Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/52CD5190081B11ED8C0F9244C4F9AE02.roa
File: 52CD5190081B11ED8C0F9244C4F9AE02.roa (raw, json)
Hash identifier: idlh5RT1QvwYAMHXZCENAzvDV281Sloyd+RSZOnCyMY=
Subject key identifier: 8D:81:5C:11:3F:6C:33:0E:34:95:6B:E0:2F:8D:49:55:8B:2E:77:E8
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 98B8
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/52CD5190081B11ED8C0F9244C4F9AE02.roa
Signing time: Tue 17 Sep 2024 08:53:58 +0000
ROA not before: Tue 17 Sep 2024 08:53:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 135760
IP address blocks: 103.75.160.0/24 maxlen: 24
103.75.161.0/24 maxlen: 24
103.75.162.0/24 maxlen: 24
103.75.163.0/24 maxlen: 24
103.144.173.0/24 maxlen: 24
103.176.117.0/24 maxlen: 24
103.189.130.0/23 maxlen: 24
180.94.18.0/23 maxlen: 24
2001:df0:d040::/48 maxlen: 48
2404:9740::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 23 Sep 2024 10:17:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 39096 (0x98b8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Sep 17 08:53:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=66e943a5-5db4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:6b:8f:2e:c5:f3:50:14:6f:3c:01:8b:ae:c4:
5c:e5:a1:69:35:39:d4:b8:9e:41:39:d4:97:e6:7d:
9e:32:e0:f9:b9:94:6d:e7:a0:5b:78:dd:50:a9:f0:
47:62:66:ed:77:13:e1:f3:10:f9:64:e9:fb:da:e9:
c9:f5:a3:3e:3c:4e:2b:42:64:80:b3:8b:6b:a7:aa:
0c:1a:bb:43:8b:2a:13:1e:e0:bc:b9:b3:5e:f8:b4:
2b:46:23:78:f7:7b:71:34:bf:d7:63:d0:0a:9a:7a:
e5:ec:ad:19:db:97:f9:22:09:a8:86:97:97:f9:a8:
69:3e:6f:08:84:6c:fc:10:c5:b8:69:87:72:fe:70:
2e:f6:d5:43:c7:a6:47:9b:bb:df:eb:95:bb:68:54:
68:30:8f:2b:98:d3:d9:48:0a:24:b1:40:c0:87:8f:
27:be:63:c9:c4:a3:54:d3:2f:9a:78:40:3f:d6:2a:
9e:84:ed:05:ca:59:25:60:b4:c0:aa:92:d4:85:67:
e0:c6:04:70:03:d3:a3:18:b1:c7:33:c5:3b:1f:86:
38:6a:7c:d2:32:d8:e7:fb:f4:94:ac:77:62:3e:45:
3d:c3:2c:76:51:24:7b:c6:1f:82:3f:b5:1a:1f:11:
50:30:23:dd:9c:6c:6f:e2:d2:4c:94:4c:68:46:95:
69:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:81:5C:11:3F:6C:33:0E:34:95:6B:E0:2F:8D:49:55:8B:2E:77:E8
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/52CD5190081B11ED8C0F9244C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.75.160.0/22
103.144.173.0/24
103.176.117.0/24
103.189.130.0/23
180.94.18.0/23
IPv6:
2001:df0:d040::/48
2404:9740::/32
Signature Algorithm: sha256WithRSAEncryption
04:86:b1:fe:ba:a1:0d:5a:7e:de:67:d7:f1:13:69:13:cf:14:
ec:46:55:59:42:66:e7:3c:3f:cc:ec:15:dd:c1:6e:25:c2:0b:
16:95:95:4c:a6:b9:72:04:6c:aa:05:77:b7:56:36:8e:47:f8:
0d:b9:d1:e9:e5:6a:63:86:be:76:5a:fa:a4:fe:b4:77:58:d6:
af:39:6f:24:ae:10:98:94:f6:c9:17:7e:3a:87:1d:f6:33:8c:
70:72:89:8d:78:ef:c0:d5:95:be:e5:e3:39:a8:9a:9c:11:f8:
54:89:98:ff:66:b1:2b:a9:58:a1:89:88:8e:7e:80:b8:44:b5:
1e:95:cb:b4:4a:7d:32:33:f6:52:ae:02:8a:e5:9a:c6:8d:0a:
e8:10:62:24:ff:e8:ae:1e:48:89:23:53:6f:99:04:b6:2a:96:
42:5e:cc:f8:f1:4a:8d:6e:8c:86:75:c4:b3:28:8b:bc:14:e6:
ae:fc:4d:de:47:2a:31:d7:f4:97:df:16:00:92:d3:9a:ff:a6:
69:19:71:39:c4:14:d5:3d:dd:55:f1:1c:68:b8:b8:21:e9:51:
2f:de:79:28:e7:dd:d7:77:ab:95:c9:51:c1:b1:fe:4f:80:1c:
76:ab:df:89:16:4a:d1:7b:25:a6:ed:5d:fe:e5:35:de:0b:2a:
26:0b:81:36
-----BEGIN CERTIFICATE-----
MIIFojCCBIqgAwIBAgIDAJi4MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MDkxNzA4NTM1OFoXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjZlOTQzYTUtNWRiNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL5rjy7F81AUbzwBi67EXOWhaTU51LieQTnUl+Z9njLg+bmUbeegW3jdUKnw
R2Jm7XcT4fMQ+WTp+9rpyfWjPjxOK0JkgLOLa6eqDBq7Q4sqEx7gvLmzXvi0K0Yj
ePd7cTS/12PQCpp65eytGduX+SIJqIaXl/moaT5vCIRs/BDFuGmHcv5wLvbVQ8em
R5u73+uVu2hUaDCPK5jT2UgKJLFAwIePJ75jycSjVNMvmnhAP9YqnoTtBcpZJWC0
wKqS1IVn4MYEcAPToxixxzPFOx+GOGp80jLY5/v0lKx3Yj5FPcMsdlEke8Yfgj+1
Gh8RUDAj3Zxsb+LSTJRMaEaVab8CAwEAAaOCAsUwggLBMB0GA1UdDgQWBBSNgVwR
P2wzDjSVa+AvjUlViy536DAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzUyQ0Q1MTkw
MDgxQjExRUQ4QzBGOTI0NEM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sME8GCCsGAQUFBwEHAQH/
BEAwPjAkBAIAATAeAwQCZ0ugAwQAZ5CtAwQAZ7B1AwQBZ72CAwQBtF4SMBYEAgAC
MBADBwAgAQ3w0EADBQAkBJdAMA0GCSqGSIb3DQEBCwUAA4IBAQAEhrH+uqENWn7e
Z9fxE2kTzxTsRlVZQmbnPD/M7BXdwW4lwgsWlZVMprlyBGyqBXe3VjaOR/gNudHp
5Wpjhr52Wvqk/rR3WNavOW8krhCYlPbJF346hx32M4xwcomNeO/A1ZW+5eM5qJqc
EfhUiZj/ZrErqVihiYiOfoC4RLUelcu0Sn0yM/ZSrgKK5ZrGjQroEGIk/+iuHkiJ
I1NvmQS2KpZCXsz48UqNboyGdcSzKIu8FOau/E3eRyox1/SX3xYAktOa/6ZpGXE5
xBTVPd1V8RxouLgh6VEv3nko593Xd6uVyVHBsf5PgBx2q9+JFkrReyWm7V3+5TXe
CyomC4E2
-----END CERTIFICATE-----
Generated at Fri Apr 4 21:58:24 2025 by rpki-client