Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/683A88681F4211F088D8BD2BC4F9AE02.roa
File: 683A88681F4211F088D8BD2BC4F9AE02.roa (raw, json)
Hash identifier: wSN/cLlknrbl4EAheF04Yi3pP+dINcncsb2S+W3Jvgo=
Subject key identifier: F2:7B:59:15:04:18:7F:B5:E7:2D:C1:5D:55:74:25:58:A7:FE:DF:7F
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: AF2B
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/683A88681F4211F088D8BD2BC4F9AE02.roa
Signing time: Tue 22 Apr 2025 06:24:13 +0000
ROA not before: Tue 22 Apr 2025 06:24:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 139508
IP address blocks: 103.172.220.0/23 maxlen: 24
103.181.4.0/23 maxlen: 24
2001:df1:b8c0::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 25 Apr 2025 09:15:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 44843 (0xaf2b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Apr 22 06:24:13 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6807360c-1088
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:be:88:1d:11:ec:e9:06:59:ba:4f:cc:2f:98:
a4:24:31:c9:84:be:00:14:03:1a:5a:94:50:26:32:
b4:ee:4a:c4:9a:8f:54:dc:80:39:fd:04:d4:6f:7c:
5a:2d:20:1b:6c:ff:ee:b3:c9:32:7f:a2:2d:b3:40:
d1:ad:20:f4:28:66:de:e5:5e:3a:9c:d7:88:1d:d1:
cb:5e:d4:78:54:2e:77:dd:22:c5:fd:48:4d:e3:bd:
e1:28:48:26:dc:f3:1a:21:a9:f2:ab:b9:d7:fa:25:
2b:f8:64:01:9a:0a:1b:fe:5a:68:b1:dc:ae:c6:90:
ee:58:4d:24:32:0c:9d:6a:44:6e:c5:20:66:c6:b9:
71:53:48:77:cb:40:27:c6:4b:a6:90:b5:ca:8a:49:
f0:a8:02:0d:2d:20:ea:62:f7:67:df:50:89:17:9c:
60:45:48:e0:ed:d6:da:25:1a:e8:a1:a4:cb:4d:35:
0e:14:6f:f8:b4:26:38:d9:83:53:b9:84:d3:16:07:
78:55:97:06:3e:77:08:17:5c:6b:00:61:8d:65:79:
62:c3:7b:67:d3:d4:c9:85:1c:f2:6b:9e:6a:81:e0:
7e:70:a9:9d:4f:98:28:e9:03:74:d0:15:94:d4:ed:
19:54:7c:63:ad:b3:2b:2f:5f:3e:51:aa:30:d6:20:
41:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:7B:59:15:04:18:7F:B5:E7:2D:C1:5D:55:74:25:58:A7:FE:DF:7F
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/683A88681F4211F088D8BD2BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.172.220.0/23
103.181.4.0/23
IPv6:
2001:df1:b8c0::/48
Signature Algorithm: sha256WithRSAEncryption
52:9f:cb:8d:3b:af:b6:ef:4a:94:7a:c1:cb:46:00:48:bb:b5:
30:a7:fe:60:84:80:c9:42:bd:6c:ed:b5:72:53:6f:29:64:82:
35:9a:68:6c:01:31:47:98:7c:2f:e4:65:3d:84:2a:27:ff:f0:
a0:fb:09:f0:b1:87:8b:c9:39:b8:50:8d:b4:d7:fa:ee:44:4c:
75:f8:6b:33:c4:05:c2:28:ae:79:dd:97:5b:5a:29:e5:d9:a5:
36:f2:02:c3:ac:d1:e9:81:8d:5b:6b:ee:ae:68:08:29:a4:1a:
e6:6f:96:ea:b3:76:db:f2:de:cf:2f:1a:c1:7c:94:f8:cf:1d:
16:1c:57:e2:34:38:5c:3e:7d:16:ff:e1:84:9d:0d:73:0e:ea:
63:cb:55:c9:d1:25:12:a6:eb:1f:8a:61:a2:21:08:75:49:a4:
fb:27:8c:95:a5:b8:f4:8f:78:aa:08:a9:ce:ca:77:e1:ca:12:
d1:63:3f:4e:dd:69:9d:76:ef:4c:53:6f:59:52:fe:fe:2b:4d:
03:77:3c:5f:92:fd:f8:38:05:ae:6f:8e:4d:f1:e4:11:22:f2:
af:02:0f:96:02:19:55:d3:9e:b4:26:5b:b2:22:44:78:72:fd:
48:4b:c7:ac:c8:89:dc:7a:8f:32:cc:3e:00:69:dc:97:2e:c8:
f2:34:53:9a
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgIDAK8rMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDQyMjA2MjQxM1oXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjgwNzM2MGMtMTA4ODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKq+iB0R7OkGWbpPzC+YpCQxyYS+ABQDGlqUUCYytO5KxJqPVNyAOf0E1G98
Wi0gG2z/7rPJMn+iLbNA0a0g9Chm3uVeOpzXiB3Ry17UeFQud90ixf1ITeO94ShI
JtzzGiGp8qu51/olK/hkAZoKG/5aaLHcrsaQ7lhNJDIMnWpEbsUgZsa5cVNId8tA
J8ZLppC1yopJ8KgCDS0g6mL3Z99QiRecYEVI4O3W2iUa6KGky001DhRv+LQmONmD
U7mE0xYHeFWXBj53CBdcawBhjWV5YsN7Z9PUyYUc8mueaoHgfnCpnU+YKOkDdNAV
lNTtGVR8Y62zKy9fPlGqMNYgQUkCAwEAAaOCAqwwggKoMB0GA1UdDgQWBBTye1kV
BBh/tectwV1VdCVYp/7ffzAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzY4M0E4ODY4
MUY0MjExRjA4OEQ4QkQyQkM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMDYGCCsGAQUFBwEHAQH/
BCcwJTASBAIAATAMAwQBZ6zcAwQBZ7UEMA8EAgACMAkDBwAgAQ3xuMAwDQYJKoZI
hvcNAQELBQADggEBAFKfy407r7bvSpR6wctGAEi7tTCn/mCEgMlCvWzttXJTbylk
gjWaaGwBMUeYfC/kZT2EKif/8KD7CfCxh4vJObhQjbTX+u5ETHX4azPEBcIornnd
l1taKeXZpTbyAsOs0emBjVtr7q5oCCmkGuZvluqzdtvy3s8vGsF8lPjPHRYcV+I0
OFw+fRb/4YSdDXMO6mPLVcnRJRKm6x+KYaIhCHVJpPsnjJWluPSPeKoIqc7Kd+HK
EtFjP07daZ1270xTb1lS/v4rTQN3PF+S/fg4Ba5vjk3x5BEi8q8CD5YCGVXTnrQm
W7IiRHhy/UhLx6zIidx6jzLMPgBp3JcuyPI0U5o=
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:26:37 2025 by rpki-client