Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/A6EC72D4699E11EEADE90A6BC4F9AE02.roa
File: A6EC72D4699E11EEADE90A6BC4F9AE02.roa (raw, json)
Hash identifier: YXTGxVs77H2OGH6sN5wcMh7R8bhRvdE5KI2ne3b7hPQ=
Subject key identifier: 68:83:FF:2C:37:FA:81:C7:C5:34:A3:80:31:8B:5C:67:EB:8F:17:C7
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 9138
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/A6EC72D4699E11EEADE90A6BC4F9AE02.roa
Signing time: Thu 30 May 2024 16:31:15 +0000
ROA not before: Thu 30 May 2024 16:31:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59196
IP address blocks: 45.114.36.0/22 maxlen: 24
103.44.156.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 30 Dec 2024 07:05:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 37176 (0x9138)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: May 30 16:31:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6658a9d3-4c4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:7a:45:c5:dd:b0:18:79:43:7e:fb:aa:53:6d:
20:f9:4f:a7:12:d8:7f:f7:5d:fe:ca:b1:33:eb:b1:
d1:89:7f:f8:1a:9c:c0:1f:55:da:97:d4:2e:74:8d:
6b:0a:76:7b:6e:2e:82:d3:b7:cf:49:92:ea:5f:71:
11:af:6c:bb:6b:1d:31:d7:bb:07:2b:1a:65:c9:eb:
49:ad:2e:c7:92:b3:df:8f:4c:a4:40:0f:20:ca:63:
1b:03:be:db:7e:7a:f2:35:0b:1c:cd:e4:16:83:96:
f5:a7:03:85:53:2a:9b:a7:be:c2:0c:53:51:ea:71:
8b:08:6b:b1:52:4e:2c:06:90:52:66:89:6d:c2:97:
c1:24:05:60:9d:82:d1:08:46:92:71:c0:54:97:b0:
56:ba:14:90:d0:f7:6c:6a:cd:91:48:d1:46:68:76:
5a:c9:d3:c6:9f:29:e5:c7:d3:8e:c5:1f:06:39:55:
08:74:67:05:4e:16:c0:72:7e:39:66:91:9f:2d:05:
3a:e9:45:47:a8:56:19:6e:47:3f:32:eb:64:45:22:
36:f4:38:23:a5:24:11:d8:03:fd:51:ae:c4:35:11:
23:78:b3:06:52:0a:a3:02:95:5a:a7:c8:23:ac:ff:
e4:7c:0c:e5:78:31:99:63:1c:c2:e6:55:5a:70:90:
cf:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:83:FF:2C:37:FA:81:C7:C5:34:A3:80:31:8B:5C:67:EB:8F:17:C7
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/A6EC72D4699E11EEADE90A6BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.114.36.0/22
103.44.156.0/22
Signature Algorithm: sha256WithRSAEncryption
4f:44:0d:c9:16:57:72:8f:a0:f3:b4:f3:c4:7f:52:37:51:d8:
0b:47:a6:84:c3:b8:34:84:f2:7f:87:e8:2f:ad:a1:59:eb:73:
d9:81:55:57:10:74:43:e2:f5:4f:da:fe:72:02:5b:12:69:38:
14:14:0f:eb:86:2d:1d:51:af:e1:c6:69:33:38:0b:65:09:20:
e1:40:52:e3:14:42:07:b6:ad:68:df:60:f2:be:6b:af:35:63:
d8:0e:16:e0:34:26:95:3b:a3:f2:c4:a2:27:69:b5:69:d1:4f:
ef:c8:30:e5:95:6e:de:57:6d:45:60:7c:00:20:0a:0e:fe:de:
e7:58:d5:73:9f:f9:f6:87:80:6d:3f:60:5c:ad:74:7c:0d:ad:
d1:09:0d:85:fc:4a:45:f4:d9:cb:82:d4:be:d7:0f:b2:c5:2b:
b7:b9:02:23:5c:9d:c9:d4:db:a7:73:84:7b:13:2c:3e:13:65:
72:7e:94:3a:fd:bb:75:35:5c:a6:1f:a7:7a:20:63:a7:b2:d0:
c2:c9:f2:79:2f:2e:0c:40:96:93:a6:6e:11:8b:04:73:17:05:
a5:eb:ae:96:5c:c2:6a:20:69:01:0f:60:fa:66:e7:fc:66:bc:
81:fa:f4:11:03:28:ee:ab:39:a0:6d:47:39:62:5c:0f:8d:d6:
51:cf:a8:4e
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgIDAJE4MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MDUzMDE2MzExNVoXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjY1OGE5ZDMtNGM0YzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALt6RcXdsBh5Q377qlNtIPlPpxLYf/dd/sqxM+ux0Yl/+BqcwB9V2pfULnSN
awp2e24ugtO3z0mS6l9xEa9su2sdMde7BysaZcnrSa0ux5Kz349MpEAPIMpjGwO+
23568jULHM3kFoOW9acDhVMqm6e+wgxTUepxiwhrsVJOLAaQUmaJbcKXwSQFYJ2C
0QhGknHAVJewVroUkND3bGrNkUjRRmh2WsnTxp8p5cfTjsUfBjlVCHRnBU4WwHJ+
OWaRny0FOulFR6hWGW5HPzLrZEUiNvQ4I6UkEdgD/VGuxDURI3izBlIKowKVWqfI
I6z/5HwM5XgxmWMcwuZVWnCQz4sCAwEAAaOCApswggKXMB0GA1UdDgQWBBRog/8s
N/qBx8U0o4Axi1xn648XxzAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0E2RUM3MkQ0
Njk5RTExRUVBREU5MEE2QkM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMCUGCCsGAQUFBwEHAQH/
BBYwFDASBAIAATAMAwQCLXIkAwQCZyycMA0GCSqGSIb3DQEBCwUAA4IBAQBPRA3J
Fldyj6DztPPEf1I3UdgLR6aEw7g0hPJ/h+gvraFZ63PZgVVXEHRD4vVP2v5yAlsS
aTgUFA/rhi0dUa/hxmkzOAtlCSDhQFLjFEIHtq1o32DyvmuvNWPYDhbgNCaVO6Py
xKInabVp0U/vyDDllW7eV21FYHwAIAoO/t7nWNVzn/n2h4BtP2BcrXR8Da3RCQ2F
/EpF9NnLgtS+1w+yxSu3uQIjXJ3J1Nunc4R7Eyw+E2VyfpQ6/bt1NVymH6d6IGOn
stDCyfJ5Ly4MQJaTpm4RiwRzFwWl666WXMJqIGkBD2D6Zuf8ZryB+vQRAyjuqzmg
bUc5YlwPjdZRz6hO
-----END CERTIFICATE-----
Generated at Fri Apr 4 21:51:45 2025 by rpki-client