Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/FE20BE2022A611EC91CA2237C4F9AE02.roa
File: FE20BE2022A611EC91CA2237C4F9AE02.roa (raw, json)
Hash identifier: VAx4h1JlsfVGxmabhw9TqGVrPJUVMjViKj27Naq9WmU=
Subject key identifier: A9:27:90:B0:1B:8B:5C:89:08:0D:F3:48:07:B0:5D:80:E2:CA:EE:AD
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 9135
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/FE20BE2022A611EC91CA2237C4F9AE02.roa
Signing time: Thu 30 May 2024 16:31:12 +0000
ROA not before: Thu 30 May 2024 16:31:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59191
IP address blocks: 45.120.56.0/22 maxlen: 24
103.91.61.0/24 maxlen: 24
103.115.236.0/23 maxlen: 24
103.118.164.0/22 maxlen: 24
103.157.112.0/23 maxlen: 24
103.173.252.0/23 maxlen: 24
103.183.104.0/23 maxlen: 24
103.218.132.0/22 maxlen: 24
2400:6220::/32 maxlen: 36
2407:f440::/32 maxlen: 36
Validation: Failed, certificate revoked on Tue 18 Jun 2024 06:52:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 37173 (0x9135)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2, serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: May 30 16:31:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6658a9d0-49a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:c4:ce:3d:e8:23:13:0c:db:bf:2f:4b:4e:aa:
87:26:e8:25:b2:1f:95:9f:fc:94:8b:4e:b8:a2:1b:
37:36:56:42:91:58:8f:e3:78:d5:b5:bf:b5:c1:6c:
2d:53:5d:45:04:57:78:a8:b6:a1:7c:ea:c7:68:01:
30:1b:22:1d:6d:9d:8c:3b:c3:01:25:82:94:12:28:
05:ba:10:80:3a:a5:ef:12:20:9f:01:4f:62:45:38:
6f:63:f4:84:73:c5:26:db:c1:f6:aa:d9:bd:91:2e:
b7:ec:08:b3:fe:53:7e:43:c0:cc:12:4a:2f:82:0b:
30:b5:24:ca:7a:31:1a:09:72:63:1f:37:19:68:a4:
26:6e:bf:74:97:22:6e:14:f7:7c:4c:14:e9:01:c8:
ef:a5:4c:b2:96:b0:ed:a0:86:c2:b9:d4:b2:4a:be:
97:44:76:ae:5d:0e:7c:10:0e:67:66:8d:bf:28:ac:
df:b8:50:72:76:c5:dc:7b:88:b4:28:94:6c:63:68:
3b:d2:63:5a:37:c0:ba:b6:0c:f9:19:ad:f7:10:18:
5b:fc:88:b6:dc:81:75:9d:03:2a:14:73:2e:f0:f1:
d5:b5:0f:3b:dd:dc:41:a4:3d:37:a8:ea:e6:45:8f:
9e:1b:cb:c0:60:04:06:c2:8d:b4:f3:18:45:98:aa:
cd:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:27:90:B0:1B:8B:5C:89:08:0D:F3:48:07:B0:5D:80:E2:CA:EE:AD
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/FE20BE2022A611EC91CA2237C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.120.56.0/22
103.91.61.0/24
103.115.236.0/23
103.118.164.0/22
103.157.112.0/23
103.173.252.0/23
103.183.104.0/23
103.218.132.0/22
IPv6:
2400:6220::/32
2407:f440::/32
Signature Algorithm: sha256WithRSAEncryption
9c:b4:0e:87:e1:cd:20:a5:77:e7:ee:fa:67:10:ef:7a:46:20:
96:af:e7:6b:8e:67:84:0f:5b:76:2d:5f:26:08:94:dc:84:e1:
a5:4c:58:63:9e:54:e2:2a:0c:ea:e4:98:54:41:46:4b:26:73:
0b:ff:da:57:ca:ab:0d:6b:a5:73:96:96:b8:a1:a3:c3:63:b2:
19:15:b7:39:35:76:6c:39:de:7a:0a:e2:df:7a:b9:38:f5:67:
da:c2:4c:36:b8:8f:f2:52:49:ec:cf:9a:95:96:6c:f8:1c:86:
c4:8b:7c:8f:eb:90:86:e6:8e:25:18:a2:d7:6a:9f:07:fd:ef:
50:1c:96:4c:8d:c3:f5:c6:ac:02:94:7f:67:61:2d:c9:66:c7:
a2:49:e8:cc:70:9b:dc:37:70:16:e4:19:be:95:a1:14:59:03:
75:f9:bb:94:c0:93:1a:54:fe:1e:18:8a:b6:51:35:8f:06:f9:
d7:2a:37:88:83:15:f5:5a:60:4f:1a:9b:f0:e1:46:58:bb:b8:
31:e6:e4:79:ef:09:43:a4:a1:7d:e6:1c:95:94:d4:37:3c:d3:
e0:7d:26:5b:cf:7d:75:a3:d6:09:8e:5a:72:58:35:f0:80:47:
c2:22:fa:8d:15:e9:91:2a:ab:93:8c:7d:e7:bb:b2:95:16:35:
8e:0a:fe:ca
-----BEGIN CERTIFICATE-----
MIIFsjCCBJqgAwIBAgIDAJE1MA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MDUzMDE2MzExMloXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjY1OGE5ZDAtNDlhNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALDEzj3oIxMM278vS06qhyboJbIflZ/8lItOuKIbNzZWQpFYj+N41bW/tcFs
LVNdRQRXeKi2oXzqx2gBMBsiHW2djDvDASWClBIoBboQgDql7xIgnwFPYkU4b2P0
hHPFJtvB9qrZvZEut+wIs/5TfkPAzBJKL4ILMLUkynoxGglyYx83GWikJm6/dJci
bhT3fEwU6QHI76VMspaw7aCGwrnUskq+l0R2rl0OfBAOZ2aNvyis37hQcnbF3HuI
tCiUbGNoO9JjWjfAurYM+Rmt9xAYW/yIttyBdZ0DKhRzLvDx1bUPO93cQaQ9N6jq
5kWPnhvLwGAEBsKNtPMYRZiqzY0CAwEAAaOCAtUwggLRMB0GA1UdDgQWBBSpJ5Cw
G4tciQgN80gHsF2A4srurTAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwL0ZFMjBCRTIw
MjJBNjExRUM5MUNBMjIzN0M0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMF8GCCsGAQUFBwEHAQH/
BFAwTjA2BAIAATAwAwQCLXg4AwQAZ1s9AwQBZ3PsAwQCZ3akAwQBZ51wAwQBZ638
AwQBZ7doAwQCZ9qEMBQEAgACMA4DBQAkAGIgAwUAJAf0QDANBgkqhkiG9w0BAQsF
AAOCAQEAnLQOh+HNIKV35+76ZxDvekYglq/na45nhA9bdi1fJgiU3IThpUxYY55U
4ioM6uSYVEFGSyZzC//aV8qrDWulc5aWuKGjw2OyGRW3OTV2bDneegri33q5OPVn
2sJMNriP8lJJ7M+alZZs+ByGxIt8j+uQhuaOJRii12qfB/3vUByWTI3D9casApR/
Z2EtyWbHoknozHCb3DdwFuQZvpWhFFkDdfm7lMCTGlT+HhiKtlE1jwb51yo3iIMV
9VpgTxqb8OFGWLu4Mebkee8JQ6ShfeYclZTUNzzT4H0mW899daPWCY5aclg18IBH
wiL6jRXpkSqrk4x957uylRY1jgr+yg==
-----END CERTIFICATE-----
Generated at Sat Apr 26 13:49:16 2025 by rpki-client