Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A913ABFE/F1D5587E25F111EEB7B48058C4F9AE02/837010CCBC6311EFBF1D4E55C4F9AE02.roa
File: 837010CCBC6311EFBF1D4E55C4F9AE02.roa (raw, json)
Hash identifier: uxItpqQz9Sk26SrDDru7n9UPP8cU99oVCThmSqUjZ0w=
Subject key identifier: B0:E6:4D:E5:A2:44:93:A6:CA:BD:D8:40:B5:66:68:E9:F7:86:65:56
Certificate issuer: /CN=A913ABFE/serialNumber=E588C73E6CB4FDB38B84EE40F8F9B64C50BE4B73
Certificate serial: 0142
Authority key identifier: E5:88:C7:3E:6C:B4:FD:B3:8B:84:EE:40:F8:F9:B6:4C:50:BE:4B:73
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5YjHPmy0_bOLhO5A-Pm2TFC-S3M.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A913ABFE/F1D5587E25F111EEB7B48058C4F9AE02/837010CCBC6311EFBF1D4E55C4F9AE02.roa
Signing time: Thu 20 Feb 2025 15:56:27 +0000
ROA not before: Thu 20 Feb 2025 15:56:27 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 151620
IP address blocks: 103.239.82.0/23 maxlen: 23
103.239.82.0/24 maxlen: 24
103.239.83.0/24 maxlen: 24
2001:df2:b640::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 21 Mar 2025 15:27:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 322 (0x142)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A913ABFE, serialNumber=E588C73E6CB4FDB38B84EE40F8F9B64C50BE4B73
Validity
Not Before: Feb 20 15:56:27 2025 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=67b750aa-ea9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:8b:da:c1:c1:7e:02:c7:c7:d4:fa:74:66:e4:
f1:b6:90:44:e3:a0:90:e0:b9:4d:86:0a:dc:dd:b3:
fb:e2:91:00:5d:6f:b9:74:31:85:cf:f9:d5:27:56:
14:e1:a0:c7:35:82:cf:88:1e:63:0b:d5:be:cd:6c:
a1:99:b6:de:b1:bd:eb:11:1a:50:e6:70:a3:94:91:
f2:9f:48:38:14:04:2a:d8:fb:ae:9d:ff:ee:b3:fe:
a6:22:1f:2d:dc:3a:e1:10:50:f6:04:ef:30:e5:17:
9e:5a:9d:8a:c0:5d:24:e8:51:f0:ba:30:05:f9:63:
c6:92:ff:14:09:1b:6c:ea:29:58:5c:2e:bd:a3:68:
ce:04:91:f1:67:f8:47:a3:1c:1f:ba:f2:54:78:bd:
7d:b1:43:10:d9:ee:3c:53:2c:84:31:8f:7c:40:02:
49:88:a0:7b:d8:08:a6:c9:b0:79:bf:d7:38:85:98:
11:e5:7b:1b:34:9a:01:a8:5e:cb:74:0c:40:a9:02:
e3:40:21:00:e9:59:cf:7b:27:65:e3:68:60:65:0a:
60:4c:82:b6:48:1c:c9:94:9e:d9:5a:29:c9:88:28:
18:ad:32:39:51:11:bc:d3:73:52:3f:13:57:ea:bf:
be:03:34:84:de:f9:82:9a:68:6f:c9:2a:e2:b7:7b:
e8:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:E6:4D:E5:A2:44:93:A6:CA:BD:D8:40:B5:66:68:E9:F7:86:65:56
X509v3 Authority Key Identifier:
keyid:E5:88:C7:3E:6C:B4:FD:B3:8B:84:EE:40:F8:F9:B6:4C:50:BE:4B:73
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A913ABFE/F1D5587E25F111EEB7B48058C4F9AE02/5YjHPmy0_bOLhO5A-Pm2TFC-S3M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5YjHPmy0_bOLhO5A-Pm2TFC-S3M.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913ABFE/F1D5587E25F111EEB7B48058C4F9AE02/837010CCBC6311EFBF1D4E55C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.239.82.0/23
IPv6:
2001:df2:b640::/48
Signature Algorithm: sha256WithRSAEncryption
43:f3:20:f0:0f:b7:0b:2f:de:93:da:60:fa:fe:59:66:c7:52:
f4:56:98:94:f7:d8:82:1a:c1:00:61:cb:03:3c:46:98:03:97:
3a:90:3e:d3:c0:43:d2:b0:65:cc:27:77:f1:8a:ea:75:32:fe:
7b:c0:fa:bd:5f:60:54:d0:5d:db:85:ae:e6:76:b8:d1:1d:a8:
97:15:0c:3a:c6:9f:b5:2e:25:0f:22:52:6d:2d:e8:2f:53:ed:
18:02:e7:d6:98:75:ad:25:50:a0:c2:22:b0:2f:a3:c3:04:9e:
f6:e1:05:32:d3:d1:c1:d3:e7:39:fb:86:22:02:1e:ab:0a:c9:
3b:db:5f:a3:f6:22:ff:27:a0:ce:30:ea:e5:bb:41:d6:93:32:
03:12:b5:f8:dc:91:81:55:cd:4d:77:02:06:bd:f1:e4:ee:77:
40:79:1f:51:ae:fc:19:3e:45:ce:70:8d:e7:41:9c:c5:0b:f7:
9b:df:17:d2:33:f5:74:22:f9:e9:85:07:64:98:33:a5:a6:d1:
e4:41:b9:f1:05:18:58:1b:f1:e4:94:58:ca:6c:84:10:bc:95:
70:67:76:93:00:c0:cf:53:37:4d:c1:83:de:53:28:92:09:89:
a6:30:5a:bd:4b:89:e4:22:24:b1:41:a7:d0:17:a0:c8:37:bc:
81:5e:0f:61
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICAUIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
M0FCRkUxMTAvBgNVBAUTKEU1ODhDNzNFNkNCNEZEQjM4Qjg0RUU0MEY4RjlCNjRD
NTBCRTRCNzMwHhcNMjUwMjIwMTU1NjI3WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2I3NTBhYS1lYTllMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArYvawcF+AsfH1Pp0ZuTxtpBE46CQ4LlNhgrc3bP74pEAXW+5dDGFz/nVJ1YU
4aDHNYLPiB5jC9W+zWyhmbbesb3rERpQ5nCjlJHyn0g4FAQq2Puunf/us/6mIh8t
3DrhEFD2BO8w5ReeWp2KwF0k6FHwujAF+WPGkv8UCRts6ilYXC69o2jOBJHxZ/hH
oxwfuvJUeL19sUMQ2e48UyyEMY98QAJJiKB72AimybB5v9c4hZgR5XsbNJoBqF7L
dAxAqQLjQCEA6VnPeydl42hgZQpgTIK2SBzJlJ7ZWinJiCgYrTI5URG803NSPxNX
6r++AzSE3vmCmmhvySrit3voHwIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFLDmTeWi
RJOmyr3YQLVmaOn3hmVWMB8GA1UdIwQYMBaAFOWIxz5stP2zi4TuQPj5tkxQvktz
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzQUJGRS9GMUQ1NTg3RTI1
RjExMUVFQjdCNDgwNThDNEY5QUUwMi81WWpIUG15MF9iT0xoTzVBLVBtMlRGQy1T
M00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzVZakhQbXkwX2JPTGhPNUEtUG0yVEZDLVMzTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
M0FCRkUvRjFENTU4N0UyNUYxMTFFRUI3QjQ4MDU4QzRGOUFFMDIvODM3MDEwQ0NC
QzYzMTFFRkJGMUQ0RTU1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFn71IwDwQCAAIwCQMHACABDfK2QDANBgkqhkiG9w0BAQsF
AAOCAQEAQ/Mg8A+3Cy/ek9pg+v5ZZsdS9FaYlPfYghrBAGHLAzxGmAOXOpA+08BD
0rBlzCd38YrqdTL+e8D6vV9gVNBd24Wu5na40R2olxUMOsaftS4lDyJSbS3oL1Pt
GALn1ph1rSVQoMIisC+jwwSe9uEFMtPRwdPnOfuGIgIeqwrJO9tfo/Yi/yegzjDq
5btB1pMyAxK1+NyRgVXNTXcCBr3x5O53QHkfUa78GT5FznCN50GcxQv3m98X0jP1
dCL56YUHZJgzpabR5EG58QUYWBvx5JRYymyEELyVcGd2kwDAz1M3TcGD3lMokgmJ
pjBavUuJ5CIksUGn0BegyDe8gV4PYQ==
-----END CERTIFICATE-----
Generated at Sat Apr 26 14:08:33 2025 by rpki-client