Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/A0EB47A60EBC11EB93AA6E68C4F9AE02.roa
File: A0EB47A60EBC11EB93AA6E68C4F9AE02.roa (raw, json)
Hash identifier: pekKvIPzM7/RBFkxL9pbUsAslrDOLHLnjfEimi324tg=
Subject key identifier: BC:AA:CC:26:1F:1E:F6:F2:34:01:91:43:0F:46:1C:90:9B:10:D2:03
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 9F61
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/A0EB47A60EBC11EB93AA6E68C4F9AE02.roa
Signing time: Tue 17 Dec 2024 06:56:54 +0000
ROA not before: Tue 17 Dec 2024 06:56:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 55839
IP address blocks: 43.245.136.0/24 maxlen: 24
43.245.137.0/24 maxlen: 24
103.184.22.0/23 maxlen: 24
103.234.156.0/22 maxlen: 24
103.240.100.0/24 maxlen: 24
103.240.101.0/24 maxlen: 24
103.240.102.0/24 maxlen: 24
103.240.103.0/24 maxlen: 24
103.241.140.0/24 maxlen: 24
103.241.141.0/24 maxlen: 24
103.241.142.0/24 maxlen: 24
103.241.143.0/24 maxlen: 24
103.244.168.0/22 maxlen: 24
116.212.176.0/21 maxlen: 24
150.107.192.0/24 maxlen: 24
150.107.193.0/24 maxlen: 24
150.107.194.0/24 maxlen: 24
150.107.195.0/24 maxlen: 24
163.47.208.0/22 maxlen: 24
2406:b500::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 06 Feb 2025 08:35:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 40801 (0x9f61)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Dec 17 06:56:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=676120b6-afc5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:28:ef:fa:17:d1:ae:42:92:2e:38:b5:2f:f7:
75:4a:f8:32:e3:1a:c4:02:47:53:7b:2a:21:b4:a7:
78:94:aa:82:dd:22:12:87:e8:37:8a:66:9a:ae:e2:
c8:59:03:d5:34:0c:02:fe:ac:1c:d2:d6:af:0d:1f:
5d:f4:32:8e:a5:d1:34:e1:dc:2e:9d:39:90:15:8e:
95:35:f9:95:dd:87:ef:45:c8:46:0f:2e:e5:e0:ce:
d4:17:d5:1c:b2:c2:4f:78:4f:8d:5f:db:42:57:39:
aa:f6:9b:60:c1:72:a4:4c:fc:94:62:8f:61:cd:33:
de:e8:0b:f7:f4:68:1b:81:a0:42:4e:d6:2d:9f:c6:
9a:02:4a:fe:1a:76:e9:d8:b6:3e:c5:76:f0:12:21:
07:5d:0f:cd:b0:bc:5b:16:c5:b5:8e:16:c1:cd:10:
33:df:ce:13:b7:e0:a4:50:13:78:52:78:80:da:cb:
30:0a:18:fe:5b:08:a1:89:c3:3e:10:ab:c2:c9:66:
b7:db:70:65:ef:47:0f:a5:72:5c:5e:7d:86:91:66:
65:ce:5e:12:37:ca:01:0e:d2:34:27:aa:67:a6:49:
58:bd:af:d3:d4:bf:2d:65:2e:25:14:b7:d2:92:d5:
c8:b3:db:0a:55:23:24:2c:e6:44:47:58:44:91:a8:
22:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:AA:CC:26:1F:1E:F6:F2:34:01:91:43:0F:46:1C:90:9B:10:D2:03
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/A0EB47A60EBC11EB93AA6E68C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.245.136.0/23
103.184.22.0/23
103.234.156.0/22
103.240.100.0/22
103.241.140.0/22
103.244.168.0/22
116.212.176.0/21
150.107.192.0/22
163.47.208.0/22
IPv6:
2406:b500::/32
Signature Algorithm: sha256WithRSAEncryption
49:ad:01:5f:97:51:f4:5e:60:9e:06:87:56:8e:aa:6e:ad:dd:
2c:dd:0e:64:f0:0c:86:1b:d6:19:ad:12:93:8e:ed:c1:fe:33:
2f:dc:33:07:c7:55:26:90:a5:3a:2a:14:55:c6:51:91:c2:c2:
45:f3:a8:0c:56:46:37:cb:1e:98:88:53:a0:22:f6:e4:c8:31:
97:d3:a0:32:d9:e0:bc:64:53:95:e9:77:3d:51:de:c7:ab:9d:
0f:1e:37:78:9a:1b:b3:29:36:fa:10:f4:ce:49:79:d3:7d:0a:
a5:c1:12:87:2d:df:02:b7:01:09:e7:a6:d9:d0:0b:8a:31:0d:
cd:16:6b:4e:2a:34:4f:4e:5e:0c:0f:27:cb:63:0b:98:ef:b9:
f7:f6:0f:db:85:04:df:a1:4c:56:d2:eb:f7:87:e9:51:3d:f7:
8f:65:f8:80:28:da:eb:4d:47:0f:44:1a:d9:75:cf:38:f5:84:
b3:20:65:35:e2:9e:d0:c5:ca:c5:01:05:3e:18:36:45:e7:7a:
8a:28:cc:ca:e4:6b:c9:44:53:40:88:c1:b2:da:b4:5c:f5:c8:
d1:b7:f1:eb:15:8e:ad:90:18:e1:bb:4a:67:50:b0:01:da:1e:
ff:c7:4d:72:fe:38:9e:c7:c6:02:09:f4:f0:b5:59:5f:52:1a:
d8:2f:e2:e1
-----BEGIN CERTIFICATE-----
MIIFsTCCBJmgAwIBAgIDAJ9hMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MTIxNzA2NTY1NFoXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjc2MTIwYjYtYWZjNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOAo7/oX0a5Cki44tS/3dUr4MuMaxAJHU3sqIbSneJSqgt0iEofoN4pmmq7i
yFkD1TQMAv6sHNLWrw0fXfQyjqXRNOHcLp05kBWOlTX5ld2H70XIRg8u5eDO1BfV
HLLCT3hPjV/bQlc5qvabYMFypEz8lGKPYc0z3ugL9/RoG4GgQk7WLZ/GmgJK/hp2
6di2PsV28BIhB10PzbC8WxbFtY4Wwc0QM9/OE7fgpFATeFJ4gNrLMAoY/lsIoYnD
PhCrwslmt9twZe9HD6VyXF59hpFmZc5eEjfKAQ7SNCeqZ6ZJWL2v09S/LWUuJRS3
0pLVyLPbClUjJCzmREdYRJGoIr0CAwEAAaOCAtQwggLQMB0GA1UdDgQWBBS8qswm
Hx728jQBkUMPRhyQmxDSAzAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0EwRUI0N0E2
MEVCQzExRUI5M0FBNkU2OEM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMF4GCCsGAQUFBwEHAQH/
BE8wTTA8BAIAATA2AwQBK/WIAwQBZ7gWAwQCZ+qcAwQCZ/BkAwQCZ/GMAwQCZ/So
AwQDdNSwAwQClmvAAwQCoy/QMA0EAgACMAcDBQAkBrUAMA0GCSqGSIb3DQEBCwUA
A4IBAQBJrQFfl1H0XmCeBodWjqpurd0s3Q5k8AyGG9YZrRKTju3B/jMv3DMHx1Um
kKU6KhRVxlGRwsJF86gMVkY3yx6YiFOgIvbkyDGX06Ay2eC8ZFOV6Xc9Ud7Hq50P
Hjd4mhuzKTb6EPTOSXnTfQqlwRKHLd8CtwEJ56bZ0AuKMQ3NFmtOKjRPTl4MDyfL
YwuY77n39g/bhQTfoUxW0uv3h+lRPfePZfiAKNrrTUcPRBrZdc849YSzIGU14p7Q
xcrFAQU+GDZF53qKKMzK5GvJRFNAiMGy2rRc9cjRt/HrFY6tkBjhu0pnULAB2h7/
x01y/jiex8YCCfTwtVlfUhrYL+Lh
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:17:22 2025 by rpki-client