Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/0E5FB0B675BE11EBAAC6FA29C4F9AE02.roa
File: 0E5FB0B675BE11EBAAC6FA29C4F9AE02.roa (raw, json)
Hash identifier: 8HSkAqfzs97VcsDjkc3R24OFCkqJTRhLXJFjkqwm69g=
Subject key identifier: E3:B3:7C:EE:82:14:1C:8E:46:04:A5:83:F6:93:7D:AB:53:FB:DE:5A
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 8A32
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/0E5FB0B675BE11EBAAC6FA29C4F9AE02.roa
Signing time: Thu 30 May 2024 16:01:59 +0000
ROA not before: Thu 30 May 2024 16:01:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 135247
IP address blocks: 45.251.32.0/22 maxlen: 24
103.219.204.0/22 maxlen: 24
202.53.4.0/22 maxlen: 24
203.28.245.0/24 maxlen: 24
2001:df2:6200::/48 maxlen: 48
2407:36c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 11 Mar 2025 09:20:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 35378 (0x8a32)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: May 30 16:01:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6658a2f6-5f29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:55:3b:95:e9:7c:89:dc:e2:67:84:99:c6:28:
08:48:c5:d5:ee:cb:a6:88:eb:ce:27:e0:68:ee:a2:
8a:86:4f:ff:d9:4a:53:e0:14:e4:35:26:77:50:fb:
58:20:7d:ab:27:05:1d:68:ad:01:6c:2b:56:d5:a7:
4a:4f:15:a8:5f:eb:08:52:0f:34:71:ec:02:09:b8:
7b:da:56:f0:00:ce:62:3e:3c:da:94:55:35:2f:92:
84:ab:f0:12:34:cb:2e:21:59:87:17:dc:2d:5f:c1:
0c:1b:35:87:bb:9a:6a:0d:40:66:9f:a2:ea:01:54:
55:ab:b6:c3:a7:b6:b8:f3:14:e4:ef:98:12:9a:9b:
0f:f6:74:79:91:b0:0e:de:4e:46:5a:01:fa:90:c9:
a2:a5:42:b5:c8:88:ca:a2:72:fa:3d:8c:9c:23:b8:
07:85:f1:75:63:d3:80:a3:71:e4:bf:09:47:e0:98:
86:76:c9:ab:eb:5d:8d:44:63:ff:2b:fb:dd:d7:55:
32:a8:09:14:74:17:a9:81:e7:6c:8c:43:1f:93:c4:
37:c5:4d:df:8f:f6:cb:ea:21:70:9f:e3:8a:bf:d5:
50:6b:4f:55:ba:97:f8:a0:d6:e1:1f:f8:03:ac:4a:
e7:8a:fe:59:41:b1:23:36:01:31:6e:56:77:e9:25:
7b:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:B3:7C:EE:82:14:1C:8E:46:04:A5:83:F6:93:7D:AB:53:FB:DE:5A
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/0E5FB0B675BE11EBAAC6FA29C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.251.32.0/22
103.219.204.0/22
202.53.4.0/22
203.28.245.0/24
IPv6:
2001:df2:6200::/48
2407:36c0::/32
Signature Algorithm: sha256WithRSAEncryption
b1:1c:03:86:79:1d:c4:2b:42:b5:18:e8:33:6f:5b:ad:7d:e1:
e4:7b:49:bc:fe:d8:6b:2d:80:fc:ba:dd:88:6b:66:68:fa:48:
89:64:92:15:a2:9a:21:5d:e7:4c:fc:19:9a:53:9d:62:f3:01:
bc:b5:2c:84:0f:3a:08:2b:8f:5f:20:23:55:73:d2:86:fa:a2:
82:a1:db:61:66:76:2c:33:2a:c0:6b:f7:4b:fb:a5:1d:29:ee:
8d:21:8c:41:19:eb:22:62:72:b5:e0:72:80:53:95:25:c6:6c:
54:ff:7a:14:3c:4c:b9:7d:15:82:ef:6d:7a:c0:87:cf:b3:ac:
9d:fb:d2:26:79:06:ee:c3:2e:d6:e8:3a:7e:3a:d6:47:54:14:
47:f1:e9:39:1d:3e:10:ff:ad:e6:60:a0:48:42:36:9b:d7:0e:
ed:bd:05:e8:cf:cf:18:ac:7a:c1:08:91:ee:10:bd:b4:5f:02:
94:9c:5c:08:6f:d1:93:d2:ad:e1:b0:b1:65:4b:c3:01:26:18:
93:af:53:b3:10:8e:56:4c:f8:8e:85:57:3d:f7:ac:f3:f0:b0:
fb:b0:25:e6:4f:d3:a8:46:de:9d:52:62:63:4c:e6:2c:22:a5:
51:b6:27:e2:10:48:41:7a:d1:0c:3b:1a:eb:51:b9:54:25:ce:
9e:cf:03:22
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgIDAIoyMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MDUzMDE2MDE1OVoXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjY1OGEyZjYtNWYyOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL9VO5XpfInc4meEmcYoCEjF1e7LpojrzifgaO6iioZP/9lKU+AU5DUmd1D7
WCB9qycFHWitAWwrVtWnSk8VqF/rCFIPNHHsAgm4e9pW8ADOYj482pRVNS+ShKvw
EjTLLiFZhxfcLV/BDBs1h7uaag1AZp+i6gFUVau2w6e2uPMU5O+YEpqbD/Z0eZGw
Dt5ORloB+pDJoqVCtciIyqJy+j2MnCO4B4XxdWPTgKNx5L8JR+CYhnbJq+tdjURj
/yv73ddVMqgJFHQXqYHnbIxDH5PEN8VN34/2y+ohcJ/jir/VUGtPVbqX+KDW4R/4
A6xK54r+WUGxIzYBMW5Wd+klex8CAwEAAaOCAr8wggK7MB0GA1UdDgQWBBTjs3zu
ghQcjkYEpYP2k32rU/veWjAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzBFNUZCMEI2
NzVCRTExRUJBQUM2RkEyOUM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMEkGCCsGAQUFBwEHAQH/
BDowODAeBAIAATAYAwQCLfsgAwQCZ9vMAwQCyjUEAwQAyxz1MBYEAgACMBADBwAg
AQ3yYgADBQAkBzbAMA0GCSqGSIb3DQEBCwUAA4IBAQCxHAOGeR3EK0K1GOgzb1ut
feHke0m8/thrLYD8ut2Ia2Zo+kiJZJIVopohXedM/BmaU51i8wG8tSyEDzoIK49f
ICNVc9KG+qKCodthZnYsMyrAa/dL+6UdKe6NIYxBGesiYnK14HKAU5UlxmxU/3oU
PEy5fRWC7216wIfPs6yd+9ImeQbuwy7W6Dp+OtZHVBRH8ek5HT4Q/63mYKBIQjab
1w7tvQXoz88YrHrBCJHuEL20XwKUnFwIb9GT0q3hsLFlS8MBJhiTr1OzEI5WTPiO
hVc996zz8LD7sCXmT9OoRt6dUmJjTOYsIqVRtifiEEhBetEMOxrrUblUJc6ezwMi
-----END CERTIFICATE-----
Generated at Fri Apr 11 13:42:51 2025 by rpki-client