Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/4D01C3B0F78E11ECB13B995BC4F9AE02.roa
File: 4D01C3B0F78E11ECB13B995BC4F9AE02.roa (raw, json)
Hash identifier: sz6K8VMBwaaa4q+KdEmpMFW265jPMTndar7KeNpLYG4=
Subject key identifier: 42:64:EC:9B:1F:1A:F3:DE:5C:47:D4:BD:A2:20:77:3D:13:BC:09:7E
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 8CD8
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/4D01C3B0F78E11ECB13B995BC4F9AE02.roa
Signing time: Thu 30 May 2024 16:13:06 +0000
ROA not before: Thu 30 May 2024 16:13:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 140166
IP address blocks: 103.190.54.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 27 Jan 2025 11:14:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 36056 (0x8cd8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: May 30 16:13:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6658a592-76ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:80:3d:21:5e:15:dd:b9:86:71:10:d6:58:0a:
32:5d:4c:df:11:11:79:9c:e4:25:73:73:e4:3e:81:
37:8c:ec:63:34:b8:5a:56:23:41:a2:79:4e:e0:4c:
8b:d4:09:29:10:89:fc:d9:bd:9d:0e:7a:14:fa:cd:
54:d6:a1:e7:31:d7:e4:65:d0:ad:0d:75:38:1b:1f:
3c:94:72:2b:d5:6f:af:1c:ec:8b:29:51:0d:97:e7:
8d:d6:16:3a:b9:b1:50:db:d1:3b:60:21:82:34:27:
e1:82:47:cd:d9:a9:c6:64:a4:35:fc:4d:26:c0:c2:
0a:1d:f4:a6:16:b7:b3:a0:0a:d7:8f:01:0a:5c:31:
ae:f1:b2:3c:79:c0:60:cd:77:f4:09:32:96:bf:a2:
fd:b4:d2:5f:73:2d:43:f6:aa:53:da:61:f6:94:59:
5e:c6:80:d1:f1:12:32:6c:1a:69:b4:a5:7f:f7:4e:
7d:27:89:e3:11:87:aa:e8:fb:e5:4d:84:cc:60:ba:
7d:80:a5:ed:66:2f:3b:b3:b9:06:29:72:b1:ae:ab:
eb:64:9a:4a:38:03:eb:06:67:9c:3e:6d:ca:4a:62:
85:0b:da:0c:d0:af:1c:a2:dd:cf:4b:33:3c:8f:57:
1f:23:30:6f:c5:9a:ec:8e:3c:9a:cf:c5:46:ed:2c:
67:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:64:EC:9B:1F:1A:F3:DE:5C:47:D4:BD:A2:20:77:3D:13:BC:09:7E
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/4D01C3B0F78E11ECB13B995BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.190.54.0/23
Signature Algorithm: sha256WithRSAEncryption
4f:94:1e:7c:51:61:17:eb:12:eb:f5:a2:54:59:ed:ba:9c:6a:
95:60:ec:1c:da:7f:b9:c2:15:74:8e:76:80:f5:08:61:6a:86:
99:d1:cf:cc:f8:1f:df:e7:d5:7b:5e:30:8d:07:6e:66:ec:b0:
36:e0:61:a0:b5:4e:fe:43:b2:f3:0d:06:c6:4a:98:c9:b7:bd:
b9:f7:c2:c7:cf:76:da:26:41:08:54:09:92:c7:82:1a:0f:7f:
35:de:88:d7:ce:ed:95:64:28:a6:d6:65:47:a2:7e:78:4c:f3:
00:53:39:c3:6a:29:74:5a:cf:a4:47:84:2b:75:f4:b4:82:bb:
7f:ef:78:5f:c2:69:e9:1c:be:46:0b:89:a3:d6:2b:30:ed:bf:
3b:89:2a:77:12:f1:ae:b7:4d:f1:96:28:36:35:c7:c5:30:6f:
81:a4:d0:40:e4:db:d9:fe:2a:86:98:e8:21:09:7a:53:2f:3b:
ba:a7:4d:78:5d:5c:83:71:ef:96:6f:aa:1c:eb:e1:7d:08:9f:
5b:59:8c:f3:7e:bd:6a:11:45:4b:41:a2:83:23:41:b9:3e:a1:
28:c6:92:5f:df:6c:3a:81:cb:89:24:07:b1:bf:9a:d3:b5:fb:
5f:d9:36:d4:9a:3b:09:52:d5:6a:03:c4:2f:e6:95:84:1f:cc:
bd:83:e0:04
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgIDAIzYMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MDUzMDE2MTMwNloXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjY1OGE1OTItNzZlYzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMmAPSFeFd25hnEQ1lgKMl1M3xEReZzkJXNz5D6BN4zsYzS4WlYjQaJ5TuBM
i9QJKRCJ/Nm9nQ56FPrNVNah5zHX5GXQrQ11OBsfPJRyK9VvrxzsiylRDZfnjdYW
OrmxUNvRO2AhgjQn4YJHzdmpxmSkNfxNJsDCCh30pha3s6AK148BClwxrvGyPHnA
YM139Akylr+i/bTSX3MtQ/aqU9ph9pRZXsaA0fESMmwaabSlf/dOfSeJ4xGHquj7
5U2EzGC6fYCl7WYvO7O5Bilysa6r62SaSjgD6wZnnD5tykpihQvaDNCvHKLdz0sz
PI9XHyMwb8Wa7I48ms/FRu0sZ8kCAwEAAaOCApUwggKRMB0GA1UdDgQWBBRCZOyb
Hxrz3lxH1L2iIHc9E7wJfjAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzREMDFDM0Iw
Rjc4RTExRUNCMTNCOTk1QkM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMB8GCCsGAQUFBwEHAQH/
BBAwDjAMBAIAATAGAwQBZ742MA0GCSqGSIb3DQEBCwUAA4IBAQBPlB58UWEX6xLr
9aJUWe26nGqVYOwc2n+5whV0jnaA9QhhaoaZ0c/M+B/f59V7XjCNB25m7LA24GGg
tU7+Q7LzDQbGSpjJt72598LHz3baJkEIVAmSx4IaD3813ojXzu2VZCim1mVHon54
TPMAUznDail0Ws+kR4QrdfS0grt/73hfwmnpHL5GC4mj1isw7b87iSp3EvGut03x
lig2NcfFMG+BpNBA5NvZ/iqGmOghCXpTLzu6p014XVyDce+Wb6oc6+F9CJ9bWYzz
fr1qEUVLQaKDI0G5PqEoxpJf32w6gcuJJAexv5rTtftf2TbUmjsJUtVqA8Qv5pWE
H8y9g+AE
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:32:54 2025 by rpki-client