Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/268A6FAAAFAE11EE83794114C4F9AE02.roa
File: 268A6FAAAFAE11EE83794114C4F9AE02.roa (raw, json)
Hash identifier: Ukv/Q4mFWwMdWCHzs5Llg6NvwvZ+JTo6ZaN3vePYu/E=
Subject key identifier: F8:19:C5:F7:9E:81:12:67:93:25:E2:29:CA:A4:C4:1C:71:4A:7C:58
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 8B94
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/268A6FAAAFAE11EE83794114C4F9AE02.roa
Signing time: Thu 30 May 2024 16:07:47 +0000
ROA not before: Thu 30 May 2024 16:07:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 137163
IP address blocks: 103.81.24.0/23 maxlen: 24
103.81.26.0/23 maxlen: 24
103.189.124.0/23 maxlen: 24
2400:eaa0::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 21 Jun 2024 05:21:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 35732 (0x8b94)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: May 30 16:07:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6658a453-52b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:86:1c:c1:5d:75:c1:2d:f8:12:d6:88:df:41:
27:e9:a6:a6:dd:8d:c2:ff:54:76:63:0d:2f:52:d0:
69:22:26:8b:19:9a:b7:18:84:53:29:9e:e1:81:9d:
ac:46:88:ca:69:73:42:e3:89:5b:08:c7:a8:3b:19:
81:57:69:40:47:b6:b8:ab:a8:54:a5:11:5a:4e:83:
ee:c4:e7:48:90:e9:e1:5f:71:00:30:df:66:c2:05:
fc:f3:db:23:cd:95:f9:e6:69:44:70:a2:a1:5f:6d:
8b:01:f0:be:d4:93:61:b5:a6:a8:1e:33:03:d1:50:
6c:35:bb:04:00:83:d1:c3:6b:89:51:fc:e4:ba:2b:
ce:d0:08:08:6d:1e:d3:10:e8:e5:b8:aa:2e:bd:82:
02:8c:5e:42:04:32:7d:14:f3:cc:c8:c9:bb:9f:d0:
d2:b8:27:b5:1a:0a:7a:a4:d5:56:4e:cc:3c:f3:e1:
20:ae:ab:8c:fe:bb:d2:0c:a1:2f:9b:0d:6b:d6:a1:
5e:18:e7:e9:e4:85:f3:0e:05:4c:a2:a4:81:9a:3f:
2f:c6:19:52:27:07:bd:e8:0f:dc:b9:cb:ea:f1:19:
cf:43:32:eb:1c:f2:b5:49:53:e8:0c:bd:fa:03:a2:
58:b7:0b:d5:11:81:da:f7:9b:12:68:33:22:6a:ef:
83:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:19:C5:F7:9E:81:12:67:93:25:E2:29:CA:A4:C4:1C:71:4A:7C:58
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/268A6FAAAFAE11EE83794114C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.81.24.0/22
103.189.124.0/23
IPv6:
2400:eaa0::/32
Signature Algorithm: sha256WithRSAEncryption
4e:2e:cb:d5:b7:14:ed:28:d8:ef:c5:90:3b:5f:5f:3c:2a:44:
3f:d1:08:77:38:8c:1c:80:01:ca:cf:2d:d3:4a:05:ab:59:01:
76:c0:10:f7:52:91:b1:ab:df:80:81:03:39:a5:cb:2b:55:06:
2c:b1:6c:63:19:4a:84:78:f4:64:3a:b7:53:f3:53:6f:0e:1d:
8f:78:8b:00:9b:bb:88:02:a3:28:4c:1b:31:20:eb:4a:b2:6e:
a1:69:5c:34:3d:dd:4a:ae:b6:77:b9:29:a6:c7:50:b9:13:a6:
65:73:b9:3a:d1:44:3f:1d:c8:86:fb:3a:1e:be:3e:b6:71:13:
7a:a6:79:2a:dd:38:c4:9c:0c:c7:73:68:65:3a:4e:81:ba:b3:
2e:c6:ec:5b:22:7b:f3:71:13:83:89:68:df:36:c3:a2:7e:56:
3c:87:70:fa:e5:83:c5:96:37:b1:3d:b4:0b:99:1d:9d:4b:ff:
7d:6a:01:3b:07:f4:5f:3c:78:a8:3d:61:7e:8b:ed:f9:0e:70:
f6:5a:ef:00:54:29:f1:b0:33:ca:9b:4c:fb:39:26:48:f8:06:
8d:4b:a9:0b:a2:54:d8:5a:d6:ed:8c:95:ee:72:a7:8a:32:74:
19:bd:7f:7a:23:d0:6b:e6:0c:37:91:de:b9:47:e0:cd:1d:1c:
87:f5:59:44
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIDAIuUMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MDUzMDE2MDc0N1oXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjY1OGE0NTMtNTJiMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMOGHMFddcEt+BLWiN9BJ+mmpt2Nwv9UdmMNL1LQaSImixmatxiEUyme4YGd
rEaIymlzQuOJWwjHqDsZgVdpQEe2uKuoVKURWk6D7sTnSJDp4V9xADDfZsIF/PPb
I82V+eZpRHCioV9tiwHwvtSTYbWmqB4zA9FQbDW7BACD0cNriVH85LorztAICG0e
0xDo5biqLr2CAoxeQgQyfRTzzMjJu5/Q0rgntRoKeqTVVk7MPPPhIK6rjP670gyh
L5sNa9ahXhjn6eSF8w4FTKKkgZo/L8YZUicHvegP3LnL6vEZz0My6xzytUlT6Ay9
+gOiWLcL1RGB2vebEmgzImrvg4UCAwEAAaOCAqowggKmMB0GA1UdDgQWBBT4GcX3
noESZ5Ml4inKpMQccUp8WDAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzI2OEE2RkFB
QUZBRTExRUU4Mzc5NDExNEM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMDQGCCsGAQUFBwEHAQH/
BCUwIzASBAIAATAMAwQCZ1EYAwQBZ718MA0EAgACMAcDBQAkAOqgMA0GCSqGSIb3
DQEBCwUAA4IBAQBOLsvVtxTtKNjvxZA7X188KkQ/0Qh3OIwcgAHKzy3TSgWrWQF2
wBD3UpGxq9+AgQM5pcsrVQYssWxjGUqEePRkOrdT81NvDh2PeIsAm7uIAqMoTBsx
IOtKsm6haVw0Pd1KrrZ3uSmmx1C5E6Zlc7k60UQ/HciG+zoevj62cRN6pnkq3TjE
nAzHc2hlOk6BurMuxuxbInvzcRODiWjfNsOiflY8h3D65YPFljexPbQLmR2dS/99
agE7B/RfPHioPWF+i+35DnD2Wu8AVCnxsDPKm0z7OSZI+AaNS6kLolTYWtbtjJXu
cqeKMnQZvX96I9Br5gw3kd65R+DNHRyH9VlE
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:10:52 2025 by rpki-client