Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/16855B747F9911EDA6FE396CC4F9AE02.roa
File: 16855B747F9911EDA6FE396CC4F9AE02.roa (raw, json)
Hash identifier: bDNvS+v/7OFoOUbEkJx3+79TI43ARSIX4aDG9LDRtaY=
Subject key identifier: F7:7D:AF:BD:E2:1C:F5:69:61:9D:7B:16:C1:D4:1C:18:11:DB:05:A4
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 8AD1
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/16855B747F9911EDA6FE396CC4F9AE02.roa
Signing time: Thu 30 May 2024 16:04:35 +0000
ROA not before: Thu 30 May 2024 16:04:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 136288
IP address blocks: 103.87.28.0/22 maxlen: 24
103.154.26.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 24 Dec 2024 12:13:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 35537 (0x8ad1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: May 30 16:04:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6658a393-bbc2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:6a:0f:47:1c:1e:37:c1:67:65:95:98:05:64:
75:1b:b6:70:46:31:73:ed:6b:91:53:f1:9b:b7:c4:
80:ce:89:d0:22:4f:88:e2:56:69:82:be:a8:a9:4c:
00:94:f1:3e:03:30:5b:56:4b:33:36:01:c8:59:f4:
2e:ba:c7:b3:20:91:bf:18:a6:7f:61:19:c6:3c:8c:
20:f4:1d:01:37:19:a4:32:87:5f:d1:d3:cd:55:34:
97:d1:45:f5:9d:1d:b0:3d:70:ea:1e:30:79:4d:24:
24:b0:d4:60:89:2c:5f:ab:bc:36:2c:3c:28:5d:86:
85:fc:e0:94:82:e0:db:c1:d3:ae:50:6e:84:66:cc:
54:74:ba:2a:8b:64:f6:29:8b:6e:ca:1f:95:80:74:
95:50:23:af:91:d9:3c:82:8a:51:a6:dd:ad:98:29:
75:1d:2c:74:16:2c:06:09:1e:07:a5:b0:bb:a3:6d:
cd:7a:ec:fe:76:cf:b8:34:f8:51:a6:3d:46:d0:c7:
04:09:90:88:d1:1c:f4:e0:f8:be:52:4a:46:d7:4d:
cf:41:7f:78:9e:ff:89:b1:14:b4:69:da:8b:35:7e:
ce:25:66:b8:72:5b:8b:7b:ac:84:51:6a:d5:d5:c9:
b0:0e:25:fc:d5:dc:a3:c6:1b:23:a2:90:97:87:18:
8e:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:7D:AF:BD:E2:1C:F5:69:61:9D:7B:16:C1:D4:1C:18:11:DB:05:A4
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/16855B747F9911EDA6FE396CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.87.28.0/22
103.154.26.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:51:72:68:ec:f3:60:dc:49:ab:ef:29:3e:5a:00:b7:3b:f1:
8a:1a:f1:c9:11:bd:e3:ed:65:79:55:43:c6:76:61:b3:82:31:
ea:fd:52:39:b7:dc:9e:c1:9a:31:1e:96:f1:ba:64:4b:24:fe:
65:94:4d:f4:f8:f8:64:d2:a2:ad:2e:1d:07:7d:48:d1:48:d5:
d2:ce:09:2a:40:c8:5c:b7:cd:11:84:e6:7b:04:57:3c:54:db:
eb:5e:e3:56:19:10:c0:82:fb:2c:1d:b5:17:1a:fd:44:6b:09:
a8:aa:50:0f:7a:bb:55:a8:83:a0:84:bb:84:cf:3a:ec:59:25:
1c:5f:fe:f0:ee:74:88:18:55:97:8d:fd:d2:b1:1d:61:cb:d2:
5f:39:d8:47:51:bb:2e:e5:a2:54:ef:c4:75:09:41:db:f6:eb:
71:29:8d:6b:6d:b9:5c:f6:f5:4e:1f:7b:c5:9f:7a:d2:33:14:
2a:c3:7b:45:36:c9:f5:cc:b5:28:bb:63:8a:c4:ee:7a:f4:6e:
18:8d:39:57:21:65:f1:7e:e5:d2:7c:40:1b:95:05:b7:7e:97:
80:52:93:b0:f3:b9:01:e2:a6:39:51:fd:1c:45:16:41:1d:aa:
3a:df:f0:30:fd:95:27:6f:8a:92:67:c2:b2:15:4d:77:b3:6f:
b5:8f:9c:0e
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgIDAIrRMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MDUzMDE2MDQzNVoXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjY1OGEzOTMtYmJjMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALlqD0ccHjfBZ2WVmAVkdRu2cEYxc+1rkVPxm7fEgM6J0CJPiOJWaYK+qKlM
AJTxPgMwW1ZLMzYByFn0LrrHsyCRvximf2EZxjyMIPQdATcZpDKHX9HTzVU0l9FF
9Z0dsD1w6h4weU0kJLDUYIksX6u8Niw8KF2GhfzglILg28HTrlBuhGbMVHS6Kotk
9imLbsoflYB0lVAjr5HZPIKKUabdrZgpdR0sdBYsBgkeB6Wwu6NtzXrs/nbPuDT4
UaY9RtDHBAmQiNEc9OD4vlJKRtdNz0F/eJ7/ibEUtGnaizV+ziVmuHJbi3ushFFq
1dXJsA4l/NXco8YbI6KQl4cYjpsCAwEAAaOCApswggKXMB0GA1UdDgQWBBT3fa+9
4hz1aWGdexbB1BwYEdsFpDAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzE2ODU1Qjc0
N0Y5OTExRURBNkZFMzk2Q0M0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMCUGCCsGAQUFBwEHAQH/
BBYwFDASBAIAATAMAwQCZ1ccAwQAZ5oaMA0GCSqGSIb3DQEBCwUAA4IBAQCnUXJo
7PNg3Emr7yk+WgC3O/GKGvHJEb3j7WV5VUPGdmGzgjHq/VI5t9yewZoxHpbxumRL
JP5llE30+Phk0qKtLh0HfUjRSNXSzgkqQMhct80RhOZ7BFc8VNvrXuNWGRDAgvss
HbUXGv1EawmoqlAPertVqIOghLuEzzrsWSUcX/7w7nSIGFWXjf3SsR1hy9JfOdhH
Ubsu5aJU78R1CUHb9utxKY1rbblc9vVOH3vFn3rSMxQqw3tFNsn1zLUou2OKxO56
9G4YjTlXIWXxfuXSfEAblQW3fpeAUpOw87kB4qY5Uf0cRRZBHao63/Aw/ZUnb4qS
Z8KyFU13s2+1j5wO
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:27:56 2025 by rpki-client