Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9140D69/0E177D5A058C11EDADD66011C4F9AE02/7B8CBD7E1C2B11F0B54DD52FC4F9AE02.roa
File: 7B8CBD7E1C2B11F0B54DD52FC4F9AE02.roa (raw, json)
Hash identifier: xKt+EbQu0iH40rLY5/mWyLbaSk17uZ8cUucd2ALSKBM=
Subject key identifier: E1:0D:71:A6:D7:48:2D:C7:D2:13:C9:97:1E:4F:E5:99:06:41:65:F3
Certificate issuer: /CN=A9140D69/serialNumber=103FA8BDFFFB9F0557072C47332B81A9E80EDD35
Certificate serial: 02B2
Authority key identifier: 10:3F:A8:BD:FF:FB:9F:05:57:07:2C:47:33:2B:81:A9:E8:0E:DD:35
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ED-ovf_7nwVXByxHMyuBqegO3TU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9140D69/0E177D5A058C11EDADD66011C4F9AE02/7B8CBD7E1C2B11F0B54DD52FC4F9AE02.roa
Signing time: Fri 18 Apr 2025 08:02:33 +0000
ROA not before: Fri 18 Apr 2025 08:02:33 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 62610
IP address blocks: 103.237.102.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 23 Apr 2025 05:58:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 690 (0x2b2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9140D69, serialNumber=103FA8BDFFFB9F0557072C47332B81A9E80EDD35
Validity
Not Before: Apr 18 08:02:33 2025 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=68020719-ef63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:7d:45:46:29:c3:11:19:cc:b2:5c:86:f7:b5:
81:ad:5f:7d:51:83:e0:a6:9a:17:1f:8d:53:a4:00:
bb:5a:d2:ee:12:d0:ea:74:60:86:3e:74:75:7f:38:
4b:77:a9:8e:9f:dd:0c:d7:70:b6:ff:51:68:94:86:
78:b2:bc:ed:dd:3b:ef:f1:b9:0c:d7:dd:0d:92:8b:
06:98:38:50:0a:9a:ac:4f:6a:6d:6d:f0:f0:bd:41:
56:cf:65:62:a3:a8:8d:25:32:d6:70:df:6c:5c:1b:
ed:e3:ee:2b:e1:2c:2a:2e:5c:e4:7a:8f:b3:ab:56:
91:75:5d:3b:2d:a9:be:c4:ae:17:06:7c:2c:58:84:
c4:0f:9f:8d:ec:c8:da:96:2f:93:10:cc:9f:39:16:
90:03:fb:ec:06:2c:a8:77:64:fa:7b:51:45:4d:50:
27:13:a7:40:10:10:b1:b5:c2:7f:1b:94:20:3d:d5:
ef:c7:9e:e2:80:4e:e3:2b:e3:d7:cf:d2:0e:22:96:
99:7a:ff:c2:c3:23:44:4b:22:86:83:04:4d:ee:e3:
e9:55:a8:cc:20:79:3c:e1:ec:9a:43:b1:01:c7:00:
da:c7:a1:8a:e2:b0:a6:41:77:d2:b1:4b:f8:db:5d:
ab:2b:3f:1b:84:16:c8:78:40:bd:cb:d0:37:24:2e:
56:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:0D:71:A6:D7:48:2D:C7:D2:13:C9:97:1E:4F:E5:99:06:41:65:F3
X509v3 Authority Key Identifier:
keyid:10:3F:A8:BD:FF:FB:9F:05:57:07:2C:47:33:2B:81:A9:E8:0E:DD:35
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9140D69/0E177D5A058C11EDADD66011C4F9AE02/ED-ovf_7nwVXByxHMyuBqegO3TU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ED-ovf_7nwVXByxHMyuBqegO3TU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9140D69/0E177D5A058C11EDADD66011C4F9AE02/7B8CBD7E1C2B11F0B54DD52FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.237.102.0/23
Signature Algorithm: sha256WithRSAEncryption
05:40:1f:09:2d:ba:04:4e:28:11:86:6b:59:df:27:a0:f3:f3:
ae:7c:e4:16:05:ee:34:b4:7f:fc:6f:5e:38:f0:02:be:e4:08:
12:ff:84:11:56:bf:97:b1:16:22:de:68:72:7b:d5:34:46:e2:
08:46:f7:7c:79:00:6e:a0:00:68:99:60:18:f2:d7:c0:69:84:
cf:b7:dc:b7:3d:d9:6e:4a:b9:bc:5b:d3:f1:15:31:1f:17:44:
11:60:17:64:11:5b:d2:43:14:ad:41:29:b4:e9:86:e6:30:08:
00:52:74:40:82:a6:e7:c2:b8:d5:97:35:81:1d:d3:7b:d0:0d:
41:6b:56:f9:a0:71:35:35:f9:32:99:6a:7e:e4:e7:cc:e3:5e:
94:cc:0f:27:45:3e:a2:8a:03:7d:d1:c4:c8:7e:9e:0e:6e:1f:
5f:c7:26:3a:24:fe:f1:df:2b:29:eb:7b:df:3c:06:b0:43:a2:
cb:c4:74:b1:0f:79:61:c6:f4:39:ee:13:c7:1f:b4:23:38:c8:
9b:f9:c8:17:64:84:09:ea:a9:c5:61:d0:de:f8:42:c5:96:16:
81:a8:9b:75:8f:26:54:58:f6:4e:a5:35:ab:5a:72:20:38:af:
75:68:16:53:ec:9b:b2:b9:26:2c:6b:94:bf:31:28:4f:94:13:
e0:2c:8f:58
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICArIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDBENjkxMTAvBgNVBAUTKDEwM0ZBOEJERkZGQjlGMDU1NzA3MkM0NzMzMkI4MUE5
RTgwRUREMzUwHhcNMjUwNDE4MDgwMjMzWhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODAyMDcxOS1lZjYzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwn1FRinDERnMslyG97WBrV99UYPgppoXH41TpAC7WtLuEtDqdGCGPnR1fzhL
d6mOn90M13C2/1FolIZ4srzt3Tvv8bkM190NkosGmDhQCpqsT2ptbfDwvUFWz2Vi
o6iNJTLWcN9sXBvt4+4r4SwqLlzkeo+zq1aRdV07Lam+xK4XBnwsWITED5+N7Mja
li+TEMyfORaQA/vsBiyod2T6e1FFTVAnE6dAEBCxtcJ/G5QgPdXvx57igE7jK+PX
z9IOIpaZev/CwyNESyKGgwRN7uPpVajMIHk84eyaQ7EBxwDax6GK4rCmQXfSsUv4
212rKz8bhBbIeEC9y9A3JC5W3QIDAQABo4IClTCCApEwHQYDVR0OBBYEFOENcabX
SC3H0hPJlx5P5ZkGQWXzMB8GA1UdIwQYMBaAFBA/qL3/+58FVwcsRzMrganoDt01
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MEQ2OS8wRTE3N0Q1QTA1
OEMxMUVEQURENjYwMTFDNEY5QUUwMi9FRC1vdmZfN253VlhCeXhITXl1QnFlZ08z
VFUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0VELW92Zl83bndWWEJ5eEhNeXVCcWVnTzNUVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDBENjkvMEUxNzdENUEwNThDMTFFREFERDY2MDExQzRGOUFFMDIvN0I4Q0JEN0Ux
QzJCMTFGMEI1NERENTJGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFn7WYwDQYJKoZIhvcNAQELBQADggEBAAVAHwktugROKBGG
a1nfJ6Dz86585BYF7jS0f/xvXjjwAr7kCBL/hBFWv5exFiLeaHJ71TRG4ghG93x5
AG6gAGiZYBjy18BphM+33Lc92W5Kubxb0/EVMR8XRBFgF2QRW9JDFK1BKbTphuYw
CABSdECCpufCuNWXNYEd03vQDUFrVvmgcTU1+TKZan7k58zjXpTMDydFPqKKA33R
xMh+ng5uH1/HJjok/vHfKynre988BrBDosvEdLEPeWHG9DnuE8cftCM4yJv5yBdk
hAnqqcVh0N74QsWWFoGom3WPJlRY9k6lNataciA4r3VoFlPsm7K5JixrlL8xKE+U
E+Asj1g=
-----END CERTIFICATE-----
Generated at Sat Apr 26 09:24:43 2025 by rpki-client