Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/F741F6F8E29B11ED87D2D639C4F9AE02.roa
File: F741F6F8E29B11ED87D2D639C4F9AE02.roa (raw, json)
Hash identifier: wOP64Mkyf9ioDy5Ifd3dSTk99vbPdG7Gk2Vj8LvnJGk=
Subject key identifier: 15:82:53:4E:39:E5:C9:66:3B:C4:AF:2E:A9:B5:05:CB:26:E4:04:5E
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 8872
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/F741F6F8E29B11ED87D2D639C4F9AE02.roa
Signing time: Thu 30 May 2024 15:54:35 +0000
ROA not before: Thu 30 May 2024 15:54:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 132750
IP address blocks: 43.227.184.0/23 maxlen: 24
103.66.0.0/22 maxlen: 24
103.153.156.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 30 Jan 2025 21:37:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 34930 (0x8872)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: May 30 15:54:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6658a13a-0b6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:63:d4:5b:c6:ad:10:10:1b:67:de:50:8a:8b:
e3:4f:ac:d6:9c:be:2c:f0:bf:32:2e:3d:b9:a2:d5:
60:90:ce:7c:b1:db:d0:88:1f:1b:32:37:93:bb:5a:
52:d9:cf:20:09:71:c5:8c:2a:b8:4d:3c:ef:9f:67:
2a:e4:4a:46:73:7b:78:28:3d:94:60:b4:1c:b1:25:
0c:64:76:7a:29:ca:be:71:97:66:ab:45:7e:7c:a2:
58:17:cc:49:be:c8:59:07:3b:e0:5b:3a:03:d5:df:
ca:ca:ca:1d:3d:93:e8:e5:6d:db:2f:7e:8f:19:b8:
a5:d7:6f:32:eb:c8:fb:2d:4e:40:eb:0a:98:e8:c5:
05:67:64:ea:a9:8b:e7:82:03:cd:fd:67:5b:21:ec:
a7:d7:c1:0d:8a:07:f3:56:a7:20:76:90:84:6e:17:
9c:12:83:33:9f:45:e7:90:00:36:10:4d:95:23:1f:
36:68:19:5b:a1:10:30:99:f1:47:9a:f8:74:67:2a:
a4:e5:bc:d0:2b:0f:4a:18:b6:e7:3f:55:52:83:4c:
b1:b4:7d:e2:1b:12:b2:38:ee:48:ff:d0:84:7a:ee:
a8:4e:9a:a4:65:40:39:cf:db:32:be:c3:3c:44:08:
31:6a:ef:69:36:b1:f5:64:bd:7d:b6:db:22:c0:95:
3e:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:82:53:4E:39:E5:C9:66:3B:C4:AF:2E:A9:B5:05:CB:26:E4:04:5E
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/F741F6F8E29B11ED87D2D639C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.227.184.0/23
103.66.0.0/22
103.153.156.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:58:4b:f1:6a:21:41:8b:07:7a:10:9d:0f:33:26:37:8c:9b:
1a:70:b5:66:fa:d0:88:a8:25:dc:5a:c8:30:6a:8e:f7:83:b0:
64:f6:1d:10:e1:be:25:a7:d9:9a:92:0a:b7:af:17:7e:ad:12:
55:62:0e:2f:43:ac:a0:2c:05:44:6e:11:e1:a3:b5:51:d7:02:
02:d0:79:c5:dc:4b:07:92:c3:f7:60:01:9b:13:3b:26:00:ae:
92:20:b0:31:e2:2c:37:e6:2e:16:62:4a:4d:fd:94:9c:ef:7c:
15:7f:13:a6:fb:c3:b2:63:81:02:76:58:bc:e2:85:76:0e:16:
fd:d9:bf:03:4e:5d:42:5a:17:28:e6:c7:c2:ad:a5:38:26:05:
2a:a3:ce:c0:45:28:c5:c2:85:7c:90:c8:12:53:d8:cb:14:77:
11:3e:89:33:10:f7:31:bc:53:85:71:f4:2d:4f:80:bc:95:9f:
cb:3d:ca:a9:0e:9d:02:56:ed:84:1f:d2:2d:82:bf:5c:49:8e:
e6:46:32:60:a9:f2:77:af:46:e3:79:84:45:e8:7a:4b:81:0c:
de:27:09:13:11:07:86:35:d8:f5:8c:e3:04:d3:0f:a2:78:40:
31:12:fb:44:aa:cf:43:eb:78:4d:73:29:87:46:bc:0f:dc:2d:
9c:2b:23:8d
-----BEGIN CERTIFICATE-----
MIIFfjCCBGagAwIBAgIDAIhyMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MDUzMDE1NTQzNVoXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjY1OGExM2EtMGI2ZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK5j1FvGrRAQG2feUIqL40+s1py+LPC/Mi49uaLVYJDOfLHb0IgfGzI3k7ta
UtnPIAlxxYwquE08759nKuRKRnN7eCg9lGC0HLElDGR2einKvnGXZqtFfnyiWBfM
Sb7IWQc74Fs6A9XfysrKHT2T6OVt2y9+jxm4pddvMuvI+y1OQOsKmOjFBWdk6qmL
54IDzf1nWyHsp9fBDYoH81anIHaQhG4XnBKDM59F55AANhBNlSMfNmgZW6EQMJnx
R5r4dGcqpOW80CsPShi25z9VUoNMsbR94hsSsjjuSP/QhHruqE6apGVAOc/bMr7D
PEQIMWrvaTax9WS9fbbbIsCVPo8CAwEAAaOCAqEwggKdMB0GA1UdDgQWBBQVglNO
OeXJZjvEry6ptQXLJuQEXjAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0Y3NDFGNkY4
RTI5QjExRUQ4N0QyRDYzOUM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMCsGCCsGAQUFBwEHAQH/
BBwwGjAYBAIAATASAwQBK+O4AwQCZ0IAAwQAZ5mcMA0GCSqGSIb3DQEBCwUAA4IB
AQBPWEvxaiFBiwd6EJ0PMyY3jJsacLVm+tCIqCXcWsgwao73g7Bk9h0Q4b4lp9ma
kgq3rxd+rRJVYg4vQ6ygLAVEbhHho7VR1wIC0HnF3EsHksP3YAGbEzsmAK6SILAx
4iw35i4WYkpN/ZSc73wVfxOm+8OyY4ECdli84oV2Dhb92b8DTl1CWhco5sfCraU4
JgUqo87ARSjFwoV8kMgSU9jLFHcRPokzEPcxvFOFcfQtT4C8lZ/LPcqpDp0CVu2E
H9Itgr9cSY7mRjJgqfJ3r0bjeYRF6HpLgQzeJwkTEQeGNdj1jOME0w+ieEAxEvtE
qs9D63hNcymHRrwP3C2cKyON
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:32:29 2025 by rpki-client