Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/45FB2064F4D611EF8F3CFC6DC4F9AE02.roa
File: 45FB2064F4D611EF8F3CFC6DC4F9AE02.roa (raw, json)
Hash identifier: eZjdXPlGtd8hu3hE97cTpwfOMGP7xrGY3Y3XYQoP1q8=
Subject key identifier: E7:50:5F:D0:FD:7F:64:4C:B7:9F:25:7C:47:B8:8E:14:DA:BB:BD:A0
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: A7E5
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/45FB2064F4D611EF8F3CFC6DC4F9AE02.roa
Signing time: Thu 27 Feb 2025 06:44:21 +0000
ROA not before: Thu 27 Feb 2025 06:44:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 140133
IP address blocks: 103.84.107.0/24 maxlen: 24
103.154.2.0/23 maxlen: 24
103.170.90.0/23 maxlen: 24
2001:df0:b340::/48 maxlen: 48
2001:df3:9240::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 07 Mar 2025 07:22:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 42981 (0xa7e5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Feb 27 06:44:21 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67c009c4-e65a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:f5:1c:95:2d:3b:1e:6b:c0:60:37:bf:d2:25:
cd:ed:1e:4f:7a:14:40:86:fc:31:42:24:ed:dd:c7:
6d:8f:7b:94:c5:3d:2d:92:49:a6:ac:0d:af:24:06:
45:b0:b8:ac:b6:fc:86:7e:83:f8:1f:64:a4:df:f5:
44:e6:b5:51:ab:84:8d:88:19:c9:80:8a:6d:dd:52:
f5:8e:34:db:a7:e5:ef:c6:93:08:7a:cc:7a:a9:9a:
6c:36:41:f4:18:6a:0b:a9:10:34:85:8e:e9:7f:d2:
63:1a:8c:8d:8f:66:d8:79:ba:9e:0b:32:26:82:0f:
aa:c8:56:c4:eb:df:e9:71:37:9d:fa:b0:bf:80:d2:
1e:ec:db:2e:5d:0d:4a:11:7e:7b:3c:9d:f8:bd:25:
0c:22:ff:44:a1:0b:69:97:25:8c:b0:64:c9:6b:ff:
0d:c7:39:e0:bf:4c:e5:54:0b:23:9d:8e:31:51:60:
6e:b9:be:70:2e:a4:f1:cd:f4:0a:2b:5e:ab:46:a4:
a6:08:df:f1:f5:bf:c5:f6:d8:bd:27:8b:b9:1c:d7:
47:e6:c0:a6:28:08:75:1f:f5:e1:db:0b:31:c9:fd:
2a:04:41:4b:13:f3:f2:3d:26:b5:09:4f:98:45:48:
08:48:b9:d8:72:28:ed:b6:3a:58:59:7a:2c:c6:da:
21:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:50:5F:D0:FD:7F:64:4C:B7:9F:25:7C:47:B8:8E:14:DA:BB:BD:A0
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/45FB2064F4D611EF8F3CFC6DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.84.107.0/24
103.154.2.0/23
103.170.90.0/23
IPv6:
2001:df0:b340::/48
2001:df3:9240::/48
Signature Algorithm: sha256WithRSAEncryption
07:d1:df:0d:b4:c1:6f:c8:54:6b:31:c2:5c:c6:47:56:21:5d:
bf:a2:6e:97:37:3d:94:de:91:ac:29:70:b5:60:92:7c:77:73:
a9:ac:3b:86:c2:7d:06:0b:b1:80:c4:c2:1a:b5:0f:32:e4:ca:
2f:82:ad:a5:e0:83:96:15:2e:33:03:41:66:66:56:db:d8:ce:
f6:de:4c:6a:34:c0:88:47:fa:1e:2b:70:e3:fc:1b:54:43:18:
5c:9e:1b:a2:c8:83:d8:9e:70:7b:67:81:83:d2:81:d1:41:f0:
1d:5e:7c:99:a5:83:6d:3a:55:a0:57:9e:01:94:86:32:00:6e:
d2:3d:36:fe:b7:b3:6b:4d:1c:04:d3:61:4d:cd:7f:ef:89:8f:
c6:2a:83:c9:ca:5b:f2:c6:be:0b:af:51:9c:8b:31:eb:1e:18:
0c:5d:bd:56:99:64:cf:1f:6a:ac:1a:12:d2:be:c8:cd:dd:13:
49:9a:c7:23:34:06:b1:4e:dd:5d:16:54:77:b1:d1:0e:27:59:
1c:b2:8e:86:8d:ff:c4:d3:43:4e:a5:97:a1:35:c8:1c:d5:e1:
60:60:67:61:db:d9:7b:12:0d:82:8e:71:42:c5:65:1f:f7:f2:
4e:26:89:c2:84:f0:13:21:2f:25:7a:2c:f7:7e:24:3f:31:ae:
bf:c6:1e:0a
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgIDAKflMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDIyNzA2NDQyMVoXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjdjMDA5YzQtZTY1YTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAND1HJUtOx5rwGA3v9Ilze0eT3oUQIb8MUIk7d3HbY97lMU9LZJJpqwNryQG
RbC4rLb8hn6D+B9kpN/1ROa1UauEjYgZyYCKbd1S9Y4026fl78aTCHrMeqmabDZB
9BhqC6kQNIWO6X/SYxqMjY9m2Hm6ngsyJoIPqshWxOvf6XE3nfqwv4DSHuzbLl0N
ShF+ezyd+L0lDCL/RKELaZcljLBkyWv/Dcc54L9M5VQLI52OMVFgbrm+cC6k8c30
Citeq0akpgjf8fW/xfbYvSeLuRzXR+bApigIdR/14dsLMcn9KgRBSxPz8j0mtQlP
mEVICEi52HIo7bY6WFl6LMbaIdsCAwEAAaOCArswggK3MB0GA1UdDgQWBBTnUF/Q
/X9kTLefJXxHuI4U2ru9oDAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzQ1RkIyMDY0
RjRENjExRUY4RjNDRkM2REM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMEUGCCsGAQUFBwEHAQH/
BDYwNDAYBAIAATASAwQAZ1RrAwQBZ5oCAwQBZ6paMBgEAgACMBIDBwAgAQ3ws0AD
BwAgAQ3zkkAwDQYJKoZIhvcNAQELBQADggEBAAfR3w20wW/IVGsxwlzGR1YhXb+i
bpc3PZTekawpcLVgknx3c6msO4bCfQYLsYDEwhq1DzLkyi+CraXgg5YVLjMDQWZm
VtvYzvbeTGo0wIhH+h4rcOP8G1RDGFyeG6LIg9iecHtngYPSgdFB8B1efJmlg206
VaBXngGUhjIAbtI9Nv63s2tNHATTYU3Nf++Jj8Yqg8nKW/LGvguvUZyLMeseGAxd
vVaZZM8faqwaEtK+yM3dE0maxyM0BrFO3V0WVHex0Q4nWRyyjoaN/8TTQ06ll6E1
yBzV4WBgZ2Hb2XsSDYKOcULFZR/38k4micKE8BMhLyV6LPd+JD8xrr/GHgo=
-----END CERTIFICATE-----
Generated at Fri Apr 4 21:53:58 2025 by rpki-client