Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911C28D/BDAB67F63A8011E5AE390155C4F9AE02/6C3BFACE0E2F11F09642AA85C4F9AE02.roa
File: 6C3BFACE0E2F11F09642AA85C4F9AE02.roa (raw, json)
Hash identifier: 5aEZjmt1ALdHtK7gYhoBanvl1xnZUK2t15BJGsyrk3s=
Subject key identifier: 60:66:FC:5C:20:4E:D3:57:43:06:FF:B7:F3:D7:5D:24:D6:6D:BA:D4
Certificate issuer: /CN=A911C28D/serialNumber=99DFB6BF7950E6B40195A59024F4B750863D3D93
Certificate serial: 281F
Authority key identifier: 99:DF:B6:BF:79:50:E6:B4:01:95:A5:90:24:F4:B7:50:86:3D:3D:93
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/md-2v3lQ5rQBlaWQJPS3UIY9PZM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911C28D/BDAB67F63A8011E5AE390155C4F9AE02/6C3BFACE0E2F11F09642AA85C4F9AE02.roa
Signing time: Wed 23 Apr 2025 09:40:14 +0000
ROA not before: Wed 23 Apr 2025 09:40:14 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 7489
IP address blocks: 27.100.36.0/23 maxlen: 24
27.100.39.0/24 maxlen: 24
45.124.64.0/22 maxlen: 24
103.192.176.0/22 maxlen: 24
103.196.20.0/23 maxlen: 24
103.217.252.0/22 maxlen: 22
103.217.253.0/24 maxlen: 24
2402:9e80::/48 maxlen: 48
2402:9e80:1::/48 maxlen: 48
2402:9e80:5::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 23 Apr 2025 10:55:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10271 (0x281f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911C28D, serialNumber=99DFB6BF7950E6B40195A59024F4B750863D3D93
Validity
Not Before: Apr 23 09:40:14 2025 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=6808b57e-d321
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:e1:f1:f0:a4:da:84:e6:67:48:3c:da:1e:b6:
b1:2b:a6:b4:4a:1a:4c:aa:40:51:be:9f:e0:94:68:
c9:5a:7a:13:e0:52:06:e3:57:c1:6a:66:e2:22:da:
15:13:db:60:c8:6c:69:d6:a5:7d:1c:e0:83:a9:f7:
6a:4d:fc:ea:03:02:15:a2:16:bb:dd:aa:fa:b7:63:
f6:54:a4:04:62:d7:37:32:f4:e7:f3:57:2a:20:6d:
b2:f3:89:32:67:72:10:43:4b:70:08:89:c3:30:55:
67:b1:30:02:05:58:4a:47:6c:59:7a:9d:58:76:e4:
2f:ea:b1:dd:22:18:3d:a3:13:29:68:72:fc:60:4e:
5d:a5:03:b4:f6:19:dc:aa:af:df:0c:08:9c:e5:47:
92:82:41:84:f2:32:42:62:9b:13:44:2f:9b:24:0e:
e9:d5:09:64:f3:5f:4c:d8:1b:46:2b:50:3a:6e:fe:
c5:73:4d:fb:b4:40:4b:ab:97:4a:ee:f6:9c:2c:ff:
80:69:ee:de:7f:ee:62:14:1d:9f:ac:41:f3:1d:c2:
ba:c6:54:af:81:56:e2:c7:a3:a4:76:c6:64:42:4c:
fb:e6:ff:f4:28:97:dd:fc:4c:5e:fc:9f:e6:40:fd:
9a:51:c4:c7:3f:7e:66:5c:aa:93:6c:a5:60:67:8c:
88:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:66:FC:5C:20:4E:D3:57:43:06:FF:B7:F3:D7:5D:24:D6:6D:BA:D4
X509v3 Authority Key Identifier:
keyid:99:DF:B6:BF:79:50:E6:B4:01:95:A5:90:24:F4:B7:50:86:3D:3D:93
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911C28D/BDAB67F63A8011E5AE390155C4F9AE02/md-2v3lQ5rQBlaWQJPS3UIY9PZM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/md-2v3lQ5rQBlaWQJPS3UIY9PZM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911C28D/BDAB67F63A8011E5AE390155C4F9AE02/6C3BFACE0E2F11F09642AA85C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.100.36.0/23
27.100.39.0/24
45.124.64.0/22
103.192.176.0/22
103.196.20.0/23
103.217.252.0/22
IPv6:
2402:9e80::/47
2402:9e80:5::/48
Signature Algorithm: sha256WithRSAEncryption
31:24:9f:d9:2c:f7:9f:02:49:a3:ff:1e:cd:22:a9:90:f4:c9:
b4:20:c5:10:9c:f9:5c:17:27:81:5b:9f:68:c3:84:b4:e9:4d:
99:2e:e7:64:54:b0:09:97:b7:8a:4d:50:3a:ef:4f:99:64:ea:
a0:6a:cf:56:dd:3f:ed:e3:f0:18:4b:1f:d7:00:c4:c2:d8:d6:
2c:81:8d:6d:a7:aa:49:fc:1c:dc:0c:f0:26:5d:74:79:26:c5:
aa:21:46:e3:e8:36:03:83:c0:6c:57:46:43:4c:cf:07:3c:8c:
29:c5:48:ab:df:a1:a6:46:04:21:4a:c3:b0:32:3d:6f:7d:6f:
f3:d2:3e:c8:cc:d4:81:10:52:2b:cb:c1:f1:c8:c7:91:a2:32:
0e:e8:39:ba:2c:28:a2:cf:45:aa:00:2c:f6:60:c5:93:1b:aa:
23:73:28:64:e1:0b:d0:61:c3:8f:08:a4:8e:70:78:9a:da:d5:
53:c7:2a:c4:93:4d:ae:81:ab:01:66:fc:2d:16:8b:de:80:60:
94:42:26:1d:05:9e:ed:7a:5c:0d:f4:1f:9e:4c:35:b1:ea:16:
91:c5:ea:e6:08:61:ce:75:22:09:6d:9a:f4:29:20:de:7c:60:
9e:e1:b1:ae:d9:b3:cd:1b:54:0b:64:bd:bb:df:19:30:e9:94:
7a:2d:2c:43
-----BEGIN CERTIFICATE-----
MIIFqTCCBJGgAwIBAgICKB8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUMyOEQxMTAvBgNVBAUTKDk5REZCNkJGNzk1MEU2QjQwMTk1QTU5MDI0RjRCNzUw
ODYzRDNEOTMwHhcNMjUwNDIzMDk0MDE0WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODA4YjU3ZS1kMzIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0uHx8KTahOZnSDzaHraxK6a0ShpMqkBRvp/glGjJWnoT4FIG41fBambiItoV
E9tgyGxp1qV9HOCDqfdqTfzqAwIVoha73ar6t2P2VKQEYtc3MvTn81cqIG2y84ky
Z3IQQ0twCInDMFVnsTACBVhKR2xZep1YduQv6rHdIhg9oxMpaHL8YE5dpQO09hnc
qq/fDAic5UeSgkGE8jJCYpsTRC+bJA7p1Qlk819M2BtGK1A6bv7Fc037tEBLq5dK
7vacLP+Aae7ef+5iFB2frEHzHcK6xlSvgVbix6OkdsZkQkz75v/0KJfd/Exe/J/m
QP2aUcTHP35mXKqTbKVgZ4yI4QIDAQABo4ICzTCCAskwHQYDVR0OBBYEFGBm/Fwg
TtNXQwb/t/PXXSTWbbrUMB8GA1UdIwQYMBaAFJnftr95UOa0AZWlkCT0t1CGPT2T
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQzI4RC9CREFCNjdGNjNB
ODAxMUU1QUUzOTAxNTVDNEY5QUUwMi9tZC0ydjNsUTVyUUJsYVdRSlBTM1VJWTlQ
Wk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL21kLTJ2M2xRNXJRQmxhV1FKUFMzVUlZOVBaTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUMyOEQvQkRBQjY3RjYzQTgwMTFFNUFFMzkwMTU1QzRGOUFFMDIvNkMzQkZBQ0Uw
RTJGMTFGMDk2NDJBQTg1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwVwYIKwYBBQUHAQcBAf8E
SDBGMCoEAgABMCQDBAEbZCQDBAAbZCcDBAItfEADBAJnwLADBAFnxBQDBAJn2fww
GAQCAAIwEgMHASQCnoAAAAMHACQCnoAABTANBgkqhkiG9w0BAQsFAAOCAQEAMSSf
2Sz3nwJJo/8ezSKpkPTJtCDFEJz5XBcngVufaMOEtOlNmS7nZFSwCZe3ik1QOu9P
mWTqoGrPVt0/7ePwGEsf1wDEwtjWLIGNbaeqSfwc3AzwJl10eSbFqiFG4+g2A4PA
bFdGQ0zPBzyMKcVIq9+hpkYEIUrDsDI9b31v89I+yMzUgRBSK8vB8cjHkaIyDug5
uiwoos9FqgAs9mDFkxuqI3MoZOEL0GHDjwikjnB4mtrVU8cqxJNNroGrAWb8LRaL
3oBglEImHQWe7XpcDfQfnkw1seoWkcXq5ghhznUiCW2a9Ckg3nxgnuGxrtmzzRtU
C2S9u98ZMOmUei0sQw==
-----END CERTIFICATE-----
Generated at Wed Apr 23 13:31:14 2025 by rpki-client on console.sobornost.net