Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/51CCA400CD7911EF98E3FA71C4F9AE02.roa
File: 51CCA400CD7911EF98E3FA71C4F9AE02.roa (raw, json)
Hash identifier: pTuFbkMIYqdxj7Jk9TgXB3ItwzbDzAFVrg9TbcnLREI=
Subject key identifier: D4:7C:69:72:06:29:F6:70:96:E2:94:E9:9C:0F:0B:76:AB:3C:59:8D
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: A1AA
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/51CCA400CD7911EF98E3FA71C4F9AE02.roa
Signing time: Wed 08 Jan 2025 04:30:42 +0000
ROA not before: Wed 08 Jan 2025 04:30:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 139555
IP address blocks: 103.126.32.0/22 maxlen: 24
103.176.138.0/23 maxlen: 24
103.181.212.0/23 maxlen: 24
2001:df3:d7c0::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 08 Jan 2025 05:17:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 41386 (0xa1aa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Jan 8 04:30:42 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=677dff72-2aab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:a5:74:3e:3d:44:e8:8a:6a:cf:d7:74:1d:c1:
07:dc:44:c6:15:b4:0c:fd:f4:ed:d0:be:1e:67:ff:
3c:84:1b:33:fb:dc:fd:e6:26:df:57:45:c3:11:f6:
bf:d0:75:e6:5a:a4:5f:0e:28:4c:50:56:d3:21:58:
02:ef:23:ae:a0:82:38:50:15:05:48:5d:93:0f:99:
74:80:12:13:97:51:e5:a9:92:34:fe:49:f8:be:42:
9b:68:86:a3:dc:93:00:66:89:ea:c0:b6:42:21:74:
c8:06:64:cd:a5:ba:36:6f:0c:f5:c8:a3:be:c3:2e:
19:07:51:2e:4e:71:df:44:81:8a:a0:27:32:2f:88:
e1:10:32:14:c0:4c:3e:b0:ca:c6:73:45:9b:53:fb:
4e:c4:62:6f:61:c1:6d:47:fc:e9:fa:7f:4e:45:83:
de:04:6b:0d:f8:b7:e4:bf:d5:74:b5:b9:cb:88:6f:
2f:9e:5b:f3:ea:93:0d:03:8d:d6:ea:bd:72:39:18:
f4:64:36:8b:1c:5e:c7:a7:63:c2:3f:f4:2a:72:f2:
6f:ba:e1:aa:54:0a:1a:69:ab:7b:a4:98:6b:88:4b:
96:43:86:a1:2e:94:d0:fc:62:d2:df:7a:1f:03:2f:
bc:35:22:df:a1:8a:cd:c2:dd:9b:0f:d6:31:49:95:
cd:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:7C:69:72:06:29:F6:70:96:E2:94:E9:9C:0F:0B:76:AB:3C:59:8D
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/51CCA400CD7911EF98E3FA71C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.126.32.0/22
103.176.138.0/23
103.181.212.0/23
IPv6:
2001:df3:d7c0::/48
Signature Algorithm: sha256WithRSAEncryption
5e:d4:2a:72:e7:bf:84:1b:5f:ea:30:6e:94:6f:ac:cd:06:83:
d4:37:6f:c0:7c:9e:f9:e4:71:be:85:36:6a:52:75:99:7a:f2:
b2:62:d5:02:d1:9d:db:a4:0a:b0:2c:7a:18:98:37:27:f2:87:
5d:9c:1e:3a:22:0f:5a:12:c0:15:74:68:c1:b0:b9:21:68:e5:
dc:f6:bf:6d:20:bb:4a:93:27:5e:9b:0f:20:47:4a:fe:34:38:
40:bd:0f:1d:cd:ed:6c:1f:bb:53:ce:20:ea:eb:49:17:04:8c:
71:9f:7b:1f:22:47:16:02:c5:d6:dc:2d:e5:fb:8b:9e:a5:a0:
5c:db:96:90:59:fa:42:be:63:2b:0c:da:ac:56:4f:d4:70:d9:
a7:b7:09:2e:b8:bf:26:23:cd:6e:1e:55:4d:ac:ca:9f:a4:ee:
f5:36:13:18:18:9a:dd:b8:2e:06:99:a9:35:52:09:18:bb:3b:
60:2e:77:44:3b:83:1d:3b:8e:d6:f2:d1:87:ab:c0:af:aa:d7:
07:4a:d4:26:c1:3c:9e:5b:43:4d:ad:7f:4a:02:2e:3c:01:c3:
b5:1d:79:3b:a8:72:dc:e7:7e:0c:bb:8f:bb:14:6c:7b:a1:de:
94:eb:31:b7:1f:8e:eb:fd:0f:a6:e3:3c:e0:2a:db:7a:81:74:
c9:10:67:57
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgIDAKGqMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDEwODA0MzA0MloXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjc3ZGZmNzItMmFhYjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAO2ldD49ROiKas/XdB3BB9xExhW0DP307dC+Hmf/PIQbM/vc/eYm31dFwxH2
v9B15lqkXw4oTFBW0yFYAu8jrqCCOFAVBUhdkw+ZdIASE5dR5amSNP5J+L5Cm2iG
o9yTAGaJ6sC2QiF0yAZkzaW6Nm8M9cijvsMuGQdRLk5x30SBiqAnMi+I4RAyFMBM
PrDKxnNFm1P7TsRib2HBbUf86fp/TkWD3gRrDfi35L/VdLW5y4hvL55b8+qTDQON
1uq9cjkY9GQ2ixxex6djwj/0KnLyb7rhqlQKGmmre6SYa4hLlkOGoS6U0Pxi0t96
HwMvvDUi36GKzcLdmw/WMUmVzd0CAwEAAaOCArIwggKuMB0GA1UdDgQWBBTUfGly
Bin2cJbilOmcDwt2qzxZjTAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzUxQ0NBNDAw
Q0Q3OTExRUY5OEUzRkE3MUM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMDwGCCsGAQUFBwEHAQH/
BC0wKzAYBAIAATASAwQCZ34gAwQBZ7CKAwQBZ7XUMA8EAgACMAkDBwAgAQ3z18Aw
DQYJKoZIhvcNAQELBQADggEBAF7UKnLnv4QbX+owbpRvrM0Gg9Q3b8B8nvnkcb6F
NmpSdZl68rJi1QLRndukCrAsehiYNyfyh12cHjoiD1oSwBV0aMGwuSFo5dz2v20g
u0qTJ16bDyBHSv40OEC9Dx3N7Wwfu1POIOrrSRcEjHGfex8iRxYCxdbcLeX7i56l
oFzblpBZ+kK+YysM2qxWT9Rw2ae3CS64vyYjzW4eVU2syp+k7vU2ExgYmt24LgaZ
qTVSCRi7O2Aud0Q7gx07jtby0YerwK+q1wdK1CbBPJ5bQ02tf0oCLjwBw7UdeTuo
ctznfgy7j7sUbHuh3pTrMbcfjuv9D6bjPOAq23qBdMkQZ1c=
-----END CERTIFICATE-----
Generated at Sat Apr 26 13:46:43 2025 by rpki-client