Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912AFA4/B67862FAAB9511EAB2559C5BC4F9AE02/52FF9944AB9711EAB2C00F5EC4F9AE02.roa
File: 52FF9944AB9711EAB2C00F5EC4F9AE02.roa (raw, json)
Hash identifier: YQ4LDjl/vMrre++Dz725lVii5NBa1mCdZy9VQ5m3qCk=
Subject key identifier: D3:3A:56:42:BC:1D:D0:5B:48:E8:F9:D6:AB:A5:16:1C:D8:D5:D7:5A
Certificate issuer: /CN=A912AFA4/serialNumber=51942D25EDBCA51DFA56CE09ED361EB7A26DBD25
Certificate serial: 08F7
Authority key identifier: 51:94:2D:25:ED:BC:A5:1D:FA:56:CE:09:ED:36:1E:B7:A2:6D:BD:25
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UZQtJe28pR36Vs4J7TYet6JtvSU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912AFA4/B67862FAAB9511EAB2559C5BC4F9AE02/52FF9944AB9711EAB2C00F5EC4F9AE02.roa
Signing time: Mon 10 Feb 2025 01:38:42 +0000
ROA not before: Mon 10 Feb 2025 01:38:42 +0000
ROA not after: Thu 01 May 2025 00:00:00 +0000
asID: 135060
IP address blocks: 103.93.150.0/24 maxlen: 24
103.93.151.0/24 maxlen: 24
103.115.13.0/24 maxlen: 24
103.208.4.0/22 maxlen: 22
103.208.4.0/24 maxlen: 24
103.208.5.0/24 maxlen: 24
103.208.6.0/24 maxlen: 24
103.208.7.0/24 maxlen: 24
116.206.128.0/24 maxlen: 24
116.206.129.0/24 maxlen: 24
123.100.140.0/23 maxlen: 24
123.100.143.0/24 maxlen: 24
123.100.144.0/24 maxlen: 24
123.100.145.0/24 maxlen: 24
123.100.146.0/24 maxlen: 24
123.100.147.0/24 maxlen: 24
123.100.148.0/22 maxlen: 22
123.100.148.0/24 maxlen: 24
123.100.149.0/24 maxlen: 24
123.100.150.0/24 maxlen: 24
123.100.151.0/24 maxlen: 24
123.100.152.0/24 maxlen: 24
202.86.52.0/24 maxlen: 24
202.86.53.0/24 maxlen: 24
202.86.54.0/24 maxlen: 24
202.86.55.0/24 maxlen: 24
2404:6a80::/41 maxlen: 41
2404:6a80:200::/41 maxlen: 41
Validation: Failed, certificate revoked on Sat 15 Feb 2025 00:16:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2295 (0x8f7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912AFA4, serialNumber=51942D25EDBCA51DFA56CE09ED361EB7A26DBD25
Validity
Not Before: Feb 10 01:38:42 2025 GMT
Not After : May 1 00:00:00 2025 GMT
Subject: CN=67a958a1-ab9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:72:2b:50:e2:e0:26:67:04:15:57:68:4f:80:
1a:40:0c:31:ce:23:52:5a:f2:55:55:f8:8c:b1:fd:
cd:26:30:79:3c:62:66:13:e7:e7:6d:a0:0b:34:67:
1b:13:a5:0b:c0:10:c7:c3:ad:b3:be:8a:58:33:52:
b0:33:bf:4e:d0:36:08:f3:7c:3c:4c:53:c9:e3:1d:
d8:93:8f:44:04:d2:e1:16:c4:d6:c5:c6:0b:54:00:
05:66:02:0a:59:80:00:37:c5:f7:80:e8:20:51:ff:
4d:6f:e7:43:b4:4c:c0:4e:c4:79:2e:17:2d:0f:65:
47:bf:95:ad:f3:bd:d4:fe:c0:00:79:46:bd:06:1a:
eb:62:4f:ae:64:bd:49:bc:50:e5:3f:01:8e:bf:df:
62:9b:a6:26:18:12:85:65:1f:da:77:7d:b6:7a:5e:
6d:b3:27:a5:34:46:ec:2e:30:e4:cd:07:42:ec:b9:
94:0f:7b:9a:4a:fb:90:82:d8:2a:f1:e2:34:64:51:
cb:72:2e:1b:78:0c:09:0f:6c:e6:0b:d5:cb:9e:db:
3c:fa:1c:9a:6d:98:ef:29:60:97:47:7a:bd:43:e1:
8a:0c:b2:1f:e0:f8:df:5a:c6:3b:ca:78:29:e1:50:
d3:aa:2a:9c:2c:c5:b7:f5:02:88:9f:7d:34:ee:73:
93:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:3A:56:42:BC:1D:D0:5B:48:E8:F9:D6:AB:A5:16:1C:D8:D5:D7:5A
X509v3 Authority Key Identifier:
keyid:51:94:2D:25:ED:BC:A5:1D:FA:56:CE:09:ED:36:1E:B7:A2:6D:BD:25
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912AFA4/B67862FAAB9511EAB2559C5BC4F9AE02/UZQtJe28pR36Vs4J7TYet6JtvSU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UZQtJe28pR36Vs4J7TYet6JtvSU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912AFA4/B67862FAAB9511EAB2559C5BC4F9AE02/52FF9944AB9711EAB2C00F5EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.93.150.0/23
103.115.13.0/24
103.208.4.0/22
116.206.128.0/23
123.100.140.0/23
123.100.143.0-123.100.152.255
202.86.52.0/22
IPv6:
2404:6a80::/41
2404:6a80:200::/41
Signature Algorithm: sha256WithRSAEncryption
53:b5:67:56:18:aa:de:cc:b3:7a:fb:09:b8:13:c8:7f:7b:fc:
20:f9:33:d3:d9:ba:1d:1f:f3:02:dc:c0:2e:b5:23:fc:18:a7:
8c:41:9e:ac:27:0e:b5:78:26:af:ee:a1:2d:13:0a:fc:ef:07:
b8:31:b1:67:f3:4b:60:28:95:8b:8c:7c:d1:47:9d:bb:9f:98:
4b:1d:03:a5:5c:9b:f7:35:df:6c:c2:11:ff:09:20:83:81:f8:
ac:01:87:7c:b7:7c:76:ce:59:04:3c:61:46:4c:6c:4d:c7:b7:
7f:e5:cd:0a:c3:71:a9:55:31:95:d9:7b:9d:82:dd:34:e2:46:
dd:98:49:64:d8:35:3e:71:94:d1:11:3c:bb:94:32:85:3a:e5:
91:a7:d4:cb:9a:11:61:c7:4c:62:fb:1c:4e:d5:9d:e7:45:a0:
a0:90:c2:b2:20:b0:2c:48:92:fd:da:3e:af:43:54:af:a3:c6:
07:c5:88:84:3e:f0:92:ca:42:b5:31:ea:e4:b8:06:05:a4:ca:
55:68:c3:ff:02:f7:61:84:47:d7:8f:08:49:ff:86:cc:60:9e:
91:7c:09:ff:58:76:50:3e:f4:41:95:9a:19:e8:d9:ce:10:ae:
a9:2d:20:51:eb:ce:16:30:e0:96:b8:1b:6e:b7:5d:b7:84:26:
f1:ae:e5:e6
-----BEGIN CERTIFICATE-----
MIIFtzCCBJ+gAwIBAgICCPcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MkFGQTQxMTAvBgNVBAUTKDUxOTQyRDI1RURCQ0E1MURGQTU2Q0UwOUVEMzYxRUI3
QTI2REJEMjUwHhcNMjUwMjEwMDEzODQyWhcNMjUwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2E5NThhMS1hYjlhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArHIrUOLgJmcEFVdoT4AaQAwxziNSWvJVVfiMsf3NJjB5PGJmE+fnbaALNGcb
E6ULwBDHw62zvopYM1KwM79O0DYI83w8TFPJ4x3Yk49EBNLhFsTWxcYLVAAFZgIK
WYAAN8X3gOggUf9Nb+dDtEzATsR5LhctD2VHv5Wt873U/sAAeUa9BhrrYk+uZL1J
vFDlPwGOv99im6YmGBKFZR/ad322el5tsyelNEbsLjDkzQdC7LmUD3uaSvuQgtgq
8eI0ZFHLci4beAwJD2zmC9XLnts8+hyabZjvKWCXR3q9Q+GKDLIf4PjfWsY7yngp
4VDTqiqcLMW39QKIn3007nOTGQIDAQABo4IC2zCCAtcwHQYDVR0OBBYEFNM6VkK8
HdBbSOj51qulFhzY1ddaMB8GA1UdIwQYMBaAFFGULSXtvKUd+lbOCe02Hreibb0l
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyQUZBNC9CNjc4NjJGQUFC
OTUxMUVBQjI1NTlDNUJDNEY5QUUwMi9VWlF0SmUyOHBSMzZWczRKN1RZZXQ2SnR2
U1UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1VaUXRKZTI4cFIzNlZzNEo3VFlldDZKdHZTVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MkFGQTQvQjY3ODYyRkFBQjk1MTFFQUIyNTU5QzVCQzRGOUFFMDIvNTJGRjk5NDRB
Qjk3MTFFQUIyQzAwRjVFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwZQYIKwYBBQUHAQcBAf8E
VjBUMDgEAgABMDIDBAFnXZYDBABncw0DBAJn0AQDBAF0zoADBAF7ZIwwDAMEAHtk
jwMEAHtkmAMEAspWNDAYBAIAAjASAwcHJARqgAAAAwcHJARqgAIAMA0GCSqGSIb3
DQEBCwUAA4IBAQBTtWdWGKrezLN6+wm4E8h/e/wg+TPT2bodH/MC3MAutSP8GKeM
QZ6sJw61eCav7qEtEwr87we4MbFn80tgKJWLjHzRR527n5hLHQOlXJv3Nd9swhH/
CSCDgfisAYd8t3x2zlkEPGFGTGxNx7d/5c0Kw3GpVTGV2Xudgt004kbdmElk2DU+
cZTRETy7lDKFOuWRp9TLmhFhx0xi+xxO1Z3nRaCgkMKyILAsSJL92j6vQ1Svo8YH
xYiEPvCSykK1MerkuAYFpMpVaMP/AvdhhEfXjwhJ/4bMYJ6RfAn/WHZQPvRBlZoZ
6NnOEK6pLSBR684WMOCWuBtut123hCbxruXm
-----END CERTIFICATE-----
Generated at Sat Apr 26 13:09:45 2025 by rpki-client