Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911ED2C/00373C6C9BBC11EE851ADD50C4F9AE02/65C7CE029BBC11EEB0288751C4F9AE02.roa
File: 65C7CE029BBC11EEB0288751C4F9AE02.roa (raw, json)
Hash identifier: mER927iy7vQUHvDhVMcHoQ3Dv/heW/oKTmk4fsQvNrc=
Subject key identifier: 3E:27:9A:06:72:1A:E2:61:C9:55:01:E6:A8:46:D3:7F:1C:5F:EE:72
Certificate issuer: /CN=A911ED2C/serialNumber=9D3414283B227B8F512F305F2ACDB43CDE9E4D12
Certificate serial: 38
Authority key identifier: 9D:34:14:28:3B:22:7B:8F:51:2F:30:5F:2A:CD:B4:3C:DE:9E:4D:12
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nTQUKDsie49RLzBfKs20PN6eTRI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911ED2C/00373C6C9BBC11EE851ADD50C4F9AE02/65C7CE029BBC11EEB0288751C4F9AE02.roa
Signing time: Fri 16 Feb 2024 03:30:54 +0000
ROA not before: Fri 16 Feb 2024 03:30:54 +0000
ROA not after: Mon 31 Mar 2025 00:00:00 +0000
asID: 4785
IP address blocks: 36.50.84.0/23 maxlen: 23
103.47.186.0/24 maxlen: 24
103.53.80.0/23 maxlen: 23
103.91.144.0/23 maxlen: 23
103.99.178.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 02 Sep 2024 06:15:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 56 (0x38)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911ED2C
Validity
Not Before: Feb 16 03:30:54 2024 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=65ced6ee-0e61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:4e:b1:ba:f6:c5:c7:8e:e6:d5:20:90:e9:e8:
54:42:a3:ee:24:e7:a8:7c:dc:95:02:73:03:95:69:
26:a8:c7:88:ba:9c:9f:8b:1f:e3:1d:83:8b:f8:bf:
b5:80:4d:d9:f5:3e:79:8e:c4:57:a6:d2:b5:34:49:
44:1e:22:69:aa:72:80:31:3b:ff:96:fa:fd:b6:a7:
9a:98:38:4d:67:c8:26:ea:95:f9:f3:6f:98:5b:93:
32:ce:88:7f:11:ab:f2:0b:6b:b4:a0:8a:78:11:e9:
43:b8:a2:6a:5b:61:de:3b:d9:e8:b1:f5:49:53:ee:
1d:04:42:99:06:ab:f0:88:86:a0:0a:24:30:71:21:
25:e6:2c:1e:76:b4:12:36:4d:55:68:a1:78:5e:ed:
b6:21:0d:72:54:2c:0a:f1:bf:c8:00:34:59:1a:d7:
dc:44:7f:99:74:29:e4:8c:4b:f2:5a:8b:58:86:29:
c3:26:16:56:1b:87:49:94:87:50:48:60:9b:5d:46:
c1:57:9f:c8:16:f9:84:66:c6:47:39:d7:46:25:8f:
08:89:b9:dc:3f:37:7d:8e:3a:1f:b2:aa:b7:0b:c3:
14:61:7c:f4:3d:3c:d9:34:38:1d:eb:fc:b8:7d:5b:
a0:09:09:07:5f:60:ea:14:dd:36:8d:0a:3e:2e:e6:
f8:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:27:9A:06:72:1A:E2:61:C9:55:01:E6:A8:46:D3:7F:1C:5F:EE:72
X509v3 Authority Key Identifier:
keyid:9D:34:14:28:3B:22:7B:8F:51:2F:30:5F:2A:CD:B4:3C:DE:9E:4D:12
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911ED2C/00373C6C9BBC11EE851ADD50C4F9AE02/nTQUKDsie49RLzBfKs20PN6eTRI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nTQUKDsie49RLzBfKs20PN6eTRI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911ED2C/00373C6C9BBC11EE851ADD50C4F9AE02/65C7CE029BBC11EEB0288751C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
36.50.84.0/23
103.47.186.0/24
103.53.80.0/23
103.91.144.0/23
103.99.178.0/23
Signature Algorithm: sha256WithRSAEncryption
73:a5:bc:95:3b:4f:98:c8:c9:d1:f5:ff:ef:cf:e9:1d:d9:1d:
6a:3d:76:53:d0:72:ec:23:44:ea:9a:1a:5d:56:ef:35:49:6c:
0c:d8:95:b6:b7:f9:90:d3:6d:eb:bb:b0:d5:f1:cf:17:ab:ca:
00:36:51:36:2e:9e:83:32:a2:37:4c:af:93:86:8e:e9:e3:be:
c6:dd:ec:03:8b:c0:8a:1a:75:f3:ae:d8:f6:19:46:4a:ba:ea:
22:11:a4:15:1b:53:43:14:fe:a8:52:e5:54:44:c0:02:23:af:
a9:cf:a7:37:19:19:6f:62:b4:9c:9f:5e:a7:83:ec:62:47:a1:
73:fd:40:32:44:5d:e1:fa:d4:c1:f4:1b:de:b1:bb:98:2a:c2:
3c:02:10:d2:8a:b6:04:0d:3e:ad:01:5e:54:fc:45:7c:48:94:
34:b6:89:db:b7:a7:58:c2:c5:e1:e1:da:9a:c7:a4:e7:48:8c:
d9:d0:ff:81:7e:c8:43:e9:85:d4:7b:99:37:36:e7:45:03:56:
ea:58:40:bd:09:b8:da:e1:10:4b:4f:71:7e:42:5a:38:1e:73:
f6:6b:b3:c4:65:98:3c:9f:e6:64:ba:ca:f8:d9:d1:19:2a:0f:
b1:5c:d2:e0:3e:34:49:19:23:93:ef:e0:2f:29:d7:d4:4b:5a:
1c:87:c9:b5
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgIBODANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEx
RUQyQzExMC8GA1UEBRMoOUQzNDE0MjgzQjIyN0I4RjUxMkYzMDVGMkFDREI0M0NE
RTlFNEQxMjAeFw0yNDAyMTYwMzMwNTRaFw0yNTAzMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1Y2VkNmVlLTBlNjEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDUTrG69sXHjubVIJDp6FRCo+4k56h83JUCcwOVaSaox4i6nJ+LH+Mdg4v4v7WA
Tdn1PnmOxFem0rU0SUQeImmqcoAxO/+W+v22p5qYOE1nyCbqlfnzb5hbkzLOiH8R
q/ILa7SgingR6UO4ompbYd472eix9UlT7h0EQpkGq/CIhqAKJDBxISXmLB52tBI2
TVVooXhe7bYhDXJULArxv8gANFka19xEf5l0KeSMS/Jai1iGKcMmFlYbh0mUh1BI
YJtdRsFXn8gW+YRmxkc510YljwiJudw/N32OOh+yqrcLwxRhfPQ9PNk0OB3r/Lh9
W6AJCQdfYOoU3TaNCj4u5vitAgMBAAGjggKtMIICqTAdBgNVHQ4EFgQUPieaBnIa
4mHJVQHmqEbTfxxf7nIwHwYDVR0jBBgwFoAUnTQUKDsie49RLzBfKs20PN6eTRIw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTFFRDJDLzAwMzczQzZDOUJC
QzExRUU4NTFBREQ1MEM0RjlBRTAyL25UUVVLRHNpZTQ5Ukx6QmZLczIwUE42ZVRS
SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvblRRVUtEc2llNDlSTHpCZktzMjBQTjZlVFJJLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx
RUQyQy8wMDM3M0M2QzlCQkMxMUVFODUxQURENTBDNEY5QUUwMi82NUM3Q0UwMjlC
QkMxMUVFQjAyODg3NTFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDA3BggrBgEFBQcBBwEB/wQo
MCYwJAQCAAEwHgMEASQyVAMEAGcvugMEAWc1UAMEAWdbkAMEAWdjsjANBgkqhkiG
9w0BAQsFAAOCAQEAc6W8lTtPmMjJ0fX/78/pHdkdaj12U9By7CNE6poaXVbvNUls
DNiVtrf5kNNt67uw1fHPF6vKADZRNi6egzKiN0yvk4aO6eO+xt3sA4vAihp1867Y
9hlGSrrqIhGkFRtTQxT+qFLlVETAAiOvqc+nNxkZb2K0nJ9ep4PsYkehc/1AMkRd
4frUwfQb3rG7mCrCPAIQ0oq2BA0+rQFeVPxFfEiUNLaJ27enWMLF4eHamsek50iM
2dD/gX7IQ+mF1HuZNzbnRQNW6lhAvQm42uEQS09xfkJaOB5z9muzxGWYPJ/mZLrK
+NnRGSoPsVzS4D40SRkjk+/gLynX1EtaHIfJtQ==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:37:20 2025 by rpki-client