Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9124B27/500618DCC6E811EF87AE690DC4F9AE02/4EB20834C6EC11EFAF45B671C4F9AE02.roa
File: 4EB20834C6EC11EFAF45B671C4F9AE02.roa (raw, json)
Hash identifier: J13psld0+Sl27Z2GJfv9ZSQsTYJzAcU20uO5eFKtQdM=
Subject key identifier: 02:7E:F7:D7:BE:0B:B2:92:6B:74:40:0F:D3:99:5C:13:21:C0:AC:AC
Certificate issuer: /CN=A9124B27/serialNumber=523AC58DA9840D0B1CAA89BDFF9E0DCE46767C4A
Certificate serial: 05
Authority key identifier: 52:3A:C5:8D:A9:84:0D:0B:1C:AA:89:BD:FF:9E:0D:CE:46:76:7C:4A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UjrFjamEDQscqom9_54NzkZ2fEo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9124B27/500618DCC6E811EF87AE690DC4F9AE02/4EB20834C6EC11EFAF45B671C4F9AE02.roa
Signing time: Mon 30 Dec 2024 20:26:55 +0000
ROA not before: Mon 30 Dec 2024 20:26:55 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 138411
IP address blocks: 103.124.204.0/24 maxlen: 24
103.124.205.0/24 maxlen: 24
103.124.206.0/24 maxlen: 24
103.124.207.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 31 Dec 2024 08:49:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5 (0x5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9124B27, serialNumber=523AC58DA9840D0B1CAA89BDFF9E0DCE46767C4A
Validity
Not Before: Dec 30 20:26:55 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=6773020f-0f5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:4d:16:5a:03:d1:dd:6d:c5:62:b3:db:8d:3d:
e7:a4:db:1e:f2:d0:bb:2f:6a:2c:8f:94:5a:ea:51:
28:d7:a1:46:74:92:38:2a:9d:fb:75:e1:79:0b:af:
f5:bb:87:a6:3a:78:fc:87:e6:d5:1e:2a:5b:63:a3:
79:13:fa:05:20:fd:fb:6d:bf:75:11:26:bb:44:41:
9f:4b:58:fd:f1:9f:c6:7f:b8:52:52:fe:1d:70:70:
0f:3e:dd:83:77:c2:30:2d:83:cd:02:ca:58:1f:3a:
62:82:86:6f:d2:bb:cd:ae:8d:7d:71:7d:16:55:52:
e3:4c:47:da:ba:e6:1c:11:17:4b:51:98:eb:a1:1c:
1b:2b:c2:31:ec:79:a9:57:63:83:43:8e:53:67:e9:
94:8f:43:28:45:a3:9d:4b:8a:74:e9:47:26:39:fc:
d5:d7:e3:a5:b1:80:69:c1:9c:cf:0a:4b:45:43:e7:
ed:cf:61:c3:77:14:f8:f3:8f:ab:f2:25:01:8f:8a:
ba:a8:c0:48:d3:12:51:6b:05:53:33:d8:ad:37:32:
f9:d7:35:b2:24:c8:f1:87:ec:05:37:67:7f:cb:b3:
24:95:fb:dd:b2:ab:4c:e8:f9:2b:ef:e3:ee:00:cc:
75:45:74:f1:bb:bf:89:36:35:9f:66:0f:c3:d2:7b:
93:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:7E:F7:D7:BE:0B:B2:92:6B:74:40:0F:D3:99:5C:13:21:C0:AC:AC
X509v3 Authority Key Identifier:
keyid:52:3A:C5:8D:A9:84:0D:0B:1C:AA:89:BD:FF:9E:0D:CE:46:76:7C:4A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9124B27/500618DCC6E811EF87AE690DC4F9AE02/UjrFjamEDQscqom9_54NzkZ2fEo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UjrFjamEDQscqom9_54NzkZ2fEo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9124B27/500618DCC6E811EF87AE690DC4F9AE02/4EB20834C6EC11EFAF45B671C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.124.204.0/22
Signature Algorithm: sha256WithRSAEncryption
40:cc:8e:a1:59:a8:5c:09:93:9e:ff:ff:3f:02:e1:59:92:bb:
6d:e6:74:24:2b:40:63:89:7c:c2:f5:3e:7b:04:ea:cb:4c:9f:
63:3a:62:bd:16:60:8d:7b:5a:cc:ca:a6:30:85:52:7c:0e:6f:
fe:52:61:9f:9c:86:03:af:01:53:08:80:10:59:03:b9:75:ce:
49:0e:73:b5:e9:be:47:62:0c:bd:67:33:a7:62:da:69:8d:ba:
ad:6e:b4:3d:e0:b5:54:a3:90:4c:7f:40:7b:c9:45:aa:f5:b8:
d7:7b:92:f2:d2:90:94:8d:ad:67:fe:58:52:a1:19:79:3a:34:
f6:c2:55:75:7d:d2:4b:3d:a8:6c:92:be:c1:d0:f5:cf:41:96:
97:11:d6:c1:5a:7e:7d:8a:a0:88:ba:40:c2:d2:d3:80:0a:78:
d7:be:cd:72:fc:6b:68:7c:41:5b:c6:e9:f9:57:b7:26:51:fc:
49:fd:ac:f7:b8:15:05:5b:6d:0b:02:99:4e:cf:c8:6a:cf:1d:
7d:50:d9:65:7a:18:4f:56:b1:70:69:7f:18:52:fe:39:51:13:
3e:aa:00:83:31:0a:69:77:76:13:14:64:e6:05:1f:d2:12:81:
47:4d:93:9c:bf:1a:6b:e8:84:71:7f:71:4b:1c:d5:ae:e3:a9:
f6:52:c4:b8
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBBTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEy
NEIyNzExMC8GA1UEBRMoNTIzQUM1OERBOTg0MEQwQjFDQUE4OUJERkY5RTBEQ0U0
Njc2N0M0QTAeFw0yNDEyMzAyMDI2NTVaFw0yNjAxMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3NzMwMjBmLTBmNWUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC7TRZaA9HdbcVis9uNPeek2x7y0LsvaiyPlFrqUSjXoUZ0kjgqnft14XkLr/W7
h6Y6ePyH5tUeKltjo3kT+gUg/fttv3URJrtEQZ9LWP3xn8Z/uFJS/h1wcA8+3YN3
wjAtg80CylgfOmKChm/Su82ujX1xfRZVUuNMR9q65hwRF0tRmOuhHBsrwjHsealX
Y4NDjlNn6ZSPQyhFo51LinTpRyY5/NXX46WxgGnBnM8KS0VD5+3PYcN3FPjzj6vy
JQGPirqowEjTElFrBVMz2K03MvnXNbIkyPGH7AU3Z3/LsySV+92yq0zo+Svv4+4A
zHVFdPG7v4k2NZ9mD8PSe5O5AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUAn73174L
spJrdEAP05lcEyHArKwwHwYDVR0jBBgwFoAUUjrFjamEDQscqom9/54NzkZ2fEow
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTI0QjI3LzUwMDYxOERDQzZF
ODExRUY4N0FFNjkwREM0RjlBRTAyL1VqckZqYW1FRFFzY3FvbTlfNTROemtaMmZF
by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvVWpyRmphbUVEUXNjcW9tOV81NE56a1oyZkVvLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy
NEIyNy81MDA2MThEQ0M2RTgxMUVGODdBRTY5MERDNEY5QUUwMi80RUIyMDgzNEM2
RUMxMUVGQUY0NUI2NzFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAmd8zDANBgkqhkiG9w0BAQsFAAOCAQEAQMyOoVmoXAmTnv//
PwLhWZK7beZ0JCtAY4l8wvU+ewTqy0yfYzpivRZgjXtazMqmMIVSfA5v/lJhn5yG
A68BUwiAEFkDuXXOSQ5ztem+R2IMvWczp2LaaY26rW60PeC1VKOQTH9Ae8lFqvW4
13uS8tKQlI2tZ/5YUqEZeTo09sJVdX3SSz2obJK+wdD1z0GWlxHWwVp+fYqgiLpA
wtLTgAp4177NcvxraHxBW8bp+Ve3JlH8Sf2s97gVBVttCwKZTs/Ias8dfVDZZXoY
T1axcGl/GFL+OVETPqoAgzEKaXd2ExRk5gUf0hKBR02TnL8aa+iEcX9xSxzVruOp
9lLEuA==
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:29:24 2025 by rpki-client