Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91829E3/C45F60DA143711EAACF9FA33C4F9AE02/FA7A1C3AAEE911EA8DB3E03CC4F9AE02.roa
File: FA7A1C3AAEE911EA8DB3E03CC4F9AE02.roa (raw, json)
Hash identifier: bOTB2+bEyWgtdKNUrnZ6fD6Z7tIhN1BzM0C2LtukZ2M=
Subject key identifier: 59:F9:61:2A:06:C9:66:B2:35:9D:61:DF:60:0A:1E:9C:D5:61:90:36
Certificate issuer: /CN=A91829E3/serialNumber=23D20DA209C895C300EE6B659B6B1829925FBD4F
Certificate serial: 0BEB
Authority key identifier: 23:D2:0D:A2:09:C8:95:C3:00:EE:6B:65:9B:6B:18:29:92:5F:BD:4F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/I9INognIlcMA7mtlm2sYKZJfvU8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91829E3/C45F60DA143711EAACF9FA33C4F9AE02/FA7A1C3AAEE911EA8DB3E03CC4F9AE02.roa
Signing time: Mon 10 Mar 2025 19:09:14 +0000
ROA not before: Mon 10 Mar 2025 19:09:14 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 135076
IP address blocks: 43.245.244.0/22 maxlen: 24
103.208.180.0/22 maxlen: 24
103.240.248.0/22 maxlen: 24
137.59.180.0/22 maxlen: 22
137.59.180.0/24 maxlen: 24
137.59.181.0/24 maxlen: 24
137.59.182.0/24 maxlen: 24
137.59.183.0/24 maxlen: 24
221.120.96.0/21 maxlen: 24
2405:9e80::/32 maxlen: 35
Validation: Failed, certificate revoked on Sat 29 Mar 2025 05:40:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3051 (0xbeb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91829E3, serialNumber=23D20DA209C895C300EE6B659B6B1829925FBD4F
Validity
Not Before: Mar 10 19:09:14 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67cf38da-2bdf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:58:3b:66:81:20:66:94:3f:54:4c:34:7c:21:
84:64:25:b6:e9:84:7a:30:b7:39:b2:3e:8b:52:20:
82:a9:bc:a0:2c:08:c7:89:99:b3:c3:2f:f3:0f:e6:
eb:f3:08:7e:06:ac:ac:11:8a:ac:b5:4b:bb:da:12:
86:ad:03:99:3a:f6:30:ef:72:78:44:50:dd:7d:4f:
52:17:7f:3d:27:6b:2c:12:72:8e:fb:0f:d1:73:40:
a0:91:d1:b6:5d:aa:9c:ca:f4:40:e4:a4:78:08:2b:
1f:51:e6:2a:c5:b8:9a:e2:ab:76:57:af:57:df:eb:
35:1a:35:04:e2:7a:cc:6b:12:99:fe:c8:b0:09:41:
06:4a:5e:16:29:ee:c7:59:f6:76:8a:7f:1e:df:27:
55:e5:cf:9c:63:33:9e:c9:06:dc:dd:24:37:4f:7c:
67:d1:f6:96:ca:cd:0f:d3:ba:50:68:12:9b:8f:dc:
20:25:7a:dd:b2:2c:cd:ed:1f:10:e6:fb:21:69:36:
bd:49:57:a7:7f:73:08:59:1b:3a:b0:35:74:93:b9:
1d:af:87:44:6a:5f:fb:31:3c:ac:81:07:ab:30:94:
ec:14:8c:95:61:aa:aa:a1:a8:1d:06:35:1d:d6:41:
8b:f0:62:d1:d9:97:25:7d:5e:08:01:e9:92:04:ce:
48:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:F9:61:2A:06:C9:66:B2:35:9D:61:DF:60:0A:1E:9C:D5:61:90:36
X509v3 Authority Key Identifier:
keyid:23:D2:0D:A2:09:C8:95:C3:00:EE:6B:65:9B:6B:18:29:92:5F:BD:4F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91829E3/C45F60DA143711EAACF9FA33C4F9AE02/I9INognIlcMA7mtlm2sYKZJfvU8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/I9INognIlcMA7mtlm2sYKZJfvU8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91829E3/C45F60DA143711EAACF9FA33C4F9AE02/FA7A1C3AAEE911EA8DB3E03CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.245.244.0/22
103.208.180.0/22
103.240.248.0/22
137.59.180.0/22
221.120.96.0/21
IPv6:
2405:9e80::/32
Signature Algorithm: sha256WithRSAEncryption
7c:bf:b3:88:bb:5f:ad:a1:ad:bd:b8:62:8e:b6:ed:56:01:e5:
29:c1:4e:75:3d:83:57:6c:e7:73:53:61:a8:43:7a:b2:68:39:
9a:fe:cc:8a:f0:dd:93:d8:13:94:7f:b5:7d:d4:29:12:2d:8e:
9d:0b:a5:27:4b:e0:e4:18:39:b7:0a:b3:c3:39:e4:4a:06:0b:
3b:53:18:6b:3b:6b:08:32:4f:ff:aa:c2:3e:b4:ce:ae:61:9a:
41:a3:52:67:47:b0:b6:66:cf:6b:2c:a0:13:17:74:18:6d:ee:
cc:e5:6d:18:62:77:73:a9:e9:9b:46:94:81:20:ac:59:46:b9:
f6:ea:66:5e:71:19:38:9e:d9:11:00:02:91:06:e6:9f:da:81:
f1:5e:93:db:18:f7:36:5b:2a:2f:08:0e:f9:3e:e6:f1:1f:8c:
5e:46:cc:d6:1f:7f:1a:49:33:49:7e:6d:4e:17:7c:7d:0f:d2:
69:75:bd:59:f2:d8:f6:0a:28:ed:26:8e:1f:a2:f1:6a:29:ad:
e1:97:11:e1:d0:98:9a:7c:03:f5:37:72:1a:5f:3f:19:d1:4d:
8b:b8:5b:fb:b1:23:c1:64:4c:c0:6b:0c:6f:e1:79:43:2e:f0:
de:cc:4e:93:7f:c9:5a:97:9a:d1:9e:97:3d:1b:f0:7e:32:24:
77:70:f4:f5
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgICC+swDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODI5RTMxMTAvBgNVBAUTKDIzRDIwREEyMDlDODk1QzMwMEVFNkI2NTlCNkIxODI5
OTI1RkJENEYwHhcNMjUwMzEwMTkwOTE0WhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2NmMzhkYS0yYmRmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAylg7ZoEgZpQ/VEw0fCGEZCW26YR6MLc5sj6LUiCCqbygLAjHiZmzwy/zD+br
8wh+BqysEYqstUu72hKGrQOZOvYw73J4RFDdfU9SF389J2ssEnKO+w/Rc0CgkdG2
XaqcyvRA5KR4CCsfUeYqxbia4qt2V69X3+s1GjUE4nrMaxKZ/siwCUEGSl4WKe7H
WfZ2in8e3ydV5c+cYzOeyQbc3SQ3T3xn0faWys0P07pQaBKbj9wgJXrdsizN7R8Q
5vshaTa9SVenf3MIWRs6sDV0k7kdr4dEal/7MTysgQerMJTsFIyVYaqqoagdBjUd
1kGL8GLR2ZclfV4IAemSBM5I8QIDAQABo4ICvDCCArgwHQYDVR0OBBYEFFn5YSoG
yWayNZ1h32AKHpzVYZA2MB8GA1UdIwQYMBaAFCPSDaIJyJXDAO5rZZtrGCmSX71P
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4MjlFMy9DNDVGNjBEQTE0
MzcxMUVBQUNGOUZBMzNDNEY5QUUwMi9JOUlOb2duSWxjTUE3bXRsbTJzWUtaSmZ2
VTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0k5SU5vZ25JbGNNQTdtdGxtMnNZS1pKZnZVOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODI5RTMvQzQ1RjYwREExNDM3MTFFQUFDRjlGQTMzQzRGOUFFMDIvRkE3QTFDM0FB
RUU5MTFFQThEQjNFMDNDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRgYIKwYBBQUHAQcBAf8E
NzA1MCQEAgABMB4DBAIr9fQDBAJn0LQDBAJn8PgDBAKJO7QDBAPdeGAwDQQCAAIw
BwMFACQFnoAwDQYJKoZIhvcNAQELBQADggEBAHy/s4i7X62hrb24Yo627VYB5SnB
TnU9g1ds53NTYahDerJoOZr+zIrw3ZPYE5R/tX3UKRItjp0LpSdL4OQYObcKs8M5
5EoGCztTGGs7awgyT/+qwj60zq5hmkGjUmdHsLZmz2ssoBMXdBht7szlbRhid3Op
6ZtGlIEgrFlGufbqZl5xGTie2REAApEG5p/agfFek9sY9zZbKi8IDvk+5vEfjF5G
zNYffxpJM0l+bU4XfH0P0ml1vVny2PYKKO0mjh+i8WopreGXEeHQmJp8A/U3chpf
PxnRTYu4W/uxI8FkTMBrDG/heUMu8N7MTpN/yVqXmtGelz0b8H4yJHdw9PU=
-----END CERTIFICATE-----
Generated at Sat Apr 26 13:46:41 2025 by rpki-client