Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9177157/54E47DEE1D3E11E9A45DB76DC4F9AE02/78CEA40E63CE11EBB442586CC4F9AE02.roa
File: 78CEA40E63CE11EBB442586CC4F9AE02.roa (raw, json)
Hash identifier: S44RGYvUcki16JBFrbb/EQ+b+VzZlhCn8dFhJGjwF1k=
Subject key identifier: 79:40:F1:A6:72:7C:09:A2:CB:0C:AC:B7:CE:72:D9:20:D1:93:95:8B
Certificate issuer: /CN=A9177157/serialNumber=079CFCC512EA61966FA319A2988C92FD86BDF88B
Certificate serial: 10CA
Authority key identifier: 07:9C:FC:C5:12:EA:61:96:6F:A3:19:A2:98:8C:92:FD:86:BD:F8:8B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/B5z8xRLqYZZvoxmimIyS_Ya9-Is.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9177157/54E47DEE1D3E11E9A45DB76DC4F9AE02/78CEA40E63CE11EBB442586CC4F9AE02.roa
Signing time: Wed 02 Apr 2025 17:46:18 +0000
ROA not before: Wed 02 Apr 2025 17:46:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 132615
IP address blocks: 103.88.42.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 24 Apr 2025 04:29:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4298 (0x10ca)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9177157, serialNumber=079CFCC512EA61966FA319A2988C92FD86BDF88B
Validity
Not Before: Apr 2 17:46:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=67ed77ea-dd53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:2c:47:63:03:38:96:49:04:27:c4:bc:a6:cc:
b9:01:42:53:ee:1b:2b:6f:f3:3e:85:f3:df:09:ab:
6c:38:37:05:ba:45:07:c2:f6:fb:9f:3a:6c:25:88:
3e:3a:81:a7:46:82:ad:69:e6:59:d9:43:f4:6c:ef:
ca:4b:d6:e2:23:d0:94:d8:90:16:d9:e0:7d:18:fd:
06:b8:8a:53:80:99:f7:c6:62:d4:73:b1:e7:c6:56:
48:32:47:af:53:4f:53:90:08:e0:75:a9:75:6a:77:
a0:b6:6d:24:28:64:d4:1c:c0:8f:e3:21:1b:bb:d0:
d6:b3:ff:32:f7:7b:d1:be:6d:ad:a0:53:d2:d5:c1:
55:87:78:6d:f9:6d:58:77:8c:b3:b6:e8:67:f0:25:
31:a7:e1:7e:28:18:61:e5:5c:2e:52:c9:54:2a:39:
5a:20:78:0f:91:d7:8b:09:03:bd:42:13:82:ae:5b:
85:72:7e:5f:90:6f:29:cf:09:06:77:cb:ca:3f:14:
7b:81:7d:a4:05:a4:1d:93:3e:e5:6c:03:e3:cd:c2:
5f:e9:2e:8b:a5:84:29:3f:aa:83:a6:11:78:73:b6:
3d:84:be:b6:77:3a:d2:ac:db:c0:21:47:35:bb:1c:
93:2a:fa:ae:c4:7a:80:2a:d2:50:f0:c0:94:f8:de:
48:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:40:F1:A6:72:7C:09:A2:CB:0C:AC:B7:CE:72:D9:20:D1:93:95:8B
X509v3 Authority Key Identifier:
keyid:07:9C:FC:C5:12:EA:61:96:6F:A3:19:A2:98:8C:92:FD:86:BD:F8:8B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9177157/54E47DEE1D3E11E9A45DB76DC4F9AE02/B5z8xRLqYZZvoxmimIyS_Ya9-Is.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/B5z8xRLqYZZvoxmimIyS_Ya9-Is.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9177157/54E47DEE1D3E11E9A45DB76DC4F9AE02/78CEA40E63CE11EBB442586CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.88.42.0/24
Signature Algorithm: sha256WithRSAEncryption
18:25:63:7e:c0:77:ac:f5:c6:df:1f:ad:96:92:05:7a:15:a6:
38:c1:8d:a6:a7:be:7b:34:52:1f:98:49:27:e4:27:ac:3f:4a:
0c:9b:4a:e7:c0:f4:a4:9a:b6:0e:d1:da:03:66:ce:d5:fe:94:
58:53:4f:28:8c:61:5d:02:84:dc:b5:6f:6e:ea:33:32:a1:ea:
98:c8:27:a7:f0:b2:e7:b2:f5:75:6e:c5:0f:e1:22:15:63:bd:
43:a9:0d:a3:30:27:42:4c:b9:c5:77:be:f6:1d:8a:cd:ce:f7:
a5:4a:16:3c:1b:d0:c5:31:e9:00:d6:76:d6:a5:bf:fb:26:2d:
49:d8:83:14:d3:b8:32:65:c3:59:89:24:59:07:7f:80:90:70:
82:b8:86:9d:35:6b:7c:d7:99:0c:11:2b:ad:c8:58:56:d1:11:
5e:f3:6e:d2:3e:1b:f2:37:37:55:3b:cb:da:b3:85:1f:58:83:
4e:64:05:a7:ae:fe:57:cd:89:6b:25:6d:f4:f5:dc:29:b6:28:
51:7e:11:1b:dd:62:da:cc:35:53:76:94:91:3f:66:81:35:02:
96:69:fd:b2:8a:2c:2b:6d:a0:8e:1c:56:ef:dd:14:3c:ae:e4:
c0:9f:bc:78:0f:df:1d:a8:3d:a3:13:29:10:3d:ed:d0:f2:e2:
59:09:bb:5b
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICEMowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzcxNTcxMTAvBgNVBAUTKDA3OUNGQ0M1MTJFQTYxOTY2RkEzMTlBMjk4OEM5MkZE
ODZCREY4OEIwHhcNMjUwNDAyMTc0NjE4WhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2VkNzdlYS1kZDUzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA7yxHYwM4lkkEJ8S8psy5AUJT7hsrb/M+hfPfCatsODcFukUHwvb7nzpsJYg+
OoGnRoKtaeZZ2UP0bO/KS9biI9CU2JAW2eB9GP0GuIpTgJn3xmLUc7HnxlZIMkev
U09TkAjgdal1anegtm0kKGTUHMCP4yEbu9DWs/8y93vRvm2toFPS1cFVh3ht+W1Y
d4yztuhn8CUxp+F+KBhh5VwuUslUKjlaIHgPkdeLCQO9QhOCrluFcn5fkG8pzwkG
d8vKPxR7gX2kBaQdkz7lbAPjzcJf6S6LpYQpP6qDphF4c7Y9hL62dzrSrNvAIUc1
uxyTKvquxHqAKtJQ8MCU+N5IiQIDAQABo4IClTCCApEwHQYDVR0OBBYEFHlA8aZy
fAmiywyst85y2SDRk5WLMB8GA1UdIwQYMBaAFAec/MUS6mGWb6MZopiMkv2GvfiL
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NzE1Ny81NEU0N0RFRTFE
M0UxMUU5QTQ1REI3NkRDNEY5QUUwMi9CNXo4eFJMcVlaWnZveG1pbUl5U19ZYTkt
SXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0I1ejh4UkxxWVpadm94bWltSXlTX1lhOS1Jcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzcxNTcvNTRFNDdERUUxRDNFMTFFOUE0NURCNzZEQzRGOUFFMDIvNzhDRUE0MEU2
M0NFMTFFQkI0NDI1ODZDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnWCowDQYJKoZIhvcNAQELBQADggEBABglY37Ad6z1xt8f
rZaSBXoVpjjBjaanvns0Uh+YSSfkJ6w/SgybSufA9KSatg7R2gNmztX+lFhTTyiM
YV0ChNy1b27qMzKh6pjIJ6fwsuey9XVuxQ/hIhVjvUOpDaMwJ0JMucV3vvYdis3O
96VKFjwb0MUx6QDWdtalv/smLUnYgxTTuDJlw1mJJFkHf4CQcIK4hp01a3zXmQwR
K63IWFbREV7zbtI+G/I3N1U7y9qzhR9Yg05kBaeu/lfNiWslbfT13Cm2KFF+ERvd
YtrMNVN2lJE/ZoE1ApZp/bKKLCttoI4cVu/dFDyu5MCfvHgP3x2oPaMTKRA97dDy
4lkJu1s=
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:05:41 2025 by rpki-client