Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/F228CE20FDE611ECA61F5B18C4F9AE02.roa
File: F228CE20FDE611ECA61F5B18C4F9AE02.roa (raw, json)
Hash identifier: eC13RhEWqMzNVshgNUOdz34jvXduOtlSDdCoATQfuxM=
Subject key identifier: E7:75:08:06:BB:C0:7D:68:18:44:93:71:4F:80:D8:88:01:E9:0D:4A
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 8BFE
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/F228CE20FDE611ECA61F5B18C4F9AE02.roa
Signing time: Thu 30 May 2024 16:09:29 +0000
ROA not before: Thu 30 May 2024 16:09:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 138258
IP address blocks: 103.122.232.0/24 maxlen: 24
103.122.233.0/24 maxlen: 24
103.122.234.0/24 maxlen: 24
103.122.235.0/24 maxlen: 24
2400:bbe0::/32 maxlen: 48
Validation: Failed, certificate revoked on Tue 20 Aug 2024 11:07:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 35838 (0x8bfe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: May 30 16:09:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6658a4b9-6b0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:4a:38:93:1e:1a:85:68:56:f8:bc:c9:32:1b:
4b:3c:40:a5:cd:f6:b8:57:6d:ee:41:c4:08:a8:77:
91:c4:48:c1:ef:66:47:5b:be:f4:69:d9:41:68:c7:
0a:31:6f:c1:c3:eb:12:e6:bc:25:3a:73:fa:18:11:
9e:da:49:8b:b0:51:c0:53:ea:99:00:6b:87:76:67:
4e:17:d0:81:63:8f:39:fb:3d:40:df:e9:9d:de:e7:
e1:2a:9a:aa:dd:fd:c7:f6:f6:a2:a5:e6:86:1b:55:
73:2a:e8:6d:2b:91:f5:78:fa:25:8f:20:9e:8a:3f:
38:c6:64:d6:9f:16:55:d2:a5:d2:a8:19:54:89:99:
bf:e5:9f:9c:d9:55:65:85:ac:cd:c6:d0:cb:4a:8d:
1e:99:7e:06:33:f4:14:91:30:e8:37:f5:1b:b5:28:
70:ea:9b:42:01:e7:47:2c:b0:8e:cb:14:ea:3a:fa:
e7:6e:21:5c:d6:2c:4d:a4:b3:4f:07:f5:f7:84:d8:
ff:f9:d3:c3:27:3e:ca:90:4f:ae:63:eb:04:b7:72:
25:53:58:b4:4e:3e:2d:c3:42:3f:17:6f:80:cb:f7:
02:fe:e0:ed:fb:3b:81:ab:ba:82:53:1c:97:39:36:
37:54:2e:59:5d:48:c0:3e:cc:4a:01:56:62:94:e7:
2a:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:75:08:06:BB:C0:7D:68:18:44:93:71:4F:80:D8:88:01:E9:0D:4A
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/F228CE20FDE611ECA61F5B18C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.122.232.0/22
IPv6:
2400:bbe0::/32
Signature Algorithm: sha256WithRSAEncryption
4c:52:48:72:63:d1:29:7d:86:cc:cb:15:47:3f:47:7c:ff:a1:
1c:63:0b:74:a4:e3:75:b6:0f:e8:b2:d4:1e:a5:f0:5b:b3:d0:
b8:8c:85:c2:4e:7f:4e:5a:b1:71:2a:ae:a3:9c:1b:6f:2f:65:
69:51:bf:10:3e:47:4a:7e:a2:fe:49:af:79:06:6f:c4:51:69:
a9:d5:06:fa:fb:93:84:2b:6d:ce:d1:0d:73:a3:e9:f5:91:4b:
b2:a1:be:7d:ba:72:3d:aa:45:f0:7d:20:03:5e:f2:cc:19:1e:
2f:e6:ab:8a:7e:1c:9c:41:5f:d8:50:a1:94:60:92:49:06:f4:
61:e6:bf:4f:2d:a4:8f:37:f8:70:db:39:5c:9d:4d:e4:60:1a:
34:bb:a6:b4:27:68:01:70:0e:62:ed:55:f1:80:55:c3:18:5d:
2d:c6:2e:77:03:f4:3c:03:53:79:d6:7a:8e:82:49:13:33:7a:
7d:bc:ba:7e:6e:16:71:b9:03:fa:13:78:ce:78:18:72:85:37:
db:72:31:e1:54:35:75:ae:2d:5b:7a:2c:a5:a3:65:ff:f3:b3:
a4:1c:68:e3:ee:de:86:c8:c3:94:48:58:c8:01:84:da:95:0a:
ab:a3:48:83:03:2a:47:35:73:4d:4b:84:98:ce:03:9b:29:ff:
6a:13:10:55
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAIv+MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MDUzMDE2MDkyOVoXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjY1OGE0YjktNmIwZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALpKOJMeGoVoVvi8yTIbSzxApc32uFdt7kHECKh3kcRIwe9mR1u+9GnZQWjH
CjFvwcPrEua8JTpz+hgRntpJi7BRwFPqmQBrh3ZnThfQgWOPOfs9QN/pnd7n4Sqa
qt39x/b2oqXmhhtVcyrobSuR9Xj6JY8gnoo/OMZk1p8WVdKl0qgZVImZv+WfnNlV
ZYWszcbQy0qNHpl+BjP0FJEw6Df1G7UocOqbQgHnRyywjssU6jr6524hXNYsTaSz
Twf194TY//nTwyc+ypBPrmPrBLdyJVNYtE4+LcNCPxdvgMv3Av7g7fs7gau6glMc
lzk2N1QuWV1IwD7MSgFWYpTnKosCAwEAAaOCAqQwggKgMB0GA1UdDgQWBBTndQgG
u8B9aBhEk3FPgNiIAekNSjAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0YyMjhDRTIw
RkRFNjExRUNBNjFGNUIxOEM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMC4GCCsGAQUFBwEHAQH/
BB8wHTAMBAIAATAGAwQCZ3roMA0EAgACMAcDBQAkALvgMA0GCSqGSIb3DQEBCwUA
A4IBAQBMUkhyY9EpfYbMyxVHP0d8/6EcYwt0pON1tg/ostQepfBbs9C4jIXCTn9O
WrFxKq6jnBtvL2VpUb8QPkdKfqL+Sa95Bm/EUWmp1Qb6+5OEK23O0Q1zo+n1kUuy
ob59unI9qkXwfSADXvLMGR4v5quKfhycQV/YUKGUYJJJBvRh5r9PLaSPN/hw2zlc
nU3kYBo0u6a0J2gBcA5i7VXxgFXDGF0txi53A/Q8A1N51nqOgkkTM3p9vLp+bhZx
uQP6E3jOeBhyhTfbcjHhVDV1ri1beiylo2X/87OkHGjj7t6GyMOUSFjIAYTalQqr
o0iDAypHNXNNS4SYzgObKf9qExBV
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:29:27 2025 by rpki-client