Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/6ABAEC9AA64411EEBBF38616C4F9AE02.roa
File: 6ABAEC9AA64411EEBBF38616C4F9AE02.roa (raw, json)
Hash identifier: sQX0zftvPW3f07exUIRB6CPdjcbXGXdbR/Eyd/1koDo=
Subject key identifier: 38:3B:D4:CE:8D:98:E6:38:37:20:8B:42:2D:01:AE:35:82:22:E4:0E
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 8D86
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/6ABAEC9AA64411EEBBF38616C4F9AE02.roa
Signing time: Thu 30 May 2024 16:15:56 +0000
ROA not before: Thu 30 May 2024 16:15:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 141549
IP address blocks: 103.66.76.0/22 maxlen: 24
103.74.136.0/22 maxlen: 24
103.119.178.0/23 maxlen: 24
103.163.112.0/23 maxlen: 24
2407:2640::/32 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 10:53:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 36230 (0x8d86)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: May 30 16:15:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6658a63c-858b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:0d:4c:80:00:6b:d0:c5:60:9a:36:c7:3b:ea:
84:10:49:17:a8:68:e9:19:ff:9d:a3:49:d2:7d:29:
dd:e7:3b:8a:8e:ee:18:42:a0:af:1e:d1:b8:48:1c:
56:6a:15:d7:38:57:15:78:c8:75:99:3a:e1:52:03:
88:28:4a:90:68:d6:4f:af:7c:2b:98:00:c1:47:9b:
5c:26:e5:bb:8f:84:f7:e0:37:54:9b:e0:ce:90:95:
89:fb:11:58:c1:07:5f:f6:8a:f0:81:1d:f1:df:17:
08:81:12:9d:9d:84:e0:d7:f1:9e:49:3f:39:00:5f:
ef:00:5a:3d:ce:63:1f:c8:01:68:34:6a:40:3b:b8:
d6:f3:df:54:36:40:fc:5e:a8:b4:f9:e7:58:a5:4e:
a6:b0:f2:a7:db:89:8f:be:6b:c6:1e:53:31:41:b3:
65:c8:09:9f:e0:7d:76:41:40:14:70:87:00:50:86:
5a:51:41:6d:8c:25:40:a8:47:53:c3:bb:49:2b:cb:
18:6b:7a:32:f0:21:3a:c8:42:19:c2:01:7c:b8:d8:
58:c0:18:2c:13:aa:34:03:5c:b5:dd:7c:25:b0:b8:
b1:3a:60:ea:d7:06:ed:93:24:b4:27:bc:82:0f:b2:
6d:34:9e:ee:03:da:ff:5b:16:56:be:ed:8e:36:3b:
fb:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:3B:D4:CE:8D:98:E6:38:37:20:8B:42:2D:01:AE:35:82:22:E4:0E
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/6ABAEC9AA64411EEBBF38616C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.66.76.0/22
103.74.136.0/22
103.119.178.0/23
103.163.112.0/23
IPv6:
2407:2640::/32
Signature Algorithm: sha256WithRSAEncryption
1d:f9:d3:5f:a0:73:a3:34:0d:2d:10:89:f6:cb:d1:fb:3d:e7:
29:52:17:d2:b2:b7:56:27:32:97:13:4b:09:ff:90:93:6a:02:
89:65:bd:76:29:ee:b4:81:43:71:16:08:ba:fb:5b:eb:7a:4c:
cb:8f:17:23:60:23:55:c7:03:fd:67:1b:b3:fb:9f:be:9c:63:
26:1c:ec:0f:1f:a4:27:5c:34:5c:dd:c0:71:00:65:2c:99:62:
68:4f:0f:a6:0b:33:cf:3f:71:2c:a7:59:c1:46:35:6d:95:f2:
3c:49:46:44:d1:20:e9:a4:fc:b7:63:02:02:ff:09:b6:13:19:
dd:6a:6d:9d:60:73:19:75:ba:3a:d2:82:42:c6:14:5f:df:9c:
81:ab:22:51:db:51:12:c0:f1:8b:2c:4b:e9:ca:35:4c:cc:54:
98:d7:03:08:fd:f8:97:da:b5:ac:6d:94:2e:4f:70:92:ec:55:
bd:fc:43:6e:76:f2:24:41:e3:dc:5d:71:c8:db:6a:54:21:49:
aa:89:8e:3c:75:06:00:c2:a1:2d:13:a8:8b:ee:c2:ee:2b:7e:
08:fa:4a:97:55:30:14:94:6f:c2:ae:5a:1b:a0:64:3a:30:3c:
24:c8:0b:09:a7:4d:c9:09:5a:28:29:4c:02:61:be:4e:df:38:
77:04:9f:50
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgIDAI2GMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MDUzMDE2MTU1NloXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjY1OGE2M2MtODU4YjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOINTIAAa9DFYJo2xzvqhBBJF6ho6Rn/naNJ0n0p3ec7io7uGEKgrx7RuEgc
VmoV1zhXFXjIdZk64VIDiChKkGjWT698K5gAwUebXCblu4+E9+A3VJvgzpCVifsR
WMEHX/aK8IEd8d8XCIESnZ2E4Nfxnkk/OQBf7wBaPc5jH8gBaDRqQDu41vPfVDZA
/F6otPnnWKVOprDyp9uJj75rxh5TMUGzZcgJn+B9dkFAFHCHAFCGWlFBbYwlQKhH
U8O7SSvLGGt6MvAhOshCGcIBfLjYWMAYLBOqNANctd18JbC4sTpg6tcG7ZMktCe8
gg+ybTSe7gPa/1sWVr7tjjY7+zkCAwEAAaOCArYwggKyMB0GA1UdDgQWBBQ4O9TO
jZjmODcgi0ItAa41giLkDjAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzZBQkFFQzlB
QTY0NDExRUVCQkYzODYxNkM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMEAGCCsGAQUFBwEHAQH/
BDEwLzAeBAIAATAYAwQCZ0JMAwQCZ0qIAwQBZ3eyAwQBZ6NwMA0EAgACMAcDBQAk
ByZAMA0GCSqGSIb3DQEBCwUAA4IBAQAd+dNfoHOjNA0tEIn2y9H7PecpUhfSsrdW
JzKXE0sJ/5CTagKJZb12Ke60gUNxFgi6+1vrekzLjxcjYCNVxwP9Zxuz+5++nGMm
HOwPH6QnXDRc3cBxAGUsmWJoTw+mCzPPP3Esp1nBRjVtlfI8SUZE0SDppPy3YwIC
/wm2Exndam2dYHMZdbo60oJCxhRf35yBqyJR21ESwPGLLEvpyjVMzFSY1wMI/fiX
2rWsbZQuT3CS7FW9/ENudvIkQePcXXHI22pUIUmqiY48dQYAwqEtE6iL7sLuK34I
+kqXVTAUlG/CrloboGQ6MDwkyAsJp03JCVooKUwCYb5O3zh3BJ9Q
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:26:28 2025 by rpki-client