Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/CCEB557AB13E11EF9EADFD72C4F9AE02.roa
File: CCEB557AB13E11EF9EADFD72C4F9AE02.roa (raw, json)
Hash identifier: eEK8zGBRToLgnl79E2bcgwSOmQk8/XlX/AtdqhWo63E=
Subject key identifier: 9C:35:1E:02:90:94:D9:A8:77:BC:D0:C3:DF:96:B6:BF:B7:FC:0D:D9
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: A954
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/CCEB557AB13E11EF9EADFD72C4F9AE02.roa
Signing time: Thu 06 Mar 2025 10:22:43 +0000
ROA not before: Thu 06 Mar 2025 10:22:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 133301
IP address blocks: 45.116.228.0/22 maxlen: 24
45.249.168.0/22 maxlen: 24
103.17.110.0/24 maxlen: 24
103.38.12.0/22 maxlen: 24
103.85.204.0/22 maxlen: 24
103.157.166.0/23 maxlen: 24
103.159.150.0/23 maxlen: 24
103.165.20.0/23 maxlen: 24
103.176.128.0/23 maxlen: 24
103.194.69.0/24 maxlen: 24
103.198.128.0/24 maxlen: 24
2001:df6:3880::/48 maxlen: 50
2001:df6:4400::/48 maxlen: 48
2406:a340::/32 maxlen: 34
2407:4840::/32 maxlen: 35
Validation: Failed, certificate revoked on Mon 24 Mar 2025 07:29:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 43348 (0xa954)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: Mar 6 10:22:43 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67c97773-87e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:b8:13:d0:e5:8d:1c:80:15:dd:68:73:e9:44:
5c:30:ec:d6:bc:1d:a1:25:9c:7b:be:4e:31:48:b2:
26:dc:ee:63:1e:0b:a8:3d:96:f5:48:16:3e:33:c2:
1e:bb:8f:81:f0:4e:7a:ae:08:3f:f2:6a:67:6e:3a:
fe:56:86:15:70:16:f3:98:8d:ae:a5:f0:66:7b:81:
5b:98:f1:a5:92:67:60:b1:89:fc:c1:d6:20:78:34:
c3:e9:9d:64:6d:4a:f6:37:c2:a9:f0:19:ba:f9:bb:
80:ef:7c:e4:ba:5c:b5:94:fe:ac:b5:75:f3:8f:58:
4b:99:03:d9:e7:10:4f:3e:5c:10:dc:8a:0b:80:1a:
89:ff:36:66:23:22:1e:73:ec:5d:a7:2a:27:b5:44:
e0:74:30:40:d4:fd:70:7a:aa:b8:5a:58:b9:2e:3a:
cf:35:fc:14:3b:67:dc:3e:97:09:7b:e3:03:db:a5:
8c:ff:9a:f9:e1:3b:4e:fe:44:bc:cb:38:e3:3b:56:
e1:0f:82:b9:76:da:8f:c7:ec:50:b4:a4:5e:77:f7:
81:3c:a1:99:4e:a2:3b:4f:1a:04:3f:fb:9b:a5:af:
f9:9e:a9:93:1c:0d:16:b4:4a:26:a7:d2:2d:4e:2b:
7b:cf:e4:59:08:ac:a8:d1:8d:3b:32:e2:9e:05:dc:
be:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:35:1E:02:90:94:D9:A8:77:BC:D0:C3:DF:96:B6:BF:B7:FC:0D:D9
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/CCEB557AB13E11EF9EADFD72C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.116.228.0/22
45.249.168.0/22
103.17.110.0/24
103.38.12.0/22
103.85.204.0/22
103.157.166.0/23
103.159.150.0/23
103.165.20.0/23
103.176.128.0/23
103.194.69.0/24
103.198.128.0/24
IPv6:
2001:df6:3880::/48
2001:df6:4400::/48
2406:a340::/32
2407:4840::/32
Signature Algorithm: sha256WithRSAEncryption
7f:ce:d7:50:94:bc:ee:3e:2b:b8:34:e8:cf:01:25:a4:67:d0:
27:f5:8e:9f:78:86:07:1c:45:31:f1:9f:87:27:13:6a:af:f5:
40:be:8e:27:0a:a0:3e:1f:29:e4:76:20:36:7e:fd:7d:0d:be:
f4:61:7d:67:9d:09:73:e1:16:3d:4d:e2:e1:97:d9:1a:c6:08:
a6:bb:c1:5a:5a:79:94:45:e5:a4:05:8a:92:4f:47:23:6a:16:
20:63:5d:bf:74:33:63:48:8b:e7:7c:58:72:85:a2:24:c9:ae:
98:f2:f9:64:ad:8e:9f:e5:8e:af:8e:34:cd:8f:52:ed:09:89:
78:b3:cf:80:b6:fc:bb:a0:03:eb:bc:62:64:23:10:72:7a:6c:
39:91:df:3d:84:bb:dc:c3:30:5d:f6:ab:e3:04:f8:b5:32:dd:
86:c6:3b:d0:d8:99:25:ca:9a:e6:81:9a:d5:72:47:8f:72:8c:
9e:3d:7f:3c:94:67:00:e7:0d:8b:8c:c5:73:58:8a:49:53:83:
16:c5:78:76:40:dc:a8:32:96:49:a0:a9:1e:dc:c3:4f:30:e2:
20:84:4e:d0:f9:c7:c4:c6:55:eb:64:be:d8:10:cd:96:c9:6a:
bf:59:4b:44:a2:da:5f:51:67:35:94:72:93:78:f3:15:4f:e0:
11:99:3c:73
-----BEGIN CERTIFICATE-----
MIIF1zCCBL+gAwIBAgIDAKlUMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDMwNjEwMjI0M1oXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjdjOTc3NzMtODdlNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJu4E9DljRyAFd1oc+lEXDDs1rwdoSWce75OMUiyJtzuYx4LqD2W9UgWPjPC
HruPgfBOeq4IP/JqZ246/laGFXAW85iNrqXwZnuBW5jxpZJnYLGJ/MHWIHg0w+md
ZG1K9jfCqfAZuvm7gO985LpctZT+rLV1849YS5kD2ecQTz5cENyKC4Aaif82ZiMi
HnPsXacqJ7VE4HQwQNT9cHqquFpYuS46zzX8FDtn3D6XCXvjA9uljP+a+eE7Tv5E
vMs44ztW4Q+CuXbaj8fsULSkXnf3gTyhmU6iO08aBD/7m6Wv+Z6pkxwNFrRKJqfS
LU4re8/kWQisqNGNOzLingXcvscCAwEAAaOCAvowggL2MB0GA1UdDgQWBBScNR4C
kJTZqHe80MPflra/t/wN2TAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0NDRUI1NTdB
QjEzRTExRUY5RUFERkQ3MkM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGDBggrBgEFBQcBBwEB
/wR0MHIwSAQCAAEwQgMEAi105AMEAi35qAMEAGcRbgMEAmcmDAMEAmdVzAMEAWed
pgMEAWeflgMEAWelFAMEAWewgAMEAGfCRQMEAGfGgDAmBAIAAjAgAwcAIAEN9jiA
AwcAIAEN9kQAAwUAJAajQAMFACQHSEAwDQYJKoZIhvcNAQELBQADggEBAH/O11CU
vO4+K7g06M8BJaRn0Cf1jp94hgccRTHxn4cnE2qv9UC+jicKoD4fKeR2IDZ+/X0N
vvRhfWedCXPhFj1N4uGX2RrGCKa7wVpaeZRF5aQFipJPRyNqFiBjXb90M2NIi+d8
WHKFoiTJrpjy+WStjp/ljq+ONM2PUu0JiXizz4C2/LugA+u8YmQjEHJ6bDmR3z2E
u9zDMF32q+ME+LUy3YbGO9DYmSXKmuaBmtVyR49yjJ49fzyUZwDnDYuMxXNYiklT
gxbFeHZA3KgylkmgqR7cw08w4iCETtD5x8TGVetkvtgQzZbJar9ZS0Si2l9RZzWU
cpN48xVP4BGZPHM=
-----END CERTIFICATE-----
Generated at Fri Apr 4 21:51:53 2025 by rpki-client