Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/6C27FDCEEA7A11EDBB837E47C4F9AE02.roa
File: 6C27FDCEEA7A11EDBB837E47C4F9AE02.roa (raw, json)
Hash identifier: paQp/x/AxJgJQ+cn0pZfM+TNMQndM0o3rCLG5c1Wacg=
Subject key identifier: 03:1D:E2:EE:E4:1E:72:59:34:E4:30:32:0F:95:57:CD:75:32:52:F2
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 8921
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/6C27FDCEEA7A11EDBB837E47C4F9AE02.roa
Signing time: Thu 30 May 2024 15:57:32 +0000
ROA not before: Thu 30 May 2024 15:57:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 133706
IP address blocks: 43.228.220.0/22 maxlen: 24
45.125.60.0/22 maxlen: 24
103.47.236.0/22 maxlen: 24
103.215.248.0/22 maxlen: 24
157.119.124.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 28 Aug 2024 07:26:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 35105 (0x8921)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: May 30 15:57:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6658a1ec-660b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:23:cd:1b:17:4f:ca:8e:65:66:cf:ee:35:a4:
97:21:52:55:4f:99:97:c2:82:da:12:ac:04:b7:72:
94:2c:da:d0:f4:c8:e3:72:a0:36:d0:53:10:5b:03:
79:22:4a:7f:51:e8:ed:b7:0e:80:a4:98:e8:d4:0d:
b1:79:13:59:9e:de:e0:74:f9:ef:6b:76:d3:93:38:
19:c9:bc:73:d7:7b:41:ff:68:07:2e:e0:bc:d3:36:
09:bd:b5:e4:f7:32:ef:11:13:64:97:29:59:9a:8d:
b4:80:37:8d:f6:24:11:be:f5:52:9d:32:77:72:5f:
5c:e9:9a:3c:47:88:22:16:43:89:56:5b:de:fe:9d:
87:d2:35:e6:4f:b6:43:3c:7c:73:41:58:85:48:42:
a7:f3:52:11:85:78:8b:e9:73:c8:69:6c:97:26:4b:
1d:4d:af:da:69:0e:43:56:96:30:51:4e:19:08:7a:
97:8e:45:52:0f:ad:2a:1b:76:6c:2c:77:e6:50:cd:
e4:44:ab:53:19:23:90:26:e7:7c:f5:d9:35:04:d0:
d3:3a:e7:60:fa:90:a5:a0:d1:d7:b7:28:d8:37:b6:
ea:69:6b:a6:89:d4:79:ff:55:74:b4:fa:7f:21:2c:
27:3c:20:9e:ed:07:1f:cc:fc:61:e3:a1:fa:16:b6:
fb:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:1D:E2:EE:E4:1E:72:59:34:E4:30:32:0F:95:57:CD:75:32:52:F2
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/6C27FDCEEA7A11EDBB837E47C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.228.220.0/22
45.125.60.0/22
103.47.236.0/22
103.215.248.0/22
157.119.124.0/22
Signature Algorithm: sha256WithRSAEncryption
9c:18:84:c9:00:b5:00:d0:b1:e1:32:81:37:98:57:00:df:0b:
e8:78:75:e9:b2:02:34:78:63:e7:50:8d:a6:e4:19:45:82:64:
df:74:3d:10:8a:61:6b:62:de:c0:a8:fd:29:03:bb:11:0f:5d:
d7:de:4d:e1:44:70:8f:c0:b5:84:56:b8:4f:c9:53:b0:57:22:
95:87:75:93:7f:a6:62:dd:4d:c5:45:55:19:bb:df:0a:f2:95:
e2:52:de:63:ca:70:fe:51:f2:25:53:ab:f4:87:c9:ef:c6:fa:
c7:fe:e1:50:ff:28:8b:ea:60:06:fe:1b:5c:c1:17:bc:b2:68:
a6:fc:1b:3b:9c:23:bc:84:0f:2e:4c:6b:0c:15:1c:a9:00:b1:
53:b3:67:38:fb:3f:94:af:e2:0f:ee:61:4e:03:8e:73:b0:c8:
41:4b:e6:c9:74:29:b8:ff:38:c6:69:bd:f0:22:4e:ab:8c:a6:
c6:95:02:99:68:cc:d5:69:95:24:7f:ca:f8:d5:09:4c:f7:3c:
bb:de:8d:8c:ea:78:f0:c4:60:cf:17:04:ec:4a:d7:b1:7e:ef:
8c:6b:37:9c:f7:3b:98:aa:58:d8:63:8d:b0:4b:9a:0e:5e:dd:
32:72:f8:9e:34:96:a2:fd:6f:b4:23:47:57:d4:55:1d:76:0c:
69:80:aa:4e
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgIDAIkhMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MDUzMDE1NTczMloXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjY1OGExZWMtNjYwYjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANgjzRsXT8qOZWbP7jWklyFSVU+Zl8KC2hKsBLdylCza0PTI43KgNtBTEFsD
eSJKf1Ho7bcOgKSY6NQNsXkTWZ7e4HT572t205M4Gcm8c9d7Qf9oBy7gvNM2Cb21
5Pcy7xETZJcpWZqNtIA3jfYkEb71Up0yd3JfXOmaPEeIIhZDiVZb3v6dh9I15k+2
Qzx8c0FYhUhCp/NSEYV4i+lzyGlslyZLHU2v2mkOQ1aWMFFOGQh6l45FUg+tKht2
bCx35lDN5ESrUxkjkCbnfPXZNQTQ0zrnYPqQpaDR17co2De26mlrponUef9VdLT6
fyEsJzwgnu0HH8z8YeOh+ha2+yUCAwEAAaOCAq0wggKpMB0GA1UdDgQWBBQDHeLu
5B5yWTTkMDIPlVfNdTJS8jAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzZDMjdGRENF
RUE3QTExRURCQjgzN0U0N0M0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMDcGCCsGAQUFBwEHAQH/
BCgwJjAkBAIAATAeAwQCK+TcAwQCLX08AwQCZy/sAwQCZ9f4AwQCnXd8MA0GCSqG
SIb3DQEBCwUAA4IBAQCcGITJALUA0LHhMoE3mFcA3wvoeHXpsgI0eGPnUI2m5BlF
gmTfdD0QimFrYt7AqP0pA7sRD13X3k3hRHCPwLWEVrhPyVOwVyKVh3WTf6Zi3U3F
RVUZu98K8pXiUt5jynD+UfIlU6v0h8nvxvrH/uFQ/yiL6mAG/htcwRe8smim/Bs7
nCO8hA8uTGsMFRypALFTs2c4+z+Ur+IP7mFOA45zsMhBS+bJdCm4/zjGab3wIk6r
jKbGlQKZaMzVaZUkf8r41QlM9zy73o2M6njwxGDPFwTsStexfu+Mazec9zuYqljY
Y42wS5oOXt0ycvieNJai/W+0I0dX1FUddgxpgKpO
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:04:12 2025 by rpki-client