Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/476B98E0E51111EF9E9D5913C4F9AE02.roa
File: 476B98E0E51111EF9E9D5913C4F9AE02.roa (raw, json)
Hash identifier: nCGPGPYVZL2N6/ruXXJe8N5Lnt03m/6dwVogjDXILy0=
Subject key identifier: 36:D2:2B:5C:EC:55:DA:70:62:B2:DD:9C:BA:CF:FE:E7:D7:40:90:5F
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: A51A
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/476B98E0E51111EF9E9D5913C4F9AE02.roa
Signing time: Fri 07 Feb 2025 05:06:25 +0000
ROA not before: Fri 07 Feb 2025 05:06:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 136302
IP address blocks: 103.72.140.0/22 maxlen: 24
103.91.100.0/22 maxlen: 24
103.141.218.0/23 maxlen: 24
103.155.240.0/23 maxlen: 24
103.209.154.0/23 maxlen: 24
2001:df1:d00::/51 maxlen: 51
2001:df1:d00:2000::/51 maxlen: 51
2001:df1:d00:4000::/51 maxlen: 51
2001:df1:d00:6000::/51 maxlen: 51
2001:df1:d00:8000::/51 maxlen: 51
2001:df1:d00:a000::/51 maxlen: 51
2001:df1:d00:c000::/51 maxlen: 51
2001:df1:d00:e000::/51 maxlen: 51
2001:df4:9780::/48 maxlen: 48
2400:a3e0::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 03 Mar 2025 09:47:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 42266 (0xa51a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Feb 7 05:06:25 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67a594d1-7ce4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:36:10:9d:52:5c:c4:de:82:f3:cd:6e:f2:7c:
6d:69:2b:ab:0d:34:00:6a:5d:ac:e8:a7:3b:d8:38:
ca:72:5d:ff:70:e0:1f:16:3f:81:24:6b:a0:a7:49:
bb:4a:51:e5:b4:be:5b:ff:f7:b8:1b:dc:56:2c:b1:
b7:37:4c:c6:47:be:f3:14:2d:6e:10:d7:9e:9c:92:
18:bb:23:4e:bb:46:b6:c3:b9:3f:cf:ca:d8:57:de:
d7:63:c8:65:38:ad:72:a0:aa:9a:c8:88:0f:80:fc:
d2:86:2c:6b:5a:0a:54:ba:5b:88:58:e4:5b:7d:7d:
86:1a:22:8d:23:ef:f3:57:eb:50:f2:c2:c7:e4:ad:
29:22:b1:85:ab:f1:16:c0:14:7a:2c:94:9b:8f:4d:
59:b3:3b:a3:b3:b5:c8:f1:75:e9:0f:87:d4:d3:c0:
05:02:0a:57:55:40:d4:b8:1b:ae:bd:2b:f5:d7:12:
29:a1:d4:1d:51:6c:0b:df:ca:ce:15:f8:22:2c:67:
fa:d2:64:90:d6:16:25:59:64:23:7c:1e:8a:f5:4c:
8e:61:65:2d:26:a3:c2:21:57:dc:e8:29:e2:0a:f1:
d2:03:1d:e5:85:5e:5b:b2:c0:14:8e:4b:fc:09:dc:
e3:15:6a:3b:67:38:19:ec:16:1a:c5:05:7a:0f:89:
b5:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:D2:2B:5C:EC:55:DA:70:62:B2:DD:9C:BA:CF:FE:E7:D7:40:90:5F
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/476B98E0E51111EF9E9D5913C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.72.140.0/22
103.91.100.0/22
103.141.218.0/23
103.155.240.0/23
103.209.154.0/23
IPv6:
2001:df1:d00::/48
2001:df4:9780::/48
2400:a3e0::/32
Signature Algorithm: sha256WithRSAEncryption
b5:1b:81:73:ee:a3:e6:f7:27:71:a2:4f:37:e3:d1:0d:ca:5b:
eb:61:de:61:90:da:f4:3c:61:58:41:ba:0d:0f:25:23:61:b2:
b2:30:35:4e:a8:90:56:96:b1:0f:54:3d:4d:bc:08:fa:09:65:
22:60:54:e6:56:1c:69:c4:f0:a5:11:3e:d3:ab:5c:65:bb:46:
77:68:41:fa:60:97:08:b3:f0:41:52:80:87:59:f7:b8:54:99:
08:b6:ca:99:e9:21:67:ad:3b:fb:f0:be:88:d0:c6:d6:02:26:
98:bb:1b:34:a5:b0:28:b4:3b:dd:3e:20:8b:a7:f9:da:9e:ab:
a9:a8:65:98:c3:1f:97:90:47:8d:0a:5e:12:09:a6:c3:1f:c9:
88:0a:1b:a9:09:7d:01:46:17:4d:f1:60:39:56:e8:1f:48:61:
0f:17:69:c0:02:f0:4d:17:0d:ac:ac:e9:99:32:5d:13:aa:5f:
96:c4:3c:4b:11:b2:04:0d:18:c4:14:a5:63:4b:08:57:51:8e:
ae:af:cd:42:9a:49:77:74:a2:70:d1:f2:ea:33:39:fd:30:75:
73:af:c3:ab:ff:8f:40:73:6c:31:7a:7e:47:87:99:93:43:ff:
31:40:6c:d2:98:91:f7:17:2c:7c:18:dd:3b:5a:2a:94:ce:3a:
98:bc:a8:ca
-----BEGIN CERTIFICATE-----
MIIFqzCCBJOgAwIBAgIDAKUaMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDIwNzA1MDYyNVoXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjdhNTk0ZDEtN2NlNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMo2EJ1SXMTegvPNbvJ8bWkrqw00AGpdrOinO9g4ynJd/3DgHxY/gSRroKdJ
u0pR5bS+W//3uBvcViyxtzdMxke+8xQtbhDXnpySGLsjTrtGtsO5P8/K2Ffe12PI
ZTitcqCqmsiID4D80oYsa1oKVLpbiFjkW319hhoijSPv81frUPLCx+StKSKxhavx
FsAUeiyUm49NWbM7o7O1yPF16Q+H1NPABQIKV1VA1Lgbrr0r9dcSKaHUHVFsC9/K
zhX4Iixn+tJkkNYWJVlkI3weivVMjmFlLSajwiFX3Ogp4grx0gMd5YVeW7LAFI5L
/Anc4xVqO2c4GewWGsUFeg+JtZ0CAwEAAaOCAs4wggLKMB0GA1UdDgQWBBQ20itc
7FXacGKy3Zy6z/7n10CQXzAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzQ3NkI5OEUw
RTUxMTExRUY5RTlENTkxM0M0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMFgGCCsGAQUFBwEHAQH/
BEkwRzAkBAIAATAeAwQCZ0iMAwQCZ1tkAwQBZ43aAwQBZ5vwAwQBZ9GaMB8EAgAC
MBkDBwAgAQ3xDQADBwAgAQ30l4ADBQAkAKPgMA0GCSqGSIb3DQEBCwUAA4IBAQC1
G4Fz7qPm9ydxok8349ENylvrYd5hkNr0PGFYQboNDyUjYbKyMDVOqJBWlrEPVD1N
vAj6CWUiYFTmVhxpxPClET7Tq1xlu0Z3aEH6YJcIs/BBUoCHWfe4VJkItsqZ6SFn
rTv78L6I0MbWAiaYuxs0pbAotDvdPiCLp/nanqupqGWYwx+XkEeNCl4SCabDH8mI
ChupCX0BRhdN8WA5VugfSGEPF2nAAvBNFw2srOmZMl0Tql+WxDxLEbIEDRjEFKVj
SwhXUY6ur81Cmkl3dKJw0fLqMzn9MHVzr8Or/49Ac2wxen5Hh5mTQ/8xQGzSmJH3
Fyx8GN07WiqUzjqYvKjK
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:34:48 2025 by rpki-client