Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/2BF70360F80311EFA8E54A15C4F9AE02.roa
File: 2BF70360F80311EFA8E54A15C4F9AE02.roa (raw, json)
Hash identifier: HmbwcCFvJurTANkSl3kCeL3oevjclwfMhUCQJ0dAC4o=
Subject key identifier: B2:63:BB:B3:3B:C0:73:35:59:C4:16:D2:FB:4E:97:FA:72:E7:E3:83
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: A906
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/2BF70360F80311EFA8E54A15C4F9AE02.roa
Signing time: Tue 04 Mar 2025 07:58:37 +0000
ROA not before: Tue 04 Mar 2025 07:58:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 55947
IP address blocks: 43.247.156.0/22 maxlen: 24
103.5.132.0/22 maxlen: 24
103.39.126.0/23 maxlen: 24
103.87.92.0/22 maxlen: 24
103.87.128.0/22 maxlen: 24
103.91.180.0/22 maxlen: 24
103.92.100.0/22 maxlen: 24
103.132.16.0/23 maxlen: 24
103.157.238.0/23 maxlen: 24
103.161.74.0/23 maxlen: 24
103.173.170.0/23 maxlen: 24
124.40.244.0/22 maxlen: 24
2400:c2a0::/32 maxlen: 32
2404:1f00::/32 maxlen: 40
Validation: Failed, certificate revoked on Thu 06 Mar 2025 06:01:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 43270 (0xa906)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Mar 4 07:58:37 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67c6b2ad-6d36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:2a:40:52:28:f4:af:3d:41:f1:54:3a:fc:01:
6b:de:ee:5e:b6:34:ec:c3:51:dd:b7:50:09:74:55:
d0:89:b1:fb:8c:fe:83:b5:cf:cf:83:8f:83:c4:04:
ee:1a:92:77:c3:ca:91:4e:cf:ff:03:48:73:3a:97:
7a:24:49:36:75:96:bc:04:4a:ef:dc:b0:26:cd:81:
2a:b2:cc:c6:a8:c5:35:5a:ed:b3:c7:55:78:5d:c9:
02:f7:a7:6a:91:e3:41:a6:be:f6:b1:ed:29:42:dd:
f0:70:74:3f:80:21:3e:c2:d1:72:ed:d0:84:13:1f:
8c:e8:23:2e:22:cb:46:74:21:2e:ed:06:13:5b:97:
81:07:0c:0e:9d:19:a8:89:bc:ee:79:25:32:50:fe:
ab:31:4e:b5:37:61:6c:58:6e:22:fa:78:ed:3f:e4:
17:4c:05:0b:df:cd:36:5e:b3:fe:18:85:2c:71:e3:
aa:29:52:ea:58:96:bd:b9:c3:38:50:ec:c6:18:52:
0c:92:f2:1d:b4:02:37:7c:1b:47:71:f6:67:10:cc:
e1:5c:72:c4:f3:0d:e5:06:3b:63:d6:06:da:fb:68:
52:09:a9:e3:9f:65:9c:2f:30:45:27:ee:da:96:9d:
43:c1:38:d9:02:84:74:3c:f1:e6:85:9a:20:0d:0b:
f9:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:63:BB:B3:3B:C0:73:35:59:C4:16:D2:FB:4E:97:FA:72:E7:E3:83
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/2BF70360F80311EFA8E54A15C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.247.156.0/22
103.5.132.0/22
103.39.126.0/23
103.87.92.0/22
103.87.128.0/22
103.91.180.0/22
103.92.100.0/22
103.132.16.0/23
103.157.238.0/23
103.161.74.0/23
103.173.170.0/23
124.40.244.0/22
IPv6:
2400:c2a0::/32
2404:1f00::/32
Signature Algorithm: sha256WithRSAEncryption
54:79:7e:f0:dc:46:c0:85:88:ba:bd:a3:7a:b8:fb:24:58:2f:
a0:4e:31:4a:a4:b6:18:31:a7:1c:16:8d:46:dc:04:b2:ae:4d:
69:55:f4:e2:de:1d:b9:05:24:b2:e1:fc:46:17:93:66:a2:bb:
ea:94:57:f7:94:af:1b:49:7c:0f:93:58:37:af:9a:40:4f:bf:
e7:f3:79:d9:5c:75:fc:a0:1b:b7:4f:83:95:5d:f2:92:49:7b:
b6:20:8b:49:46:03:a8:37:f3:05:a7:c7:f3:5f:f2:6c:00:6e:
5a:01:bf:2b:f7:9a:0e:e4:35:b9:33:f4:92:80:ee:89:6d:b5:
fc:8b:37:57:52:c4:e4:4c:af:3c:1d:69:31:21:cd:7e:1d:8d:
c0:ab:2d:78:7e:98:18:9c:e3:ae:98:1c:f3:d5:b2:36:22:de:
43:c0:32:a9:4a:74:07:12:db:d0:aa:ea:12:67:f1:da:ee:d5:
a8:86:e6:dd:3d:8a:92:d5:ac:da:f1:5d:b2:f0:11:20:07:12:
ad:33:64:50:ff:24:03:a9:54:e9:ff:59:19:f4:d0:1d:1d:48:
8f:88:82:0e:22:cb:36:8c:cf:5e:33:d7:2c:c7:02:b3:0b:0f:
6d:68:f1:03:d4:2f:7a:9d:30:e5:01:ce:7d:16:74:14:d4:04:
b2:b6:55:d3
-----BEGIN CERTIFICATE-----
MIIFyjCCBLKgAwIBAgIDAKkGMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDMwNDA3NTgzN1oXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjdjNmIyYWQtNmQzNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL0qQFIo9K89QfFUOvwBa97uXrY07MNR3bdQCXRV0Imx+4z+g7XPz4OPg8QE
7hqSd8PKkU7P/wNIczqXeiRJNnWWvARK79ywJs2BKrLMxqjFNVrts8dVeF3JAven
apHjQaa+9rHtKULd8HB0P4AhPsLRcu3QhBMfjOgjLiLLRnQhLu0GE1uXgQcMDp0Z
qIm87nklMlD+qzFOtTdhbFhuIvp47T/kF0wFC9/NNl6z/hiFLHHjqilS6liWvbnD
OFDsxhhSDJLyHbQCN3wbR3H2ZxDM4VxyxPMN5QY7Y9YG2vtoUgmp459lnC8wRSfu
2padQ8E42QKEdDzx5oWaIA0L+QECAwEAAaOCAu0wggLpMB0GA1UdDgQWBBSyY7uz
O8BzNVnEFtL7Tpf6cufjgzAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzJCRjcwMzYw
RjgwMzExRUZBOEU1NEExNUM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMHcGCCsGAQUFBwEHAQH/
BGgwZjBOBAIAATBIAwQCK/ecAwQCZwWEAwQBZyd+AwQCZ1dcAwQCZ1eAAwQCZ1u0
AwQCZ1xkAwQBZ4QQAwQBZ53uAwQBZ6FKAwQBZ62qAwQCfCj0MBQEAgACMA4DBQAk
AMKgAwUAJAQfADANBgkqhkiG9w0BAQsFAAOCAQEAVHl+8NxGwIWIur2jerj7JFgv
oE4xSqS2GDGnHBaNRtwEsq5NaVX04t4duQUksuH8RheTZqK76pRX95SvG0l8D5NY
N6+aQE+/5/N52Vx1/KAbt0+DlV3ykkl7tiCLSUYDqDfzBafH81/ybABuWgG/K/ea
DuQ1uTP0koDuiW21/Is3V1LE5EyvPB1pMSHNfh2NwKsteH6YGJzjrpgc89WyNiLe
Q8AyqUp0BxLb0KrqEmfx2u7VqIbm3T2KktWs2vFdsvARIAcSrTNkUP8kA6lU6f9Z
GfTQHR1Ij4iCDiLLNozPXjPXLMcCswsPbWjxA9Qvep0w5QHOfRZ0FNQEsrZV0w==
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:27:05 2025 by rpki-client