Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/21DA93BAA19111EF8F235C4BC4F9AE02.roa
File: 21DA93BAA19111EF8F235C4BC4F9AE02.roa (raw, json)
Hash identifier: +hHQMWzbjJTHE2N6/L3MTa2pB18rKs5zwBQl9wM43U4=
Subject key identifier: CE:5A:C7:81:F8:68:1C:1F:FF:9B:8D:F5:AF:CD:DF:10:94:F3:7E:8D
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 9DD7
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/21DA93BAA19111EF8F235C4BC4F9AE02.roa
Signing time: Tue 26 Nov 2024 12:09:41 +0000
ROA not before: Tue 26 Nov 2024 12:09:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 135214
IP address blocks: 45.121.108.0/22 maxlen: 24
103.41.28.0/22 maxlen: 24
103.83.184.0/24 maxlen: 24
103.83.185.0/24 maxlen: 24
103.83.186.0/24 maxlen: 24
103.83.187.0/24 maxlen: 24
2001:df7:c80::/48 maxlen: 48
2001:df7:f600::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 12:30:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 40407 (0x9dd7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Nov 26 12:09:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6745ba84-ea09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:59:d2:e2:d3:67:6c:94:56:d1:6b:ae:94:1d:
5d:1d:39:11:79:ff:c0:a2:96:7a:5e:03:24:6d:5a:
f5:26:d1:a6:64:c5:25:7e:38:d8:ed:da:82:8f:0e:
7f:e7:3f:2b:84:58:4b:d5:c6:52:38:a1:d7:63:2c:
27:2e:82:59:45:18:0e:35:3d:d5:e0:0e:ad:0c:b1:
b1:30:61:ef:a3:f7:57:0c:64:c7:c0:7f:bd:d6:3b:
3b:c4:c7:66:1a:4d:d0:60:01:cf:66:7f:4e:09:b7:
80:93:44:1b:28:f2:65:5f:b3:d9:24:2c:07:c5:83:
6a:bf:8d:41:eb:95:54:89:eb:3e:3c:34:4f:d0:61:
47:d5:c9:52:71:3d:40:d6:4d:bb:1d:8f:5b:05:b1:
31:3b:6b:0f:fc:11:f8:0d:25:32:4f:e2:fb:bf:e7:
88:b6:86:d4:a3:8f:50:43:5a:97:08:34:d9:95:36:
da:66:8b:19:9c:df:5c:de:a8:3b:01:0b:31:10:5e:
c3:1c:66:d3:28:c0:40:da:a5:72:51:c4:b2:0d:be:
0c:84:42:b8:ab:8e:a8:3b:86:95:48:36:0f:4e:8c:
23:90:50:41:99:a7:47:8b:7b:21:be:52:95:2c:74:
bd:59:01:b5:4f:1e:a8:2b:fd:09:0f:25:e0:2b:bd:
29:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:5A:C7:81:F8:68:1C:1F:FF:9B:8D:F5:AF:CD:DF:10:94:F3:7E:8D
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/21DA93BAA19111EF8F235C4BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.121.108.0/22
103.41.28.0/22
103.83.184.0/22
IPv6:
2001:df7:c80::/48
2001:df7:f600::/48
Signature Algorithm: sha256WithRSAEncryption
30:7c:00:fc:f3:07:79:98:70:99:84:c9:07:96:d6:d6:7f:c9:
7d:63:56:93:31:f3:bc:ee:66:24:2d:56:55:21:e3:fd:fc:17:
d2:aa:00:13:59:96:58:5f:13:d4:42:6f:a7:45:75:8d:4c:2e:
7f:4a:cb:1e:d1:e3:b2:0f:4c:9e:be:14:a9:6b:bf:03:35:16:
55:7c:be:e8:8d:cd:08:61:e1:8e:3e:00:44:05:7c:3b:84:dd:
55:cc:61:ce:42:9d:e9:3c:57:fb:de:9b:cb:7d:b0:7c:38:27:
3c:2a:72:f8:52:e5:79:3b:16:ef:da:aa:51:2f:11:c3:78:68:
e5:c5:61:e7:1b:84:fc:96:c7:ae:ac:31:34:1e:31:8a:24:ff:
13:46:b7:ab:17:2b:eb:ed:ae:ce:61:25:bd:5e:4b:36:68:5d:
f7:6d:72:ba:ea:18:e8:f5:b6:c1:26:4e:91:5e:99:ff:8c:e8:
cd:49:3e:03:55:4a:8f:c4:06:e9:fc:7a:e8:56:8a:29:43:71:
e7:f2:5d:94:7c:d5:b9:1c:a2:c5:58:30:d6:03:e8:22:e2:61:
a1:6a:5a:a8:a1:72:03:e7:19:ea:58:08:b8:53:b2:f0:df:ae:
72:81:88:93:3f:d1:ba:cd:88:56:fc:4f:11:6c:3d:b9:23:2f:
7b:fd:2e:55
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgIDAJ3XMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MTEyNjEyMDk0MVoXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjc0NWJhODQtZWEwOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALlZ0uLTZ2yUVtFrrpQdXR05EXn/wKKWel4DJG1a9SbRpmTFJX442O3ago8O
f+c/K4RYS9XGUjih12MsJy6CWUUYDjU91eAOrQyxsTBh76P3Vwxkx8B/vdY7O8TH
ZhpN0GABz2Z/Tgm3gJNEGyjyZV+z2SQsB8WDar+NQeuVVInrPjw0T9BhR9XJUnE9
QNZNux2PWwWxMTtrD/wR+A0lMk/i+7/niLaG1KOPUENalwg02ZU22maLGZzfXN6o
OwELMRBewxxm0yjAQNqlclHEsg2+DIRCuKuOqDuGlUg2D06MI5BQQZmnR4t7Ib5S
lSx0vVkBtU8eqCv9CQ8l4Cu9Kb8CAwEAAaOCArswggK3MB0GA1UdDgQWBBTOWseB
+GgcH/+bjfWvzd8QlPN+jTAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzIxREE5M0JB
QTE5MTExRUY4RjIzNUM0QkM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMEUGCCsGAQUFBwEHAQH/
BDYwNDAYBAIAATASAwQCLXlsAwQCZykcAwQCZ1O4MBgEAgACMBIDBwAgAQ33DIAD
BwAgAQ339gAwDQYJKoZIhvcNAQELBQADggEBADB8APzzB3mYcJmEyQeW1tZ/yX1j
VpMx87zuZiQtVlUh4/38F9KqABNZllhfE9RCb6dFdY1MLn9Kyx7R47IPTJ6+FKlr
vwM1FlV8vuiNzQhh4Y4+AEQFfDuE3VXMYc5Cnek8V/vem8t9sHw4JzwqcvhS5Xk7
Fu/aqlEvEcN4aOXFYecbhPyWx66sMTQeMYok/xNGt6sXK+vtrs5hJb1eSzZoXfdt
crrqGOj1tsEmTpFemf+M6M1JPgNVSo/EBun8euhWiilDcefyXZR81bkcosVYMNYD
6CLiYaFqWqihcgPnGepYCLhTsvDfrnKBiJM/0brNiFb8TxFsPbkjL3v9LlU=
-----END CERTIFICATE-----
Generated at Fri Apr 4 21:53:47 2025 by rpki-client