Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91115D5/4EBCAF26D0AF11E8AAEB0756C4F9AE02/D23C828C07D511EF86AD0733C4F9AE02.roa
File: D23C828C07D511EF86AD0733C4F9AE02.roa (raw, json)
Hash identifier: TIcF9eCaMV6FnGaU4Vlj0gKLnYzPZQ9nJWLLlWU8tG0=
Subject key identifier: 7D:A7:19:A9:F4:93:BA:AB:95:C9:49:23:36:FD:7F:D7:61:63:BD:FC
Certificate issuer: /CN=A91115D5/serialNumber=476F572A380236AF33F62D82A5BA264D2FBBAD7C
Certificate serial: 11B8
Authority key identifier: 47:6F:57:2A:38:02:36:AF:33:F6:2D:82:A5:BA:26:4D:2F:BB:AD:7C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/R29XKjgCNq8z9i2CpbomTS-7rXw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91115D5/4EBCAF26D0AF11E8AAEB0756C4F9AE02/D23C828C07D511EF86AD0733C4F9AE02.roa
Signing time: Wed 01 May 2024 16:14:01 +0000
ROA not before: Wed 01 May 2024 16:14:01 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 141432
IP address blocks: 103.86.36.0/24 maxlen: 24
103.86.37.0/24 maxlen: 24
116.204.164.0/22 maxlen: 22
116.204.164.0/24 maxlen: 24
116.204.165.0/24 maxlen: 24
116.204.166.0/24 maxlen: 24
116.204.167.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 24 Mar 2025 10:15:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4536 (0x11b8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91115D5
Validity
Not Before: May 1 16:14:01 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=66326a49-0b6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:99:ef:e1:6d:21:5a:ab:2e:d4:9b:2e:4a:bf:
95:5a:f2:df:05:7f:69:6e:48:87:87:c8:cd:01:9a:
20:9e:0b:47:cc:c5:37:67:95:2a:1c:60:0b:65:3e:
54:7c:90:38:d6:6f:ac:b5:f8:35:9c:2e:64:da:98:
a1:b3:e1:66:dc:f7:82:74:cb:45:71:fc:09:af:52:
80:6e:61:01:11:3c:6d:33:77:ec:b3:4a:54:0a:fb:
d6:e3:94:fc:fa:6f:8f:1d:29:bc:3a:ea:c2:fc:d7:
6e:21:88:8b:e8:b8:64:53:d9:4a:e4:9a:b5:69:fb:
f5:27:1b:e1:e4:9f:18:06:8e:ee:b2:d3:68:37:43:
ca:e0:60:65:09:f4:fd:4d:ff:41:5f:cc:b8:3e:2a:
22:d0:78:f9:34:f4:69:3d:39:e8:57:d5:df:7f:a4:
45:35:b0:c9:f1:f0:80:fe:a0:26:e1:3a:3a:88:0c:
cd:5f:06:aa:9d:16:b2:bd:09:5d:72:10:12:07:56:
08:5d:13:13:17:12:ab:04:23:8b:2e:62:f9:3f:e5:
21:cb:8c:30:52:4e:21:d0:21:99:c6:77:fe:cf:03:
30:42:82:fa:c8:d3:10:1d:dc:0b:34:b5:91:01:33:
8d:80:04:dd:31:a1:85:7a:22:f7:29:fd:73:92:dc:
9d:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:A7:19:A9:F4:93:BA:AB:95:C9:49:23:36:FD:7F:D7:61:63:BD:FC
X509v3 Authority Key Identifier:
keyid:47:6F:57:2A:38:02:36:AF:33:F6:2D:82:A5:BA:26:4D:2F:BB:AD:7C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91115D5/4EBCAF26D0AF11E8AAEB0756C4F9AE02/R29XKjgCNq8z9i2CpbomTS-7rXw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/R29XKjgCNq8z9i2CpbomTS-7rXw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91115D5/4EBCAF26D0AF11E8AAEB0756C4F9AE02/D23C828C07D511EF86AD0733C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.86.36.0/23
116.204.164.0/22
Signature Algorithm: sha256WithRSAEncryption
9b:30:ae:0d:74:9a:58:6a:f7:81:02:d9:14:04:20:24:e4:63:
51:64:d9:a5:2e:ff:35:38:2a:83:47:be:38:fa:8d:4e:16:3e:
36:a8:ef:ad:d2:b4:5e:7a:36:9a:13:ed:47:32:5b:1b:24:3f:
ef:8d:4a:71:d4:3e:9b:59:7d:4a:67:ec:79:4a:35:98:9c:82:
ae:93:98:1e:87:3f:6e:fc:e7:65:74:d0:a1:41:d2:d3:48:1a:
98:4f:83:df:a9:54:c4:d2:02:6b:68:fa:88:22:43:38:f2:d1:
c3:3e:e5:a4:cf:d7:fe:b0:9a:4b:39:f3:07:40:21:99:8c:e8:
15:87:3c:3e:cc:45:74:8c:b5:cb:18:38:4e:d1:db:89:72:60:
d9:58:d2:21:b9:c1:46:fe:56:81:56:6c:e9:fe:5f:29:fa:f0:
ce:ba:4b:47:9b:91:1d:28:31:99:b5:3f:50:ce:6a:76:ad:70:
ac:32:fc:cf:a0:77:1f:41:5b:a6:1d:f8:40:16:4d:1e:22:c9:
b7:0f:02:a2:9c:7b:dc:85:9c:4c:e8:26:e9:36:0f:7f:53:70:
ae:70:fb:f3:55:d9:c0:da:b6:d3:35:dc:69:de:6a:4b:00:aa:
0e:1a:d7:8f:2c:bb:70:78:e1:3d:11:ce:11:05:53:ba:cb:cf:
97:ad:41:77
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICEbgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTE1RDUxMTAvBgNVBAUTKDQ3NkY1NzJBMzgwMjM2QUYzM0Y2MkQ4MkE1QkEyNjRE
MkZCQkFEN0MwHhcNMjQwNTAxMTYxNDAxWhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02NjMyNmE0OS0wYjZlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA6Jnv4W0hWqsu1JsuSr+VWvLfBX9pbkiHh8jNAZogngtHzMU3Z5UqHGALZT5U
fJA41m+stfg1nC5k2pihs+Fm3PeCdMtFcfwJr1KAbmEBETxtM3fss0pUCvvW45T8
+m+PHSm8OurC/NduIYiL6LhkU9lK5Jq1afv1Jxvh5J8YBo7ustNoN0PK4GBlCfT9
Tf9BX8y4Pioi0Hj5NPRpPTnoV9Xff6RFNbDJ8fCA/qAm4To6iAzNXwaqnRayvQld
chASB1YIXRMTFxKrBCOLLmL5P+Uhy4wwUk4h0CGZxnf+zwMwQoL6yNMQHdwLNLWR
ATONgATdMaGFeiL3Kf1zktydhQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFH2nGan0
k7qrlclJIzb9f9dhY738MB8GA1UdIwQYMBaAFEdvVyo4AjavM/YtgqW6Jk0vu618
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExMTVENS80RUJDQUYyNkQw
QUYxMUU4QUFFQjA3NTZDNEY5QUUwMi9SMjlYS2pnQ05xOHo5aTJDcGJvbVRTLTdy
WHcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1IyOVhLamdDTnE4ejlpMkNwYm9tVFMtN3JYdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTE1RDUvNEVCQ0FGMjZEMEFGMTFFOEFBRUIwNzU2QzRGOUFFMDIvRDIzQzgyOEMw
N0Q1MTFFRjg2QUQwNzMzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAFnViQDBAJ0zKQwDQYJKoZIhvcNAQELBQADggEBAJswrg10
mlhq94EC2RQEICTkY1Fk2aUu/zU4KoNHvjj6jU4WPjao763StF56NpoT7UcyWxsk
P++NSnHUPptZfUpn7HlKNZicgq6TmB6HP27852V00KFB0tNIGphPg9+pVMTSAmto
+ogiQzjy0cM+5aTP1/6wmks58wdAIZmM6BWHPD7MRXSMtcsYOE7R24lyYNlY0iG5
wUb+VoFWbOn+Xyn68M66S0ebkR0oMZm1P1DOanatcKwy/M+gdx9BW6Yd+EAWTR4i
ybcPAqKce9yFnEzoJuk2D39TcK5w+/NV2cDattM13GneaksAqg4a148su3B44T0R
zhEFU7rLz5etQXc=
-----END CERTIFICATE-----
Generated at Sat Apr 5 01:30:30 2025 by rpki-client