Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/AB839398BF3111EEBDF2063DC4F9AE02.roa
File: AB839398BF3111EEBDF2063DC4F9AE02.roa (raw, json)
Hash identifier: zrlJkFGNeFSJFHrjaLFbSQkRbqGwhwP87/tHSJxfu+I=
Subject key identifier: 50:EC:33:E1:3A:A2:CE:86:C0:3B:0D:8C:03:54:AC:B6:93:43:B9:76
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 88FC
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/AB839398BF3111EEBDF2063DC4F9AE02.roa
Signing time: Thu 30 May 2024 15:56:55 +0000
ROA not before: Thu 30 May 2024 15:56:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 133638
IP address blocks: 103.40.72.0/22 maxlen: 24
182.255.56.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 23 Jan 2025 04:57:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 35068 (0x88fc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: May 30 15:56:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6658a1c7-1d60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:f5:2b:13:a0:ab:76:24:c6:2b:85:a4:f1:2f:
b9:89:db:1f:7c:5e:42:15:bd:e2:e3:e3:a1:3c:16:
14:8c:23:7b:e5:4c:07:20:27:56:af:0f:3e:81:ad:
bc:2b:a2:11:56:29:30:42:7b:de:a6:e2:37:57:bd:
e1:d3:24:9a:a4:60:bf:97:b5:33:51:bc:b0:83:bc:
9a:ff:57:29:43:d9:86:30:d7:42:e5:9a:7d:b8:91:
85:14:f8:fe:d2:e7:88:c2:a3:b3:4c:74:7d:77:f0:
68:49:db:e5:46:4e:d0:e7:12:8a:28:28:f5:39:4e:
4b:7d:e1:8c:11:70:f0:27:0d:92:0e:dc:e2:e1:97:
69:b7:c5:1c:95:9b:f6:fa:33:c5:c6:35:a8:33:84:
71:57:3d:58:8c:70:09:f4:bf:84:01:a0:9c:c0:f3:
fc:93:14:81:49:17:de:08:cd:fb:1e:f7:0a:5f:a9:
f5:3a:c5:6a:4e:9f:44:81:93:cf:73:51:a6:d2:0e:
a3:b5:7a:2f:76:a6:6b:a4:42:4f:33:4e:2d:2d:80:
0a:36:22:b3:e6:b9:7d:5f:9b:c2:45:f9:3a:f2:40:
ee:d8:66:cd:cc:57:6c:4a:df:89:a7:25:4d:bb:24:
da:5f:ea:99:15:72:9f:ce:bc:e6:9c:a8:4f:42:fc:
d2:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:EC:33:E1:3A:A2:CE:86:C0:3B:0D:8C:03:54:AC:B6:93:43:B9:76
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/AB839398BF3111EEBDF2063DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.40.72.0/22
182.255.56.0/22
Signature Algorithm: sha256WithRSAEncryption
8f:70:88:20:d7:0d:b3:d7:74:81:cb:76:60:34:cf:a6:ab:d9:
f6:8f:3d:07:30:87:89:25:66:d3:94:3f:ce:7d:50:42:21:6b:
a9:de:03:b7:f4:f2:2d:f4:97:b0:53:13:bb:d9:a5:d5:cf:bf:
c2:58:13:5f:ad:f0:2e:fa:a7:37:13:43:c2:a9:49:81:43:33:
bf:2c:81:87:d0:d7:0c:e1:a8:c1:e4:0c:df:0e:b8:39:a6:f6:
e1:fa:63:b4:d3:d1:cc:ee:fa:e5:80:59:ac:2c:ba:36:6b:c3:
b4:b0:93:80:2f:19:57:db:38:9d:ef:77:ed:ad:51:f5:90:44:
ff:64:a0:cf:df:4b:c1:14:d8:9c:e1:8b:fc:e7:69:1a:34:e6:
88:b9:83:a0:4d:ae:5d:b2:54:76:9a:0c:22:87:c2:c4:21:0b:
8e:21:52:6b:dd:a4:35:83:84:0e:43:1c:91:68:44:3c:00:5d:
ec:e7:fc:1b:e9:08:ff:07:fe:64:88:a7:58:6a:b9:03:ae:21:
91:1f:40:aa:3a:56:5d:15:2e:48:bc:0f:c9:2d:88:af:17:89:
4f:31:35:78:bc:07:dd:f9:95:ae:be:7d:a2:ae:01:7b:9a:5d:
ce:06:9b:12:3f:9a:97:cf:63:f5:88:84:df:03:cc:53:01:ff:
92:a3:d5:b3
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgIDAIj8MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MDUzMDE1NTY1NVoXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjY1OGExYzctMWQ2MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJj1KxOgq3YkxiuFpPEvuYnbH3xeQhW94uPjoTwWFIwje+VMByAnVq8PPoGt
vCuiEVYpMEJ73qbiN1e94dMkmqRgv5e1M1G8sIO8mv9XKUPZhjDXQuWafbiRhRT4
/tLniMKjs0x0fXfwaEnb5UZO0OcSiigo9TlOS33hjBFw8CcNkg7c4uGXabfFHJWb
9vozxcY1qDOEcVc9WIxwCfS/hAGgnMDz/JMUgUkX3gjN+x73Cl+p9TrFak6fRIGT
z3NRptIOo7V6L3ama6RCTzNOLS2ACjYis+a5fV+bwkX5OvJA7thmzcxXbErfiacl
Tbsk2l/qmRVyn8685pyoT0L80scCAwEAAaOCApswggKXMB0GA1UdDgQWBBRQ7DPh
OqLOhsA7DYwDVKy2k0O5djAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0FCODM5Mzk4
QkYzMTExRUVCREYyMDYzREM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMCUGCCsGAQUFBwEHAQH/
BBYwFDASBAIAATAMAwQCZyhIAwQCtv84MA0GCSqGSIb3DQEBCwUAA4IBAQCPcIgg
1w2z13SBy3ZgNM+mq9n2jz0HMIeJJWbTlD/OfVBCIWup3gO39PIt9JewUxO72aXV
z7/CWBNfrfAu+qc3E0PCqUmBQzO/LIGH0NcM4ajB5AzfDrg5pvbh+mO009HM7vrl
gFmsLLo2a8O0sJOALxlX2zid73ftrVH1kET/ZKDP30vBFNic4Yv852kaNOaIuYOg
Ta5dslR2mgwih8LEIQuOIVJr3aQ1g4QOQxyRaEQ8AF3s5/wb6Qj/B/5kiKdYarkD
riGRH0CqOlZdFS5IvA/JLYivF4lPMTV4vAfd+ZWuvn2irgF7ml3OBpsSP5qXz2P1
iITfA8xTAf+So9Wz
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:30:00 2025 by rpki-client