Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/D52A0C8AF42E11EA9B1EE087C4F9AE02.roa
File: D52A0C8AF42E11EA9B1EE087C4F9AE02.roa (raw, json)
Hash identifier: 4f+zgQNVGXhrc4y1OQA3qw1RPHMPws/qWPcOd3fG0xU=
Subject key identifier: E3:B9:6A:9D:05:07:2E:41:DE:5F:18:F8:6F:5F:33:90:A3:AB:8E:1A
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: AF39
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/D52A0C8AF42E11EA9B1EE087C4F9AE02.roa
Signing time: Tue 22 Apr 2025 07:34:57 +0000
ROA not before: Tue 22 Apr 2025 07:34:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 140148
IP address blocks: 103.99.67.0/24 maxlen: 24
103.155.54.0/24 maxlen: 24
103.159.90.0/24 maxlen: 24
2001:df2:3240::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 23 Apr 2025 10:47:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 44857 (0xaf39)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: Apr 22 07:34:57 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=680746a1-73f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:e3:31:01:4c:4a:a6:54:90:b9:bc:70:41:0b:
ca:64:e6:8e:73:64:5c:93:1b:36:2a:28:2b:be:01:
6d:25:d7:88:77:0d:10:96:9b:3a:66:38:88:63:54:
05:20:4d:0f:d1:49:7c:2f:00:7c:85:85:fb:99:a8:
28:2b:e0:bd:8e:d2:ca:18:1d:0e:14:2b:89:e7:fe:
60:35:4d:61:4f:a4:c7:a7:a3:94:53:5e:e8:9e:d4:
7e:ae:a9:40:6b:47:db:70:34:33:ee:de:32:73:7a:
d1:d5:68:01:8d:83:f9:e6:e4:61:9a:68:fa:a0:ae:
09:66:d4:56:82:df:dc:61:40:42:74:08:9d:36:81:
59:04:47:56:69:35:cc:14:0e:c0:29:ac:68:82:e7:
f4:ea:35:a7:dc:7d:de:e7:07:31:bd:ff:6b:3f:05:
bc:5e:1e:3d:f6:e8:0e:54:df:b8:da:71:fc:22:19:
08:5a:68:04:74:bf:bd:c4:73:a4:25:d2:e4:74:b9:
ba:47:1a:f9:c2:32:e4:8e:42:16:7f:e1:78:45:b9:
a4:02:1c:0e:ab:4f:d5:04:57:c8:94:df:2e:bd:66:
56:b3:38:b0:d1:06:e4:87:c2:d3:45:b1:29:cb:52:
2b:22:34:e2:50:c7:f3:af:e1:8d:60:13:99:6b:2b:
83:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:B9:6A:9D:05:07:2E:41:DE:5F:18:F8:6F:5F:33:90:A3:AB:8E:1A
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/D52A0C8AF42E11EA9B1EE087C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.99.67.0/24
103.155.54.0/24
103.159.90.0/24
IPv6:
2001:df2:3240::/48
Signature Algorithm: sha256WithRSAEncryption
4f:74:8f:dd:3e:7e:01:f3:52:82:7b:20:40:f9:02:af:0a:30:
a0:30:df:57:74:5d:15:93:2c:85:2f:c7:58:0f:27:95:82:bc:
54:1c:4c:d2:c8:7a:b5:0b:b1:f7:66:ba:9f:3e:0d:45:da:4a:
49:61:16:72:6a:b1:f4:67:b4:55:84:33:8b:5b:44:06:95:91:
c1:76:27:30:10:21:e3:29:2f:64:75:41:ba:b5:99:d8:c9:82:
aa:6a:39:e6:ee:ba:ce:1b:26:1a:4a:19:88:e8:e8:5c:1a:e9:
93:76:d9:47:8b:84:28:44:c6:5d:6c:d1:55:7a:1c:33:f2:53:
c9:7a:cc:9b:cf:4f:69:15:b1:f1:17:42:76:c6:17:7e:30:59:
31:90:88:17:7d:e0:54:4d:84:29:6f:f8:19:f2:69:36:3a:42:
83:cb:cd:76:ef:ac:bf:42:ef:4e:81:2d:f7:26:b0:20:f1:d9:
e1:14:cd:23:a3:fe:74:0f:c2:35:17:4b:3f:5d:35:cc:3a:88:
0f:8e:b9:16:7a:82:4d:fc:43:6a:d0:a6:2e:ac:20:14:a4:df:
b0:a5:52:7f:c7:a4:92:4e:0d:11:f4:6a:41:c6:ab:3d:97:37:
33:12:cf:c0:01:87:6b:1e:df:d6:00:b0:2f:85:59:b4:6b:45:
0d:57:06:4e
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgIDAK85MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI1MDQyMjA3MzQ1N1oXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjgwNzQ2YTEtNzNmODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMzjMQFMSqZUkLm8cEELymTmjnNkXJMbNiooK74BbSXXiHcNEJabOmY4iGNU
BSBND9FJfC8AfIWF+5moKCvgvY7SyhgdDhQrief+YDVNYU+kx6ejlFNe6J7Ufq6p
QGtH23A0M+7eMnN60dVoAY2D+ebkYZpo+qCuCWbUVoLf3GFAQnQInTaBWQRHVmk1
zBQOwCmsaILn9Oo1p9x93ucHMb3/az8FvF4ePfboDlTfuNpx/CIZCFpoBHS/vcRz
pCXS5HS5ukca+cIy5I5CFn/heEW5pAIcDqtP1QRXyJTfLr1mVrM4sNEG5IfC00Wx
KctSKyI04lDH86/hjWATmWsrg4cCAwEAAaOCArIwggKuMB0GA1UdDgQWBBTjuWqd
BQcuQd5fGPhvXzOQo6uOGjAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0Q1MkEwQzhB
RjQyRTExRUE5QjFFRTA4N0M0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMDwGCCsGAQUFBwEHAQH/
BC0wKzAYBAIAATASAwQAZ2NDAwQAZ5s2AwQAZ59aMA8EAgACMAkDBwAgAQ3yMkAw
DQYJKoZIhvcNAQELBQADggEBAE90j90+fgHzUoJ7IED5Aq8KMKAw31d0XRWTLIUv
x1gPJ5WCvFQcTNLIerULsfdmup8+DUXaSklhFnJqsfRntFWEM4tbRAaVkcF2JzAQ
IeMpL2R1Qbq1mdjJgqpqOebuus4bJhpKGYjo6Fwa6ZN22UeLhChExl1s0VV6HDPy
U8l6zJvPT2kVsfEXQnbGF34wWTGQiBd94FRNhClv+BnyaTY6QoPLzXbvrL9C706B
LfcmsCDx2eEUzSOj/nQPwjUXSz9dNcw6iA+OuRZ6gk38Q2rQpi6sIBSk37ClUn/H
pJJODRH0akHGqz2XNzMSz8ABh2se39YAsC+FWbRrRQ1XBk4=
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:37:55 2025 by rpki-client