Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/8149028ABA5511EC8B8E7A45C4F9AE02.roa
File: 8149028ABA5511EC8B8E7A45C4F9AE02.roa (raw, json)
Hash identifier: QCCOEIa8K635929aJpIGzy8NnRAFmy5qKHjMIQBEMok=
Subject key identifier: 85:EE:6D:BE:48:2C:79:B6:67:4B:43:9A:B1:E4:BA:71:3B:58:6A:DA
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 90DD
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/8149028ABA5511EC8B8E7A45C4F9AE02.roa
Signing time: Thu 30 May 2024 16:29:45 +0000
ROA not before: Thu 30 May 2024 16:29:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 45235
IP address blocks: 43.227.244.0/22 maxlen: 24
43.231.52.0/22 maxlen: 24
45.250.212.0/22 maxlen: 24
103.8.40.0/22 maxlen: 24
103.48.64.0/22 maxlen: 24
103.50.144.0/22 maxlen: 24
103.98.36.0/22 maxlen: 24
103.199.124.0/22 maxlen: 24
103.219.132.0/22 maxlen: 24
103.230.20.0/22 maxlen: 24
119.42.152.0/21 maxlen: 24
2402:d500::/32 maxlen: 40
Validation: Failed, certificate revoked on Wed 19 Jun 2024 06:33:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 37085 (0x90dd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: May 30 16:29:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6658a979-2d65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:f1:07:1a:d3:ac:60:f7:cf:bc:49:ab:52:b4:
0f:4b:3e:f4:89:6b:71:5e:37:50:d9:e6:64:33:99:
40:97:0c:83:aa:19:69:f3:12:52:f6:e2:a9:f9:f5:
2e:af:0a:91:ef:f2:fc:28:1a:67:95:0f:08:58:00:
41:74:83:4f:7a:a1:10:2d:03:ad:dd:4f:29:2e:33:
79:5f:82:d5:e6:62:6a:ce:86:12:82:ce:a7:4d:62:
70:f4:c5:24:a0:a8:bd:12:c1:be:0b:a7:95:2c:ad:
ab:0f:9f:e9:9e:85:e4:66:4e:35:37:6c:8d:d8:58:
8f:b9:3f:f3:ea:49:79:07:d0:a7:90:3d:15:db:92:
e9:87:08:96:8b:0d:f3:eb:ea:b9:e9:76:dd:de:3b:
6c:44:df:94:11:a9:59:9e:ae:67:12:ae:c5:d7:18:
d4:54:30:3e:fb:df:4d:c9:8d:55:db:99:cb:20:f2:
06:8e:0c:51:bf:7c:11:b6:5a:3d:12:24:f9:d2:2b:
77:66:3c:eb:45:ce:ec:eb:36:b4:ce:68:80:60:f2:
eb:43:f0:7f:14:bc:32:81:79:38:0e:db:23:9c:e9:
47:84:5d:ff:b7:43:79:90:a1:2a:c0:29:9e:09:32:
a3:bd:b7:d7:3c:84:3f:fd:f0:74:21:8c:a3:e3:cd:
a1:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:EE:6D:BE:48:2C:79:B6:67:4B:43:9A:B1:E4:BA:71:3B:58:6A:DA
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/8149028ABA5511EC8B8E7A45C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.227.244.0/22
43.231.52.0/22
45.250.212.0/22
103.8.40.0/22
103.48.64.0/22
103.50.144.0/22
103.98.36.0/22
103.199.124.0/22
103.219.132.0/22
103.230.20.0/22
119.42.152.0/21
IPv6:
2402:d500::/32
Signature Algorithm: sha256WithRSAEncryption
aa:5f:4d:71:62:f4:ec:a9:b0:c8:18:b7:b4:6a:86:93:fa:b2:
cf:d2:2a:95:a5:b1:3c:a7:73:72:f8:62:84:0f:8d:29:19:22:
0a:e0:20:ed:44:7d:a9:01:c9:48:0f:fb:88:5f:38:b1:ba:9d:
60:17:8f:61:12:8b:95:45:96:fc:9c:ac:0a:83:f1:05:15:21:
33:9a:b0:e7:f1:0e:4d:0c:8e:31:92:4e:1a:bb:2c:5e:65:6c:
62:2d:37:ec:91:30:7c:e5:45:9b:42:d6:1e:37:5e:dc:9f:76:
64:7a:6f:94:50:4b:26:19:9a:32:8e:c1:8a:7b:3f:ef:ce:fd:
63:39:ed:1a:86:89:64:fb:0c:c2:b8:33:ed:a9:08:0b:dd:a0:
af:03:e2:5a:1e:41:40:44:fa:38:6a:67:e4:6a:f5:8e:91:c7:
f6:bf:0a:2e:f0:9c:b1:2b:2d:2c:cd:d4:7f:e2:98:8f:42:45:
d1:79:92:ac:87:42:12:45:87:bd:eb:a6:7a:ff:f9:6f:45:0d:
77:10:cf:7f:e0:ad:02:09:c8:06:40:40:15:23:7b:69:a6:d1:
22:ed:68:c1:dc:10:b7:fa:e3:b7:63:cb:25:ab:07:9b:ab:88:
83:e5:5e:5c:6f:0b:85:39:7e:68:16:64:3e:4b:86:78:8f:3a:
d1:96:11:89
-----BEGIN CERTIFICATE-----
MIIFvTCCBKWgAwIBAgIDAJDdMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MDUzMDE2Mjk0NVoXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjY1OGE5NzktMmQ2NTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANTxBxrTrGD3z7xJq1K0D0s+9IlrcV43UNnmZDOZQJcMg6oZafMSUvbiqfn1
Lq8Kke/y/CgaZ5UPCFgAQXSDT3qhEC0Drd1PKS4zeV+C1eZias6GEoLOp01icPTF
JKCovRLBvgunlSytqw+f6Z6F5GZONTdsjdhYj7k/8+pJeQfQp5A9FduS6YcIlosN
8+vquel23d47bETflBGpWZ6uZxKuxdcY1FQwPvvfTcmNVduZyyDyBo4MUb98EbZa
PRIk+dIrd2Y860XO7Os2tM5ogGDy60PwfxS8MoF5OA7bI5zpR4Rd/7dDeZChKsAp
ngkyo7231zyEP/3wdCGMo+PNodkCAwEAAaOCAuAwggLcMB0GA1UdDgQWBBSF7m2+
SCx5tmdLQ5qx5LpxO1hq2jAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzgxNDkwMjhB
QkE1NTExRUM4QjhFN0E0NUM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMGoGCCsGAQUFBwEHAQH/
BFswWTBIBAIAATBCAwQCK+P0AwQCK+c0AwQCLfrUAwQCZwgoAwQCZzBAAwQCZzKQ
AwQCZ2IkAwQCZ8d8AwQCZ9uEAwQCZ+YUAwQDdyqYMA0EAgACMAcDBQAkAtUAMA0G
CSqGSIb3DQEBCwUAA4IBAQCqX01xYvTsqbDIGLe0aoaT+rLP0iqVpbE8p3Ny+GKE
D40pGSIK4CDtRH2pAclID/uIXzixup1gF49hEouVRZb8nKwKg/EFFSEzmrDn8Q5N
DI4xkk4auyxeZWxiLTfskTB85UWbQtYeN17cn3Zkem+UUEsmGZoyjsGKez/vzv1j
Oe0aholk+wzCuDPtqQgL3aCvA+JaHkFARPo4amfkavWOkcf2vwou8JyxKy0szdR/
4piPQkXReZKsh0ISRYe966Z6//lvRQ13EM9/4K0CCcgGQEAVI3tpptEi7WjB3BC3
+uO3Y8slqwebq4iD5V5cbwuFOX5oFmQ+S4Z4jzrRlhGJ
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:09:24 2025 by rpki-client