Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/CB7D45B4322011F08F217577C4F9AE02.roa
File: CB7D45B4322011F08F217577C4F9AE02.roa (raw, json)
Hash identifier: A58P46ecYKGEoy4im72oghxVuhXFwRvaLScKUPm1F3g=
Subject key identifier: D5:BB:B5:B3:1B:19:91:08:03:51:26:19:06:EE:31:04:61:A8:8D:36
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: BB14
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/CB7D45B4322011F08F217577C4F9AE02.roa
Signing time: Fri 16 May 2025 06:41:28 +0000
ROA not before: Fri 16 May 2025 06:41:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 133271
IP address blocks: 103.90.211.0/24 maxlen: 24
103.148.206.0/24 maxlen: 24
103.152.179.0/24 maxlen: 24
103.158.242.0/24 maxlen: 24
103.172.254.0/23 maxlen: 24
2001:df1:3740::/48 maxlen: 48
2001:df1:c540::/48 maxlen: 48
2001:df7:8180::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 16 May 2025 07:12:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 47892 (0xbb14)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: May 16 06:41:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6826de18-8684
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:3f:ed:8b:69:7c:7c:68:64:25:dd:fc:29:70:
b3:44:5c:03:dd:3b:bd:8c:a6:0a:60:14:de:c1:3a:
73:7c:a5:5a:1e:3e:f6:f3:8a:19:5e:a3:67:1f:4b:
e0:9f:e9:96:75:93:86:97:5b:fa:26:29:65:5b:fb:
7d:a8:4b:e6:9b:b4:d7:1b:ca:23:d1:6f:d0:9c:2a:
bd:e6:db:4a:94:75:b5:9a:31:9d:fa:6e:35:ee:11:
ae:12:03:aa:fc:70:f5:a7:57:9d:1f:b4:e2:87:42:
1b:76:0e:5d:ad:2d:9a:51:54:4b:38:46:66:7e:6c:
17:f4:9e:d0:7a:c4:3d:31:c9:35:6d:29:92:ce:96:
1b:c8:01:47:97:d4:d4:bc:45:98:0a:94:f9:59:50:
47:dc:20:8c:66:ab:26:9a:62:f9:13:4a:17:0a:44:
e6:ed:2c:ab:aa:18:c6:6a:28:b0:31:df:4a:0b:fb:
dd:9e:1b:a7:f5:c6:99:9c:dd:56:3a:64:bd:c5:ef:
fe:12:0a:fe:4d:48:4d:67:fe:13:f1:c4:f4:70:48:
1d:ec:d3:74:fb:af:a9:11:0e:8e:71:84:3e:0f:38:
0d:fd:a1:fa:ca:a2:f1:f3:be:ec:36:c5:b9:aa:05:
a9:5a:de:36:2c:bd:dd:cd:8d:9e:49:97:51:6b:3f:
51:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:BB:B5:B3:1B:19:91:08:03:51:26:19:06:EE:31:04:61:A8:8D:36
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/CB7D45B4322011F08F217577C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.90.211.0/24
103.148.206.0/24
103.152.179.0/24
103.158.242.0/24
103.172.254.0/23
IPv6:
2001:df1:3740::/48
2001:df1:c540::/48
2001:df7:8180::/48
Signature Algorithm: sha256WithRSAEncryption
aa:5d:fe:b7:2e:1e:72:27:19:05:e3:e9:f8:d3:95:7b:74:e3:
f9:28:3e:94:c3:f2:fb:f7:cc:ab:2a:7f:7c:66:83:65:8f:17:
67:38:9d:cf:9b:ec:a0:b3:70:6d:5b:95:e6:50:13:36:ee:52:
06:97:f7:6e:c0:aa:46:69:a0:de:dd:e6:ee:c7:c2:3b:f0:36:
99:48:47:01:f7:9a:15:25:5f:e4:4c:4f:93:a7:ea:ea:de:4f:
f1:97:1c:b4:8d:7f:9e:53:fc:e5:f3:84:82:56:5c:87:78:ae:
c5:f2:6f:5f:c1:d9:d5:c9:9e:0d:19:c3:be:e2:f9:4b:95:50:
07:a9:f7:ff:09:0e:c5:18:cb:d5:80:7f:64:83:c8:48:d4:67:
84:9c:fc:0d:c5:1e:13:35:88:39:93:66:3d:2b:cd:c4:7f:5f:
e9:eb:3f:78:86:9d:91:a0:c4:f8:10:84:8a:da:42:cf:c5:af:
c3:56:8a:b1:6f:04:b8:8c:2c:f3:16:3f:28:1b:ee:93:ac:64:
82:b1:8f:1b:c0:b3:ee:96:4f:42:be:2d:17:88:61:2d:8f:02:
34:3b:be:5e:93:5f:c2:ae:47:73:ce:98:e7:1f:f8:b7:7e:22:
77:3a:f4:ea:81:bb:6d:e1:b5:bd:15:b1:fd:34:19:f4:1d:2e:
93:e5:68:7a
-----BEGIN CERTIFICATE-----
MIIFrTCCBJWgAwIBAgIDALsUMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDUxNjA2NDEyOFoXDTI2MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjgyNmRlMTgtODY4NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKc/7YtpfHxoZCXd/Clws0RcA907vYymCmAU3sE6c3ylWh4+9vOKGV6jZx9L
4J/plnWThpdb+iYpZVv7fahL5pu01xvKI9Fv0JwqvebbSpR1tZoxnfpuNe4RrhID
qvxw9adXnR+04odCG3YOXa0tmlFUSzhGZn5sF/Se0HrEPTHJNW0pks6WG8gBR5fU
1LxFmAqU+VlQR9wgjGarJppi+RNKFwpE5u0sq6oYxmoosDHfSgv73Z4bp/XGmZzd
VjpkvcXv/hIK/k1ITWf+E/HE9HBIHezTdPuvqREOjnGEPg84Df2h+sqi8fO+7DbF
uaoFqVreNiy93c2NnkmXUWs/UQMCAwEAAaOCAtAwggLMMB0GA1UdDgQWBBTVu7Wz
GxmRCANRJhkG7jEEYaiNNjAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0NCN0Q0NUI0
MzIyMDExRjA4RjIxNzU3N0M0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMFoGCCsGAQUFBwEHAQH/
BEswSTAkBAIAATAeAwQAZ1rTAwQAZ5TOAwQAZ5izAwQAZ57yAwQBZ6z+MCEEAgAC
MBsDBwAgAQ3xN0ADBwAgAQ3xxUADBwAgAQ33gYAwDQYJKoZIhvcNAQELBQADggEB
AKpd/rcuHnInGQXj6fjTlXt04/koPpTD8vv3zKsqf3xmg2WPF2c4nc+b7KCzcG1b
leZQEzbuUgaX927AqkZpoN7d5u7HwjvwNplIRwH3mhUlX+RMT5On6ureT/GXHLSN
f55T/OXzhIJWXId4rsXyb1/B2dXJng0Zw77i+UuVUAep9/8JDsUYy9WAf2SDyEjU
Z4Sc/A3FHhM1iDmTZj0rzcR/X+nrP3iGnZGgxPgQhIraQs/Fr8NWirFvBLiMLPMW
Pygb7pOsZIKxjxvAs+6WT0K+LReIYS2PAjQ7vl6TX8KuR3POmOcf+Ld+Inc69OqB
u23htb0Vsf00GfQdLpPlaHo=
-----END CERTIFICATE-----
Generated at Sun Jun 15 08:27:42 2025 by rpki-client