Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/58D71E2CBDD611EA97CDF72CC4F9AE02.roa
File: 58D71E2CBDD611EA97CDF72CC4F9AE02.roa (raw, json)
Hash identifier: T5qXxYb0VeVjvRylOpUE5rc+xshq2VpFLp+a28Wyzi0=
Subject key identifier: D2:71:1E:47:D0:6C:AB:80:61:FD:13:AD:42:6B:AD:64:B1:47:88:5B
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 8A14
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/58D71E2CBDD611EA97CDF72CC4F9AE02.roa
Signing time: Thu 30 May 2024 16:01:32 +0000
ROA not before: Thu 30 May 2024 16:01:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 135200
IP address blocks: 103.88.228.0/24 maxlen: 24
2001:df1:5200::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 16 Jul 2024 09:08:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 35348 (0x8a14)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: May 30 16:01:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6658a2db-c886
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:b8:93:6b:e8:6d:b1:d0:25:f9:cc:59:e2:e6:
3b:27:e0:58:8d:09:f9:8a:c0:33:7d:c0:1f:a3:41:
6d:bb:05:f9:5a:d8:12:47:e9:3f:6c:bb:23:3e:18:
f7:47:4d:75:e4:cc:7b:1d:21:bc:17:43:96:01:da:
23:71:42:b6:70:66:84:7f:70:16:46:c0:34:ed:41:
38:5b:e1:54:64:8f:d4:60:f7:13:37:92:e5:03:d0:
b6:b1:61:19:d2:0b:8a:cb:59:20:cb:a0:42:19:5d:
94:36:40:79:d8:6e:bf:c3:8e:47:00:8f:ff:74:33:
44:bd:31:bc:95:e2:e6:f9:8b:6c:6d:0d:e6:58:66:
74:79:64:80:2e:9d:c1:fd:78:9e:5d:eb:1d:12:e4:
cb:89:2d:a5:5f:dc:3d:a1:07:71:24:05:1e:f7:ca:
3b:14:2c:77:e6:46:67:b8:33:da:dc:e3:93:21:0e:
27:95:08:8c:6f:44:89:43:7c:05:7f:4e:77:cc:1c:
c8:85:3b:88:31:d0:19:f4:5c:62:e6:c4:48:22:1b:
6d:a3:29:61:dc:d4:1d:30:e0:ea:a5:73:57:7e:54:
51:5a:fc:3b:14:40:78:7e:06:9d:bf:ca:c8:b7:c8:
92:80:8f:ef:66:13:fc:0f:55:3e:77:1d:bc:69:30:
12:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:71:1E:47:D0:6C:AB:80:61:FD:13:AD:42:6B:AD:64:B1:47:88:5B
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/58D71E2CBDD611EA97CDF72CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.88.228.0/24
IPv6:
2001:df1:5200::/48
Signature Algorithm: sha256WithRSAEncryption
00:6f:32:bf:6b:6e:63:a0:0b:57:b2:fa:bf:5f:a1:91:95:da:
3f:16:0f:7e:99:42:fe:09:48:d1:f8:e5:22:74:8f:36:2a:93:
6a:f2:ee:1d:60:e4:85:d7:1c:fd:7e:b9:54:42:3c:3a:b7:4f:
f1:f7:60:4c:f2:e4:13:91:29:85:b0:ec:fc:1f:a6:45:b9:8f:
91:5d:3f:b4:8e:95:7d:b8:15:95:88:88:74:46:cd:54:9e:6a:
22:05:59:ff:03:90:91:26:33:98:34:45:71:45:06:65:f2:96:
c4:d6:88:d6:a8:52:08:ca:96:69:41:2b:79:70:8a:42:6e:64:
00:ce:66:cb:ed:c9:82:72:50:68:b2:9f:6d:66:f5:d6:b3:70:
ef:d2:ed:b6:44:7d:1d:05:86:a0:3f:fa:3e:7e:53:2a:21:c9:
04:c2:61:e7:b5:75:6d:f9:5d:d3:92:02:4b:b0:cd:9c:5b:62:
64:36:65:27:df:df:eb:ea:ee:b1:f2:4e:15:2d:25:e7:fd:3c:
c3:f2:6b:08:fc:03:c1:bf:50:ea:0d:fd:fa:fa:5b:55:53:e5:
bd:4f:64:a4:4f:8b:fd:28:82:8f:b4:d2:e2:c5:2e:7a:3a:8d:
e1:e2:de:6b:d3:43:33:64:d6:aa:34:9c:9b:73:7b:8b:d2:c1:
09:09:88:49
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgIDAIoUMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MDUzMDE2MDEzMloXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjY1OGEyZGItYzg4NjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM24k2vobbHQJfnMWeLmOyfgWI0J+YrAM33AH6NBbbsF+VrYEkfpP2y7Iz4Y
90dNdeTMex0hvBdDlgHaI3FCtnBmhH9wFkbANO1BOFvhVGSP1GD3EzeS5QPQtrFh
GdIListZIMugQhldlDZAedhuv8OORwCP/3QzRL0xvJXi5vmLbG0N5lhmdHlkgC6d
wf14nl3rHRLky4ktpV/cPaEHcSQFHvfKOxQsd+ZGZ7gz2tzjkyEOJ5UIjG9EiUN8
BX9Od8wcyIU7iDHQGfRcYubESCIbbaMpYdzUHTDg6qVzV35UUVr8OxRAeH4Gnb/K
yLfIkoCP72YT/A9VPncdvGkwEpMCAwEAAaOCAqYwggKiMB0GA1UdDgQWBBTScR5H
0GyrgGH9E61Ca61ksUeIWzAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzU4RDcxRTJD
QkRENjExRUE5N0NERjcyQ0M0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMDAGCCsGAQUFBwEHAQH/
BCEwHzAMBAIAATAGAwQAZ1jkMA8EAgACMAkDBwAgAQ3xUgAwDQYJKoZIhvcNAQEL
BQADggEBAABvMr9rbmOgC1ey+r9foZGV2j8WD36ZQv4JSNH45SJ0jzYqk2ry7h1g
5IXXHP1+uVRCPDq3T/H3YEzy5BORKYWw7PwfpkW5j5FdP7SOlX24FZWIiHRGzVSe
aiIFWf8DkJEmM5g0RXFFBmXylsTWiNaoUgjKlmlBK3lwikJuZADOZsvtyYJyUGiy
n21m9dazcO/S7bZEfR0FhqA/+j5+UyohyQTCYee1dW35XdOSAkuwzZxbYmQ2ZSff
3+vq7rHyThUtJef9PMPyawj8A8G/UOoN/fr6W1VT5b1PZKRPi/0ogo+00uLFLno6
jeHi3mvTQzNk1qo0nJtze4vSwQkJiEk=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:13:43 2025 by rpki-client