Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/153B8836B8C111EDAC68E946C4F9AE02.roa
File: 153B8836B8C111EDAC68E946C4F9AE02.roa (raw, json)
Hash identifier: nW3VVyZDNGRojpLvju6zK459alfZ7F36Cx88ZeMnZ9Q=
Subject key identifier: AF:61:2E:3F:34:E0:A7:EE:82:F9:F9:72:7C:5C:30:D2:96:D1:F9:01
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 8DA9
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/153B8836B8C111EDAC68E946C4F9AE02.roa
Signing time: Thu 30 May 2024 16:16:31 +0000
ROA not before: Thu 30 May 2024 16:16:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 141799
IP address blocks: 103.146.222.0/24 maxlen: 24
103.146.223.0/24 maxlen: 24
103.149.52.0/23 maxlen: 24
103.159.242.0/23 maxlen: 24
103.165.22.0/23 maxlen: 24
103.181.176.0/23 maxlen: 24
2001:df6:f280::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 18 Sep 2024 11:34:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 36265 (0x8da9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: May 30 16:16:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6658a65f-c1e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:d7:52:67:c0:21:04:b7:b8:4e:86:16:ef:02:
e9:8c:9d:41:18:ad:26:e4:27:6d:1b:99:97:b9:bf:
5e:ce:ca:e1:0b:94:75:fa:4c:54:b5:a1:d1:7a:de:
76:3f:f7:ed:70:de:56:c8:a9:2f:a7:48:6f:53:7d:
54:f0:fc:d2:67:1b:d4:db:19:d6:a4:ab:6e:c2:d6:
13:26:fb:9d:58:87:bf:15:aa:a3:59:bf:50:9c:7a:
ee:4a:7d:07:08:d2:cb:04:37:51:9f:f1:25:d5:60:
db:42:8d:0d:66:d1:7f:3b:b0:40:88:da:6a:04:24:
d6:17:f0:93:93:4d:b8:45:4d:62:31:b5:2a:d4:09:
56:7f:3e:e0:5e:02:a2:24:76:68:ad:c6:39:24:d6:
cb:06:59:96:2c:56:54:4e:91:6f:14:5b:ff:41:da:
70:34:55:d8:b9:26:f3:82:a9:40:22:e7:08:63:91:
a6:cf:98:bd:f6:28:08:6f:53:66:c4:88:34:f7:a4:
2e:8b:09:86:ed:4f:c3:d3:fe:6c:e2:60:67:56:a3:
a0:4c:be:74:99:20:ee:66:0e:ff:01:13:d7:67:ed:
9e:62:1d:b7:6d:a6:1d:e4:76:22:7b:95:c4:0d:0f:
52:93:1d:eb:10:78:13:6f:c2:f5:84:41:f3:85:cd:
dd:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:61:2E:3F:34:E0:A7:EE:82:F9:F9:72:7C:5C:30:D2:96:D1:F9:01
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/153B8836B8C111EDAC68E946C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.146.222.0/23
103.149.52.0/23
103.159.242.0/23
103.165.22.0/23
103.181.176.0/23
IPv6:
2001:df6:f280::/48
Signature Algorithm: sha256WithRSAEncryption
b0:91:80:9b:80:97:41:44:42:e8:1b:08:89:94:cf:c9:09:05:
0a:42:5b:9a:69:76:25:dc:bc:8e:1f:6e:37:f2:d6:80:46:81:
50:45:c3:9f:14:2d:b2:55:63:05:ed:e1:92:48:20:69:f5:2b:
fc:ed:37:6e:35:a6:51:f5:f9:40:95:b4:fe:38:53:92:53:0b:
52:51:53:49:dc:db:8d:68:bd:a4:52:3e:af:26:50:ea:04:7a:
75:b6:00:23:40:fb:a7:9d:bd:d0:f4:20:1c:df:eb:c4:c9:94:
c1:e0:d8:fb:78:0f:3b:75:70:c8:ef:bb:81:c8:b5:3f:45:ee:
19:2c:1f:0b:b9:dc:ea:5b:d2:d1:93:e5:6f:40:2b:d7:d9:69:
7e:bd:ae:eb:05:0d:87:0c:69:8b:7b:97:fc:4e:47:3e:e5:34:
2f:17:98:43:46:c9:6b:36:b6:c1:6f:95:f3:4f:af:e4:0b:b8:
c5:89:57:aa:14:94:74:cd:5a:ab:cf:8c:54:c9:c7:e1:c2:e3:
85:68:fd:30:85:55:dc:e1:55:59:3a:96:f6:61:8a:45:f4:7c:
61:c2:80:c2:d0:7b:a4:9b:d1:f3:af:ff:a0:ae:47:7a:71:ee:
60:ed:7b:ef:fd:05:f6:54:64:71:fe:b9:f0:92:d6:d4:09:0e:
62:bf:ae:2b
-----BEGIN CERTIFICATE-----
MIIFmzCCBIOgAwIBAgIDAI2pMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MDUzMDE2MTYzMVoXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjY1OGE2NWYtYzFlMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJnXUmfAIQS3uE6GFu8C6YydQRitJuQnbRuZl7m/Xs7K4QuUdfpMVLWh0Xre
dj/37XDeVsipL6dIb1N9VPD80mcb1NsZ1qSrbsLWEyb7nViHvxWqo1m/UJx67kp9
BwjSywQ3UZ/xJdVg20KNDWbRfzuwQIjaagQk1hfwk5NNuEVNYjG1KtQJVn8+4F4C
oiR2aK3GOSTWywZZlixWVE6RbxRb/0HacDRV2Lkm84KpQCLnCGORps+YvfYoCG9T
ZsSINPekLosJhu1Pw9P+bOJgZ1ajoEy+dJkg7mYO/wET12ftnmIdt22mHeR2InuV
xA0PUpMd6xB4E2/C9YRB84XN3V0CAwEAAaOCAr4wggK6MB0GA1UdDgQWBBSvYS4/
NOCn7oL5+XJ8XDDSltH5ATAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzE1M0I4ODM2
QjhDMTExRURBQzY4RTk0NkM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMEgGCCsGAQUFBwEHAQH/
BDkwNzAkBAIAATAeAwQBZ5LeAwQBZ5U0AwQBZ5/yAwQBZ6UWAwQBZ7WwMA8EAgAC
MAkDBwAgAQ328oAwDQYJKoZIhvcNAQELBQADggEBALCRgJuAl0FEQugbCImUz8kJ
BQpCW5ppdiXcvI4fbjfy1oBGgVBFw58ULbJVYwXt4ZJIIGn1K/ztN241plH1+UCV
tP44U5JTC1JRU0nc241ovaRSPq8mUOoEenW2ACNA+6edvdD0IBzf68TJlMHg2Pt4
Dzt1cMjvu4HItT9F7hksHwu53Opb0tGT5W9AK9fZaX69rusFDYcMaYt7l/xORz7l
NC8XmENGyWs2tsFvlfNPr+QLuMWJV6oUlHTNWqvPjFTJx+HC44Vo/TCFVdzhVVk6
lvZhikX0fGHCgMLQe6Sb0fOv/6CuR3px7mDte+/9BfZUZHH+ufCS1tQJDmK/ris=
-----END CERTIFICATE-----
Generated at Fri Apr 4 21:55:52 2025 by rpki-client