Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/B7F8F5086EC211ECB8E7492BC4F9AE02.roa
File: B7F8F5086EC211ECB8E7492BC4F9AE02.roa (raw, json)
Hash identifier: Xu7ODrFbA2wPTpjh2F4oPU032Q4pUAS/AAK8b81p1/I=
Subject key identifier: 15:BD:2A:FF:0D:18:32:F8:78:E3:94:E9:EE:29:72:4C:63:8C:F4:4E
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 8EDF
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/B7F8F5086EC211ECB8E7492BC4F9AE02.roa
Signing time: Thu 30 May 2024 16:21:29 +0000
ROA not before: Thu 30 May 2024 16:21:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 149221
IP address blocks: 103.178.254.0/23 maxlen: 24
103.214.162.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 26 May 2025 09:12:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 36575 (0x8edf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: May 30 16:21:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6658a788-cbaf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:3e:c2:3f:94:3e:68:74:70:2a:ed:f3:cd:1e:
83:f4:fd:44:6a:0b:59:d3:eb:ea:33:b4:1d:df:da:
6e:cd:da:8b:50:d2:f1:92:de:2c:8e:cd:32:c3:73:
96:da:bf:29:38:b8:c2:33:e9:0f:0f:b2:74:f6:a2:
8a:11:2e:3e:8f:bf:89:16:0c:2b:96:80:80:4e:a0:
24:e5:86:af:64:ed:e1:14:cb:7a:36:52:ef:a7:5d:
70:c8:3e:6b:5a:b7:a2:a3:0b:65:1b:f6:11:e6:ad:
a4:60:57:f5:64:59:c4:4b:ba:4b:a5:33:db:21:4f:
d7:2a:54:7a:8d:98:87:5a:29:1b:38:d3:08:c5:c9:
eb:b2:c6:0c:13:e2:55:3a:91:f2:6b:56:30:33:8a:
1b:7f:e2:72:85:f7:e4:8f:29:d2:05:b4:06:c3:7b:
1b:60:bf:7a:33:fe:0d:ee:ba:a7:a2:06:ee:4c:bf:
b6:be:7a:03:44:ae:3e:2e:66:16:da:d6:b3:fb:9c:
5c:14:1b:35:bf:de:a8:ee:e6:9e:7f:e1:20:34:b6:
f7:50:ad:e9:3a:3a:55:a3:45:6d:ec:34:45:f6:af:
37:79:c5:f0:15:94:df:e9:38:4d:d3:2d:2b:b2:5f:
7b:8c:11:f9:63:3a:97:e4:77:db:6a:b1:2a:a8:0a:
0f:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:BD:2A:FF:0D:18:32:F8:78:E3:94:E9:EE:29:72:4C:63:8C:F4:4E
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/B7F8F5086EC211ECB8E7492BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.178.254.0/23
103.214.162.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:7d:ad:b5:87:2b:3c:d0:ad:54:76:c8:b1:ea:2e:2b:d7:2c:
a5:bd:3d:21:10:4f:0f:17:8a:d9:9d:46:89:40:ae:b9:85:b4:
1f:1f:2a:a4:75:b6:9c:06:24:30:74:5a:17:30:a2:e8:bb:df:
56:89:60:26:8b:1a:32:89:8f:e2:fb:68:ef:43:36:69:4f:02:
f6:b5:dd:94:fa:dd:34:46:29:95:ea:50:9d:55:ef:e7:8a:98:
82:15:18:4a:de:9e:88:8b:c0:37:73:2e:ef:b7:99:ff:e8:27:
3a:6d:2e:41:fe:ef:2f:36:f3:f1:0a:63:aa:ed:33:0b:f8:84:
75:25:23:a9:c3:81:8c:6f:20:01:94:8f:9a:1f:25:fe:4d:54:
b2:33:55:e8:2c:a8:93:3a:63:d0:3a:da:fc:6a:c4:08:cb:a1:
49:35:8b:2e:7f:fc:95:99:14:8d:7a:bd:db:b1:aa:bb:d1:3a:
a7:ea:6f:6e:bb:6b:7e:1e:bb:c8:27:6d:01:c8:e2:0f:7f:cd:
cc:4c:37:8b:17:6c:e5:46:67:08:ca:1b:8e:2c:52:02:ff:37:
1e:3a:91:fe:8c:f9:ba:93:64:e4:53:49:76:c6:f2:4b:8f:74:
f1:1f:8e:39:b2:55:9f:58:bb:0e:03:47:23:73:c5:97:45:2c:
04:16:24:54
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgIDAI7fMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MDUzMDE2MjEyOVoXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjY1OGE3ODgtY2JhZjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJg+wj+UPmh0cCrt880eg/T9RGoLWdPr6jO0Hd/abs3ai1DS8ZLeLI7NMsNz
ltq/KTi4wjPpDw+ydPaiihEuPo+/iRYMK5aAgE6gJOWGr2Tt4RTLejZS76ddcMg+
a1q3oqMLZRv2EeatpGBX9WRZxEu6S6Uz2yFP1ypUeo2Yh1opGzjTCMXJ67LGDBPi
VTqR8mtWMDOKG3/icoX35I8p0gW0BsN7G2C/ejP+De66p6IG7ky/tr56A0SuPi5m
FtrWs/ucXBQbNb/eqO7mnn/hIDS291Ct6To6VaNFbew0RfavN3nF8BWU3+k4TdMt
K7Jfe4wR+WM6l+R322qxKqgKD5sCAwEAAaOCApswggKXMB0GA1UdDgQWBBQVvSr/
DRgy+HjjlOnuKXJMY4z0TjAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0I3RjhGNTA4
NkVDMjExRUNCOEU3NDkyQkM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMCUGCCsGAQUFBwEHAQH/
BBYwFDASBAIAATAMAwQBZ7L+AwQAZ9aiMA0GCSqGSIb3DQEBCwUAA4IBAQAqfa21
hys80K1Udsix6i4r1yylvT0hEE8PF4rZnUaJQK65hbQfHyqkdbacBiQwdFoXMKLo
u99WiWAmixoyiY/i+2jvQzZpTwL2td2U+t00RimV6lCdVe/nipiCFRhK3p6Ii8A3
cy7vt5n/6Cc6bS5B/u8vNvPxCmOq7TML+IR1JSOpw4GMbyABlI+aHyX+TVSyM1Xo
LKiTOmPQOtr8asQIy6FJNYsuf/yVmRSNer3bsaq70Tqn6m9uu2t+HrvIJ20ByOIP
f83MTDeLF2zlRmcIyhuOLFIC/zceOpH+jPm6k2TkU0l2xvJLj3TxH445slWfWLsO
A0cjc8WXRSwEFiRU
-----END CERTIFICATE-----
Generated at Tue Jun 10 20:52:08 2025 by rpki-client