Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/BDC7EB220B7E11F08FB54C56C4F9AE02.roa
File: BDC7EB220B7E11F08FB54C56C4F9AE02.roa (raw, json)
Hash identifier: s8dJr8TGwi7WJXa0Nbblauyl5b8GFvvcKZKS4ZGoDvA=
Subject key identifier: D0:36:A1:D1:05:79:AC:9D:52:B9:36:15:B5:F0:EF:50:8B:3F:12:19
Certificate issuer: /CN=A91A4402/serialNumber=B4116A8E6DA991FDCF71626E7BEA11FF69CBA846
Certificate serial: 0B8C
Authority key identifier: B4:11:6A:8E:6D:A9:91:FD:CF:71:62:6E:7B:EA:11:FF:69:CB:A8:46
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tBFqjm2pkf3PcWJue-oR_2nLqEY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/BDC7EB220B7E11F08FB54C56C4F9AE02.roa
Signing time: Fri 28 Mar 2025 02:45:43 +0000
ROA not before: Fri 28 Mar 2025 02:45:43 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 15412
IP address blocks: 43.231.188.0/24 maxlen: 24
43.231.190.0/24 maxlen: 24
43.251.184.0/24 maxlen: 24
43.251.186.0/24 maxlen: 24
45.115.32.0/24 maxlen: 24
45.115.34.0/24 maxlen: 24
45.124.60.0/22 maxlen: 22
103.7.208.0/22 maxlen: 22
103.8.84.0/24 maxlen: 24
103.8.85.0/24 maxlen: 24
103.8.86.0/24 maxlen: 24
103.8.87.0/24 maxlen: 24
103.21.104.0/24 maxlen: 24
103.21.106.0/24 maxlen: 24
103.225.192.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 01 Apr 2025 01:38:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2956 (0xb8c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A4402
Validity
Not Before: Mar 28 02:45:43 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=67e60d56-d882
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:d6:2a:37:35:00:a7:f6:c8:54:36:b2:b7:08:
ad:df:2c:57:b7:f2:71:3a:32:bd:be:eb:df:23:0c:
9d:58:2d:b7:0f:95:8b:ff:85:ef:66:16:8b:8a:b4:
14:f8:4d:92:31:7e:f8:76:e8:f0:6c:5b:f4:7d:59:
69:ee:d8:24:4b:3c:33:0c:00:6d:b3:5f:e3:7b:5f:
76:81:10:e8:da:2d:6c:d7:0e:21:49:41:9a:6b:a5:
54:ea:27:88:78:4b:09:a1:1a:03:e4:00:c0:8d:be:
30:08:89:21:f3:8e:58:d6:ba:be:a2:a8:08:43:32:
4a:bc:32:e2:29:0c:95:da:f3:ad:d0:45:1f:23:e0:
17:5d:f9:ed:3a:19:59:d9:91:8c:b7:cb:e7:a9:43:
41:1f:af:95:b0:50:cd:68:2c:87:82:1b:ff:81:ba:
ef:d9:e7:f7:9b:a5:c1:a2:08:3c:27:bd:80:87:7e:
4f:57:45:b1:9a:a1:8e:23:91:03:e9:a8:52:47:e8:
bd:e6:0a:13:91:d5:a5:45:64:ad:f7:e2:bd:a6:f1:
0d:2b:6e:a4:40:da:c9:e7:e6:95:c1:86:2d:ed:6e:
c2:f0:ad:1a:ce:09:3b:09:df:97:78:61:9c:14:95:
c5:1e:7c:4c:52:5a:e0:82:2d:20:31:dd:cd:d9:2e:
82:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:36:A1:D1:05:79:AC:9D:52:B9:36:15:B5:F0:EF:50:8B:3F:12:19
X509v3 Authority Key Identifier:
keyid:B4:11:6A:8E:6D:A9:91:FD:CF:71:62:6E:7B:EA:11:FF:69:CB:A8:46
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/tBFqjm2pkf3PcWJue-oR_2nLqEY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tBFqjm2pkf3PcWJue-oR_2nLqEY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/BDC7EB220B7E11F08FB54C56C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.231.188.0/24
43.231.190.0/24
43.251.184.0/24
43.251.186.0/24
45.115.32.0/24
45.115.34.0/24
45.124.60.0/22
103.7.208.0/22
103.8.84.0/22
103.21.104.0/24
103.21.106.0/24
103.225.192.0/22
Signature Algorithm: sha256WithRSAEncryption
7b:b0:09:b7:38:f8:85:fe:06:95:15:fc:b9:67:a0:6f:eb:4d:
71:74:5b:a5:39:3e:e8:3f:9f:b4:18:4f:e4:f0:86:eb:0f:4e:
02:e5:e0:d3:cc:86:e0:80:5e:8e:44:4a:67:8c:ca:92:df:6a:
d9:79:c8:5f:17:67:4b:58:05:9d:f0:c5:94:e1:73:6c:7d:99:
2e:8c:2b:c3:60:c6:3f:45:86:3d:1b:d7:09:c2:18:0f:57:56:
3f:ce:7e:70:3b:88:0e:7b:af:98:a8:c5:98:cc:5b:a8:dd:a3:
79:8e:cd:43:7d:b5:34:d0:cc:77:62:0f:d1:54:3e:c2:53:c7:
ee:ba:f2:40:18:38:c3:28:51:1a:18:ba:a1:48:0a:0c:ec:82:
e2:89:20:13:46:51:8d:ec:c1:ed:bf:3e:50:96:39:88:20:4d:
68:a3:27:df:ca:72:9c:d6:ff:51:f2:32:61:c5:2c:fa:0a:d1:
d0:1c:28:5a:53:7f:32:8b:36:10:fa:35:5a:b7:3c:22:d8:b7:
b8:bc:8b:7b:9a:23:55:ca:29:71:c7:03:f0:e6:8f:d7:6c:2c:
95:4d:10:2a:54:78:c0:6c:ef:6d:c4:1c:39:75:0d:35:8f:60:
38:6c:2c:3e:15:55:34:d0:a3:b0:4b:68:72:be:e8:77:5f:8e:
b7:d6:1e:57
-----BEGIN CERTIFICATE-----
MIIFszCCBJugAwIBAgICC4wwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTQ0MDIxMTAvBgNVBAUTKEI0MTE2QThFNkRBOTkxRkRDRjcxNjI2RTdCRUExMUZG
NjlDQkE4NDYwHhcNMjUwMzI4MDI0NTQzWhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02N2U2MGQ1Ni1kODgyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvtYqNzUAp/bIVDaytwit3yxXt/JxOjK9vuvfIwydWC23D5WL/4XvZhaLirQU
+E2SMX74dujwbFv0fVlp7tgkSzwzDABts1/je192gRDo2i1s1w4hSUGaa6VU6ieI
eEsJoRoD5ADAjb4wCIkh845Y1rq+oqgIQzJKvDLiKQyV2vOt0EUfI+AXXfntOhlZ
2ZGMt8vnqUNBH6+VsFDNaCyHghv/gbrv2ef3m6XBogg8J72Ah35PV0WxmqGOI5ED
6ahSR+i95goTkdWlRWSt9+K9pvENK26kQNrJ5+aVwYYt7W7C8K0azgk7Cd+XeGGc
FJXFHnxMUlrggi0gMd3N2S6COwIDAQABo4IC1zCCAtMwHQYDVR0OBBYEFNA2odEF
eaydUrk2FbXw71CLPxIZMB8GA1UdIwQYMBaAFLQRao5tqZH9z3FibnvqEf9py6hG
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNDQwMi9GREJGRDAyMDNE
OTYxMUVBOEVBMDcwMkZDNEY5QUUwMi90QkZxam0ycGtmM1BjV0p1ZS1vUl8ybkxx
RVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3RCRnFqbTJwa2YzUGNXSnVlLW9SXzJuTHFFWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTQ0MDIvRkRCRkQwMjAzRDk2MTFFQThFQTA3MDJGQzRGOUFFMDIvQkRDN0VCMjIw
QjdFMTFGMDhGQjU0QzU2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwYQYIKwYBBQUHAQcBAf8E
UjBQME4EAgABMEgDBAAr57wDBAAr574DBAAr+7gDBAAr+7oDBAAtcyADBAAtcyID
BAItfDwDBAJnB9ADBAJnCFQDBABnFWgDBABnFWoDBAJn4cAwDQYJKoZIhvcNAQEL
BQADggEBAHuwCbc4+IX+BpUV/LlnoG/rTXF0W6U5Pug/n7QYT+TwhusPTgLl4NPM
huCAXo5ESmeMypLfatl5yF8XZ0tYBZ3wxZThc2x9mS6MK8Ngxj9Fhj0b1wnCGA9X
Vj/OfnA7iA57r5ioxZjMW6jdo3mOzUN9tTTQzHdiD9FUPsJTx+668kAYOMMoURoY
uqFICgzsguKJIBNGUY3swe2/PlCWOYggTWijJ9/KcpzW/1HyMmHFLPoK0dAcKFpT
fzKLNhD6NVq3PCLYt7i8i3uaI1XKKXHHA/Dmj9dsLJVNECpUeMBs723EHDl1DTWP
YDhsLD4VVTTQo7BLaHK+6HdfjrfWHlc=
-----END CERTIFICATE-----
Generated at Thu Apr 10 09:31:35 2025 by rpki-client