Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91941E9/DAD8FB80079011EBBB98C076C4F9AE02/2F3E0638BE4C11ED9598AC4EC4F9AE02.roa
File: 2F3E0638BE4C11ED9598AC4EC4F9AE02.roa (raw, json)
Hash identifier: ccbTUvSLFpBelJ244wcTlDOTQio41U1vm8yr8CVHQz8=
Subject key identifier: CC:43:7D:EC:B9:12:09:4F:A9:2D:A1:2C:CF:4B:A9:5E:4C:43:A2:C8
Certificate issuer: /CN=A91941E9/serialNumber=05AD3E4AA1961BA7ECBE02935725C25CD26BD6BC
Certificate serial: 0720
Authority key identifier: 05:AD:3E:4A:A1:96:1B:A7:EC:BE:02:93:57:25:C2:5C:D2:6B:D6:BC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ba0-SqGWG6fsvgKTVyXCXNJr1rw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91941E9/DAD8FB80079011EBBB98C076C4F9AE02/2F3E0638BE4C11ED9598AC4EC4F9AE02.roa
Signing time: Fri 02 Aug 2024 22:40:47 +0000
ROA not before: Fri 02 Aug 2024 22:40:47 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 17408
IP address blocks: 103.37.236.0/22 maxlen: 22
103.154.21.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 12 Sep 2024 05:15:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1824 (0x720)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91941E9, serialNumber=05AD3E4AA1961BA7ECBE02935725C25CD26BD6BC
Validity
Not Before: Aug 2 22:40:47 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=66ad606f-e4cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:b5:ea:7a:fe:d0:eb:93:92:c3:0a:b3:1e:57:
e9:39:f5:c0:94:b0:7b:51:38:f5:c3:85:f9:ca:17:
f4:c3:5f:04:c5:68:7d:78:f2:df:42:c7:85:55:d0:
b2:03:7b:d7:a6:52:21:73:ee:0f:52:40:6e:f2:9d:
3e:27:21:b4:b6:5a:af:7a:b4:99:68:42:c1:d6:0b:
ec:8c:25:b8:4a:a6:d5:41:c2:8e:a8:bb:86:4e:df:
02:c2:15:f1:3a:7b:fc:a2:67:1e:af:1f:7b:1f:5e:
0e:0d:0e:1c:7e:cb:c0:c4:78:a2:bb:41:0d:fe:8d:
b8:35:59:9b:55:d8:4a:23:62:22:a2:67:1d:be:e9:
ad:7e:8a:37:c5:24:6a:e0:4d:81:37:f3:52:e4:2d:
ae:68:cb:8b:b2:55:89:87:81:4e:76:a8:6b:54:37:
51:54:d2:ae:57:da:4c:0a:7c:9b:52:16:5c:2e:fa:
a9:3c:64:22:37:46:51:0b:7c:de:d2:10:b4:72:e7:
96:80:5a:de:0b:03:d1:52:69:04:fe:a0:2f:96:13:
69:5e:06:f8:b2:75:66:2e:33:63:c1:31:6c:f0:db:
64:61:3e:47:3f:30:8b:e1:c1:d0:64:aa:6a:76:87:
70:71:a7:63:8f:60:c2:f0:51:af:f6:32:b4:a6:2d:
f8:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:43:7D:EC:B9:12:09:4F:A9:2D:A1:2C:CF:4B:A9:5E:4C:43:A2:C8
X509v3 Authority Key Identifier:
keyid:05:AD:3E:4A:A1:96:1B:A7:EC:BE:02:93:57:25:C2:5C:D2:6B:D6:BC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91941E9/DAD8FB80079011EBBB98C076C4F9AE02/Ba0-SqGWG6fsvgKTVyXCXNJr1rw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ba0-SqGWG6fsvgKTVyXCXNJr1rw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91941E9/DAD8FB80079011EBBB98C076C4F9AE02/2F3E0638BE4C11ED9598AC4EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.37.236.0/22
103.154.21.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:db:c4:bd:76:d5:85:cb:65:40:e5:f3:11:42:a1:21:ee:cf:
c0:ea:11:06:40:e3:4b:5d:4a:be:fe:a3:3d:a5:1b:b2:67:5f:
94:9c:30:68:b5:1c:ca:6a:8a:11:a0:bb:3d:a0:1f:c7:76:cb:
e6:59:ab:7d:b9:74:a9:fc:1c:f9:62:f3:42:65:53:6a:e4:6d:
6d:34:0e:3e:3f:61:a2:8c:90:9c:23:0e:f5:a2:d0:f7:de:f2:
37:7e:39:a1:ad:55:61:2c:6d:41:a2:26:16:20:c6:c6:0d:ac:
e9:47:01:80:c4:6c:bb:83:01:7f:71:ee:ff:fc:81:86:17:9e:
fc:66:4e:ea:ea:d1:98:bd:91:5a:38:11:7c:d5:74:34:3e:6d:
f1:37:54:fe:92:21:da:de:99:80:40:78:a3:0b:91:c5:95:d3:
aa:3e:4a:82:00:ce:27:6d:06:0a:23:98:3e:48:91:c6:ff:af:
2a:59:05:9f:91:39:a5:3c:6b:ad:08:6a:46:75:cc:bd:29:e9:
09:ab:93:8f:34:4b:a1:18:1d:c6:27:8d:b8:ac:a6:82:a9:d5:
f3:72:85:c5:73:57:88:a5:12:ee:92:13:e2:fa:cc:19:36:63:
ab:69:b4:9e:35:be:4b:22:da:9b:96:c3:aa:18:94:df:3c:75:
0b:aa:3f:fb
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICByAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTQxRTkxMTAvBgNVBAUTKDA1QUQzRTRBQTE5NjFCQTdFQ0JFMDI5MzU3MjVDMjVD
RDI2QkQ2QkMwHhcNMjQwODAyMjI0MDQ3WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmFkNjA2Zi1lNGNjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArbXqev7Q65OSwwqzHlfpOfXAlLB7UTj1w4X5yhf0w18ExWh9ePLfQseFVdCy
A3vXplIhc+4PUkBu8p0+JyG0tlqverSZaELB1gvsjCW4SqbVQcKOqLuGTt8CwhXx
Onv8omcerx97H14ODQ4cfsvAxHiiu0EN/o24NVmbVdhKI2Iiomcdvumtfoo3xSRq
4E2BN/NS5C2uaMuLslWJh4FOdqhrVDdRVNKuV9pMCnybUhZcLvqpPGQiN0ZRC3ze
0hC0cueWgFreCwPRUmkE/qAvlhNpXgb4snVmLjNjwTFs8NtkYT5HPzCL4cHQZKpq
dodwcadjj2DC8FGv9jK0pi34twIDAQABo4ICmzCCApcwHQYDVR0OBBYEFMxDfey5
EglPqS2hLM9LqV5MQ6LIMB8GA1UdIwQYMBaAFAWtPkqhlhun7L4Ck1clwlzSa9a8
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NDFFOS9EQUQ4RkI4MDA3
OTAxMUVCQkI5OEMwNzZDNEY5QUUwMi9CYTAtU3FHV0c2ZnN2Z0tUVnlYQ1hOSnIx
cncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0JhMC1TcUdXRzZmc3ZnS1RWeVhDWE5KcjFydy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTQxRTkvREFEOEZCODAwNzkwMTFFQkJCOThDMDc2QzRGOUFFMDIvMkYzRTA2MzhC
RTRDMTFFRDk1OThBQzRFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAJnJewDBABnmhUwDQYJKoZIhvcNAQELBQADggEBAHvbxL12
1YXLZUDl8xFCoSHuz8DqEQZA40tdSr7+oz2lG7JnX5ScMGi1HMpqihGguz2gH8d2
y+ZZq325dKn8HPli80JlU2rkbW00Dj4/YaKMkJwjDvWi0Pfe8jd+OaGtVWEsbUGi
JhYgxsYNrOlHAYDEbLuDAX9x7v/8gYYXnvxmTurq0Zi9kVo4EXzVdDQ+bfE3VP6S
IdremYBAeKMLkcWV06o+SoIAzidtBgojmD5Ikcb/rypZBZ+ROaU8a60IakZ1zL0p
6Qmrk480S6EYHcYnjbispoKp1fNyhcVzV4ilEu6SE+L6zBk2Y6tptJ41vksi2puW
w6oYlN88dQuqP/s=
-----END CERTIFICATE-----
Generated at Sat Apr 26 13:04:37 2025 by rpki-client