Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/CFE46780C57B11EEB8B53347C4F9AE02.roa
File: CFE46780C57B11EEB8B53347C4F9AE02.roa (raw, json)
Hash identifier: mH6oUE57YP/vuxGEoA0DeLPFkHkYYOelscDUg3jPgUY=
Subject key identifier: 9D:04:B7:61:24:E2:52:4A:C8:EE:52:D5:07:20:87:4F:83:84:9E:72
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 8B0D
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/CFE46780C57B11EEB8B53347C4F9AE02.roa
Signing time: Thu 30 May 2024 16:05:33 +0000
ROA not before: Thu 30 May 2024 16:05:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 136374
IP address blocks: 103.27.2.0/24 maxlen: 24
103.52.220.0/24 maxlen: 24
103.52.221.0/24 maxlen: 24
103.52.222.0/24 maxlen: 24
103.52.223.0/24 maxlen: 24
103.66.54.0/24 maxlen: 24
103.94.84.0/22 maxlen: 24
103.228.250.0/24 maxlen: 24
103.228.251.0/24 maxlen: 24
2404:8c40::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 31 May 2024 06:44:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 35597 (0x8b0d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: May 30 16:05:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6658a3cd-cb39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:42:be:65:2c:e3:16:39:fc:b3:b8:f3:2c:89:
cc:9d:82:0f:c6:79:bb:0f:1e:0c:bb:56:97:f3:57:
19:e9:4c:ba:f6:71:67:0e:72:95:f9:44:71:e3:18:
75:e4:58:75:84:5d:06:06:28:ce:b2:03:2b:19:d7:
55:2e:42:9d:86:28:ae:d5:bf:2f:38:35:69:88:a0:
da:ce:cd:a8:19:7c:b5:32:25:99:90:2c:92:09:7b:
9c:3f:26:76:2b:51:af:37:88:51:b9:e4:45:cc:54:
b8:3e:9d:a2:1e:fc:e1:0f:f0:7f:19:71:4d:ae:d4:
29:8e:09:34:75:b0:9f:e4:45:29:c9:e9:0e:0c:93:
10:73:82:d4:bd:f9:60:a7:c1:ec:aa:78:83:e4:57:
79:f4:a4:ed:b2:8e:bd:72:9a:9c:70:c5:05:42:d6:
61:08:0c:8f:5f:f0:41:ae:51:e4:55:98:f1:24:a5:
f2:a5:d1:e3:ad:c5:16:90:4c:fb:4b:07:2d:81:c2:
1a:c9:19:c5:e7:f1:3b:67:f9:c2:0d:64:89:92:f1:
94:cc:4c:30:d8:f9:e3:dd:f6:7d:9e:14:78:cb:61:
dc:79:1b:ca:5e:65:81:4f:86:ad:f1:9f:7d:b1:f7:
a5:4f:6f:52:7f:e1:6d:f2:7c:2e:10:7c:ec:ab:76:
fc:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:04:B7:61:24:E2:52:4A:C8:EE:52:D5:07:20:87:4F:83:84:9E:72
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/CFE46780C57B11EEB8B53347C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.27.2.0/24
103.52.220.0/22
103.66.54.0/24
103.94.84.0/22
103.228.250.0/23
IPv6:
2404:8c40::/48
Signature Algorithm: sha256WithRSAEncryption
0e:80:24:e6:93:a5:e1:fd:bb:90:c8:7e:e4:e2:01:b3:df:8e:
ac:e6:88:22:d1:5d:b6:1d:31:70:69:c2:69:e0:30:c7:72:92:
8d:1a:28:32:b2:8d:94:f1:b7:12:91:e9:08:c0:6c:f7:d7:a9:
47:7c:09:c1:a5:d0:8c:17:56:94:7a:77:97:43:52:3f:bb:15:
ac:c8:bd:18:aa:82:66:b9:c1:df:b6:43:27:01:03:2d:3d:57:
b8:89:b4:97:d2:e3:1c:39:6f:a8:65:55:54:56:5f:48:a0:d4:
a8:41:75:59:ce:a3:48:8b:e3:2f:8c:83:54:ea:c3:02:2b:53:
e8:48:55:9b:ce:49:bc:ab:1b:4f:05:5b:4f:b1:15:ad:e1:b0:
75:1a:d5:b0:79:50:f5:43:51:75:48:a2:80:fc:87:77:5a:5a:
f2:78:53:b0:a0:3d:3f:3c:1c:42:d1:f6:df:fb:36:bb:c3:ad:
ee:c5:81:17:23:ae:49:6d:b9:a5:f6:59:e4:30:bb:e6:24:6c:
6c:fc:62:48:eb:cd:e1:9c:f8:c7:57:aa:45:57:39:c5:07:dc:
f5:99:22:95:e9:d0:f0:65:72:af:9b:0a:49:35:09:86:bf:c4:
f4:b9:ec:7a:9f:24:d7:c7:56:05:fb:cf:ce:62:98:31:48:bb:
fa:b8:4f:aa
-----BEGIN CERTIFICATE-----
MIIFmzCCBIOgAwIBAgIDAIsNMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MDUzMDE2MDUzM1oXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjY1OGEzY2QtY2IzOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMFCvmUs4xY5/LO48yyJzJ2CD8Z5uw8eDLtWl/NXGelMuvZxZw5ylflEceMY
deRYdYRdBgYozrIDKxnXVS5CnYYortW/Lzg1aYig2s7NqBl8tTIlmZAskgl7nD8m
ditRrzeIUbnkRcxUuD6doh784Q/wfxlxTa7UKY4JNHWwn+RFKcnpDgyTEHOC1L35
YKfB7Kp4g+RXefSk7bKOvXKanHDFBULWYQgMj1/wQa5R5FWY8SSl8qXR463FFpBM
+0sHLYHCGskZxefxO2f5wg1kiZLxlMxMMNj54932fZ4UeMth3Hkbyl5lgU+GrfGf
fbH3pU9vUn/hbfJ8LhB87Kt2/JMCAwEAAaOCAr4wggK6MB0GA1UdDgQWBBSdBLdh
JOJSSsjuUtUHIIdPg4SecjAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0NGRTQ2Nzgw
QzU3QjExRUVCOEI1MzM0N0M0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMEgGCCsGAQUFBwEHAQH/
BDkwNzAkBAIAATAeAwQAZxsCAwQCZzTcAwQAZ0I2AwQCZ15UAwQBZ+T6MA8EAgAC
MAkDBwAkBIxAAAAwDQYJKoZIhvcNAQELBQADggEBAA6AJOaTpeH9u5DIfuTiAbPf
jqzmiCLRXbYdMXBpwmngMMdyko0aKDKyjZTxtxKR6QjAbPfXqUd8CcGl0IwXVpR6
d5dDUj+7FazIvRiqgma5wd+2QycBAy09V7iJtJfS4xw5b6hlVVRWX0ig1KhBdVnO
o0iL4y+Mg1TqwwIrU+hIVZvOSbyrG08FW0+xFa3hsHUa1bB5UPVDUXVIooD8h3da
WvJ4U7CgPT88HELR9t/7NrvDre7FgRcjrkltuaX2WeQwu+YkbGz8YkjrzeGc+MdX
qkVXOcUH3PWZIpXp0PBlcq+bCkk1CYa/xPS57HqfJNfHVgX7z85imDFIu/q4T6o=
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:06:51 2025 by rpki-client