Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/81986B02479811ECAA3D0E35C4F9AE02.roa
File: 81986B02479811ECAA3D0E35C4F9AE02.roa (raw, json)
Hash identifier: LlYt8xvLxkBLF9+dNW+L4MhMK3Zzvoo5611SSvSQhOA=
Subject key identifier: 6E:35:62:2A:B0:C2:EB:D1:37:1D:35:CF:52:7F:E0:50:B1:ED:F1:CA
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: A03D
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/81986B02479811ECAA3D0E35C4F9AE02.roa
Signing time: Thu 26 Dec 2024 11:19:18 +0000
ROA not before: Thu 26 Dec 2024 11:19:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 135780
IP address blocks: 103.82.208.0/22 maxlen: 24
103.122.14.0/23 maxlen: 24
103.141.166.0/23 maxlen: 24
103.176.166.0/23 maxlen: 24
2404:8ec0::/32 maxlen: 32
2404:8ec0::/34 maxlen: 34
2404:8ec0::/41 maxlen: 48
2404:8ec0:4000::/34 maxlen: 34
2404:8ec0:8000::/34 maxlen: 34
2404:8ec0:c000::/34 maxlen: 34
Validation: Failed, certificate revoked on Mon 13 Jan 2025 07:53:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 41021 (0xa03d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Dec 26 11:19:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=676d3bb6-91ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:44:5b:82:02:c6:ec:c9:62:6b:6c:9e:82:d3:
58:c5:e7:e3:d0:b4:da:50:9a:41:e0:34:87:ae:36:
16:3e:5d:b2:90:e0:ff:6b:2f:c0:67:54:de:85:79:
e8:e4:b6:5d:df:dc:bd:88:8f:88:7d:6d:c8:46:91:
b4:07:c1:13:6b:c8:dd:e2:7f:9a:c3:89:28:37:56:
b8:96:0e:88:90:c5:1c:ce:3e:b1:55:4c:3f:56:65:
22:4c:7b:66:e9:c7:b6:e8:c0:39:fe:7c:5b:e1:c6:
b9:3d:58:bc:eb:3a:25:73:ea:32:91:ec:f5:41:77:
f1:c6:73:69:14:a1:5a:75:02:91:bf:d0:c9:df:36:
7f:20:c4:69:3e:0b:e2:61:eb:39:11:72:14:ba:e6:
a8:f5:96:c4:b8:8b:fd:8c:cc:48:df:24:fd:dd:b6:
5e:56:0d:31:9d:f4:7e:72:83:f2:44:6b:dc:8a:db:
66:67:55:34:38:2c:af:ec:2f:a5:79:88:fe:fb:a2:
20:7e:7a:b1:ca:af:2f:a6:4a:f2:3c:ba:e4:e8:48:
80:24:a0:62:01:6a:9c:e4:bd:07:71:ed:29:ff:8b:
3b:5a:a5:d6:6b:7b:fc:5e:cd:46:f3:dd:af:58:23:
e0:e5:f3:ad:d1:25:44:fa:12:77:de:91:26:51:eb:
c4:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:35:62:2A:B0:C2:EB:D1:37:1D:35:CF:52:7F:E0:50:B1:ED:F1:CA
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/81986B02479811ECAA3D0E35C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.82.208.0/22
103.122.14.0/23
103.141.166.0/23
103.176.166.0/23
IPv6:
2404:8ec0::/32
Signature Algorithm: sha256WithRSAEncryption
b2:60:76:20:14:fb:0a:1b:73:36:2f:f1:e6:71:26:e4:21:c2:
ba:08:e7:46:a3:de:8e:4d:16:c6:94:57:df:67:df:fa:e0:9a:
c6:bd:01:3b:b4:58:58:86:b1:92:7e:40:d2:94:31:87:45:51:
7c:0e:bd:b5:74:54:09:b1:95:9e:47:bb:69:2a:07:51:b4:2d:
40:bb:87:3e:ca:b5:8f:b2:01:51:b3:6e:bc:d6:a5:05:db:57:
84:5c:c6:45:1f:fa:5e:7b:d6:dd:75:33:d6:af:a5:d5:49:28:
01:ce:17:be:12:b7:b0:52:6f:14:9f:74:e1:43:0f:fa:cc:49:
cf:cf:2d:91:cc:3c:f4:1b:1c:7a:99:56:1b:e6:e8:20:20:31:
04:9f:36:34:03:12:a8:11:09:03:60:5d:47:1c:22:79:1b:d5:
48:96:2c:f8:28:c5:52:73:34:54:8e:27:1f:71:8a:81:f1:cc:
dd:02:7e:bd:06:4f:48:d2:f6:6a:58:26:e6:27:df:ab:54:70:
3b:8d:25:1f:d7:9b:48:b0:72:97:3c:3a:1d:ba:0b:21:24:f5:
6b:a2:01:30:29:e5:4a:9b:7f:f1:f8:e7:4c:4f:22:9f:fb:9b:
07:55:82:44:d9:6b:fe:21:1a:62:0a:55:f0:8d:3e:f6:b6:46:
0d:36:8d:62
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgIDAKA9MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MTIyNjExMTkxOFoXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjc2ZDNiYjYtOTFjZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMhEW4ICxuzJYmtsnoLTWMXn49C02lCaQeA0h642Fj5dspDg/2svwGdU3oV5
6OS2Xd/cvYiPiH1tyEaRtAfBE2vI3eJ/msOJKDdWuJYOiJDFHM4+sVVMP1ZlIkx7
ZunHtujAOf58W+HGuT1YvOs6JXPqMpHs9UF38cZzaRShWnUCkb/Qyd82fyDEaT4L
4mHrORFyFLrmqPWWxLiL/YzMSN8k/d22XlYNMZ30fnKD8kRr3IrbZmdVNDgsr+wv
pXmI/vuiIH56scqvL6ZK8jy65OhIgCSgYgFqnOS9B3HtKf+LO1ql1mt7/F7NRvPd
r1gj4OXzrdElRPoSd96RJlHrxIcCAwEAAaOCArYwggKyMB0GA1UdDgQWBBRuNWIq
sMLr0TcdNc9Sf+BQse3xyjAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzgxOTg2QjAy
NDc5ODExRUNBQTNEMEUzNUM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMEAGCCsGAQUFBwEHAQH/
BDEwLzAeBAIAATAYAwQCZ1LQAwQBZ3oOAwQBZ42mAwQBZ7CmMA0EAgACMAcDBQAk
BI7AMA0GCSqGSIb3DQEBCwUAA4IBAQCyYHYgFPsKG3M2L/HmcSbkIcK6COdGo96O
TRbGlFffZ9/64JrGvQE7tFhYhrGSfkDSlDGHRVF8Dr21dFQJsZWeR7tpKgdRtC1A
u4c+yrWPsgFRs2681qUF21eEXMZFH/pee9bddTPWr6XVSSgBzhe+ErewUm8Un3Th
Qw/6zEnPzy2RzDz0Gxx6mVYb5uggIDEEnzY0AxKoEQkDYF1HHCJ5G9VIliz4KMVS
czRUjicfcYqB8czdAn69Bk9I0vZqWCbmJ9+rVHA7jSUf15tIsHKXPDodugshJPVr
ogEwKeVKm3/x+OdMTyKf+5sHVYJE2Wv+IRpiClXwjT72tkYNNo1i
-----END CERTIFICATE-----
Generated at Fri Apr 4 21:55:46 2025 by rpki-client