Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/A3F0E6ECC34C11EFAD97C114C4F9AE02.roa
File: A3F0E6ECC34C11EFAD97C114C4F9AE02.roa (raw, json)
Hash identifier: QOkuNG0OD0T9wktMlyoYckyfFIsoNBRscgAW5G8pkl0=
Subject key identifier: 23:8E:29:BE:EF:DC:39:EF:5B:25:64:AF:1D:22:D7:E7:B8:D2:1E:46
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: A00B
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/A3F0E6ECC34C11EFAD97C114C4F9AE02.roa
Signing time: Thu 26 Dec 2024 05:45:41 +0000
ROA not before: Thu 26 Dec 2024 05:45:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 18196
IP address blocks: 103.171.118.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 03 Mar 2025 08:56:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 40971 (0xa00b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Dec 26 05:45:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=676ced84-6f71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:98:a4:9b:b1:05:c8:34:e4:2b:8c:a3:e2:4d:
a4:ee:0a:01:dd:a5:1c:cc:95:de:f5:4c:b3:bb:9c:
77:22:78:3e:c7:81:37:b2:f9:1a:77:00:e5:48:7a:
01:a5:6a:b8:4f:33:af:e5:2f:6e:69:31:c5:0f:03:
1a:2e:42:b2:06:cd:c0:4d:ee:32:be:84:33:f0:98:
13:66:20:ac:aa:1e:09:2c:51:b2:bc:0b:da:5c:f7:
03:7b:9d:f3:19:42:19:5b:da:ab:69:25:ea:f9:82:
a9:f5:92:89:f7:2a:74:50:59:f1:9c:f0:11:2b:ac:
e3:47:29:8d:c8:38:b4:97:86:6d:ca:c9:5c:c8:a8:
15:d6:61:a3:9d:d9:9b:62:8b:15:39:4d:26:61:b4:
4b:c9:9a:af:23:04:74:eb:5b:1b:69:dd:cc:6a:37:
c3:87:27:b0:c7:72:b9:b5:72:ca:7d:42:7d:91:67:
3f:31:80:78:90:a4:e9:c8:d7:30:b2:0f:c3:cf:33:
a5:19:28:6c:de:73:63:61:d2:dd:c1:b6:22:13:b9:
5b:c1:79:ee:11:9a:7e:97:d9:05:31:1c:8c:05:02:
ff:bc:ad:39:43:0d:da:72:1a:14:d2:55:3c:b5:e9:
f0:44:18:4f:ec:db:46:d8:97:71:7d:f3:e8:11:66:
f5:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:8E:29:BE:EF:DC:39:EF:5B:25:64:AF:1D:22:D7:E7:B8:D2:1E:46
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/A3F0E6ECC34C11EFAD97C114C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.171.118.0/23
Signature Algorithm: sha256WithRSAEncryption
2c:7d:61:04:8e:e5:4d:28:37:b4:1d:a5:d7:3f:3e:93:71:0b:
07:be:4c:ba:46:27:c5:b3:53:f9:75:8d:57:1f:8d:53:ac:69:
c1:b0:76:1d:73:0c:cb:00:2a:fc:51:3f:a6:01:a7:d7:f9:d9:
ee:ea:0e:82:7e:29:27:aa:5b:33:5f:82:b1:36:d3:2f:5e:90:
a0:46:61:b3:a9:ae:a0:48:c6:53:08:e3:7c:32:33:23:ea:22:
0b:35:b8:cd:43:dd:fd:dc:7c:e9:6c:da:d5:6d:08:a0:7d:d6:
8c:4a:bc:e5:c4:b1:ed:fc:a8:27:fa:44:f3:49:97:3e:ec:8b:
9a:f7:10:4e:da:17:ad:50:f9:0d:0e:6e:24:f9:92:ab:78:2f:
15:54:39:10:dd:fc:af:9d:21:17:cd:d3:db:02:52:a8:05:6a:
85:10:ee:f5:dd:77:ee:1a:e2:f0:21:b5:8e:ce:23:18:e5:66:
e1:3d:09:b8:6c:bb:96:d0:69:37:c5:60:ad:00:7b:80:89:59:
ad:8d:c3:a7:52:e3:74:87:28:50:2e:bf:82:06:9f:fc:d5:b0:
00:90:31:cb:c3:e9:82:5d:50:1f:d1:db:97:96:3d:98:be:90:
e1:66:ff:8d:5f:41:05:04:8e:09:5e:7d:b3:05:b4:30:18:5b:
ee:0e:a7:1d
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgIDAKALMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MTIyNjA1NDU0MVoXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjc2Y2VkODQtNmY3MTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM2YpJuxBcg05CuMo+JNpO4KAd2lHMyV3vVMs7ucdyJ4PseBN7L5GncA5Uh6
AaVquE8zr+UvbmkxxQ8DGi5CsgbNwE3uMr6EM/CYE2YgrKoeCSxRsrwL2lz3A3ud
8xlCGVvaq2kl6vmCqfWSifcqdFBZ8ZzwESus40cpjcg4tJeGbcrJXMioFdZho53Z
m2KLFTlNJmG0S8maryMEdOtbG2ndzGo3w4cnsMdyubVyyn1CfZFnPzGAeJCk6cjX
MLIPw88zpRkobN5zY2HS3cG2IhO5W8F57hGafpfZBTEcjAUC/7ytOUMN2nIaFNJV
PLXp8EQYT+zbRtiXcX3z6BFm9WsCAwEAAaOCApUwggKRMB0GA1UdDgQWBBQjjim+
79w571slZK8dItfnuNIeRjAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0EzRjBFNkVD
QzM0QzExRUZBRDk3QzExNEM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMB8GCCsGAQUFBwEHAQH/
BBAwDjAMBAIAATAGAwQBZ6t2MA0GCSqGSIb3DQEBCwUAA4IBAQAsfWEEjuVNKDe0
HaXXPz6TcQsHvky6RifFs1P5dY1XH41TrGnBsHYdcwzLACr8UT+mAafX+dnu6g6C
fiknqlszX4KxNtMvXpCgRmGzqa6gSMZTCON8MjMj6iILNbjNQ9393HzpbNrVbQig
fdaMSrzlxLHt/Kgn+kTzSZc+7Iua9xBO2hetUPkNDm4k+ZKreC8VVDkQ3fyvnSEX
zdPbAlKoBWqFEO713XfuGuLwIbWOziMY5WbhPQm4bLuW0Gk3xWCtAHuAiVmtjcOn
UuN0hyhQLr+CBp/81bAAkDHLw+mCXVAf0duXlj2YvpDhZv+NX0EFBI4JXn2zBbQw
GFvuDqcd
-----END CERTIFICATE-----
Generated at Fri Apr 4 21:58:24 2025 by rpki-client