Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9176909/9ABACAC84DCB11ED82961B36C4F9AE02/8F854766AF1A11EFAF122A6AC4F9AE02.roa
File: 8F854766AF1A11EFAF122A6AC4F9AE02.roa (raw, json)
Hash identifier: /twNc5U7hLdeGT8Njnji6erptHDB7fCfrnb1pbkaM5o=
Subject key identifier: F2:4E:AA:D6:F3:C3:91:55:F8:C5:56:47:98:DD:66:8E:70:6E:3A:C6
Certificate issuer: /CN=A9176909/serialNumber=3B48AB861652FAEED7E1D12583F16BB7FBB28913
Certificate serial: 01A8
Authority key identifier: 3B:48:AB:86:16:52:FA:EE:D7:E1:D1:25:83:F1:6B:B7:FB:B2:89:13
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/O0irhhZS-u7X4dElg_Frt_uyiRM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9176909/9ABACAC84DCB11ED82961B36C4F9AE02/8F854766AF1A11EFAF122A6AC4F9AE02.roa
Signing time: Sun 01 Dec 2024 02:25:17 +0000
ROA not before: Sun 01 Dec 2024 02:25:17 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 137526
IP address blocks: 103.20.243.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 25 Jan 2025 11:30:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 424 (0x1a8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9176909, serialNumber=3B48AB861652FAEED7E1D12583F16BB7FBB28913
Validity
Not Before: Dec 1 02:25:17 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=674bc90d-e65d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:ab:8c:31:13:8e:51:e0:e8:c9:ef:97:b5:d2:
66:f5:ee:20:f4:ef:d0:ca:42:fe:28:8b:e3:60:97:
6d:ba:24:6e:96:0a:3b:c7:83:fe:6c:ca:30:e7:03:
e2:b6:bd:d1:99:ff:70:3d:0b:98:67:81:36:4b:b3:
8d:c0:89:91:10:f1:8e:c6:37:95:ed:5c:c0:81:9b:
2d:07:1d:78:d4:07:f8:20:f1:cc:4d:9a:31:43:9c:
64:23:89:a0:e9:00:9a:27:ae:0b:1d:36:36:ed:e9:
86:a4:ed:6d:a2:04:07:d3:c5:2b:cf:8b:b9:24:36:
7c:c1:56:93:f6:f4:94:f3:06:27:49:02:13:09:a1:
d2:96:ba:9b:71:f1:69:02:e1:04:ef:20:cd:d1:c0:
a7:b0:dd:c0:07:a8:bb:80:2a:cc:9d:08:72:4b:8d:
78:36:e6:6b:d6:fc:dc:bf:9d:fb:2b:7a:53:85:8d:
63:a0:82:e7:2c:af:24:20:11:5a:68:41:7b:bf:b4:
00:f7:3d:a6:a2:ba:f1:5c:f3:6e:6d:fe:3c:fe:e4:
3d:36:73:a0:61:1d:98:17:bb:26:a9:3a:7e:eb:1b:
3e:ff:c8:80:d9:ad:2f:a2:e7:19:f4:0c:e7:f2:5e:
b7:41:8c:66:35:63:56:d0:58:01:44:93:0c:a9:a2:
62:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:4E:AA:D6:F3:C3:91:55:F8:C5:56:47:98:DD:66:8E:70:6E:3A:C6
X509v3 Authority Key Identifier:
keyid:3B:48:AB:86:16:52:FA:EE:D7:E1:D1:25:83:F1:6B:B7:FB:B2:89:13
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9176909/9ABACAC84DCB11ED82961B36C4F9AE02/O0irhhZS-u7X4dElg_Frt_uyiRM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/O0irhhZS-u7X4dElg_Frt_uyiRM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9176909/9ABACAC84DCB11ED82961B36C4F9AE02/8F854766AF1A11EFAF122A6AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.20.243.0/24
Signature Algorithm: sha256WithRSAEncryption
01:e8:2b:58:1c:2b:96:46:35:05:b4:d3:44:79:5b:05:11:21:
00:8f:bf:d1:42:a6:1a:79:41:6b:65:6c:12:5c:65:e8:ed:d6:
e1:1e:05:07:8d:a1:ba:b5:88:f8:2f:c4:2a:de:34:4f:81:e5:
03:9f:8e:e0:5f:c9:b3:f4:74:9c:d8:f4:be:f0:5d:0e:17:aa:
31:14:49:75:77:1e:dc:2b:bf:83:7e:a5:7a:be:96:2e:8a:6e:
59:54:53:34:ad:18:fa:51:c4:1b:65:c8:15:23:9d:8b:e6:b4:
67:2f:89:f1:26:84:22:a4:01:a2:2e:6f:73:46:28:32:c4:db:
f7:45:f4:d8:3f:10:82:e6:63:bb:56:06:e7:00:4e:71:f2:ac:
6e:02:cf:c0:d7:60:cb:a2:3c:c4:b8:1b:37:6e:92:05:4c:cf:
9c:57:fe:84:91:40:05:37:7f:2d:f4:ca:f4:1e:50:30:f4:a2:
09:54:39:c1:3a:55:e6:01:84:82:3e:1a:b2:28:4a:17:b4:2b:
23:10:63:42:3f:d2:77:f2:ed:c3:97:43:ba:da:01:01:e9:f0:
7a:ff:65:b4:ef:53:d9:f2:6e:d4:a9:73:4e:fc:9e:f9:e5:2b:
c8:44:ed:06:a2:5d:aa:67:8c:65:c8:38:3f:77:6c:33:ed:64:
c5:8b:5f:b7
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAagwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzY5MDkxMTAvBgNVBAUTKDNCNDhBQjg2MTY1MkZBRUVEN0UxRDEyNTgzRjE2QkI3
RkJCMjg5MTMwHhcNMjQxMjAxMDIyNTE3WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzRiYzkwZC1lNjVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1auMMROOUeDoye+XtdJm9e4g9O/QykL+KIvjYJdtuiRulgo7x4P+bMow5wPi
tr3Rmf9wPQuYZ4E2S7ONwImREPGOxjeV7VzAgZstBx141Af4IPHMTZoxQ5xkI4mg
6QCaJ64LHTY27emGpO1togQH08Urz4u5JDZ8wVaT9vSU8wYnSQITCaHSlrqbcfFp
AuEE7yDN0cCnsN3AB6i7gCrMnQhyS414NuZr1vzcv537K3pThY1joILnLK8kIBFa
aEF7v7QA9z2morrxXPNubf48/uQ9NnOgYR2YF7smqTp+6xs+/8iA2a0voucZ9Azn
8l63QYxmNWNW0FgBRJMMqaJiMQIDAQABo4IClTCCApEwHQYDVR0OBBYEFPJOqtbz
w5FV+MVWR5jdZo5wbjrGMB8GA1UdIwQYMBaAFDtIq4YWUvru1+HRJYPxa7f7sokT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NjkwOS85QUJBQ0FDODRE
Q0IxMUVEODI5NjFCMzZDNEY5QUUwMi9PMGlyaGhaUy11N1g0ZEVsZ19GcnRfdXlp
Uk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL08waXJoaFpTLXU3WDRkRWxnX0ZydF91eWlSTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzY5MDkvOUFCQUNBQzg0RENCMTFFRDgyOTYxQjM2QzRGOUFFMDIvOEY4NTQ3NjZB
RjFBMTFFRkFGMTIyQTZBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnFPMwDQYJKoZIhvcNAQELBQADggEBAAHoK1gcK5ZGNQW0
00R5WwURIQCPv9FCphp5QWtlbBJcZejt1uEeBQeNobq1iPgvxCreNE+B5QOfjuBf
ybP0dJzY9L7wXQ4XqjEUSXV3Htwrv4N+pXq+li6KbllUUzStGPpRxBtlyBUjnYvm
tGcvifEmhCKkAaIub3NGKDLE2/dF9Ng/EILmY7tWBucATnHyrG4Cz8DXYMuiPMS4
GzdukgVMz5xX/oSRQAU3fy30yvQeUDD0oglUOcE6VeYBhII+GrIoShe0KyMQY0I/
0nfy7cOXQ7raAQHp8Hr/ZbTvU9nybtSpc078nvnlK8hE7QaiXapnjGXIOD93bDPt
ZMWLX7c=
-----END CERTIFICATE-----
Generated at Sat Apr 26 08:32:45 2025 by rpki-client