Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/4C0E826C2C4511EEA59B0713C4F9AE02.roa
File: 4C0E826C2C4511EEA59B0713C4F9AE02.roa (raw, json)
Hash identifier: j6gUTdIJelAAKeMsKhgce6Hqdn3N9dNWO/YvHxOWZbI=
Subject key identifier: F6:8F:1A:E8:C0:C4:A3:FF:FF:99:E1:54:8F:10:A9:0A:82:53:99:71
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: AC59
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/4C0E826C2C4511EEA59B0713C4F9AE02.roa
Signing time: Tue 25 Mar 2025 08:31:17 +0000
ROA not before: Tue 25 Mar 2025 08:31:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 151106
IP address blocks: 43.243.76.0/24 maxlen: 24
103.177.226.0/23 maxlen: 24
103.179.118.0/23 maxlen: 24
103.181.84.0/23 maxlen: 24
103.181.150.0/24 maxlen: 24
103.189.82.0/23 maxlen: 24
103.243.232.0/24 maxlen: 24
2001:df2:bec0::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 26 Mar 2025 08:44:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 44121 (0xac59)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Mar 25 08:31:17 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67e269d5-dcc6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:1e:86:37:5c:43:d0:c0:25:2d:38:bc:e6:dc:
3f:83:b4:77:01:5f:a8:61:70:3b:5f:73:29:38:72:
92:d1:93:aa:64:89:d1:a8:a4:9b:3a:37:34:13:3e:
1e:8c:16:7f:88:0a:4f:d2:b4:d3:6d:6d:60:2a:95:
3a:58:0c:ad:34:de:f4:b6:ee:b6:cf:96:ec:1c:77:
48:3b:3c:c9:25:08:4b:7e:e6:49:d6:70:77:95:0e:
14:29:f5:51:b2:7e:f2:15:0d:7f:57:87:56:74:d4:
86:c3:f1:fb:27:98:74:a8:04:22:13:54:d1:d4:55:
ca:6c:2f:b4:c6:c8:f6:18:0f:ef:1d:80:54:8a:f3:
8d:47:4e:29:cd:73:9e:14:22:c6:5f:c9:f8:72:af:
91:c3:71:5c:21:dc:85:0e:2a:b7:8a:a5:9f:59:03:
ac:1e:c2:56:5f:48:63:9a:40:c0:b8:0a:bb:1d:a6:
c3:90:c1:19:7d:4c:41:71:c3:fb:b3:a0:d6:b1:65:
1f:bb:e5:f8:4e:67:09:1f:c3:b9:21:7d:30:e4:c9:
96:d2:7d:63:f2:31:39:49:9e:64:27:b1:fd:80:24:
72:80:bf:aa:40:2b:20:59:d5:30:1d:d2:af:13:b1:
0f:8e:6a:62:6f:f0:71:b5:e7:26:66:19:97:13:74:
39:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:8F:1A:E8:C0:C4:A3:FF:FF:99:E1:54:8F:10:A9:0A:82:53:99:71
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/4C0E826C2C4511EEA59B0713C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.243.76.0/24
103.177.226.0/23
103.179.118.0/23
103.181.84.0/23
103.181.150.0/24
103.189.82.0/23
103.243.232.0/24
IPv6:
2001:df2:bec0::/48
Signature Algorithm: sha256WithRSAEncryption
51:d7:2c:d2:d9:7c:26:11:f5:da:82:9b:8c:73:13:f1:bd:ee:
ef:d3:42:8a:f4:d9:5f:a2:02:0b:49:eb:21:63:01:f2:77:9b:
8b:4a:7a:5f:5c:fe:cd:ad:25:d3:b3:f0:a3:f0:a8:ba:67:94:
e6:36:0e:a9:22:8f:68:92:cf:87:44:ce:b0:99:59:37:63:8a:
11:6a:7b:d2:87:4f:29:a2:20:9e:29:de:5a:87:cb:60:84:47:
20:4b:ac:9e:55:c8:08:21:51:6c:c4:10:6f:55:4e:e9:6f:9e:
e7:17:31:8e:a2:6c:65:9f:e4:a8:60:33:7c:70:dc:1f:14:a9:
a4:a9:a6:a2:78:cd:96:d0:b9:b0:36:32:a5:2a:5b:15:c9:bc:
a1:b6:6a:e4:bb:f5:54:70:c2:77:72:bd:65:f9:d1:3e:c2:77:
1e:6c:d7:87:97:78:0a:b0:67:5b:f1:a7:0d:ae:a6:6f:04:76:
5a:c3:6d:92:b0:ec:9f:10:9b:6d:92:d5:64:d8:41:32:8a:4a:
54:99:be:2c:3b:c4:73:79:1a:a4:69:dd:8e:24:19:dd:0f:eb:
2a:c8:b8:df:b3:78:eb:ee:5f:3b:50:1b:76:df:66:61:b1:b9:
c6:89:e7:d5:40:a1:57:46:8c:ce:60:ef:6a:47:1d:fa:37:27:
e1:cc:24:80
-----BEGIN CERTIFICATE-----
MIIFpzCCBI+gAwIBAgIDAKxZMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDMyNTA4MzExN1oXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjdlMjY5ZDUtZGNjNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALkehjdcQ9DAJS04vObcP4O0dwFfqGFwO19zKThyktGTqmSJ0aikmzo3NBM+
HowWf4gKT9K0021tYCqVOlgMrTTe9Lbuts+W7Bx3SDs8ySUIS37mSdZwd5UOFCn1
UbJ+8hUNf1eHVnTUhsPx+yeYdKgEIhNU0dRVymwvtMbI9hgP7x2AVIrzjUdOKc1z
nhQixl/J+HKvkcNxXCHchQ4qt4qln1kDrB7CVl9IY5pAwLgKux2mw5DBGX1MQXHD
+7Og1rFlH7vl+E5nCR/DuSF9MOTJltJ9Y/IxOUmeZCex/YAkcoC/qkArIFnVMB3S
rxOxD45qYm/wcbXnJmYZlxN0OdcCAwEAAaOCAsowggLGMB0GA1UdDgQWBBT2jxro
wMSj//+Z4VSPEKkKglOZcTAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzRDMEU4MjZD
MkM0NTExRUVBNTlCMDcxM0M0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMFQGCCsGAQUFBwEHAQH/
BEUwQzAwBAIAATAqAwQAK/NMAwQBZ7HiAwQBZ7N2AwQBZ7VUAwQAZ7WWAwQBZ71S
AwQAZ/PoMA8EAgACMAkDBwAgAQ3yvsAwDQYJKoZIhvcNAQELBQADggEBAFHXLNLZ
fCYR9dqCm4xzE/G97u/TQor02V+iAgtJ6yFjAfJ3m4tKel9c/s2tJdOz8KPwqLpn
lOY2Dqkij2iSz4dEzrCZWTdjihFqe9KHTymiIJ4p3lqHy2CERyBLrJ5VyAghUWzE
EG9VTulvnucXMY6ibGWf5KhgM3xw3B8UqaSppqJ4zZbQubA2MqUqWxXJvKG2auS7
9VRwwndyvWX50T7Cdx5s14eXeAqwZ1vxpw2upm8EdlrDbZKw7J8Qm22S1WTYQTKK
SlSZviw7xHN5GqRp3Y4kGd0P6yrIuN+zeOvuXztQG3bfZmGxucaJ59VAoVdGjM5g
72pHHfo3J+HMJIA=
-----END CERTIFICATE-----
Generated at Sat Apr 26 17:02:36 2025 by rpki-client