Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/94672C5EF33F11EF85B00C36C4F9AE02.roa
File: 94672C5EF33F11EF85B00C36C4F9AE02.roa (raw, json)
Hash identifier: EdfqOZ+/LB53RXPrJ19iLRrAwXTkQ37LVGljh/FHV6E=
Subject key identifier: C9:F2:FD:47:E8:EC:18:97:B4:EB:BA:8D:FA:11:76:E6:30:98:DF:76
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: A7D1
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/94672C5EF33F11EF85B00C36C4F9AE02.roa
Signing time: Tue 25 Feb 2025 11:33:38 +0000
ROA not before: Tue 25 Feb 2025 11:33:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 136634
IP address blocks: 36.255.241.0/24 maxlen: 24
103.48.146.0/24 maxlen: 24
103.48.147.0/24 maxlen: 24
103.102.56.0/22 maxlen: 24
103.172.132.0/24 maxlen: 24
103.174.164.0/23 maxlen: 24
103.230.178.0/23 maxlen: 24
103.235.90.0/23 maxlen: 24
2001:df2:4e40::/48 maxlen: 48
2001:df2:52c0::/48 maxlen: 48
2001:df2:a240::/48 maxlen: 48
2400:8ee0::/48 maxlen: 48
2406:24c0::/32 maxlen: 40
2406:24c0::/48 maxlen: 48
2406:24c0:1::/48 maxlen: 48
2406:24c0:2::/48 maxlen: 48
2406:24c0:3::/48 maxlen: 48
2406:24c0:4::/48 maxlen: 48
2406:24c0:5::/48 maxlen: 48
2406:24c0:9::/48 maxlen: 48
2406:24c0:a::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 26 Mar 2025 07:07:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 42961 (0xa7d1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Feb 25 11:33:38 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67bdaa92-5b32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:2b:44:a0:23:7e:28:ad:ae:3f:f2:b6:52:08:
64:33:92:5c:e4:58:8d:03:34:47:9c:4f:60:12:31:
85:3b:d7:fc:01:44:94:ff:24:2b:05:f0:d7:aa:ac:
e7:2c:7c:08:63:6c:ad:e1:55:91:4d:cc:40:5a:f4:
d7:d8:00:d8:6c:b5:19:53:d3:ae:b5:0d:5c:87:d4:
7f:a7:45:77:fb:bd:43:91:c2:db:cf:13:ac:ea:b5:
e9:5e:dc:ff:b0:7a:a8:50:cb:8c:06:6d:f6:7f:4c:
8d:54:88:67:b4:74:81:e5:6a:65:f6:48:a2:b3:ab:
68:81:e9:d3:bb:9f:a4:bd:cb:47:5c:d9:6b:5f:f5:
7f:d1:e4:6f:00:3a:23:9a:5c:ea:cf:ab:d3:95:e8:
33:97:d9:0f:ca:16:53:bc:ae:e8:d2:53:4e:13:1d:
3f:3d:70:13:ee:ba:09:77:fd:78:6b:5d:96:a6:f6:
45:55:a2:59:ef:31:a1:3f:a6:3c:1e:55:72:d5:21:
42:32:e4:06:db:9c:25:cf:06:e2:66:34:70:4e:d4:
ff:e5:d0:0f:44:16:19:15:90:09:79:9a:c6:2e:be:
b4:42:18:e3:40:4d:fc:b1:77:3c:56:c4:6a:7d:3e:
31:b3:84:51:a9:4d:9e:eb:21:90:08:61:43:1e:d5:
b4:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:F2:FD:47:E8:EC:18:97:B4:EB:BA:8D:FA:11:76:E6:30:98:DF:76
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/94672C5EF33F11EF85B00C36C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
36.255.241.0/24
103.48.146.0/23
103.102.56.0/22
103.172.132.0/24
103.174.164.0/23
103.230.178.0/23
103.235.90.0/23
IPv6:
2001:df2:4e40::/48
2001:df2:52c0::/48
2001:df2:a240::/48
2400:8ee0::/48
2406:24c0::/32
Signature Algorithm: sha256WithRSAEncryption
8f:66:7b:38:0d:3e:24:5a:f1:31:08:2e:73:7e:9b:7c:3b:56:
ac:f0:88:c1:ab:ee:37:5f:09:58:1b:7f:2b:72:d7:2f:33:96:
41:4b:b5:a1:73:d9:fd:5a:85:03:54:fa:09:21:f3:5f:b9:ca:
7d:e8:c9:98:81:c4:44:db:6e:7d:61:67:ee:58:9d:e6:3c:49:
9b:df:e2:bb:d5:9a:b6:7f:24:c1:07:c2:b0:b2:2a:e6:c0:00:
97:43:90:39:06:c5:b2:b7:4c:d1:e4:63:ce:3e:14:8e:cd:05:
5d:3d:15:74:53:aa:72:5f:f9:33:20:c5:02:44:f9:b0:19:f4:
f3:63:66:33:c6:6b:2b:9a:04:31:75:89:f6:66:2e:91:36:e1:
f2:c1:c0:2c:6f:a6:11:dc:32:e9:ab:f9:e0:f5:c4:67:a2:a8:
71:2f:85:e1:f8:4e:b1:76:58:e7:85:c5:83:5c:b4:69:e1:b9:
0d:38:e7:ca:f7:1e:4d:6e:ec:c4:97:9d:16:47:ec:40:04:51:
6a:37:f8:73:55:bd:55:23:d8:24:e4:7f:cb:49:8f:4f:d2:3a:
a3:00:81:f4:42:51:62:cd:4a:28:6b:33:85:df:6b:30:e1:26:
e8:2a:a9:98:be:37:a1:d4:c7:98:af:eb:f3:f6:6f:c6:5d:31:
e8:43:c8:89
-----BEGIN CERTIFICATE-----
MIIFyTCCBLGgAwIBAgIDAKfRMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDIyNTExMzMzOFoXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjdiZGFhOTItNWIzMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANkrRKAjfiitrj/ytlIIZDOSXORYjQM0R5xPYBIxhTvX/AFElP8kKwXw16qs
5yx8CGNsreFVkU3MQFr019gA2Gy1GVPTrrUNXIfUf6dFd/u9Q5HC288TrOq16V7c
/7B6qFDLjAZt9n9MjVSIZ7R0geVqZfZIorOraIHp07ufpL3LR1zZa1/1f9HkbwA6
I5pc6s+r05XoM5fZD8oWU7yu6NJTThMdPz1wE+66CXf9eGtdlqb2RVWiWe8xoT+m
PB5VctUhQjLkBtucJc8G4mY0cE7U/+XQD0QWGRWQCXmaxi6+tEIY40BN/LF3PFbE
an0+MbOEUalNnushkAhhQx7VtFcCAwEAAaOCAuwwggLoMB0GA1UdDgQWBBTJ8v1H
6OwYl7Truo36EXbmMJjfdjAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzk0NjcyQzVF
RjMzRjExRUY4NUIwMEMzNkM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMHYGCCsGAQUFBwEHAQH/
BGcwZTAwBAIAATAqAwQAJP/xAwQBZzCSAwQCZ2Y4AwQAZ6yEAwQBZ66kAwQBZ+ay
AwQBZ+taMDEEAgACMCsDBwAgAQ3yTkADBwAgAQ3yUsADBwAgAQ3yokADBwAkAI7g
AAADBQAkBiTAMA0GCSqGSIb3DQEBCwUAA4IBAQCPZns4DT4kWvExCC5zfpt8O1as
8IjBq+43XwlYG38rctcvM5ZBS7Whc9n9WoUDVPoJIfNfucp96MmYgcRE2259YWfu
WJ3mPEmb3+K71Zq2fyTBB8KwsirmwACXQ5A5BsWyt0zR5GPOPhSOzQVdPRV0U6py
X/kzIMUCRPmwGfTzY2YzxmsrmgQxdYn2Zi6RNuHywcAsb6YR3DLpq/ng9cRnoqhx
L4Xh+E6xdljnhcWDXLRp4bkNOOfK9x5NbuzEl50WR+xABFFqN/hzVb1VI9gk5H/L
SY9P0jqjAIH0QlFizUooazOF32sw4SboKqmYvjeh1MeYr+vz9m/GXTHoQ8iJ
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:06:38 2025 by rpki-client