/24
103.163.14.0/24
103.173.238.0/23
103.174.28.0/23
103.178.117.0/24
103.181.4.0/24
103.181.119.0/24
103.184.41.0/24
103.184.205.0/24
103.204.70.0/24
103.206.51.0/24
103.206.96.0/23
103.225.70.0/24
103.232.232.0/22
202.4.169.0/24
IPv6:
2001:df1:d240::/48
2001:df1:ed40::/48
2001:df2:3ac0::/48
2001:df2:3f40::/48
2001:df2:9640::/48
2001:df3:1340::/48
2400:d660::/32
2405:e100:1d::-2405:e100:1e:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
42:4c:ac:a5:1b:8c:5d:7e:0a:ac:64:d5:cd:58:e0:75:d0:c2:
53:11:78:9b:95:7d:b0:a5:0f:83:42:01:bd:cf:73:6f:bb:a7:
9d:89:f5:09:a8:8a:34:97:90:60:27:6e:44:ac:91:54:01:22:
60:72:ca:5b:15:66:e5:c9:64:1e:da:d3:96:ed:03:ec:ad:2c:
84:5e:2d:c3:e1:08:3d:7d:ee:61:ca:38:fc:82:f6:e2:28:d8:
ce:3c:f7:30:03:b2:87:ac:d1:7d:76:47:05:77:89:b3:32:e1:
28:97:f6:08:aa:a0:78:d3:6c:cc:54:52:b6:97:33:fb:88:e6:
cc:51:36:eb:c4:f9:f2:47:72:d3:1f:8a:51:9f:7a:0c:cd:72:
4d:ad:ac:d5:f8:9e:52:fe:19:aa:9e:0b:ab:ff:4a:4b:d6:67:
d1:9e:2a:5a:01:08:35:b5:b2:c0:6c:ba:11:2a:96:85:f3:8d:
7e:d0:bf:33:da:2d:0c:28:15:54:2a:e9:f2:4f:67:d4:0a:12:
7f:d2:14:c6:d5:d7:55:3d:e7:14:c4:28:3b:9b:86:60:bf:d5:
b1:31:62:bd:13:5f:99:43:cd:2b:50:37:3c:aa:4a:ba:94:74:
06:b2:dc:12:e8:5c:97:da:3b:23:25:0c:60:73:f4:1f:d2:e1:
50:23:d5:d2
-----BEGIN CERTIFICATE-----
MIIGnjCCBYagAwIBAgICfhMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMxMTIwMDYxMzE5WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTVhZjhmZi0yODY0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAylDc2sPk12TKjcbVbsdqjNYFDGV21sqr1m2cBEmJRDMGYMf4MP1Jd+5ynKMz
65l9vpCTTDvSI2sA0nH77J3hZjStWKRan+Mzgw2J6kSnaC4ufwIj+8Il4VM9lthr
RWbqSxZzkH55S1p/BYZpltYSpcgEMejhbd1Azv9yzOdWtynZoLS9CBCUiujFU94N
CjkdLs2sdo81bM/IgeErwu4H64euBjmJ3tVLeRtJ4LbOiXFs5VP9sDFQd7TD6OMC
xHPGL1hPDS4mhu1/9G3ob9LwjrU6jTFrwlcL6Z/ESmNWfRkLC8KW2ZIxO2iZy5tq
CZOns67QpqUc6qeECA+mr/2A6QIDAQABo4IDwjCCA74wHQYDVR0OBBYEFBKE7EX8
4ZQ7cSgSx+su6xu6pgQrMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvRTYzQjI5N0M4
NzZCMTFFRUEwRjM3RTREQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwggFKBggrBgEFBQcBBwEB
/wSCATkwggE1MIHZBAIAATCB0gMEARt78AMEAivh+AMEASvkpAMEAWclYgMEAGc0
IAMEAWdEjAMEAGdF7wMEAGdIxAMEAWdPMAMEA2dbSAMEAGddJwMEAmdlcAMEAWdx
bgMEAWd4mAMEAGd8rgMEAGeKCQMEAGeS6AMEAWeaCAMEAGeeKQMEAGegGQMEAGeg
3gMEAGejDgMEAWet7gMEAWeuHAMEAGeydQMEAGe1BAMEAGe1dwMEAGe4KQMEAGe4
zQMEAGfMRgMEAGfOMwMEAWfOYAMEAGfhRgMEAmfo6AMEAMoEqTBXBAIAAjBRAwcA
IAEN8dJAAwcAIAEN8e1AAwcAIAEN8jrAAwcAIAEN8j9AAwcAIAEN8pZAAwcAIAEN
8xNAAwUAJADWYDASAwcAJAXhAAAdAwcAJAXhAAAeMA0GCSqGSIb3DQEBCwUAA4IB
AQBCTKylG4xdfgqsZNXNWOB10MJTEXiblX2wpQ+DQgG9z3Nvu6edifUJqIo0l5Bg
J25ErJFUASJgcspbFWblyWQe2tOW7QPsrSyEXi3D4Qg9fe5hyjj8gvbiKNjOPPcw
A7KHrNF9dkcFd4mzMuEol/YIqqB402zMVFK2lzP7iObMUTbrxPnyR3LTH4pRn3oM
zXJNrazV+J5S/hmqngur/0pL1mfRnipaAQg1tbLAbLoRKpaF841+0L8z2i0MKBVU
KunyT2fUChJ/0hTG1ddVPecUxCg7m4Zgv9WxMWK9E1+ZQ80rUDc8qkq6lHQGstwS
6FyX2jsjJQxgc/Qf0uFQI9XS
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:00:46 2025 by rpki-client