Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/88D72D9C0EC111F0B7ACD66AC4F9AE02.roa
File: 88D72D9C0EC111F0B7ACD66AC4F9AE02.roa (raw, json)
Hash identifier: 2d5zZtvfFzAsP6RcKei2xJoinyXJuBC5NZQhy5qNoLA=
Subject key identifier: 68:5A:6A:81:A7:15:7C:DA:0D:37:85:A8:F0:67:13:E8:3D:AB:05:A6
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: AD22
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/88D72D9C0EC111F0B7ACD66AC4F9AE02.roa
Signing time: Tue 01 Apr 2025 06:21:24 +0000
ROA not before: Tue 01 Apr 2025 06:21:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 141514
IP address blocks: 103.160.126.0/23 maxlen: 24
103.170.214.0/23 maxlen: 24
103.173.240.0/23 maxlen: 24
103.175.134.0/23 maxlen: 24
103.175.190.0/23 maxlen: 24
103.177.82.0/23 maxlen: 24
103.177.112.0/23 maxlen: 24
103.177.204.0/23 maxlen: 24
103.178.122.0/23 maxlen: 24
103.178.126.0/23 maxlen: 24
103.181.112.0/23 maxlen: 24
103.183.204.0/23 maxlen: 24
103.183.228.0/23 maxlen: 24
103.184.104.0/23 maxlen: 24
103.185.234.0/23 maxlen: 24
103.186.54.0/23 maxlen: 24
103.187.228.0/23 maxlen: 24
2400:7f60::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 07 Apr 2025 07:17:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 44322 (0xad22)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Apr 1 06:21:23 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67eb85e3-8bd5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:ee:af:46:9a:5a:d0:8b:d1:71:8d:f5:1c:b0:
11:a8:34:c9:9a:24:be:79:11:11:c0:87:95:0e:9b:
c5:19:56:1f:12:63:31:bb:91:e5:48:a4:62:28:b8:
85:5d:1c:ca:cd:e9:7d:ca:5b:81:a4:69:d7:0f:0c:
9f:c6:80:fa:b2:a5:52:32:35:a2:84:28:2b:61:d3:
23:11:9f:30:b7:76:c4:af:bf:12:15:c1:f3:5b:09:
03:bb:26:ed:00:5d:75:8c:b8:bc:0b:35:46:d7:53:
b0:b3:ad:6c:05:41:ae:ab:2c:88:c4:15:7c:e3:f4:
54:3c:ff:82:48:e2:d1:ad:b1:36:03:06:db:89:5d:
b8:72:36:01:ed:d3:09:1a:e9:3b:2f:dd:94:7b:45:
02:81:8e:87:9b:dc:61:be:c4:d4:ac:14:23:ee:34:
e8:88:d2:f3:d6:31:20:3b:c4:4e:37:08:e8:c8:92:
dd:64:32:53:6c:19:b0:db:4a:b0:d5:d0:f9:0b:fe:
1c:6d:44:93:5c:8d:df:0d:e7:68:38:6e:65:94:a8:
02:67:33:20:2c:25:be:c1:4e:92:34:ac:bf:c6:93:
05:0e:99:a2:2d:e4:9d:10:89:2f:6f:c1:e0:3e:1d:
e8:29:c0:8b:ca:e2:b1:19:ee:83:3d:eb:7a:fc:fb:
7f:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:5A:6A:81:A7:15:7C:DA:0D:37:85:A8:F0:67:13:E8:3D:AB:05:A6
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/88D72D9C0EC111F0B7ACD66AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.160.126.0/23
103.170.214.0/23
103.173.240.0/23
103.175.134.0/23
103.175.190.0/23
103.177.82.0/23
103.177.112.0/23
103.177.204.0/23
103.178.122.0/23
103.178.126.0/23
103.181.112.0/23
103.183.204.0/23
103.183.228.0/23
103.184.104.0/23
103.185.234.0/23
103.186.54.0/23
103.187.228.0/23
IPv6:
2400:7f60::/32
Signature Algorithm: sha256WithRSAEncryption
a9:2f:ee:f0:8f:2b:0a:ce:3b:ba:63:d5:be:8d:18:a3:f2:5e:
28:c7:ac:1a:d8:33:b6:7c:a9:d2:1e:7b:2a:89:62:fb:bb:c0:
a0:72:be:2b:88:06:5c:21:3c:b9:b4:80:34:a0:d7:88:2e:80:
73:21:e9:18:8f:53:31:da:dc:34:76:1b:0a:ea:3d:08:cd:20:
f8:f0:f8:a1:6e:ef:cd:c5:4c:01:77:2b:4a:1c:69:d0:ab:e6:
f9:cf:06:06:94:b9:70:b6:a3:9f:a5:b4:04:b2:61:db:cc:22:
3c:fc:61:67:9f:06:c0:9a:cd:bc:cd:6c:a2:f5:30:aa:b8:0e:
ff:5f:ee:15:ce:f3:08:db:49:d7:ed:ad:58:ad:e5:72:d4:62:
89:35:e8:43:a6:c6:33:22:c0:12:34:88:51:f7:70:26:72:c1:
c4:44:df:52:0b:a4:a1:83:e0:50:b8:a0:98:53:c0:48:82:94:
ee:46:de:a6:4a:a5:d6:52:7e:7f:bf:ef:27:84:49:c1:0d:b4:
ec:ea:49:44:01:a3:fa:3e:6c:48:2d:1f:73:86:10:4a:06:cf:
8a:d3:a7:79:c0:31:87:96:38:2e:aa:73:cb:bc:d8:da:0a:ce:
da:36:ac:f2:5c:6b:2a:73:f5:75:61:c5:cf:d1:f7:5c:bb:4b:
59:8d:32:5b
-----BEGIN CERTIFICATE-----
MIIF4jCCBMqgAwIBAgIDAK0iMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDQwMTA2MjEyM1oXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjdlYjg1ZTMtOGJkNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALDur0aaWtCL0XGN9RywEag0yZokvnkREcCHlQ6bxRlWHxJjMbuR5UikYii4
hV0cys3pfcpbgaRp1w8Mn8aA+rKlUjI1ooQoK2HTIxGfMLd2xK+/EhXB81sJA7sm
7QBddYy4vAs1RtdTsLOtbAVBrqssiMQVfOP0VDz/gkji0a2xNgMG24lduHI2Ae3T
CRrpOy/dlHtFAoGOh5vcYb7E1KwUI+406IjS89YxIDvETjcI6MiS3WQyU2wZsNtK
sNXQ+Qv+HG1Ek1yN3w3naDhuZZSoAmczICwlvsFOkjSsv8aTBQ6Zoi3knRCJL2/B
4D4d6CnAi8risRnugz3revz7f/8CAwEAAaOCAwUwggMBMB0GA1UdDgQWBBRoWmqB
pxV82g03hajwZxPoPasFpjAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzg4RDcyRDlD
MEVDMTExRjBCN0FDRDY2QUM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMIGOBggrBgEFBQcBBwEB
/wR/MH0wbAQCAAEwZgMEAWegfgMEAWeq1gMEAWet8AMEAWevhgMEAWevvgMEAWex
UgMEAWexcAMEAWexzAMEAWeyegMEAWeyfgMEAWe1cAMEAWe3zAMEAWe35AMEAWe4
aAMEAWe56gMEAWe6NgMEAWe75DANBAIAAjAHAwUAJAB/YDANBgkqhkiG9w0BAQsF
AAOCAQEAqS/u8I8rCs47umPVvo0Yo/JeKMesGtgztnyp0h57Koli+7vAoHK+K4gG
XCE8ubSANKDXiC6AcyHpGI9TMdrcNHYbCuo9CM0g+PD4oW7vzcVMAXcrShxp0Kvm
+c8GBpS5cLajn6W0BLJh28wiPPxhZ58GwJrNvM1sovUwqrgO/1/uFc7zCNtJ1+2t
WK3lctRiiTXoQ6bGMyLAEjSIUfdwJnLBxETfUgukoYPgULigmFPASIKU7kbepkql
1lJ+f7/vJ4RJwQ207OpJRAGj+j5sSC0fc4YQSgbPitOnecAxh5Y4Lqpzy7zY2grO
2jas8lxrKnP1dWHFz9H3XLtLWY0yWw==
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:25:29 2025 by rpki-client