Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/7F783830155711F081706932C4F9AE02.roa
File: 7F783830155711F081706932C4F9AE02.roa (raw, json)
Hash identifier: Yvmtue0pGLHOYZQvTMm2pxBXTWxHvgrtFxKJyYqL4Ms=
Subject key identifier: 97:0A:46:19:B0:CE:32:64:FF:3D:2B:CC:BC:7E:CB:83:28:30:37:03
Certificate issuer: /CN=A911B412/serialNumber=873D595AF5569C20239F53DD80EB1177D80B0934
Certificate serial: 0775
Authority key identifier: 87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/7F783830155711F081706932C4F9AE02.roa
Signing time: Wed 09 Apr 2025 15:29:59 +0000
ROA not before: Wed 09 Apr 2025 15:29:59 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 137451
IP address blocks: 43.252.209.0/24 maxlen: 24
43.252.210.0/24 maxlen: 24
103.225.198.0/24 maxlen: 24
103.234.54.0/24 maxlen: 24
150.107.1.0/24 maxlen: 24
150.107.2.0/24 maxlen: 24
150.107.3.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 11 Apr 2025 16:03:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1909 (0x775)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911B412, serialNumber=873D595AF5569C20239F53DD80EB1177D80B0934
Validity
Not Before: Apr 9 15:29:59 2025 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=67f69277-ce90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:66:01:ff:de:fb:84:b5:1a:56:d0:28:22:6a:
4b:4c:dd:f2:28:13:79:62:9d:45:a7:42:d8:b4:5e:
2c:aa:e1:c3:3d:5e:ad:7f:a2:60:c5:ae:2f:bf:a7:
78:04:d4:16:52:1b:fb:75:28:6e:cf:b5:d5:ae:7c:
39:15:b3:30:2c:4b:36:6b:98:81:16:de:24:e8:83:
c9:03:ce:8e:46:c8:74:eb:f2:a5:a8:b9:5b:59:72:
88:a3:8f:a3:2b:f5:74:75:22:fe:93:3e:dd:8d:18:
f7:35:2d:c6:a3:cd:85:e8:b7:ed:40:ae:00:25:99:
6e:b3:90:5f:2e:a4:10:4b:b9:66:e8:1b:57:95:d0:
01:c0:4d:ca:ed:c9:71:f5:62:3b:3f:40:61:44:bb:
1b:5a:1f:7c:0d:54:a1:6a:e2:04:21:dd:d2:1e:21:
2a:cc:bd:84:49:fa:74:62:a9:b0:07:67:e8:5a:61:
a0:14:51:51:31:a4:41:e6:2e:c9:39:f2:87:cd:a1:
28:48:77:d4:7a:d9:06:49:85:1e:39:ce:af:05:48:
da:e4:a6:02:2f:a9:ae:f0:db:e4:bd:b4:83:b0:e9:
b6:95:82:e2:69:76:99:70:7b:59:e4:a2:bb:3c:ca:
33:69:36:dc:c3:ef:27:cc:82:8a:3c:4f:43:cd:62:
f6:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:0A:46:19:B0:CE:32:64:FF:3D:2B:CC:BC:7E:CB:83:28:30:37:03
X509v3 Authority Key Identifier:
keyid:87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/7F783830155711F081706932C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.252.209.0-43.252.210.255
103.225.198.0/24
103.234.54.0/24
150.107.1.0-150.107.3.255
Signature Algorithm: sha256WithRSAEncryption
a4:26:f9:cc:08:64:41:2b:5f:38:bd:ab:93:07:93:f8:33:82:
a5:da:55:21:2e:08:fb:55:39:f7:64:1c:ac:42:05:87:cc:ae:
5a:52:25:50:81:5d:6a:b9:66:d2:f8:b8:4a:1c:f8:c4:05:76:
08:80:eb:fa:d3:50:cb:1b:8c:4e:95:a0:b1:b4:5c:f3:30:6d:
cd:c5:7b:1b:ed:9f:29:ed:8f:96:bd:7f:d5:f1:52:4c:d2:39:
96:f0:af:e1:51:75:9a:e8:03:da:07:5e:26:0b:75:60:dd:22:
5a:13:f5:2a:f0:99:5d:8c:f8:09:05:6e:38:b9:85:fa:b6:fa:
94:ad:6f:1d:e2:8a:60:09:df:95:ce:10:43:3e:4b:52:a5:a8:
fe:ca:f1:55:cb:bd:11:7b:67:59:58:e2:8c:f4:a2:bd:40:b3:
06:6c:78:c4:c4:27:f5:55:a8:82:dd:bd:d1:00:6b:f7:95:fd:
da:e8:65:ef:02:22:08:14:ab:7c:9f:98:49:fb:5e:ad:02:3d:
f5:23:94:a6:60:6d:30:36:eb:bd:24:d1:25:a0:1b:14:89:08:
7c:d8:e7:2d:b1:3d:0d:29:bc:ff:f6:d1:24:72:34:0f:0f:27:
21:ba:70:2c:73:19:05:77:d9:94:04:89:d9:e6:5b:c0:53:d7:
55:08:d0:bb
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgICB3UwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUI0MTIxMTAvBgNVBAUTKDg3M0Q1OTVBRjU1NjlDMjAyMzlGNTNERDgwRUIxMTc3
RDgwQjA5MzQwHhcNMjUwNDA5MTUyOTU5WhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2Y2OTI3Ny1jZTkwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA42YB/977hLUaVtAoImpLTN3yKBN5Yp1Fp0LYtF4squHDPV6tf6Jgxa4vv6d4
BNQWUhv7dShuz7XVrnw5FbMwLEs2a5iBFt4k6IPJA86ORsh06/KlqLlbWXKIo4+j
K/V0dSL+kz7djRj3NS3Go82F6LftQK4AJZlus5BfLqQQS7lm6BtXldABwE3K7clx
9WI7P0BhRLsbWh98DVShauIEId3SHiEqzL2ESfp0YqmwB2foWmGgFFFRMaRB5i7J
OfKHzaEoSHfUetkGSYUeOc6vBUja5KYCL6mu8NvkvbSDsOm2lYLiaXaZcHtZ5KK7
PMozaTbcw+8nzIKKPE9DzWL2LwIDAQABo4ICtzCCArMwHQYDVR0OBBYEFJcKRhmw
zjJk/z0rzLx+y4MoMDcDMB8GA1UdIwQYMBaAFIc9WVr1VpwgI59T3YDrEXfYCwk0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQjQxMi9DMUVBMDMzQ0Qy
RUExMUVCQTIwNkIxNzhDNEY5QUUwMi9oejFaV3ZWV25DQWpuMVBkZ09zUmQ5Z0xD
VFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2h6MVpXdlZXbkNBam4xUGRnT3NSZDlnTENUUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUI0MTIvQzFFQTAzM0NEMkVBMTFFQkEyMDZCMTc4QzRGOUFFMDIvN0Y3ODM4MzAx
NTU3MTFGMDgxNzA2OTMyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQQYIKwYBBQUHAQcBAf8E
MjAwMC4EAgABMCgwDAMEACv80QMEACv80gMEAGfhxgMEAGfqNjAMAwQAlmsBAwQC
lmsAMA0GCSqGSIb3DQEBCwUAA4IBAQCkJvnMCGRBK184vauTB5P4M4Kl2lUhLgj7
VTn3ZBysQgWHzK5aUiVQgV1quWbS+LhKHPjEBXYIgOv601DLG4xOlaCxtFzzMG3N
xXsb7Z8p7Y+WvX/V8VJM0jmW8K/hUXWa6APaB14mC3Vg3SJaE/Uq8JldjPgJBW44
uYX6tvqUrW8d4opgCd+VzhBDPktSpaj+yvFVy70Re2dZWOKM9KK9QLMGbHjExCf1
VaiC3b3RAGv3lf3a6GXvAiIIFKt8n5hJ+16tAj31I5SmYG0wNuu9JNEloBsUiQh8
2OctsT0NKbz/9tEkcjQPDychunAscxkFd9mUBInZ5lvAU9dVCNC7
-----END CERTIFICATE-----
Generated at Sat Apr 26 17:03:16 2025 by rpki-client