Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/548D8548008711EFA8894881C4F9AE02.roa
File: 548D8548008711EFA8894881C4F9AE02.roa (raw, json)
Hash identifier: fT4tlxb7ebppzJFo7IpYpG3YMXjtVFF8t2i1hUwMr+4=
Subject key identifier: 0E:37:56:98:68:18:20:70:7C:5B:25:38:27:CC:E0:3E:48:82:37:35
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 9E8E
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/548D8548008711EFA8894881C4F9AE02.roa
Signing time: Tue 03 Dec 2024 12:33:23 +0000
ROA not before: Tue 03 Dec 2024 12:33:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 150600
IP address blocks: 103.108.44.0/24 maxlen: 24
103.108.45.0/24 maxlen: 24
2001:df2:16c0::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 27 Dec 2024 07:39:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 40590 (0x9e8e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Dec 3 12:33:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=674efa92-27ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:06:84:1f:f9:08:0e:ee:7d:52:42:1a:75:43:
ba:f1:25:60:85:b4:65:82:35:19:0f:ac:69:e8:2a:
31:71:82:85:be:a3:c6:30:2b:1e:03:d5:ce:50:0e:
c7:9c:34:23:06:e9:0a:cf:f5:82:4d:0d:a2:9a:4f:
2a:10:c2:d2:0e:19:f5:40:0d:bb:e3:32:6c:64:3a:
1e:44:60:78:51:6c:ab:ab:6f:49:78:14:c3:b1:e2:
ca:2c:2b:5b:99:d4:8d:24:32:f6:a5:aa:9b:f7:99:
86:97:4a:6f:eb:96:e7:21:cc:43:80:e7:b3:87:3d:
cc:9b:28:05:d4:4c:0c:9d:bb:8a:cf:f9:3b:31:c6:
e5:a7:a9:f1:1a:61:71:94:81:30:41:a3:ca:36:77:
2a:ea:aa:4d:81:3e:01:1d:4b:e5:a1:14:46:df:30:
a7:2b:ec:d2:60:52:2b:13:ef:6f:d5:e7:df:d2:1e:
12:b1:a3:cf:7e:2b:30:71:02:3a:4b:a6:7e:e8:3c:
ae:22:8e:c4:00:7d:a2:6a:31:ea:53:36:11:fe:10:
57:f4:b9:66:2e:c8:8d:71:0e:f3:fc:5e:21:1f:c5:
ec:ad:fa:b2:a9:34:73:b4:d5:c8:4f:a6:e9:6d:1c:
b3:a9:1a:91:77:66:7b:ce:73:c1:ff:4c:21:c2:75:
ba:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:37:56:98:68:18:20:70:7C:5B:25:38:27:CC:E0:3E:48:82:37:35
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/548D8548008711EFA8894881C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.108.44.0/23
IPv6:
2001:df2:16c0::/48
Signature Algorithm: sha256WithRSAEncryption
1e:90:00:59:06:b2:26:6f:01:d6:34:43:ed:fb:7e:95:27:46:
c2:ad:ea:cf:af:dd:5e:bd:e2:43:e9:c5:f5:e7:af:44:8e:b2:
3b:3c:bd:a8:61:26:de:1e:e4:88:f2:57:ab:a4:19:49:f2:64:
b3:11:44:e4:2a:57:09:fe:13:16:c4:14:50:61:b5:fb:cb:25:
91:5f:ee:87:e6:fd:13:0e:68:46:fc:94:00:a4:3e:e7:f9:95:
f7:70:c8:72:a6:11:78:05:f5:af:18:93:ed:98:19:29:b9:8c:
95:d4:c3:43:0d:8e:28:4b:83:c4:a6:b4:ff:e1:9b:60:fd:bc:
c4:d4:d3:cd:84:85:d9:c1:1f:e1:9f:f9:78:34:a1:87:1c:7d:
77:97:a7:f9:23:97:f7:6a:5e:4b:84:92:84:c3:8f:03:45:5d:
ab:98:47:80:61:17:c4:06:e9:aa:e9:d4:45:bb:20:32:d5:cb:
26:4e:e0:31:97:81:19:98:0d:ae:da:5c:f8:4d:ac:9f:96:55:
4e:77:ae:3d:ec:29:b3:7f:63:e3:dd:0e:ed:08:b2:4a:27:04:
db:ec:be:45:c5:17:1c:e1:e0:92:0d:65:91:78:45:d9:e3:6b:
b7:02:ad:9a:22:0e:9c:4a:bf:9a:71:7d:7b:85:b4:86:e8:03:
28:2a:93:34
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgIDAJ6OMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MTIwMzEyMzMyM1oXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjc0ZWZhOTItMjdhZDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMUGhB/5CA7ufVJCGnVDuvElYIW0ZYI1GQ+saegqMXGChb6jxjArHgPVzlAO
x5w0IwbpCs/1gk0NoppPKhDC0g4Z9UANu+MybGQ6HkRgeFFsq6tvSXgUw7Hiyiwr
W5nUjSQy9qWqm/eZhpdKb+uW5yHMQ4Dns4c9zJsoBdRMDJ27is/5OzHG5aep8Rph
cZSBMEGjyjZ3KuqqTYE+AR1L5aEURt8wpyvs0mBSKxPvb9Xn39IeErGjz34rMHEC
Okumfug8riKOxAB9omox6lM2Ef4QV/S5Zi7IjXEO8/xeIR/F7K36sqk0c7TVyE+m
6W0cs6kakXdme85zwf9MIcJ1usMCAwEAAaOCAqYwggKiMB0GA1UdDgQWBBQON1aY
aBggcHxbJTgnzOA+SII3NTAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzU0OEQ4NTQ4
MDA4NzExRUZBODg5NDg4MUM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMDAGCCsGAQUFBwEHAQH/
BCEwHzAMBAIAATAGAwQBZ2wsMA8EAgACMAkDBwAgAQ3yFsAwDQYJKoZIhvcNAQEL
BQADggEBAB6QAFkGsiZvAdY0Q+37fpUnRsKt6s+v3V694kPpxfXnr0SOsjs8vahh
Jt4e5IjyV6ukGUnyZLMRROQqVwn+ExbEFFBhtfvLJZFf7ofm/RMOaEb8lACkPuf5
lfdwyHKmEXgF9a8Yk+2YGSm5jJXUw0MNjihLg8SmtP/hm2D9vMTU082EhdnBH+Gf
+Xg0oYccfXeXp/kjl/dqXkuEkoTDjwNFXauYR4BhF8QG6arp1EW7IDLVyyZO4DGX
gRmYDa7aXPhNrJ+WVU53rj3sKbN/Y+PdDu0IskonBNvsvkXFFxzh4JINZZF4Rdnj
a7cCrZoiDpxKv5pxfXuFtIboAygqkzQ=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:10:38 2025 by rpki-client