Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/C95CDC66C37D11EF9454E80AC4F9AE02.roa
File: C95CDC66C37D11EF9454E80AC4F9AE02.roa (raw, json)
Hash identifier: EFKY7VuJUySNmrnxXDxPZS26JWg3Rh6YEZqYPcB+X5A=
Subject key identifier: 59:A4:1C:08:2C:AB:09:27:8D:67:F6:45:14:6B:4E:DC:11:82:1E:1E
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: A09B
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/C95CDC66C37D11EF9454E80AC4F9AE02.roa
Signing time: Fri 27 Dec 2024 12:00:27 +0000
ROA not before: Fri 27 Dec 2024 12:00:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 132996
IP address blocks: 43.243.212.0/22 maxlen: 24
43.252.32.0/22 maxlen: 24
103.69.112.0/22 maxlen: 24
103.129.206.0/24 maxlen: 24
103.166.119.0/24 maxlen: 24
103.172.226.0/23 maxlen: 24
103.252.4.0/22 maxlen: 24
103.253.200.0/22 maxlen: 24
2402:540::/48 maxlen: 48
2402:540:1::/48 maxlen: 48
2402:540:2::/48 maxlen: 48
2402:540:3::/48 maxlen: 48
2402:540:4::/48 maxlen: 48
2402:540:5::/48 maxlen: 48
2402:540:6::/48 maxlen: 48
2402:540:7::/48 maxlen: 48
2402:540:8::/48 maxlen: 48
2402:540:9::/48 maxlen: 48
2402:540:a::/48 maxlen: 48
2402:540:b::/48 maxlen: 48
2402:540:c::/48 maxlen: 48
2402:540:d::/48 maxlen: 48
2402:540:e::/48 maxlen: 48
2402:540:f::/48 maxlen: 48
2402:540:10::/48 maxlen: 48
2407:da40::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 08:15:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 41115 (0xa09b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Dec 27 12:00:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=676e96da-c622
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:c2:06:28:fd:d7:4b:ab:6e:b2:65:90:a2:fe:
37:83:57:97:fe:ea:40:09:e6:77:34:59:a1:a5:de:
39:f8:0c:8e:94:32:8c:c8:ca:43:0c:ba:0d:33:dd:
99:b3:24:85:d5:38:af:29:44:63:a2:a3:8d:7b:48:
2b:66:7f:ba:bf:31:14:aa:c6:74:9f:13:4f:9c:51:
77:7b:c9:84:d4:6c:e5:c3:95:64:ce:f7:f9:63:cb:
d5:54:c6:d3:5e:90:df:45:e6:5e:a4:40:8a:b0:b2:
df:d5:95:35:3b:b3:c7:2c:3e:89:20:bd:9c:69:e3:
1f:63:21:00:d2:f7:c4:0f:a9:f5:3e:7c:f7:23:57:
ae:c4:8c:14:66:10:1f:55:5e:8c:b7:aa:5e:ff:ac:
fd:ff:5d:9c:5a:af:28:1a:f1:90:8e:47:9f:a6:69:
89:82:b3:6a:86:c1:86:08:b8:74:39:24:7f:71:ff:
94:96:8b:b6:f3:84:3d:3e:78:31:56:7b:af:b2:ac:
9c:f4:3c:bb:b4:6e:5d:71:b7:a5:72:af:50:32:a9:
dd:00:26:77:7f:70:9a:ae:9d:07:d9:3b:88:dc:bd:
ee:b2:58:aa:7e:a5:89:35:8c:22:c7:d9:2e:f7:e4:
ff:11:73:fa:85:5c:e6:5c:29:6c:43:02:a7:7a:3f:
9c:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:A4:1C:08:2C:AB:09:27:8D:67:F6:45:14:6B:4E:DC:11:82:1E:1E
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/C95CDC66C37D11EF9454E80AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.243.212.0/22
43.252.32.0/22
103.69.112.0/22
103.129.206.0/24
103.166.119.0/24
103.172.226.0/23
103.252.4.0/22
103.253.200.0/22
IPv6:
2402:540::-2402:540:10:ffff:ffff:ffff:ffff:ffff
2407:da40::/32
Signature Algorithm: sha256WithRSAEncryption
0f:8f:44:b8:88:dc:e9:53:4d:94:7b:43:68:bc:9b:2c:03:c3:
b6:6e:b6:be:0c:ec:4d:61:f1:36:36:77:de:fb:a3:fb:dc:62:
51:7b:17:4e:51:8a:8c:3b:46:f6:0e:bd:a7:21:26:f6:62:24:
d0:94:0d:cd:dc:3b:bc:f4:47:6d:bc:83:65:8b:9c:aa:52:de:
a3:ce:63:22:a4:81:ac:97:4c:6a:dd:7f:f6:b8:fb:0d:31:81:
4e:80:b4:d8:5b:ef:4b:6d:1c:29:f8:b2:26:96:de:f9:b2:c9:
7f:03:49:e1:10:c4:7d:27:9f:bc:98:8e:c5:2a:e2:a4:39:4e:
f1:9f:6d:ea:a9:b8:10:05:b3:a6:e3:7d:b1:52:36:93:da:2e:
bf:dd:a3:f9:bf:0e:ad:e2:81:ec:2a:3c:85:da:f7:fd:23:6e:
82:88:3f:cb:a2:bf:9c:31:71:23:4c:63:b8:2b:fc:8b:d9:78:
8f:06:f8:25:17:56:5f:76:38:52:36:4f:7a:89:52:8a:e9:60:
ac:27:73:5e:f5:db:76:ab:19:1f:d3:9c:69:4a:6a:73:e7:b7:
ce:0b:c8:65:53:d1:4a:d4:fc:38:c8:0b:30:b8:df:91:a8:44:
dc:c0:8e:b0:e3:2d:4e:dd:22:66:1e:bf:20:68:68:b3:93:a6:
45:cf:31:84
-----BEGIN CERTIFICATE-----
MIIFvTCCBKWgAwIBAgIDAKCbMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MTIyNzEyMDAyN1oXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjc2ZTk2ZGEtYzYyMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANTCBij910urbrJlkKL+N4NXl/7qQAnmdzRZoaXeOfgMjpQyjMjKQwy6DTPd
mbMkhdU4rylEY6KjjXtIK2Z/ur8xFKrGdJ8TT5xRd3vJhNRs5cOVZM73+WPL1VTG
016Q30XmXqRAirCy39WVNTuzxyw+iSC9nGnjH2MhANL3xA+p9T589yNXrsSMFGYQ
H1VejLeqXv+s/f9dnFqvKBrxkI5Hn6ZpiYKzaobBhgi4dDkkf3H/lJaLtvOEPT54
MVZ7r7KsnPQ8u7RuXXG3pXKvUDKp3QAmd39wmq6dB9k7iNy97rJYqn6liTWMIsfZ
Lvfk/xFz+oVc5lwpbEMCp3o/nJsCAwEAAaOCAuAwggLcMB0GA1UdDgQWBBRZpBwI
LKsJJ41n9kUUa07cEYIeHjAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0M5NUNEQzY2
QzM3RDExRUY5NDU0RTgwQUM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMGoGCCsGAQUFBwEHAQH/
BFswWTA2BAIAATAwAwQCK/PUAwQCK/wgAwQCZ0VwAwQAZ4HOAwQAZ6Z3AwQBZ6zi
AwQCZ/wEAwQCZ/3IMB8EAgACMBkwEAMFBiQCBUADBwAkAgVAABADBQAkB9pAMA0G
CSqGSIb3DQEBCwUAA4IBAQAPj0S4iNzpU02Ue0NovJssA8O2bra+DOxNYfE2Nnfe
+6P73GJRexdOUYqMO0b2Dr2nISb2YiTQlA3N3Du89EdtvINli5yqUt6jzmMipIGs
l0xq3X/2uPsNMYFOgLTYW+9LbRwp+LImlt75ssl/A0nhEMR9J5+8mI7FKuKkOU7x
n23qqbgQBbOm432xUjaT2i6/3aP5vw6t4oHsKjyF2vf9I26CiD/Lor+cMXEjTGO4
K/yL2XiPBvglF1ZfdjhSNk96iVKK6WCsJ3Ne9dt2qxkf05xpSmpz57fOC8hlU9FK
1Pw4yAswuN+RqETcwI6w4y1O3SJmHr8gaGizk6ZFzzGE
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:01:49 2025 by rpki-client