Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9158F8D/A179E53C647711EFA82DE93DC4F9AE02/6BD5C90A647C11EF9BA53B64C4F9AE02.roa
File: 6BD5C90A647C11EF9BA53B64C4F9AE02.roa (raw, json)
Hash identifier: gZZzxWZWc17nIbYko/2au0DsO+Bhzyn2xAf0VZf3CAI=
Subject key identifier: F4:43:9D:6A:D2:59:A3:D5:62:F8:CB:49:03:FF:EE:E2:5F:94:E9:7C
Certificate issuer: /CN=A9158F8D/serialNumber=2A01C8FE967969447831EC01C02BC4E9CB9ACE2C
Certificate serial: 23
Authority key identifier: 2A:01:C8:FE:96:79:69:44:78:31:EC:01:C0:2B:C4:E9:CB:9A:CE:2C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KgHI_pZ5aUR4MewBwCvE6cuaziw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9158F8D/A179E53C647711EFA82DE93DC4F9AE02/6BD5C90A647C11EF9BA53B64C4F9AE02.roa
Signing time: Fri 25 Oct 2024 06:50:58 +0000
ROA not before: Fri 25 Oct 2024 06:50:58 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 138199
IP address blocks: 103.122.52.0/24 maxlen: 24
2001:df6:8d00::/48 maxlen: 48
2401:42a0::/32 maxlen: 33
Validation: Failed, certificate revoked on Thu 08 May 2025 13:52:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 35 (0x23)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9158F8D, serialNumber=2A01C8FE967969447831EC01C02BC4E9CB9ACE2C
Validity
Not Before: Oct 25 06:50:58 2024 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=671b3fd2-304c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:f0:f5:c9:f3:8e:97:7a:b8:cc:b8:e9:a1:d2:
d8:cd:d7:4b:d2:35:6c:5c:40:5c:8d:7c:f7:f2:5a:
c9:ba:a3:c9:79:fc:1f:68:b3:31:11:8a:90:d3:bc:
78:83:75:79:a6:a4:7a:9c:2a:ce:ce:7e:8c:42:68:
d9:0b:96:99:09:c3:05:65:aa:77:f0:16:df:17:25:
14:90:af:27:de:1e:a2:09:c1:11:41:40:af:21:0d:
00:8a:76:81:b8:5a:41:de:cb:74:bf:2b:68:7b:6b:
19:44:f7:c5:bf:71:1b:cb:a4:f9:4e:26:98:58:46:
18:0b:4a:40:71:99:e6:bb:de:26:68:fc:d7:e9:33:
9a:df:57:ae:de:e8:45:88:e8:b5:8d:23:87:79:aa:
9c:b6:4b:8f:20:ed:b9:dc:d6:a5:b7:9e:0f:f2:20:
cd:f6:a0:fe:45:09:78:b5:69:d8:a6:bc:b1:2e:b1:
9a:a6:e2:f9:a5:af:cb:f8:b3:a9:86:4d:0b:0e:0f:
77:8d:be:71:fb:3f:1a:38:b0:67:54:dc:02:2b:72:
5e:69:3e:41:fa:a7:f0:52:99:db:40:6b:83:c9:15:
89:9f:f2:a9:51:11:93:94:e0:be:c6:28:22:41:2b:
9e:5d:07:3e:f5:f2:c5:c7:14:40:38:6a:8e:b2:d9:
ff:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:43:9D:6A:D2:59:A3:D5:62:F8:CB:49:03:FF:EE:E2:5F:94:E9:7C
X509v3 Authority Key Identifier:
keyid:2A:01:C8:FE:96:79:69:44:78:31:EC:01:C0:2B:C4:E9:CB:9A:CE:2C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9158F8D/A179E53C647711EFA82DE93DC4F9AE02/KgHI_pZ5aUR4MewBwCvE6cuaziw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KgHI_pZ5aUR4MewBwCvE6cuaziw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9158F8D/A179E53C647711EFA82DE93DC4F9AE02/6BD5C90A647C11EF9BA53B64C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.122.52.0/24
IPv6:
2001:df6:8d00::/48
2401:42a0::/32
Signature Algorithm: sha256WithRSAEncryption
66:cc:f9:73:a6:c1:fa:9d:cc:dd:a3:50:6c:fc:b0:b1:a9:76:
14:20:34:5c:12:c2:ea:df:fb:67:ee:98:4b:32:50:f1:3d:21:
73:b3:84:f1:18:76:d9:6a:e3:f0:24:70:f4:30:21:ea:d7:d5:
5f:17:08:d4:dc:17:2e:a6:1f:6e:34:47:47:ab:37:ce:b5:3f:
00:38:0e:ce:36:1d:ad:9c:e1:3d:e0:2e:5a:51:fe:e7:89:6b:
7e:0c:dc:7d:34:8a:dd:a5:01:bb:36:10:8e:f1:eb:47:e1:04:
23:e2:08:40:a6:21:6b:58:dd:f4:60:ad:c3:2e:e2:c4:12:9c:
75:8b:ca:aa:0c:35:18:6e:92:af:b9:75:58:d8:47:eb:5a:f4:
30:ca:a6:f8:6b:c6:ab:e7:60:18:48:70:de:d9:4e:c6:08:43:
fa:00:fb:b1:a0:3a:9f:c5:bb:e7:ec:e4:27:66:5f:6c:a3:67:
f1:06:68:52:2a:f2:87:1f:f4:b5:62:1d:07:19:fd:b5:21:72:
11:97:d7:c1:48:d6:39:71:eb:b8:ac:d3:73:ad:23:66:7c:15:
62:4e:43:d0:13:32:02:26:fc:b6:f9:0d:1e:81:a3:ea:ce:ce:
00:e8:0b:1b:2f:d9:10:bf:02:8f:ff:5d:56:ca:89:b8:4b:64:
95:a5:71:24
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgIBIzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE1
OEY4RDExMC8GA1UEBRMoMkEwMUM4RkU5Njc5Njk0NDc4MzFFQzAxQzAyQkM0RTlD
QjlBQ0UyQzAeFw0yNDEwMjUwNjUwNThaFw0yNTEyMzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3MWIzZmQyLTMwNGMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCc8PXJ846XerjMuOmh0tjN10vSNWxcQFyNfPfyWsm6o8l5/B9oszERipDTvHiD
dXmmpHqcKs7OfoxCaNkLlpkJwwVlqnfwFt8XJRSQryfeHqIJwRFBQK8hDQCKdoG4
WkHey3S/K2h7axlE98W/cRvLpPlOJphYRhgLSkBxmea73iZo/NfpM5rfV67e6EWI
6LWNI4d5qpy2S48g7bnc1qW3ng/yIM32oP5FCXi1adimvLEusZqm4vmlr8v4s6mG
TQsOD3eNvnH7Pxo4sGdU3AIrcl5pPkH6p/BSmdtAa4PJFYmf8qlREZOU4L7GKCJB
K55dBz718sXHFEA4ao6y2f8JAgMBAAGjggKtMIICqTAdBgNVHQ4EFgQU9EOdatJZ
o9Vi+MtJA//u4l+U6XwwHwYDVR0jBBgwFoAUKgHI/pZ5aUR4MewBwCvE6cuaziww
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTU4RjhEL0ExNzlFNTNDNjQ3
NzExRUZBODJERTkzREM0RjlBRTAyL0tnSElfcFo1YVVSNE1ld0J3Q3ZFNmN1YXpp
dy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvS2dISV9wWjVhVVI0TWV3QndDdkU2Y3Vheml3LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1
OEY4RC9BMTc5RTUzQzY0NzcxMUVGQTgyREU5M0RDNEY5QUUwMi82QkQ1QzkwQTY0
N0MxMUVGOUJBNTNCNjRDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDA3BggrBgEFBQcBBwEB/wQo
MCYwDAQCAAEwBgMEAGd6NDAWBAIAAjAQAwcAIAEN9o0AAwUAJAFCoDANBgkqhkiG
9w0BAQsFAAOCAQEAZsz5c6bB+p3M3aNQbPywsal2FCA0XBLC6t/7Z+6YSzJQ8T0h
c7OE8Rh22Wrj8CRw9DAh6tfVXxcI1NwXLqYfbjRHR6s3zrU/ADgOzjYdrZzhPeAu
WlH+54lrfgzcfTSK3aUBuzYQjvHrR+EEI+IIQKYha1jd9GCtwy7ixBKcdYvKqgw1
GG6Sr7l1WNhH61r0MMqm+GvGq+dgGEhw3tlOxghD+gD7saA6n8W75+zkJ2ZfbKNn
8QZoUiryhx/0tWIdBxn9tSFyEZfXwUjWOXHruKzTc60jZnwVYk5D0BMyAib8tvkN
HoGj6s7OAOgLGy/ZEL8Cj/9dVsqJuEtklaVxJA==
-----END CERTIFICATE-----
Generated at Fri May 16 17:09:39 2025 by rpki-client