Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/34B1D3AA863311EF955EFE6FC4F9AE02.roa
File: 34B1D3AA863311EF955EFE6FC4F9AE02.roa (raw, json)
Hash identifier: DRBipxUYv/YsQUhvG9eCrv+HE5iLsPFFvXLslfCX+ms=
Subject key identifier: 91:C4:3E:95:0F:12:9F:3F:F9:3D:19:B7:BB:B9:FC:56:C8:A2:D0:92
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 9B80
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/34B1D3AA863311EF955EFE6FC4F9AE02.roa
Signing time: Wed 09 Oct 2024 11:39:56 +0000
ROA not before: Wed 09 Oct 2024 11:39:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 136677
IP address blocks: 103.94.104.0/24 maxlen: 24
103.94.106.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 12 Nov 2024 05:25:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 39808 (0x9b80)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Oct 9 11:39:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67066b8b-13b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:f0:fe:95:0d:15:9b:8a:7e:99:83:40:02:ce:
c4:6a:39:6f:1f:b9:38:b3:2f:35:cb:fc:b0:6c:31:
7c:a2:a5:21:dd:4e:73:aa:54:f0:f1:11:99:bd:b6:
e7:11:3f:52:e5:5c:db:f4:8b:38:04:50:97:64:a3:
08:fa:67:8f:bc:12:f7:8f:6b:2b:14:a5:48:1e:d8:
8d:2e:7f:6b:df:16:f7:dc:b2:a9:ae:ef:b7:7e:e4:
81:03:2a:f7:2a:f3:5e:d8:7f:63:62:3b:f5:85:2f:
00:bc:8e:36:23:f9:97:b0:44:cf:68:db:ce:2d:fd:
84:72:08:74:7a:21:bd:32:b9:c9:09:81:12:ec:07:
68:1d:67:2e:19:ad:99:29:13:91:41:82:73:04:95:
b9:1d:f8:e2:e5:29:0e:cf:34:d0:ac:21:82:55:72:
db:73:98:27:2d:4f:da:d0:a3:05:2b:44:4f:4c:4d:
e6:84:0b:cd:93:f8:0a:35:80:7d:d0:fc:8a:fa:7c:
c8:4f:7d:b5:ab:32:c4:93:65:e1:1b:db:df:76:c3:
6f:87:ea:8b:c9:5a:b7:be:69:97:6c:95:2d:40:99:
cc:33:97:a3:bb:4b:53:ad:3e:e0:4e:54:70:92:e0:
b6:83:11:49:ae:f0:18:4b:92:8d:97:34:cf:5f:9f:
05:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:C4:3E:95:0F:12:9F:3F:F9:3D:19:B7:BB:B9:FC:56:C8:A2:D0:92
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/34B1D3AA863311EF955EFE6FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.94.104.0/24
103.94.106.0/23
Signature Algorithm: sha256WithRSAEncryption
86:2c:e8:c8:23:b4:1b:7d:82:04:e7:3d:c3:ea:26:e4:d5:56:
76:a1:c4:65:0c:7a:05:53:45:65:1d:d4:97:f8:f4:fe:ff:56:
be:5f:ea:a5:63:4b:86:88:50:a2:82:d0:6d:a6:c3:75:7c:26:
c2:80:16:52:87:69:a5:55:06:63:18:d9:ed:fd:54:9c:92:fe:
8a:92:86:95:18:2b:29:6c:28:c5:8d:71:2f:43:26:0f:4e:4e:
18:13:86:2c:52:90:27:15:01:af:56:83:6d:5a:47:e0:24:42:
30:e8:55:07:6f:ee:3b:0e:13:e2:4c:de:aa:c3:59:e6:42:1f:
0b:88:35:33:60:83:8d:3b:6b:b6:4e:89:c6:d5:f2:c7:e6:59:
08:fe:22:c8:f9:29:48:09:b9:8b:c6:07:88:2b:63:3d:7d:73:
d4:c8:fb:5a:34:cf:cc:00:b3:1c:db:b5:15:b0:ff:ba:e5:46:
f1:bf:49:74:f1:6e:a5:b1:47:7b:d4:13:dd:e1:f5:a3:a6:19:
55:b1:8d:74:a9:1e:9c:c1:e9:74:2d:c8:dd:c4:67:ab:78:b5:
1e:d6:23:cc:97:64:9e:c9:8b:d9:3e:96:39:2f:80:47:c3:e9:
9b:ca:de:c5:1b:0e:57:8d:df:61:89:47:69:6c:28:8c:ee:02:
da:6e:46:75
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgIDAJuAMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MTAwOTExMzk1NloXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjcwNjZiOGItMTNiODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL7w/pUNFZuKfpmDQALOxGo5bx+5OLMvNcv8sGwxfKKlId1Oc6pU8PERmb22
5xE/UuVc2/SLOARQl2SjCPpnj7wS949rKxSlSB7YjS5/a98W99yyqa7vt37kgQMq
9yrzXth/Y2I79YUvALyONiP5l7BEz2jbzi39hHIIdHohvTK5yQmBEuwHaB1nLhmt
mSkTkUGCcwSVuR344uUpDs800KwhglVy23OYJy1P2tCjBStET0xN5oQLzZP4CjWA
fdD8ivp8yE99tasyxJNl4Rvb33bDb4fqi8lat75pl2yVLUCZzDOXo7tLU60+4E5U
cJLgtoMRSa7wGEuSjZc0z1+fBRkCAwEAAaOCApswggKXMB0GA1UdDgQWBBSRxD6V
DxKfP/k9Gbe7ufxWyKLQkjAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzM0QjFEM0FB
ODYzMzExRUY5NTVFRkU2RkM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMCUGCCsGAQUFBwEHAQH/
BBYwFDASBAIAATAMAwQAZ15oAwQBZ15qMA0GCSqGSIb3DQEBCwUAA4IBAQCGLOjI
I7QbfYIE5z3D6ibk1VZ2ocRlDHoFU0VlHdSX+PT+/1a+X+qlY0uGiFCigtBtpsN1
fCbCgBZSh2mlVQZjGNnt/VSckv6KkoaVGCspbCjFjXEvQyYPTk4YE4YsUpAnFQGv
VoNtWkfgJEIw6FUHb+47DhPiTN6qw1nmQh8LiDUzYIONO2u2TonG1fLH5lkI/iLI
+SlICbmLxgeIK2M9fXPUyPtaNM/MALMc27UVsP+65Ubxv0l08W6lsUd71BPd4fWj
phlVsY10qR6cwel0LcjdxGereLUe1iPMl2SeyYvZPpY5L4BHw+mbyt7FGw5Xjd9h
iUdpbCiM7gLabkZ1
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:22:07 2025 by rpki-client