Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A913A8A4/790E610CE9C311E8A9CED648C4F9AE02/41D236B27D2D11EDAFFEDF7CC4F9AE02.roa
File: 41D236B27D2D11EDAFFEDF7CC4F9AE02.roa (raw, json)
Hash identifier: ZuZht7+LuqC9WsAxewTrmphz+5ViA4U2gImtlisiNCY=
Subject key identifier: 13:6A:DD:42:2B:22:38:89:61:CE:48:BD:F4:9B:A2:19:BC:65:42:C3
Certificate issuer: /CN=A913A8A4/serialNumber=4D176A0B457A6E5695D37A7ECB8DCB3A73CB4812
Certificate serial: 11C6
Authority key identifier: 4D:17:6A:0B:45:7A:6E:56:95:D3:7A:7E:CB:8D:CB:3A:73:CB:48:12
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TRdqC0V6blaV03p-y43LOnPLSBI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A913A8A4/790E610CE9C311E8A9CED648C4F9AE02/41D236B27D2D11EDAFFEDF7CC4F9AE02.roa
Signing time: Thu 28 Nov 2024 17:35:28 +0000
ROA not before: Thu 28 Nov 2024 17:35:27 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 140096
IP address blocks: 103.102.4.0/22 maxlen: 23
103.102.4.0/24 maxlen: 24
103.102.5.0/24 maxlen: 24
103.102.6.0/24 maxlen: 24
103.102.7.0/24 maxlen: 24
182.255.32.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 31 Mar 2025 02:43:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4550 (0x11c6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A913A8A4
Validity
Not Before: Nov 28 17:35:27 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=6748a9df-6f04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:9d:52:f4:26:68:67:a6:c8:04:1c:cd:45:cb:
fe:6c:89:45:09:ee:0d:f4:80:d6:a5:67:95:22:35:
6b:93:92:19:09:47:e2:5f:3c:b6:24:5e:27:c5:9c:
e4:cf:44:b6:36:54:d3:02:4e:3d:8c:2d:ed:2c:8d:
ca:a2:41:e1:b5:41:17:71:c5:0c:da:31:83:a4:b8:
03:9d:f7:e9:c4:91:c7:fe:2d:aa:fc:09:bf:45:a3:
73:c0:c9:13:54:25:17:56:21:43:68:24:a5:05:ef:
68:df:58:ba:fe:9e:fb:aa:e3:9a:34:4c:73:61:3c:
cb:49:d0:2e:d3:35:8f:44:59:93:08:d9:66:22:b1:
76:7d:f0:59:b0:21:18:a4:06:77:00:5d:eb:fe:21:
74:8b:fb:e5:3a:57:75:31:77:68:46:21:19:bc:1b:
0d:7a:d8:25:55:fe:12:00:87:78:64:eb:c9:3f:a4:
fc:24:4b:d0:99:2b:e8:33:5e:ac:10:a1:52:aa:82:
0a:7a:1a:ab:84:08:99:8a:75:03:6a:0c:8b:6c:91:
4b:af:d3:8e:ee:69:5b:fa:94:a0:bd:f9:fe:35:58:
1d:bf:7c:12:e4:37:39:f4:a0:5a:32:f8:40:01:25:
e8:d1:05:2f:b0:de:6e:9b:c0:65:4a:5e:4d:d7:a3:
6e:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:6A:DD:42:2B:22:38:89:61:CE:48:BD:F4:9B:A2:19:BC:65:42:C3
X509v3 Authority Key Identifier:
keyid:4D:17:6A:0B:45:7A:6E:56:95:D3:7A:7E:CB:8D:CB:3A:73:CB:48:12
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A913A8A4/790E610CE9C311E8A9CED648C4F9AE02/TRdqC0V6blaV03p-y43LOnPLSBI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TRdqC0V6blaV03p-y43LOnPLSBI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913A8A4/790E610CE9C311E8A9CED648C4F9AE02/41D236B27D2D11EDAFFEDF7CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.102.4.0/22
182.255.32.0/22
Signature Algorithm: sha256WithRSAEncryption
b2:2b:d9:d3:a0:97:dd:a6:a1:67:af:a5:5a:de:c1:c5:fd:7c:
68:c9:ed:01:c9:e9:ac:fe:23:0b:a7:54:f7:41:dc:de:5f:23:
e8:c5:11:24:cb:56:8e:6b:60:ef:a0:a8:3e:40:cf:ff:01:b6:
2a:5b:56:72:d2:e2:3f:7c:5e:f1:8c:63:4b:34:2e:f2:79:c8:
59:37:da:f4:ab:43:15:5d:ec:32:9c:1e:41:b4:1d:0e:41:74:
a2:23:68:7f:11:f0:d9:3b:da:e4:51:0a:0e:76:a2:17:24:34:
d1:86:90:ed:23:f7:1f:a9:e4:8d:99:15:65:5f:10:62:86:f9:
ca:8c:7a:c7:ce:c6:cd:ac:46:14:14:46:a7:5e:09:f0:1a:d8:
28:15:ce:eb:c7:b3:65:65:03:e0:64:9e:fb:0e:43:d6:ab:0e:
01:f8:c3:17:43:cb:e5:a2:c8:72:61:b7:e0:fc:65:c5:a5:ea:
dc:8e:f5:45:e5:98:0d:73:67:0e:78:1f:55:6a:aa:ff:2c:5b:
1d:49:11:16:24:1c:cd:8e:cd:bc:65:3c:9d:f1:f1:ce:9b:14:
2b:2d:c4:be:b3:8d:50:05:9d:bf:e5:b8:a1:86:73:04:1b:02:
bf:e5:d4:34:16:59:fa:dc:4c:f3:fb:53:46:8a:23:18:ec:f2:
ba:84:ea:9a
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICEcYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
M0E4QTQxMTAvBgNVBAUTKDREMTc2QTBCNDU3QTZFNTY5NUQzN0E3RUNCOERDQjNB
NzNDQjQ4MTIwHhcNMjQxMTI4MTczNTI3WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzQ4YTlkZi02ZjA0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvJ1S9CZoZ6bIBBzNRcv+bIlFCe4N9IDWpWeVIjVrk5IZCUfiXzy2JF4nxZzk
z0S2NlTTAk49jC3tLI3KokHhtUEXccUM2jGDpLgDnffpxJHH/i2q/Am/RaNzwMkT
VCUXViFDaCSlBe9o31i6/p77quOaNExzYTzLSdAu0zWPRFmTCNlmIrF2ffBZsCEY
pAZ3AF3r/iF0i/vlOld1MXdoRiEZvBsNetglVf4SAId4ZOvJP6T8JEvQmSvoM16s
EKFSqoIKehqrhAiZinUDagyLbJFLr9OO7mlb+pSgvfn+NVgdv3wS5Dc59KBaMvhA
ASXo0QUvsN5um8BlSl5N16NuXQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFBNq3UIr
IjiJYc5IvfSbohm8ZULDMB8GA1UdIwQYMBaAFE0XagtFem5WldN6fsuNyzpzy0gS
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzQThBNC83OTBFNjEwQ0U5
QzMxMUU4QTlDRUQ2NDhDNEY5QUUwMi9UUmRxQzBWNmJsYVYwM3AteTQzTE9uUExT
QkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1RSZHFDMFY2YmxhVjAzcC15NDNMT25QTFNCSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
M0E4QTQvNzkwRTYxMENFOUMzMTFFOEE5Q0VENjQ4QzRGOUFFMDIvNDFEMjM2QjI3
RDJEMTFFREFGRkVERjdDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAJnZgQDBAK2/yAwDQYJKoZIhvcNAQELBQADggEBALIr2dOg
l92moWevpVrewcX9fGjJ7QHJ6az+IwunVPdB3N5fI+jFESTLVo5rYO+gqD5Az/8B
tipbVnLS4j98XvGMY0s0LvJ5yFk32vSrQxVd7DKcHkG0HQ5BdKIjaH8R8Nk72uRR
Cg52ohckNNGGkO0j9x+p5I2ZFWVfEGKG+cqMesfOxs2sRhQURqdeCfAa2CgVzuvH
s2VlA+BknvsOQ9arDgH4wxdDy+WiyHJht+D8ZcWl6tyO9UXlmA1zZw54H1Vqqv8s
Wx1JERYkHM2OzbxlPJ3x8c6bFCstxL6zjVAFnb/luKGGcwQbAr/l1DQWWfrcTPP7
U0aKIxjs8rqE6po=
-----END CERTIFICATE-----
Generated at Sat Apr 12 10:33:17 2025 by rpki-client