Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/E6D568B8B74E11ED9DC01272C4F9AE02.roa
File: E6D568B8B74E11ED9DC01272C4F9AE02.roa (raw, json)
Hash identifier: 3JlE1Pch5WyCDCAhYUrsqWqD1O2jLhjFCniATZbc5lM=
Subject key identifier: E3:F9:0D:9A:3E:12:DF:2E:4F:59:44:4A:98:3D:01:2A:94:9D:BC:C9
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 89D1
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/E6D568B8B74E11ED9DC01272C4F9AE02.roa
Signing time: Thu 30 May 2024 16:00:26 +0000
ROA not before: Thu 30 May 2024 16:00:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 134877
IP address blocks: 103.91.60.0/23 maxlen: 24
103.110.236.0/22 maxlen: 24
103.124.152.0/23 maxlen: 24
103.143.108.0/24 maxlen: 24
103.148.33.0/24 maxlen: 24
103.153.10.0/23 maxlen: 24
103.154.35.0/24 maxlen: 24
103.154.204.0/23 maxlen: 24
103.154.238.0/23 maxlen: 24
103.155.32.0/23 maxlen: 24
103.156.170.0/23 maxlen: 24
103.163.232.0/23 maxlen: 24
103.168.182.0/23 maxlen: 24
103.180.223.0/24 maxlen: 24
103.207.0.0/22 maxlen: 24
103.213.1.0/24 maxlen: 24
103.213.2.0/23 maxlen: 24
103.231.116.0/22 maxlen: 24
113.30.168.0/22 maxlen: 24
210.16.84.0/22 maxlen: 24
2404:d940::/32 maxlen: 36
Validation: Failed, certificate revoked on Tue 18 Jun 2024 07:03:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 35281 (0x89d1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: May 30 16:00:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6658a29a-6958
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:46:fb:93:68:72:55:bb:77:dd:83:a5:58:e9:
03:b6:a5:c5:a8:7d:4a:97:41:63:92:cc:63:c5:55:
ad:a0:5a:47:bf:94:8e:8d:8b:af:b6:c5:d6:64:c3:
27:a3:05:5e:04:17:17:ee:72:99:49:ec:8b:74:b6:
4f:d1:1b:b0:2d:5f:f4:40:b2:5b:c9:ad:14:7b:75:
1a:ee:42:dc:50:d4:53:b2:d1:79:62:b4:7d:dd:06:
c8:4b:4e:9c:3f:be:e1:39:5e:d7:78:7c:a3:47:2a:
76:3a:c5:39:be:82:0c:b2:a1:a4:3b:2d:f0:dd:2c:
29:f3:d1:4c:72:0c:28:b1:fa:5b:ba:4b:58:04:d4:
9c:34:83:d9:f7:c8:ca:6b:01:94:26:bf:51:68:11:
39:97:04:25:c6:72:20:a5:2a:49:db:d3:48:a4:fa:
62:d7:47:4a:41:35:f2:70:82:af:39:f9:e9:3d:ed:
c3:38:1d:a8:5b:f6:cc:23:29:d8:0b:c1:99:14:fd:
25:a1:6b:c8:82:dc:76:e4:c7:6e:13:76:ed:af:24:
8f:4e:03:a2:8e:ba:71:7c:0f:25:e0:57:77:c7:1a:
e9:8c:96:29:3d:d0:05:0f:20:b9:a4:0b:02:c0:ab:
1b:a2:85:13:19:c2:35:39:17:5e:e7:1f:8c:20:27:
82:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:F9:0D:9A:3E:12:DF:2E:4F:59:44:4A:98:3D:01:2A:94:9D:BC:C9
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/E6D568B8B74E11ED9DC01272C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.91.60.0/23
103.110.236.0/22
103.124.152.0/23
103.143.108.0/24
103.148.33.0/24
103.153.10.0/23
103.154.35.0/24
103.154.204.0/23
103.154.238.0/23
103.155.32.0/23
103.156.170.0/23
103.163.232.0/23
103.168.182.0/23
103.180.223.0/24
103.207.0.0/22
103.213.1.0-103.213.3.255
103.231.116.0/22
113.30.168.0/22
210.16.84.0/22
IPv6:
2404:d940::/32
Signature Algorithm: sha256WithRSAEncryption
53:40:47:a7:8b:1c:e7:6b:ba:44:74:20:0b:d9:78:b0:b2:4f:
55:52:aa:24:3c:ed:4e:b3:7e:92:29:fa:32:4e:5a:6c:2d:25:
df:65:65:a4:30:93:c5:aa:73:30:79:2b:8f:ab:e9:7e:95:2b:
4b:91:cf:79:be:18:96:cf:ee:21:32:3c:73:9c:1c:98:d0:fc:
ce:7d:68:69:68:a0:2d:57:1e:bb:c9:66:ae:54:9f:0d:13:c6:
18:f5:cb:af:17:6a:dc:5f:c3:b7:04:8f:cf:ef:a4:6e:c7:5a:
10:ab:17:50:56:bf:c2:fe:5b:f8:70:9b:e6:18:38:7a:c5:4a:
5a:04:b3:a7:89:a5:9d:23:84:41:e9:36:6e:39:e8:64:ab:52:
6d:98:bd:b5:d4:fe:72:13:b0:f5:12:f0:59:80:0a:fa:3d:e9:
dd:5a:33:c7:ef:8c:c7:01:4f:10:f7:06:d7:cf:c8:55:7d:30:
d3:18:0b:29:6b:be:19:9c:02:f1:f9:7e:33:30:e0:7c:bc:07:
22:ef:f5:0d:f1:30:96:da:51:a4:80:bf:b6:28:b6:54:3e:40:
1a:b9:07:d6:eb:12:f2:03:fc:44:ce:80:2c:37:39:9b:8b:29:
f4:7e:42:da:da:1a:05:c1:76:83:6e:0b:9e:53:85:41:88:e3:
23:7a:61:f1
-----BEGIN CERTIFICATE-----
MIIF+TCCBOGgAwIBAgIDAInRMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MDUzMDE2MDAyNloXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjY1OGEyOWEtNjk1ODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALpG+5NoclW7d92DpVjpA7alxah9SpdBY5LMY8VVraBaR7+Ujo2Lr7bF1mTD
J6MFXgQXF+5ymUnsi3S2T9EbsC1f9ECyW8mtFHt1Gu5C3FDUU7LReWK0fd0GyEtO
nD++4Tle13h8o0cqdjrFOb6CDLKhpDst8N0sKfPRTHIMKLH6W7pLWATUnDSD2ffI
ymsBlCa/UWgROZcEJcZyIKUqSdvTSKT6YtdHSkE18nCCrzn56T3twzgdqFv2zCMp
2AvBmRT9JaFryILcduTHbhN27a8kj04Doo66cXwPJeBXd8ca6YyWKT3QBQ8guaQL
AsCrG6KFExnCNTkXXucfjCAngt0CAwEAAaOCAxwwggMYMB0GA1UdDgQWBBTj+Q2a
PhLfLk9ZREqYPQEqlJ28yTAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0U2RDU2OEI4
Qjc0RTExRUQ5REMwMTI3MkM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGlBggrBgEFBQcBBwEB
/wSBlTCBkjCBgAQCAAEwegMEAWdbPAMEAmdu7AMEAWd8mAMEAGePbAMEAGeUIQME
AWeZCgMEAGeaIwMEAWeazAMEAWea7gMEAWebIAMEAWecqgMEAWej6AMEAWeotgME
AGe03wMEAmfPADAMAwQAZ9UBAwQCZ9UAAwQCZ+d0AwQCcR6oAwQC0hBUMA0EAgAC
MAcDBQAkBNlAMA0GCSqGSIb3DQEBCwUAA4IBAQBTQEenixzna7pEdCAL2Xiwsk9V
UqokPO1Os36SKfoyTlpsLSXfZWWkMJPFqnMweSuPq+l+lStLkc95vhiWz+4hMjxz
nByY0PzOfWhpaKAtVx67yWauVJ8NE8YY9cuvF2rcX8O3BI/P76Rux1oQqxdQVr/C
/lv4cJvmGDh6xUpaBLOniaWdI4RB6TZuOehkq1JtmL211P5yE7D1EvBZgAr6Pend
WjPH74zHAU8Q9wbXz8hVfTDTGAspa74ZnALx+X4zMOB8vAci7/UN8TCW2lGkgL+2
KLZUPkAauQfW6xLyA/xEzoAsNzmbiyn0fkLa2hoFwXaDbgueU4VBiOMjemHx
-----END CERTIFICATE-----
Generated at Fri Apr 11 11:23:46 2025 by rpki-client