Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/38B186C25C3B11ED9B4FAB0BC4F9AE02.roa
File: 38B186C25C3B11ED9B4FAB0BC4F9AE02.roa (raw, json)
Hash identifier: JxeTEXsXtGrPTqHEiI+0+0sJAxkSJuWjIpJtNFSkidI=
Subject key identifier: 16:41:52:4E:A7:D5:4F:1D:E7:35:28:80:9E:EB:05:41:23:4D:3A:0D
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 8F58
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/38B186C25C3B11ED9B4FAB0BC4F9AE02.roa
Signing time: Thu 30 May 2024 16:23:26 +0000
ROA not before: Thu 30 May 2024 16:23:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 149620
IP address blocks: 43.229.200.0/22 maxlen: 24
45.125.68.0/22 maxlen: 24
103.41.40.0/22 maxlen: 24
103.43.37.0/24 maxlen: 24
103.44.141.0/24 maxlen: 24
103.44.142.0/24 maxlen: 24
103.44.143.0/24 maxlen: 24
103.72.156.0/22 maxlen: 24
103.190.24.0/23 maxlen: 24
Validation: Failed, certificate revoked on Thu 05 Dec 2024 08:39:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 36696 (0x8f58)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: May 30 16:23:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6658a7fd-bc1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:1c:72:d0:11:d1:0b:be:5f:da:39:6f:b4:32:
e0:af:59:27:e4:85:19:34:e2:26:ac:b1:9d:ad:59:
3b:c9:e4:13:b0:43:34:50:26:23:88:b1:2f:30:46:
d7:9f:e4:62:6b:46:1f:41:4b:f4:e1:f7:8b:0c:c0:
9e:18:aa:93:46:55:0e:30:85:fe:f0:8b:26:b3:a0:
d0:8a:6c:83:14:48:cb:3a:a9:61:4d:1d:95:30:78:
ad:cd:9b:4d:c6:6e:de:00:73:c1:9d:49:16:8b:09:
da:80:18:e4:50:c2:e0:1a:2c:50:8d:93:db:6e:93:
49:00:30:55:22:05:0f:af:b7:23:8b:c2:8f:0c:df:
7f:04:3f:c7:4c:bc:32:d5:8c:09:68:be:49:38:97:
60:9a:74:94:88:c2:99:f2:56:1a:ff:cf:5d:79:57:
eb:8d:de:8e:b5:97:8b:1a:c3:54:29:ff:d5:fe:32:
bd:51:e5:02:22:fe:4b:06:f0:56:6e:4a:8a:1f:8e:
17:03:f3:52:d3:94:4c:db:a5:df:d5:62:e3:6f:be:
4e:67:7f:28:18:30:db:82:18:d3:cb:0b:13:be:49:
09:ca:4b:e3:71:45:63:5a:8b:28:1c:a7:67:fa:8b:
b1:e3:22:a5:3f:73:21:80:30:1b:58:cc:af:ef:c5:
e3:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:41:52:4E:A7:D5:4F:1D:E7:35:28:80:9E:EB:05:41:23:4D:3A:0D
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/38B186C25C3B11ED9B4FAB0BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.229.200.0/22
45.125.68.0/22
103.41.40.0/22
103.43.37.0/24
103.44.141.0-103.44.143.255
103.72.156.0/22
103.190.24.0/23
Signature Algorithm: sha256WithRSAEncryption
04:c6:b5:9c:41:49:33:28:af:ef:27:0d:5c:9b:9c:aa:1d:5f:
e4:17:18:87:05:9b:a1:d4:da:41:1e:27:b4:e0:23:42:52:08:
c8:e9:ea:de:6c:84:79:ec:45:8f:b8:a5:17:85:51:90:73:88:
a5:69:3a:09:37:13:d1:d8:76:c0:92:54:f2:de:33:f6:c3:fd:
06:7f:da:17:2a:1a:81:d9:f6:e2:5a:da:02:7b:d9:8b:bb:c9:
0d:f3:8d:e5:3c:5d:a4:6e:28:80:a9:65:37:f2:16:0c:44:c6:
b8:74:f2:3e:02:8a:ea:26:d8:af:7d:86:f1:2e:28:9e:cd:bb:
8d:49:71:74:66:69:23:17:9f:e0:42:71:1c:1a:96:40:16:a2:
60:c3:4a:d2:30:e5:05:8e:0c:6e:8a:44:b5:49:61:04:1d:fd:
51:77:c8:f7:0e:4f:06:5a:7d:26:b5:e6:35:1d:21:29:6f:80:
a9:64:15:87:1c:d5:4b:83:2a:b6:f8:80:99:99:fd:84:2d:6c:
e7:a1:21:12:1d:2a:61:4f:4b:de:28:25:6b:60:34:44:4c:e6:
42:30:e4:ef:c9:91:cf:67:ff:6a:92:aa:8a:ea:6a:a5:e0:8f:
a6:17:ec:b3:b2:d2:2f:d8:ae:9c:18:17:af:5b:1e:f4:fd:3d:
31:75:26:21
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIDAI9YMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MDUzMDE2MjMyNloXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjY1OGE3ZmQtYmMxYTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANgcctAR0Qu+X9o5b7Qy4K9ZJ+SFGTTiJqyxna1ZO8nkE7BDNFAmI4ixLzBG
15/kYmtGH0FL9OH3iwzAnhiqk0ZVDjCF/vCLJrOg0IpsgxRIyzqpYU0dlTB4rc2b
TcZu3gBzwZ1JFosJ2oAY5FDC4BosUI2T226TSQAwVSIFD6+3I4vCjwzffwQ/x0y8
MtWMCWi+STiXYJp0lIjCmfJWGv/PXXlX643ejrWXixrDVCn/1f4yvVHlAiL+Swbw
Vm5Kih+OFwPzUtOUTNul39Vi42++Tmd/KBgw24IY08sLE75JCcpL43FFY1qLKByn
Z/qLseMipT9zIYAwG1jMr+/F40cCAwEAAaOCAsEwggK9MB0GA1UdDgQWBBQWQVJO
p9VPHec1KICe6wVBI006DTAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzM4QjE4NkMy
NUMzQjExRUQ5QjRGQUIwQkM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMEsGCCsGAQUFBwEHAQH/
BDwwOjA4BAIAATAyAwQCK+XIAwQCLX1EAwQCZykoAwQAZyslMAwDBABnLI0DBARn
LIADBAJnSJwDBAFnvhgwDQYJKoZIhvcNAQELBQADggEBAATGtZxBSTMor+8nDVyb
nKodX+QXGIcFm6HU2kEeJ7TgI0JSCMjp6t5shHnsRY+4pReFUZBziKVpOgk3E9HY
dsCSVPLeM/bD/QZ/2hcqGoHZ9uJa2gJ72Yu7yQ3zjeU8XaRuKICpZTfyFgxExrh0
8j4Ciuom2K99hvEuKJ7Nu41JcXRmaSMXn+BCcRwalkAWomDDStIw5QWODG6KRLVJ
YQQd/VF3yPcOTwZafSa15jUdISlvgKlkFYcc1UuDKrb4gJmZ/YQtbOehIRIdKmFP
S94oJWtgNERM5kIw5O/Jkc9n/2qSqorqaqXgj6YX7LOy0i/YrpwYF69bHvT9PTF1
JiE=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:14:51 2025 by rpki-client