Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/4C9386BE0ED011F09EDEF418C4F9AE02.roa
File: 4C9386BE0ED011F09EDEF418C4F9AE02.roa (raw, json)
Hash identifier: x3EYadLvUSjnrPs7EA527X0vAUFx9lOZQhFGtnHeleY=
Subject key identifier: F0:23:5A:57:C1:B6:6E:59:00:D9:D6:F1:81:1C:2C:80:7F:D5:AE:54
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: AD31
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/4C9386BE0ED011F09EDEF418C4F9AE02.roa
Signing time: Tue 01 Apr 2025 08:07:05 +0000
ROA not before: Tue 01 Apr 2025 08:07:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 134922
IP address blocks: 103.116.136.0/23 maxlen: 24
103.121.204.0/23 maxlen: 24
103.171.168.0/23 maxlen: 24
103.180.42.0/23 maxlen: 24
103.210.28.0/22 maxlen: 24
103.224.48.0/24 maxlen: 24
103.224.54.0/24 maxlen: 24
2401:fbc0::/32 maxlen: 48
Validation: Failed, certificate revoked on Tue 08 Apr 2025 06:55:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 44337 (0xad31)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Apr 1 08:07:05 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67eb9ea9-34c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:2b:ec:96:46:c3:62:3b:ad:5f:e2:99:11:34:
fd:5e:f9:60:94:c4:2b:d6:66:99:0e:62:35:b4:1b:
88:75:41:a7:32:34:0d:96:99:77:9d:be:4d:67:f7:
5e:68:7a:72:9e:e0:8f:52:29:c8:d8:cc:a0:f3:f1:
01:47:31:75:4a:09:ac:44:5e:36:0b:ef:59:61:21:
90:88:fd:2f:5a:ca:95:1c:b2:d0:d5:1c:ce:75:ea:
4e:2a:15:fb:6c:26:df:97:2c:69:61:08:cb:01:7f:
b8:bd:ba:74:b5:e7:b4:42:24:a3:53:b3:f3:c5:06:
ec:6c:a0:20:82:d6:a7:bb:18:aa:1f:2b:7f:b6:6f:
7a:d4:c0:c6:03:88:79:e3:b5:4a:6c:fb:aa:a4:7f:
c1:16:e9:1c:7d:96:fe:6d:99:bb:eb:42:7b:a2:5b:
33:b2:ff:50:90:98:b0:34:f1:37:5e:6b:9e:59:f5:
2d:89:0e:ef:19:00:6a:be:1d:29:f7:03:51:4d:6f:
44:9c:ab:b4:77:5b:1c:07:dc:9e:bd:60:7a:16:01:
b9:3d:28:55:3a:6e:ab:d5:2a:00:be:77:fb:23:da:
c9:4b:b3:8d:93:28:b4:9e:99:3d:0e:04:6d:e8:23:
14:20:c9:60:0c:27:d6:4e:45:d3:11:10:a0:43:8d:
ba:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:23:5A:57:C1:B6:6E:59:00:D9:D6:F1:81:1C:2C:80:7F:D5:AE:54
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/4C9386BE0ED011F09EDEF418C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.116.136.0/23
103.121.204.0/23
103.171.168.0/23
103.180.42.0/23
103.210.28.0/22
103.224.48.0/24
103.224.54.0/24
IPv6:
2401:fbc0::/32
Signature Algorithm: sha256WithRSAEncryption
02:79:7a:6f:34:8a:e1:94:86:2c:ef:61:cf:44:0e:a8:57:2d:
ba:28:bc:3c:ba:a9:94:2d:62:16:77:30:c5:e8:dc:94:5a:38:
0c:31:17:a0:a5:9c:0a:7e:83:dc:6a:63:d0:c4:89:e6:02:ac:
b0:95:d7:a0:58:74:92:e7:fb:a5:99:f0:29:a6:ff:5f:5d:6b:
44:9f:92:97:37:11:d9:9b:d7:4d:54:73:61:da:1f:b6:39:d5:
ff:9a:59:b9:ef:55:02:fb:a6:a0:18:13:4f:3d:bc:20:01:b9:
e2:ee:7a:19:16:0b:98:67:d9:fe:d4:bd:d6:e0:d7:77:f7:43:
3f:48:c9:df:6e:8b:bc:93:da:bd:c6:23:29:b4:a3:bd:d5:43:
4e:ab:c3:ca:b8:d9:c1:71:23:39:d3:5a:f6:9b:db:99:32:c6:
a5:43:34:75:1b:a2:72:bd:18:37:d3:72:cf:bd:d1:cf:f7:02:
10:bc:01:a9:91:49:94:4e:45:33:0a:45:76:77:1b:a2:53:5d:
c9:3f:4f:55:a6:fa:d7:df:f8:3a:51:3a:6e:38:99:0b:41:7e:
c4:26:5f:09:80:46:cc:ea:fd:da:ba:1d:f9:31:df:f7:ef:5f:
af:35:dd:1d:e5:17:d7:ae:d9:40:0a:91:e8:54:0a:fd:23:59:
62:f9:f3:e7
-----BEGIN CERTIFICATE-----
MIIFpTCCBI2gAwIBAgIDAK0xMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDQwMTA4MDcwNVoXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjdlYjllYTktMzRjMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMMr7JZGw2I7rV/imRE0/V75YJTEK9ZmmQ5iNbQbiHVBpzI0DZaZd52+TWf3
Xmh6cp7gj1IpyNjMoPPxAUcxdUoJrEReNgvvWWEhkIj9L1rKlRyy0NUcznXqTioV
+2wm35csaWEIywF/uL26dLXntEIko1Oz88UG7GygIILWp7sYqh8rf7ZvetTAxgOI
eeO1Smz7qqR/wRbpHH2W/m2Zu+tCe6JbM7L/UJCYsDTxN15rnln1LYkO7xkAar4d
KfcDUU1vRJyrtHdbHAfcnr1gehYBuT0oVTpuq9UqAL53+yPayUuzjZMotJ6ZPQ4E
begjFCDJYAwn1k5F0xEQoEONupUCAwEAAaOCAsgwggLEMB0GA1UdDgQWBBTwI1pX
wbZuWQDZ1vGBHCyAf9WuVDAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzRDOTM4NkJF
MEVEMDExRjA5RURFRjQxOEM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMFIGCCsGAQUFBwEHAQH/
BEMwQTAwBAIAATAqAwQBZ3SIAwQBZ3nMAwQBZ6uoAwQBZ7QqAwQCZ9IcAwQAZ+Aw
AwQAZ+A2MA0EAgACMAcDBQAkAfvAMA0GCSqGSIb3DQEBCwUAA4IBAQACeXpvNIrh
lIYs72HPRA6oVy26KLw8uqmULWIWdzDF6NyUWjgMMRegpZwKfoPcamPQxInmAqyw
ldegWHSS5/ulmfAppv9fXWtEn5KXNxHZm9dNVHNh2h+2OdX/mlm571UC+6agGBNP
PbwgAbni7noZFguYZ9n+1L3W4Nd390M/SMnfbou8k9q9xiMptKO91UNOq8PKuNnB
cSM501r2m9uZMsalQzR1G6JyvRg303LPvdHP9wIQvAGpkUmUTkUzCkV2dxuiU13J
P09VpvrX3/g6UTpuOJkLQX7EJl8JgEbM6v3auh35Md/371+vNd0d5RfXrtlACpHo
VAr9I1li+fPn
-----END CERTIFICATE-----
Generated at Sat Apr 26 14:02:00 2025 by rpki-client