Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D41AC/2445BCE2E93F11EF8DF1E035C4F9AE02/E6ED434AE94011EFA772F638C4F9AE02.roa
File: E6ED434AE94011EFA772F638C4F9AE02.roa (raw, json)
Hash identifier: +7aMr3lKV1mNfV5XkVBwWlYMzmLADhIfWAj64/ICUgA=
Subject key identifier: BA:6A:F9:17:FD:FC:90:FC:D9:EB:C2:38:BA:72:71:4D:6A:20:D6:BB
Certificate issuer: /CN=A91D41AC/serialNumber=BF98688E98B01E84D7366F67864CE8F3EBBD4377
Certificate serial: 0E
Authority key identifier: BF:98:68:8E:98:B0:1E:84:D7:36:6F:67:86:4C:E8:F3:EB:BD:43:77
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/v5hojpiwHoTXNm9nhkzo8-u9Q3c.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D41AC/2445BCE2E93F11EF8DF1E035C4F9AE02/E6ED434AE94011EFA772F638C4F9AE02.roa
Signing time: Thu 13 Feb 2025 00:17:39 +0000
ROA not before: Thu 13 Feb 2025 00:17:39 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 9336
IP address blocks: 27.113.240.0/21 maxlen: 24
45.64.56.0/22 maxlen: 24
45.113.244.0/22 maxlen: 24
103.18.124.0/22 maxlen: 24
103.53.200.0/22 maxlen: 24
103.233.224.0/22 maxlen: 24
118.127.96.0/19 maxlen: 24
202.90.48.0/21 maxlen: 21
203.153.192.0/20 maxlen: 24
218.185.232.0/21 maxlen: 24
2403:3600::/32 maxlen: 33
2403:3600::/33 maxlen: 40
2403:3600:8000::/34 maxlen: 34
2403:3600:8000::/35 maxlen: 37
2403:3600:8000::/36 maxlen: 40
2403:3600:9000::/37 maxlen: 40
2403:3600:9800::/38 maxlen: 38
2403:3600:9800::/39 maxlen: 39
Validation: Failed, certificate revoked on Tue 18 Feb 2025 23:01:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14 (0xe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D41AC, serialNumber=BF98688E98B01E84D7366F67864CE8F3EBBD4377
Validity
Not Before: Feb 13 00:17:39 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=67ad3a23-debf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:26:98:8d:cc:f3:de:a7:13:81:54:21:81:ce:
07:16:ae:57:c1:5e:8a:60:d7:da:35:e8:ec:da:a9:
5e:c3:7a:b3:73:64:9c:d3:ec:2c:2e:c5:68:bd:a2:
03:05:0e:10:d2:ec:37:26:a3:fc:46:64:76:c3:8e:
f2:ea:87:15:a8:ad:19:bf:92:d8:b5:38:c9:5e:69:
05:48:a1:94:c0:14:2b:6f:15:d2:62:38:9f:82:d5:
b6:e1:ac:5f:8a:91:8c:de:8f:2d:aa:9e:33:a4:e5:
a0:8f:34:49:41:c0:73:91:b9:12:48:65:af:b0:5c:
08:39:f0:64:9e:a1:56:0f:13:7f:0f:a9:0b:0e:d4:
6f:2e:72:72:74:24:20:a1:60:e1:49:71:8b:dc:17:
e5:11:b5:24:62:ec:23:c5:ff:42:4f:86:e6:58:2b:
a5:71:43:7f:30:3b:f5:63:56:21:93:16:0d:f6:56:
8a:69:3e:ae:d9:75:e7:8b:83:65:97:28:70:28:1b:
fc:43:19:fd:8b:13:d3:c5:05:3c:51:db:3d:1f:e2:
e6:6d:a1:3c:d3:66:f9:2c:ff:32:75:d9:60:fb:d7:
63:20:7d:57:c4:bf:b7:78:52:c5:d6:de:93:1d:7a:
7a:3e:8c:fe:fc:f1:3f:93:d3:96:64:ce:3c:41:44:
d0:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:6A:F9:17:FD:FC:90:FC:D9:EB:C2:38:BA:72:71:4D:6A:20:D6:BB
X509v3 Authority Key Identifier:
keyid:BF:98:68:8E:98:B0:1E:84:D7:36:6F:67:86:4C:E8:F3:EB:BD:43:77
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D41AC/2445BCE2E93F11EF8DF1E035C4F9AE02/v5hojpiwHoTXNm9nhkzo8-u9Q3c.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/v5hojpiwHoTXNm9nhkzo8-u9Q3c.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D41AC/2445BCE2E93F11EF8DF1E035C4F9AE02/E6ED434AE94011EFA772F638C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.113.240.0/21
45.64.56.0/22
45.113.244.0/22
103.18.124.0/22
103.53.200.0/22
103.233.224.0/22
118.127.96.0/19
202.90.48.0/21
203.153.192.0/20
218.185.232.0/21
IPv6:
2403:3600::/32
Signature Algorithm: sha256WithRSAEncryption
85:73:52:6d:68:30:0f:f1:72:2b:36:71:d1:d4:42:10:49:42:
24:50:11:ea:28:46:bd:11:f4:7d:67:57:a7:6e:4e:9a:7e:b8:
8a:e5:a7:a3:87:a0:fd:09:81:e0:cd:66:54:6e:f8:37:92:76:
3b:2d:f2:d6:63:c0:81:ad:e4:67:18:55:a6:2a:bf:99:90:2c:
34:f3:2b:4f:cb:3d:6e:da:47:b0:a1:b1:0e:3c:d1:ce:8c:06:
11:f1:8f:60:ac:19:50:6e:be:a8:58:50:d9:80:70:55:44:1f:
d7:39:1f:e4:d4:df:1d:09:ff:ec:ee:de:bd:1c:28:86:50:2b:
4c:1f:a1:bb:cf:06:35:5d:26:c3:02:33:3f:05:d0:1a:01:20:
27:c9:cc:d6:80:5c:09:ac:8c:5f:db:f3:38:18:3f:16:5e:31:
fc:61:99:8f:8a:4e:bd:56:be:ef:93:66:2a:d0:de:fb:d3:5e:
b2:b8:44:ce:4c:4d:a9:47:5b:14:59:86:bd:87:06:6d:c2:b3:
7f:ab:62:1f:3d:c1:e6:a1:8b:be:5b:e9:7a:68:c4:a5:2f:e7:
80:f8:bf:c3:2d:06:d7:1b:9f:a3:4e:09:c4:e8:c4:c0:6e:01:
ba:a2:91:fd:10:67:9e:33:29:de:b6:fc:7c:76:56:fe:ae:a3:
be:80:0f:49
-----BEGIN CERTIFICATE-----
MIIFtTCCBJ2gAwIBAgIBDjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE
NDFBQzExMC8GA1UEBRMoQkY5ODY4OEU5OEIwMUU4NEQ3MzY2RjY3ODY0Q0U4RjNF
QkJENDM3NzAeFw0yNTAyMTMwMDE3MzlaFw0yNjA1MjgwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3YWQzYTIzLWRlYmYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDEJpiNzPPepxOBVCGBzgcWrlfBXopg19o16OzaqV7DerNzZJzT7CwuxWi9ogMF
DhDS7Dcmo/xGZHbDjvLqhxWorRm/kti1OMleaQVIoZTAFCtvFdJiOJ+C1bbhrF+K
kYzejy2qnjOk5aCPNElBwHORuRJIZa+wXAg58GSeoVYPE38PqQsO1G8ucnJ0JCCh
YOFJcYvcF+URtSRi7CPF/0JPhuZYK6VxQ38wO/VjViGTFg32VoppPq7ZdeeLg2WX
KHAoG/xDGf2LE9PFBTxR2z0f4uZtoTzTZvks/zJ12WD712MgfVfEv7d4UsXW3pMd
eno+jP788T+T05ZkzjxBRNBxAgMBAAGjggLaMIIC1jAdBgNVHQ4EFgQUumr5F/38
kPzZ68I4unJxTWog1rswHwYDVR0jBBgwFoAUv5hojpiwHoTXNm9nhkzo8+u9Q3cw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUQ0MUFDLzI0NDVCQ0UyRTkz
RjExRUY4REYxRTAzNUM0RjlBRTAyL3Y1aG9qcGl3SG9UWE5tOW5oa3pvOC11OVEz
Yy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvdjVob2pwaXdIb1RYTm05bmhrem84LXU5UTNjLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE
NDFBQy8yNDQ1QkNFMkU5M0YxMUVGOERGMUUwMzVDNEY5QUUwMi9FNkVENDM0QUU5
NDAxMUVGQTc3MkY2MzhDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDBkBggrBgEFBQcBBwEB/wRV
MFMwQgQCAAEwPAMEAxtx8AMEAi1AOAMEAi1x9AMEAmcSfAMEAmc1yAMEAmfp4AME
BXZ/YAMEA8paMAMEBMuZwAMEA9q56DANBAIAAjAHAwUAJAM2ADANBgkqhkiG9w0B
AQsFAAOCAQEAhXNSbWgwD/FyKzZx0dRCEElCJFAR6ihGvRH0fWdXp25Omn64iuWn
o4eg/QmB4M1mVG74N5J2Oy3y1mPAga3kZxhVpiq/mZAsNPMrT8s9btpHsKGxDjzR
zowGEfGPYKwZUG6+qFhQ2YBwVUQf1zkf5NTfHQn/7O7evRwohlArTB+hu88GNV0m
wwIzPwXQGgEgJ8nM1oBcCayMX9vzOBg/Fl4x/GGZj4pOvVa+75NmKtDe+9NesrhE
zkxNqUdbFFmGvYcGbcKzf6tiHz3B5qGLvlvpemjEpS/ngPi/wy0G1xufo04JxOjE
wG4BuqKR/RBnnjMp3rb8fHZW/q6jvoAPSQ==
-----END CERTIFICATE-----
Generated at Sat Apr 26 08:04:02 2025 by rpki-client