Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/E6EA33C2D6F211EF8F88AA17C4F9AE02.roa
File: E6EA33C2D6F211EF8F88AA17C4F9AE02.roa (raw, json)
Hash identifier: tZHojmhFyuGXNQeh5aARPsr0TWmhXWHIpKDzzKp6T8c=
Subject key identifier: 8F:22:6D:15:EA:6F:C1:3A:83:01:46:9B:72:17:C3:C7:6B:E9:E2:AF
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: A31E
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/E6EA33C2D6F211EF8F88AA17C4F9AE02.roa
Signing time: Mon 20 Jan 2025 05:53:42 +0000
ROA not before: Mon 20 Jan 2025 05:53:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 132296
IP address blocks: 43.248.68.0/24 maxlen: 24
43.248.69.0/24 maxlen: 24
43.248.70.0/24 maxlen: 24
43.248.71.0/24 maxlen: 24
45.119.12.0/24 maxlen: 24
45.119.13.0/24 maxlen: 24
45.119.14.0/24 maxlen: 24
45.119.15.0/24 maxlen: 24
103.57.252.0/24 maxlen: 24
103.57.253.0/24 maxlen: 24
103.57.254.0/24 maxlen: 24
103.57.255.0/24 maxlen: 24
103.116.169.0/24 maxlen: 24
103.148.138.0/23 maxlen: 24
103.157.206.0/23 maxlen: 24
103.157.230.0/24 maxlen: 24
103.157.231.0/24 maxlen: 24
103.162.224.0/24 maxlen: 24
103.162.225.0/24 maxlen: 24
103.171.126.0/23 maxlen: 24
103.174.26.0/24 maxlen: 24
103.174.27.0/24 maxlen: 24
103.177.58.0/23 maxlen: 24
103.177.128.0/24 maxlen: 24
103.177.129.0/24 maxlen: 24
103.181.147.0/24 maxlen: 24
103.204.164.0/24 maxlen: 24
103.204.166.0/24 maxlen: 24
103.255.36.0/24 maxlen: 24
103.255.37.0/24 maxlen: 24
103.255.38.0/24 maxlen: 24
103.255.39.0/24 maxlen: 24
2001:df5:ff80::/48 maxlen: 48
2402:5c80::/32 maxlen: 32
2407:6fc0::/32 maxlen: 32
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 41758 (0xa31e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Jan 20 05:53:42 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=678de4e5-b26f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:c6:d4:2b:ec:a8:78:7b:ef:bc:83:89:c5:55:
40:b5:20:c8:3d:13:d6:5e:30:cc:96:a5:89:dd:84:
4e:57:70:ac:1e:3c:be:f5:d4:fc:5f:b3:92:57:25:
c4:8e:4e:5f:e0:5c:e7:c0:4d:d8:fa:78:63:b0:69:
d4:9c:28:5e:08:a3:70:41:b2:53:7a:b1:21:e6:7f:
ec:9c:d3:6b:ba:d5:17:bb:7c:e3:8f:be:b5:f1:3e:
8e:60:b1:a9:9b:a8:fd:12:e2:4b:6c:2f:a5:59:57:
f6:19:3f:61:64:5b:7c:d8:82:95:fe:cf:46:44:ce:
ea:6d:9d:6f:87:d5:ec:c6:dc:a1:85:02:19:0b:fc:
d6:9a:97:90:06:64:98:6c:ba:c0:bc:e6:eb:06:3b:
0d:91:a6:e3:f8:ee:0d:2d:af:cf:a9:2c:2b:8a:2c:
26:2c:3d:42:b8:b6:8f:4a:ba:76:1d:18:6d:70:43:
8d:8f:7f:de:a5:74:3d:50:5e:a3:2a:f3:8b:7d:e2:
86:10:72:04:06:00:80:51:35:81:4c:4d:ae:75:37:
35:1b:33:a9:96:9a:a2:63:bb:5b:04:d2:c3:f0:c9:
f2:8d:21:0a:18:cf:1c:d6:58:1c:4f:38:6a:c9:75:
37:dc:34:73:b9:80:6b:9b:fd:68:82:65:ad:b4:bb:
51:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:22:6D:15:EA:6F:C1:3A:83:01:46:9B:72:17:C3:C7:6B:E9:E2:AF
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/E6EA33C2D6F211EF8F88AA17C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.248.68.0/22
45.119.12.0/22
103.57.252.0/22
103.116.169.0/24
103.148.138.0/23
103.157.206.0/23
103.157.230.0/23
103.162.224.0/23
103.171.126.0/23
103.174.26.0/23
103.177.58.0/23
103.177.128.0/23
103.181.147.0/24
103.204.164.0/24
103.204.166.0/24
103.255.36.0/22
IPv6:
2001:df5:ff80::/48
2402:5c80::/32
2407:6fc0::/32
Signature Algorithm: sha256WithRSAEncryption
4a:5d:75:7e:3b:47:a5:72:40:08:29:1f:b4:15:80:fe:3d:bf:
2b:77:3a:8f:44:5b:a0:fc:f6:a6:6a:d5:80:29:08:9b:91:0a:
2b:60:7f:5e:d4:52:a3:9a:02:f4:ec:7a:e5:05:d6:80:28:27:
a0:69:ad:f4:51:1f:a5:e1:b0:0c:c5:27:cb:1a:66:ac:18:4a:
de:8e:c1:6b:c3:f2:7f:2d:ee:5f:31:00:47:f0:bb:b4:85:5e:
ce:7b:0e:fe:d5:41:f0:87:b3:55:a7:17:7f:5a:a9:2e:25:4f:
b6:49:6c:2b:c6:d3:b1:dc:80:8e:e0:d9:78:07:a7:7d:43:46:
44:7d:c8:fa:bb:1d:56:07:52:cf:6e:ab:38:9d:79:c4:de:ee:
77:dc:6b:07:39:af:d2:a3:29:9a:b8:36:98:b9:d5:c5:30:19:
f6:90:a1:68:6c:f8:d3:62:ee:c0:63:df:50:35:49:e7:89:f8:
91:6d:48:86:11:9c:fb:ce:51:a1:27:5f:4b:2f:fa:f6:e5:07:
e2:51:7b:ca:ea:50:14:7b:cb:4f:a0:d1:fa:03:4f:3b:84:ae:
a9:82:9e:ec:35:1a:e9:5c:78:57:5d:35:db:50:81:51:f1:b5:
eb:d4:3f:06:2c:70:0b:b7:bf:fe:89:54:89:19:ed:ac:a1:2a:
ae:a2:4b:7c
-----BEGIN CERTIFICATE-----
MIIF7jCCBNagAwIBAgIDAKMeMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDEyMDA1NTM0MloXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjc4ZGU0ZTUtYjI2ZjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANLG1CvsqHh777yDicVVQLUgyD0T1l4wzJalid2ETldwrB48vvXU/F+zklcl
xI5OX+Bc58BN2Pp4Y7Bp1JwoXgijcEGyU3qxIeZ/7JzTa7rVF7t844++tfE+jmCx
qZuo/RLiS2wvpVlX9hk/YWRbfNiClf7PRkTO6m2db4fV7MbcoYUCGQv81pqXkAZk
mGy6wLzm6wY7DZGm4/juDS2vz6ksK4osJiw9Qri2j0q6dh0YbXBDjY9/3qV0PVBe
oyrzi33ihhByBAYAgFE1gUxNrnU3NRszqZaaomO7WwTSw/DJ8o0hChjPHNZYHE84
asl1N9w0c7mAa5v9aIJlrbS7UfcCAwEAAaOCAxEwggMNMB0GA1UdDgQWBBSPIm0V
6m/BOoMBRptyF8PHa+nirzAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0U2RUEzM0My
RDZGMjExRUY4Rjg4QUExN0M0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGaBggrBgEFBQcBBwEB
/wSBijCBhzBmBAIAATBgAwQCK/hEAwQCLXcMAwQCZzn8AwQAZ3SpAwQBZ5SKAwQB
Z53OAwQBZ53mAwQBZ6LgAwQBZ6t+AwQBZ64aAwQBZ7E6AwQBZ7GAAwQAZ7WTAwQA
Z8ykAwQAZ8ymAwQCZ/8kMB0EAgACMBcDBwAgAQ31/4ADBQAkAlyAAwUAJAdvwDAN
BgkqhkiG9w0BAQsFAAOCAQEASl11fjtHpXJACCkftBWA/j2/K3c6j0RboPz2pmrV
gCkIm5EKK2B/XtRSo5oC9Ox65QXWgCgnoGmt9FEfpeGwDMUnyxpmrBhK3o7Ba8Py
fy3uXzEAR/C7tIVeznsO/tVB8IezVacXf1qpLiVPtklsK8bTsdyAjuDZeAenfUNG
RH3I+rsdVgdSz26rOJ15xN7ud9xrBzmv0qMpmrg2mLnVxTAZ9pChaGz402LuwGPf
UDVJ54n4kW1IhhGc+85RoSdfSy/69uUH4lF7yupQFHvLT6DR+gNPO4SuqYKe7DUa
6Vx4V10121CBUfG169Q/BixwC7e//olUiRntrKEqrqJLfA==
-----END CERTIFICATE-----
Generated at Fri Apr 4 21:49:08 2025 by rpki-client