Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/089CE65AFA6411EBAFB9EC63C4F9AE02.roa
File: 089CE65AFA6411EBAFB9EC63C4F9AE02.roa (raw, json)
Hash identifier: aS6B3KksnzAA9oXvKC/FFMpwwe2tr54Sz8ItTmKJR2w=
Subject key identifier: B8:D7:13:C3:7D:0E:5E:62:82:65:D2:34:D7:F4:5A:37:D4:96:39:91
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 8962
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/089CE65AFA6411EBAFB9EC63C4F9AE02.roa
Signing time: Thu 30 May 2024 15:58:37 +0000
ROA not before: Thu 30 May 2024 15:58:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 134032
IP address blocks: 45.118.32.0/22 maxlen: 24
103.57.150.0/24 maxlen: 24
103.58.64.0/22 maxlen: 24
103.58.115.0/24 maxlen: 24
103.58.116.0/23 maxlen: 24
103.135.46.0/24 maxlen: 24
103.135.47.0/24 maxlen: 24
103.163.44.0/23 maxlen: 24
103.168.198.0/23 maxlen: 24
103.171.12.0/23 maxlen: 24
103.178.158.0/23 maxlen: 24
103.186.172.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Mar 2025 07:17:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 35170 (0x8962)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: May 30 15:58:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6658a22d-b6b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:f4:ad:5f:4f:b5:1a:db:61:fa:8f:f8:fa:22:
ea:4b:89:5e:8a:34:64:16:31:d6:77:05:e7:48:09:
78:4b:4d:b7:72:65:9e:06:ec:f8:ad:c5:85:0b:12:
e5:70:39:d3:8e:ea:92:9a:51:39:0a:0f:14:e3:51:
f0:81:2a:f3:f9:3a:cf:8b:a5:87:06:09:dc:cc:2b:
37:cd:b2:47:d7:b8:a4:9d:f4:1e:ed:c8:10:3a:f8:
f2:c6:4d:85:5d:05:67:5b:92:b1:ff:d5:e1:66:a7:
e2:fd:46:d0:bf:c5:80:20:7a:ca:69:84:f1:a1:a2:
4b:e3:c9:f5:91:ca:36:62:4f:59:40:0d:0a:7f:02:
5b:13:30:85:05:b5:4a:ca:29:6f:b9:e6:06:66:a3:
0f:ca:d9:5e:11:ab:1e:11:96:44:f6:4a:ed:07:66:
6b:8a:a0:df:14:8a:90:85:56:56:a7:75:f2:ee:1c:
ff:f4:94:09:79:1c:f8:e7:51:2f:70:09:17:61:98:
f5:07:34:c6:e4:0a:71:17:f0:65:ff:9a:7f:90:3b:
95:c5:bb:f9:70:eb:48:fa:29:59:76:f1:9f:dc:72:
11:b1:74:e4:d5:ae:c9:8f:a7:d9:1b:dd:71:11:12:
a0:82:5e:44:e8:41:9d:80:16:b6:0d:0d:8b:16:58:
d1:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:D7:13:C3:7D:0E:5E:62:82:65:D2:34:D7:F4:5A:37:D4:96:39:91
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/089CE65AFA6411EBAFB9EC63C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.118.32.0/22
103.57.150.0/24
103.58.64.0/22
103.58.115.0-103.58.117.255
103.135.46.0/23
103.163.44.0/23
103.168.198.0/23
103.171.12.0/23
103.178.158.0/23
103.186.172.0/23
Signature Algorithm: sha256WithRSAEncryption
bb:1d:ff:0b:f4:11:1c:62:31:82:9d:40:ec:29:ea:29:84:72:
a7:b1:cc:8a:02:43:8d:98:0b:95:4a:7d:23:20:5e:bd:00:60:
bd:7a:97:c8:c2:c9:f3:52:d3:37:de:d6:b6:e5:5e:2a:09:ba:
8f:ca:47:0d:a3:bd:c5:1b:20:d2:fe:82:cc:ee:e4:bc:6e:61:
5e:ed:2f:d0:bd:e1:6d:75:12:f7:a8:df:bd:92:f7:99:af:6f:
e9:be:f9:ad:48:66:eb:6c:56:6b:69:a2:c8:62:ed:b2:c8:66:
1a:89:8c:b7:a0:e9:58:16:af:31:8f:ac:23:3e:1d:81:2e:6a:
9e:6d:a1:1b:a1:3b:b0:ab:35:6e:ff:29:7b:d2:36:cd:46:9b:
47:33:9a:bd:3d:02:c4:61:6f:a7:a7:29:df:cc:87:d2:11:c8:
b2:20:ba:a3:37:7b:f8:23:bd:2c:c9:06:6c:75:b7:7c:6c:47:
26:63:61:a9:5e:47:2d:f0:17:4e:c3:2d:d9:1e:7c:2b:0d:f1:
e4:ee:2e:0b:fb:52:73:1c:dc:1d:ba:0f:8a:3d:42:51:b1:72:
90:f3:f3:99:2d:3c:02:26:88:77:b6:8c:a4:bd:18:ca:ae:25:
c1:b1:24:77:13:d0:4c:90:18:29:53:96:30:5a:bf:da:d3:fc:
04:b4:44:e7
-----BEGIN CERTIFICATE-----
MIIFsDCCBJigAwIBAgIDAIliMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MDUzMDE1NTgzN1oXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjY1OGEyMmQtYjZiMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANP0rV9PtRrbYfqP+Poi6kuJXoo0ZBYx1ncF50gJeEtNt3Jlngbs+K3FhQsS
5XA5047qkppROQoPFONR8IEq8/k6z4ulhwYJ3MwrN82yR9e4pJ30Hu3IEDr48sZN
hV0FZ1uSsf/V4Wan4v1G0L/FgCB6ymmE8aGiS+PJ9ZHKNmJPWUANCn8CWxMwhQW1
Ssopb7nmBmajD8rZXhGrHhGWRPZK7Qdma4qg3xSKkIVWVqd18u4c//SUCXkc+OdR
L3AJF2GY9Qc0xuQKcRfwZf+af5A7lcW7+XDrSPopWXbxn9xyEbF05NWuyY+n2Rvd
cRESoIJeROhBnYAWtg0NixZY0U0CAwEAAaOCAtMwggLPMB0GA1UdDgQWBBS41xPD
fQ5eYoJl0jTX9Fo31JY5kTAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzA4OUNFNjVB
RkE2NDExRUJBRkI5RUM2M0M0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMF0GCCsGAQUFBwEHAQH/
BE4wTDBKBAIAATBEAwQCLXYgAwQAZzmWAwQCZzpAMAwDBABnOnMDBAFnOnQDBAFn
hy4DBAFnoywDBAFnqMYDBAFnqwwDBAFnsp4DBAFnuqwwDQYJKoZIhvcNAQELBQAD
ggEBALsd/wv0ERxiMYKdQOwp6imEcqexzIoCQ42YC5VKfSMgXr0AYL16l8jCyfNS
0zfe1rblXioJuo/KRw2jvcUbINL+gszu5LxuYV7tL9C94W11Eveo372S95mvb+m+
+a1IZutsVmtposhi7bLIZhqJjLeg6VgWrzGPrCM+HYEuap5toRuhO7CrNW7/KXvS
Ns1Gm0czmr09AsRhb6enKd/Mh9IRyLIguqM3e/gjvSzJBmx1t3xsRyZjYaleRy3w
F07DLdkefCsN8eTuLgv7UnMc3B26D4o9QlGxcpDz85ktPAImiHe2jKS9GMquJcGx
JHcT0EyQGClTljBav9rT/AS0ROc=
-----END CERTIFICATE-----
Generated at Thu Mar 13 21:45:05 2025 by rpki-client