Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/F04B4B7A02F511F094A1251BC4F9AE02.roa
File: F04B4B7A02F511F094A1251BC4F9AE02.roa (raw, json)
Hash identifier: q9sJF8IjKvJkWqAkdPKz74bkxAb8aaP7bVT250y0tkQ=
Subject key identifier: 0F:BB:C3:50:FE:9E:FC:BF:3E:1C:DB:6E:50:AE:79:5A:EE:8F:8B:79
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: AB18
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/F04B4B7A02F511F094A1251BC4F9AE02.roa
Signing time: Mon 17 Mar 2025 06:06:17 +0000
ROA not before: Mon 17 Mar 2025 06:06:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 45235
IP address blocks: 43.227.244.0/22 maxlen: 24
43.231.52.0/22 maxlen: 24
45.250.212.0/22 maxlen: 24
103.8.40.0/22 maxlen: 24
103.48.64.0/22 maxlen: 24
103.50.144.0/22 maxlen: 24
103.98.36.0/22 maxlen: 24
103.199.124.0/22 maxlen: 24
103.219.132.0/22 maxlen: 24
103.230.20.0/22 maxlen: 24
119.42.152.0/21 maxlen: 24
2402:d500::/32 maxlen: 40
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 43800 (0xab18)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Mar 17 06:06:17 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67d7bbd9-aa07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:8f:2d:5e:de:f4:4d:f9:c2:ac:ee:71:a0:1a:
a5:88:04:00:a6:6f:09:33:cb:79:0e:af:3b:7e:50:
af:22:a1:38:f2:a3:36:48:16:6b:99:8c:e6:ca:24:
24:39:3b:8c:d2:ab:59:e9:49:d0:dc:bb:a7:ac:94:
cd:92:10:91:d7:5f:b7:25:09:69:85:19:4c:20:58:
bd:5f:13:7a:8c:0f:be:e3:5a:ce:05:76:68:2f:4d:
bd:fa:85:c7:d5:5d:01:89:22:ab:c9:72:de:27:80:
8e:db:2a:0b:21:0c:ed:ae:35:5e:24:a5:b7:70:c4:
8c:51:0f:d0:a0:a4:ed:ae:bc:02:2a:f7:44:27:1e:
91:5a:e6:94:2a:e3:2b:22:ec:fa:2a:9a:6f:b0:b8:
c0:fe:0c:da:02:04:8f:20:9a:4c:c3:70:31:da:e9:
6c:74:9e:e2:45:bc:86:10:0e:fe:cd:e5:c2:2a:1a:
68:00:59:43:05:02:2e:f5:b8:1b:b3:91:0b:f6:13:
29:ef:ff:f2:d5:cc:ca:6f:0f:97:82:12:18:3b:36:
c3:d5:82:ef:c4:32:cc:4e:74:41:46:3a:d3:4b:f5:
9a:51:fd:04:38:55:69:39:95:b6:08:3d:ca:13:c3:
1a:b0:b9:47:81:77:aa:1e:7a:be:d3:a0:00:30:02:
1e:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:BB:C3:50:FE:9E:FC:BF:3E:1C:DB:6E:50:AE:79:5A:EE:8F:8B:79
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/F04B4B7A02F511F094A1251BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.227.244.0/22
43.231.52.0/22
45.250.212.0/22
103.8.40.0/22
103.48.64.0/22
103.50.144.0/22
103.98.36.0/22
103.199.124.0/22
103.219.132.0/22
103.230.20.0/22
119.42.152.0/21
IPv6:
2402:d500::/32
Signature Algorithm: sha256WithRSAEncryption
35:60:fe:ba:4b:2d:43:07:ad:5e:ed:98:47:80:71:f1:6c:df:
eb:20:cc:19:ed:a3:24:14:3c:84:f4:b3:85:56:73:71:64:99:
a9:f0:5d:72:4a:06:b0:ac:72:8b:8c:19:cb:06:ad:a7:83:dd:
4f:d5:01:fe:ba:70:1d:d4:c3:45:ff:19:78:f8:40:3f:67:48:
dd:9b:db:07:96:f2:e6:2f:c6:46:35:88:b2:81:d4:12:71:2c:
9f:52:52:58:41:af:1d:0d:34:36:aa:91:9c:32:af:25:6f:c8:
a0:4e:00:97:8b:8f:cd:3c:75:f8:c4:90:29:2d:07:68:7e:c1:
a0:d2:68:1c:82:17:16:ec:75:c4:69:4c:3d:b8:98:db:4e:fa:
6a:b1:b3:d1:67:90:a9:1d:74:ae:b4:ae:4e:df:3a:05:f8:09:
9f:df:3e:a8:d1:a8:cb:a1:67:3a:40:ba:a8:cd:68:6d:f1:3f:
9e:77:1f:7b:76:67:7b:ef:7b:80:53:a4:4c:1e:5d:eb:db:84:
94:18:61:0b:c3:e8:84:9c:49:a8:31:92:ad:71:03:6e:6a:ee:
2c:a7:99:08:1d:05:d2:84:70:4e:29:1f:f0:c0:f8:ba:79:6b:
f2:87:70:2e:bf:76:48:61:7e:2b:11:02:37:26:50:18:af:f3:
05:14:0b:cf
-----BEGIN CERTIFICATE-----
MIIFvTCCBKWgAwIBAgIDAKsYMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDMxNzA2MDYxN1oXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjdkN2JiZDktYWEwNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKWPLV7e9E35wqzucaAapYgEAKZvCTPLeQ6vO35QryKhOPKjNkgWa5mM5sok
JDk7jNKrWelJ0Ny7p6yUzZIQkddftyUJaYUZTCBYvV8TeowPvuNazgV2aC9NvfqF
x9VdAYkiq8ly3ieAjtsqCyEM7a41XiSlt3DEjFEP0KCk7a68Air3RCcekVrmlCrj
KyLs+iqab7C4wP4M2gIEjyCaTMNwMdrpbHSe4kW8hhAO/s3lwioaaABZQwUCLvW4
G7ORC/YTKe//8tXMym8Pl4ISGDs2w9WC78QyzE50QUY600v1mlH9BDhVaTmVtgg9
yhPDGrC5R4F3qh56vtOgADACHkkCAwEAAaOCAuAwggLcMB0GA1UdDgQWBBQPu8NQ
/p78vz4c225Qrnla7o+LeTAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0YwNEI0QjdB
MDJGNTExRjA5NEExMjUxQkM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMGoGCCsGAQUFBwEHAQH/
BFswWTBIBAIAATBCAwQCK+P0AwQCK+c0AwQCLfrUAwQCZwgoAwQCZzBAAwQCZzKQ
AwQCZ2IkAwQCZ8d8AwQCZ9uEAwQCZ+YUAwQDdyqYMA0EAgACMAcDBQAkAtUAMA0G
CSqGSIb3DQEBCwUAA4IBAQA1YP66Sy1DB61e7ZhHgHHxbN/rIMwZ7aMkFDyE9LOF
VnNxZJmp8F1ySgawrHKLjBnLBq2ng91P1QH+unAd1MNF/xl4+EA/Z0jdm9sHlvLm
L8ZGNYiygdQScSyfUlJYQa8dDTQ2qpGcMq8lb8igTgCXi4/NPHX4xJApLQdofsGg
0mgcghcW7HXEaUw9uJjbTvpqsbPRZ5CpHXSutK5O3zoF+Amf3z6o0ajLoWc6QLqo
zWht8T+edx97dmd773uAU6RMHl3r24SUGGELw+iEnEmoMZKtcQNuau4sp5kIHQXS
hHBOKR/wwPi6eWvyh3Auv3ZIYX4rEQI3JlAYr/MFFAvP
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:25:22 2025 by rpki-client