Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/54167E4C02DB11EBB4DBB51CC4F9AE02.roa
File: 54167E4C02DB11EBB4DBB51CC4F9AE02.roa (raw, json)
Hash identifier: Ug/zVVELpEO6+xbZO/mzf6zdFZb+gGDZQ9bYTp1kZOU=
Subject key identifier: E3:5B:6A:8F:2D:15:06:67:B7:FC:20:69:24:BD:42:BE:5E:1E:85:6A
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 884D
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/54167E4C02DB11EBB4DBB51CC4F9AE02.roa
Signing time: Thu 30 May 2024 15:53:55 +0000
ROA not before: Thu 30 May 2024 15:53:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 131459
IP address blocks: 43.250.40.0/22 maxlen: 24
103.5.112.0/22 maxlen: 24
103.242.136.0/22 maxlen: 24
2402:900::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 08 Jul 2024 06:43:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 34893 (0x884d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: May 30 15:53:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6658a113-f73e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:5c:66:72:00:b7:69:88:a5:3b:46:b6:24:4a:
05:62:37:e0:f4:58:1f:2b:47:18:8a:db:4b:e9:ba:
f4:00:49:4c:22:eb:49:83:34:76:e9:75:23:ea:3c:
02:81:10:c4:73:3c:7a:c4:c1:68:26:9d:51:40:81:
96:1a:14:95:4b:c1:f0:7c:a9:11:88:d0:5f:0b:fb:
ae:b6:1e:3f:b7:8c:7f:d3:61:64:08:6a:c6:75:3a:
eb:3d:55:5c:a0:68:4f:78:46:6d:fb:55:17:d2:84:
26:20:f5:f0:af:02:02:d0:c9:ea:d4:b7:ef:91:2e:
85:4f:2e:58:a7:5a:4c:2d:d8:94:5b:86:29:bf:2d:
be:72:af:f5:be:73:0f:29:8c:26:30:af:54:73:a5:
3b:11:14:df:26:39:78:22:04:5c:0d:cd:ff:7f:3d:
14:f0:41:7a:73:b2:47:7e:7f:5b:28:c2:9f:15:02:
b4:a4:62:f1:0a:9d:da:90:97:36:a3:c2:91:27:47:
bd:a0:ce:3d:20:09:21:46:4f:37:b7:2e:0d:9b:07:
2e:db:b1:ac:11:29:55:a9:44:a3:21:f3:9c:75:3e:
bf:a0:52:a2:14:47:b2:82:9a:86:57:28:76:24:a3:
4b:ad:05:c5:46:df:06:b8:d0:24:1e:22:aa:c6:7e:
38:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:5B:6A:8F:2D:15:06:67:B7:FC:20:69:24:BD:42:BE:5E:1E:85:6A
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/54167E4C02DB11EBB4DBB51CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.250.40.0/22
103.5.112.0/22
103.242.136.0/22
IPv6:
2402:900::/32
Signature Algorithm: sha256WithRSAEncryption
5e:f5:e4:e9:06:b6:54:6f:c3:44:41:ce:f7:12:03:2d:f6:f3:
80:bc:00:e5:de:af:d9:68:1c:98:08:97:0e:22:a5:4a:c5:11:
a7:25:65:43:f9:ad:27:d0:91:f6:b5:54:81:31:ac:5b:16:d1:
b7:77:72:61:ff:37:9f:49:f5:c4:56:3e:e1:35:94:a3:cb:40:
f3:11:41:4b:f4:df:22:79:b7:ec:78:4c:d8:0e:cb:09:4c:2a:
ad:22:39:bd:58:37:11:93:58:f1:39:d9:a3:8e:c9:21:4e:c3:
68:e2:1a:f0:40:47:41:28:9e:23:32:07:4e:85:07:9d:60:41:
78:3a:26:ad:78:d3:25:77:dc:e4:d5:23:cf:80:53:0d:b4:69:
7d:39:3b:8e:18:96:25:46:67:b5:8d:65:08:9a:d8:20:9e:02:
13:d1:82:89:d8:81:9a:d5:42:16:07:c5:bf:7e:df:61:d7:66:
5f:98:3c:2b:e8:dc:b2:14:a5:c5:f7:9a:93:7f:5c:b3:3f:83:
36:85:d4:10:53:16:e9:69:81:ee:60:af:0e:1d:42:4d:61:0c:
8b:84:c2:5a:c5:13:24:71:a5:dd:71:1c:9a:d9:28:cc:b0:b0:
b1:31:a5:94:46:6e:20:0a:62:43:61:9e:ce:71:ae:ec:66:09:
e9:df:86:19
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgIDAIhNMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MDUzMDE1NTM1NVoXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjY1OGExMTMtZjczZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALBcZnIAt2mIpTtGtiRKBWI34PRYHytHGIrbS+m69ABJTCLrSYM0dul1I+o8
AoEQxHM8esTBaCadUUCBlhoUlUvB8HypEYjQXwv7rrYeP7eMf9NhZAhqxnU66z1V
XKBoT3hGbftVF9KEJiD18K8CAtDJ6tS375EuhU8uWKdaTC3YlFuGKb8tvnKv9b5z
DymMJjCvVHOlOxEU3yY5eCIEXA3N/389FPBBenOyR35/WyjCnxUCtKRi8Qqd2pCX
NqPCkSdHvaDOPSAJIUZPN7cuDZsHLtuxrBEpValEoyHznHU+v6BSohRHsoKahlco
diSjS60FxUbfBrjQJB4iqsZ+OA0CAwEAAaOCArAwggKsMB0GA1UdDgQWBBTjW2qP
LRUGZ7f8IGkkvUK+Xh6FajAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzU0MTY3RTRD
MDJEQjExRUJCNERCQjUxQ0M0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMDoGCCsGAQUFBwEHAQH/
BCswKTAYBAIAATASAwQCK/ooAwQCZwVwAwQCZ/KIMA0EAgACMAcDBQAkAgkAMA0G
CSqGSIb3DQEBCwUAA4IBAQBe9eTpBrZUb8NEQc73EgMt9vOAvADl3q/ZaByYCJcO
IqVKxRGnJWVD+a0n0JH2tVSBMaxbFtG3d3Jh/zefSfXEVj7hNZSjy0DzEUFL9N8i
ebfseEzYDssJTCqtIjm9WDcRk1jxOdmjjskhTsNo4hrwQEdBKJ4jMgdOhQedYEF4
OiateNMld9zk1SPPgFMNtGl9OTuOGJYlRme1jWUImtggngIT0YKJ2IGa1UIWB8W/
ft9h12ZfmDwr6NyyFKXF95qTf1yzP4M2hdQQUxbpaYHuYK8OHUJNYQyLhMJaxRMk
caXdcRya2SjMsLCxMaWURm4gCmJDYZ7Oca7sZgnp34YZ
-----END CERTIFICATE-----
Generated at Fri Apr 11 01:51:21 2025 by rpki-client