Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911C28D/BDAB67F63A8011E5AE390155C4F9AE02/2C103330E79B11EFB484D12EC4F9AE02.roa
File: 2C103330E79B11EFB484D12EC4F9AE02.roa (raw, json)
Hash identifier: JHo4zyqDsLkJ0hsfWkBNbYzlkEQwlf34EtMsiRU3PzY=
Subject key identifier: F9:F3:C1:0D:6D:C0:40:F5:EB:0C:FC:15:43:5A:C9:6B:24:2D:59:77
Certificate issuer: /CN=A911C28D/serialNumber=99DFB6BF7950E6B40195A59024F4B750863D3D93
Certificate serial: 27E8
Authority key identifier: 99:DF:B6:BF:79:50:E6:B4:01:95:A5:90:24:F4:B7:50:86:3D:3D:93
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/md-2v3lQ5rQBlaWQJPS3UIY9PZM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911C28D/BDAB67F63A8011E5AE390155C4F9AE02/2C103330E79B11EFB484D12EC4F9AE02.roa
Signing time: Mon 10 Feb 2025 10:38:32 +0000
ROA not before: Mon 10 Feb 2025 10:38:32 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 7489
IP address blocks: 27.100.36.0/23 maxlen: 24
45.124.64.0/22 maxlen: 24
45.249.88.0/24 maxlen: 24
103.192.176.0/22 maxlen: 24
103.196.20.0/23 maxlen: 24
103.196.22.0/24 maxlen: 24
103.217.252.0/22 maxlen: 22
103.217.253.0/24 maxlen: 24
103.217.255.0/24 maxlen: 24
2402:9e80::/48 maxlen: 48
2402:9e80:1::/48 maxlen: 48
2402:9e80:5::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 26 Mar 2025 09:25:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10216 (0x27e8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911C28D
Validity
Not Before: Feb 10 10:38:32 2025 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=67a9d727-ab8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:20:c6:f5:07:0b:30:16:47:50:c8:47:4d:ad:
e8:a9:c6:0f:1a:ad:58:00:2b:95:db:87:da:c2:b6:
20:d2:6d:23:1e:17:f2:8b:3f:e7:9b:f5:6b:9c:d0:
78:72:8b:ef:a2:fe:d8:f7:56:23:27:86:c3:2a:fd:
83:c6:5b:d4:62:41:6c:53:dc:1a:7e:79:6d:2f:72:
db:9d:1b:a7:6d:ee:28:31:57:40:0a:50:fc:c2:1d:
bf:4b:72:9e:e9:e7:fc:8c:38:05:3b:a2:70:e1:2c:
df:36:5c:1d:d5:36:cc:50:f1:ed:2a:f0:5f:34:41:
8d:de:df:ba:5f:bb:de:6e:5e:5e:a9:0c:bd:aa:ab:
71:15:03:7e:69:2c:d7:ae:5b:40:29:54:eb:26:98:
fb:5d:2d:ed:7f:b1:0e:a8:62:1a:07:af:bc:22:c6:
c7:e2:48:b0:17:45:b4:cc:17:91:c4:aa:06:7a:9d:
66:bf:27:6f:28:5e:90:53:93:06:cb:6d:f4:4a:ef:
b6:db:13:ca:f4:30:f3:61:89:2a:81:9a:b0:bd:73:
a7:f4:07:15:ed:18:3a:e1:ae:a6:5b:9c:88:df:f7:
80:c4:2f:3b:7d:36:c2:95:11:b5:31:38:a0:31:0c:
36:54:35:5e:73:13:0f:ec:e8:fb:4e:ac:ec:82:e7:
1e:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:F3:C1:0D:6D:C0:40:F5:EB:0C:FC:15:43:5A:C9:6B:24:2D:59:77
X509v3 Authority Key Identifier:
keyid:99:DF:B6:BF:79:50:E6:B4:01:95:A5:90:24:F4:B7:50:86:3D:3D:93
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911C28D/BDAB67F63A8011E5AE390155C4F9AE02/md-2v3lQ5rQBlaWQJPS3UIY9PZM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/md-2v3lQ5rQBlaWQJPS3UIY9PZM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911C28D/BDAB67F63A8011E5AE390155C4F9AE02/2C103330E79B11EFB484D12EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.100.36.0/23
45.124.64.0/22
45.249.88.0/24
103.192.176.0/22
103.196.20.0-103.196.22.255
103.217.252.0/22
IPv6:
2402:9e80::/47
2402:9e80:5::/48
Signature Algorithm: sha256WithRSAEncryption
98:ad:e7:a8:4a:20:24:8d:29:22:a8:5e:93:be:f9:5c:d5:22:
4f:5d:1a:bf:d4:50:2a:cc:2d:d9:64:ce:df:67:59:bc:4f:ca:
cf:0e:40:48:d1:7d:04:83:36:e5:1f:da:d2:0c:61:92:fc:19:
68:92:1e:89:67:5d:9b:32:43:69:37:5f:21:e5:1a:1b:d3:88:
a5:91:82:0d:9b:72:fd:ba:a8:14:4c:e0:a6:bc:43:0d:df:76:
ef:dd:31:38:44:6d:fa:00:45:45:3d:d3:8d:db:1f:76:8d:9b:
99:28:9a:48:b9:f3:cb:0b:8d:60:8e:bd:fa:97:50:ba:d0:4f:
b9:dc:fb:78:8b:4d:19:3c:5e:39:72:29:96:c5:52:22:b9:46:
c4:18:a9:0d:5f:39:ab:b3:05:3b:30:04:29:79:ae:30:ef:1f:
07:01:8c:6b:cb:ed:6f:d3:e8:46:89:2f:4c:c8:f6:d0:8d:50:
6f:84:21:20:09:de:f4:fa:98:01:15:e2:bf:8b:52:e8:77:2f:
63:95:b8:17:2a:e5:ff:1c:cf:be:1a:d6:66:60:4c:9a:6c:39:
04:05:9d:c9:60:66:19:e6:e1:c1:c6:ea:82:e4:06:67:c6:d6:
ce:8d:61:ec:42:3a:f4:bb:f7:8a:de:96:88:c7:df:70:b1:d4:
58:fe:82:7a
-----BEGIN CERTIFICATE-----
MIIFsTCCBJmgAwIBAgICJ+gwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUMyOEQxMTAvBgNVBAUTKDk5REZCNkJGNzk1MEU2QjQwMTk1QTU5MDI0RjRCNzUw
ODYzRDNEOTMwHhcNMjUwMjEwMTAzODMyWhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2E5ZDcyNy1hYjhhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuCDG9QcLMBZHUMhHTa3oqcYPGq1YACuV24fawrYg0m0jHhfyiz/nm/VrnNB4
covvov7Y91YjJ4bDKv2DxlvUYkFsU9wafnltL3LbnRunbe4oMVdAClD8wh2/S3Ke
6ef8jDgFO6Jw4SzfNlwd1TbMUPHtKvBfNEGN3t+6X7vebl5eqQy9qqtxFQN+aSzX
rltAKVTrJpj7XS3tf7EOqGIaB6+8IsbH4kiwF0W0zBeRxKoGep1mvydvKF6QU5MG
y230Su+22xPK9DDzYYkqgZqwvXOn9AcV7Rg64a6mW5yI3/eAxC87fTbClRG1MTig
MQw2VDVecxMP7Oj7TqzsguceYwIDAQABo4IC1TCCAtEwHQYDVR0OBBYEFPnzwQ1t
wED16wz8FUNayWskLVl3MB8GA1UdIwQYMBaAFJnftr95UOa0AZWlkCT0t1CGPT2T
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQzI4RC9CREFCNjdGNjNB
ODAxMUU1QUUzOTAxNTVDNEY5QUUwMi9tZC0ydjNsUTVyUUJsYVdRSlBTM1VJWTlQ
Wk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL21kLTJ2M2xRNXJRQmxhV1FKUFMzVUlZOVBaTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUMyOEQvQkRBQjY3RjYzQTgwMTFFNUFFMzkwMTU1QzRGOUFFMDIvMkMxMDMzMzBF
NzlCMTFFRkI0ODREMTJFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwXwYIKwYBBQUHAQcBAf8E
UDBOMDIEAgABMCwDBAEbZCQDBAItfEADBAAt+VgDBAJnwLAwDAMEAmfEFAMEAGfE
FgMEAmfZ/DAYBAIAAjASAwcBJAKegAAAAwcAJAKegAAFMA0GCSqGSIb3DQEBCwUA
A4IBAQCYreeoSiAkjSkiqF6Tvvlc1SJPXRq/1FAqzC3ZZM7fZ1m8T8rPDkBI0X0E
gzblH9rSDGGS/Blokh6JZ12bMkNpN18h5Rob04ilkYINm3L9uqgUTOCmvEMN33bv
3TE4RG36AEVFPdON2x92jZuZKJpIufPLC41gjr36l1C60E+53Pt4i00ZPF45cimW
xVIiuUbEGKkNXzmrswU7MAQpea4w7x8HAYxry+1v0+hGiS9MyPbQjVBvhCEgCd70
+pgBFeK/i1Lody9jlbgXKuX/HM++GtZmYEyabDkEBZ3JYGYZ5uHBxuqC5AZnxtbO
jWHsQjr0u/eK3paIx99wsdRY/oJ6
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:00:44 2025 by rpki-client