Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9199E3F/D8C51ACA5CF311E992FD622AC4F9AE02/166760A85CF511E9A1F5EE2BC4F9AE02.roa
File: 166760A85CF511E9A1F5EE2BC4F9AE02.roa (raw, json)
Hash identifier: ZDQ5k7NAlRSZbgptf0Ex6KOfp2VsyZs/ZXiyeTxt8wg=
Subject key identifier: 51:AC:99:C3:6D:64:13:EC:5B:94:58:3E:3D:04:C7:D8:1B:AC:DA:5D
Certificate issuer: /CN=A9199E3F/serialNumber=6691ABEC1A46FDBCD2607C4DF17A54CE3334C212
Certificate serial: 0F96
Authority key identifier: 66:91:AB:EC:1A:46:FD:BC:D2:60:7C:4D:F1:7A:54:CE:33:34:C2:12
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZpGr7BpG_bzSYHxN8XpUzjM0whI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9199E3F/D8C51ACA5CF311E992FD622AC4F9AE02/166760A85CF511E9A1F5EE2BC4F9AE02.roa
Signing time: Wed 02 Apr 2025 17:47:17 +0000
ROA not before: Wed 02 Apr 2025 17:47:17 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 17547
IP address blocks: 103.23.76.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 08 Apr 2025 01:02:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3990 (0xf96)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9199E3F, serialNumber=6691ABEC1A46FDBCD2607C4DF17A54CE3334C212
Validity
Not Before: Apr 2 17:47:17 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=67ed7825-21cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:e8:05:12:88:89:c1:1a:52:bb:db:0d:ff:4d:
49:60:2d:c1:6e:2a:90:c1:63:49:8d:40:55:f0:a2:
b0:9e:0b:39:5d:f4:f1:e1:0a:42:3c:9c:df:07:3b:
9f:ae:2f:b1:90:af:de:fe:85:42:92:a7:4a:34:e3:
f2:de:0f:26:63:f5:a2:5f:b0:82:4f:05:1e:c9:08:
40:a3:75:08:3e:80:90:85:c3:06:30:fd:1b:b8:ff:
4b:e3:9d:23:c9:0d:44:dc:f4:df:2a:72:c1:5b:53:
1b:1a:e2:b6:03:bb:38:8d:22:a0:e2:49:45:99:e9:
e5:08:b5:a5:6f:18:6a:78:89:b9:9f:8b:c0:06:b0:
3e:05:88:b3:67:c0:f8:3a:bb:90:fc:31:8b:8c:3d:
23:12:30:fb:b9:f7:38:67:2e:59:2e:55:a2:22:7f:
55:be:32:b9:c2:21:e5:c9:4b:1d:93:08:71:84:eb:
f3:e4:25:90:c9:42:b1:d2:74:ac:11:df:91:7b:a8:
c8:ee:18:18:ff:75:a7:85:b0:9d:d0:bb:17:f4:83:
32:dd:64:a1:d1:b2:52:d8:9f:33:03:89:f9:68:05:
4d:2c:df:5c:b6:f9:56:26:f2:9b:c5:a7:8d:7a:fe:
32:cf:24:b5:26:81:b1:13:68:09:17:a1:31:a9:0f:
81:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:AC:99:C3:6D:64:13:EC:5B:94:58:3E:3D:04:C7:D8:1B:AC:DA:5D
X509v3 Authority Key Identifier:
keyid:66:91:AB:EC:1A:46:FD:BC:D2:60:7C:4D:F1:7A:54:CE:33:34:C2:12
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9199E3F/D8C51ACA5CF311E992FD622AC4F9AE02/ZpGr7BpG_bzSYHxN8XpUzjM0whI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZpGr7BpG_bzSYHxN8XpUzjM0whI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9199E3F/D8C51ACA5CF311E992FD622AC4F9AE02/166760A85CF511E9A1F5EE2BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.23.76.0/22
Signature Algorithm: sha256WithRSAEncryption
43:62:17:e1:d9:30:98:8a:67:c3:d4:b7:76:b5:c1:9d:a2:f9:
fe:ec:a2:56:34:83:7d:87:22:1e:80:f8:a6:a2:b0:6d:eb:62:
52:2c:12:6f:46:b8:bb:b0:89:87:f9:f4:8d:89:5c:62:cd:83:
f3:f5:5c:6d:1a:d0:9d:c4:23:a2:5c:85:28:c6:73:e9:3f:09:
b5:13:c3:a3:74:b4:6c:d1:7f:70:94:28:67:b4:55:9b:68:46:
47:6c:e0:c9:a4:da:9e:cf:89:5a:af:9c:05:fb:70:2b:18:d5:
1b:4f:02:85:29:8a:c2:67:b9:c3:81:d5:f9:10:6c:5b:e9:bf:
78:8e:b6:4d:16:a7:46:eb:7a:3c:59:a7:8e:12:45:58:7c:e5:
c9:7e:0a:63:e0:0e:40:fb:7d:92:15:1b:cc:0d:94:e2:b3:1d:
a7:17:a8:01:26:5c:bb:19:51:0e:fb:79:52:d4:ca:fc:b2:49:
cd:88:b2:f9:bb:ec:86:91:5b:73:42:75:5d:f9:5f:0b:93:0c:
18:c4:01:3f:9f:d4:3a:45:6b:53:23:48:7b:94:b5:81:b0:61:
9e:2a:4f:f4:c6:a3:0c:58:c6:d8:a3:9e:c5:bf:ca:34:84:69:
54:47:94:51:a7:c9:28:52:d8:6e:fe:2e:53:57:d8:39:02:13:
3e:fa:24:9f
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICD5YwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTlFM0YxMTAvBgNVBAUTKDY2OTFBQkVDMUE0NkZEQkNEMjYwN0M0REYxN0E1NENF
MzMzNEMyMTIwHhcNMjUwNDAyMTc0NzE3WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02N2VkNzgyNS0yMWNjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAt+gFEoiJwRpSu9sN/01JYC3BbiqQwWNJjUBV8KKwngs5XfTx4QpCPJzfBzuf
ri+xkK/e/oVCkqdKNOPy3g8mY/WiX7CCTwUeyQhAo3UIPoCQhcMGMP0buP9L450j
yQ1E3PTfKnLBW1MbGuK2A7s4jSKg4klFmenlCLWlbxhqeIm5n4vABrA+BYizZ8D4
OruQ/DGLjD0jEjD7ufc4Zy5ZLlWiIn9VvjK5wiHlyUsdkwhxhOvz5CWQyUKx0nSs
Ed+Re6jI7hgY/3WnhbCd0LsX9IMy3WSh0bJS2J8zA4n5aAVNLN9ctvlWJvKbxaeN
ev4yzyS1JoGxE2gJF6ExqQ+BIwIDAQABo4IClTCCApEwHQYDVR0OBBYEFFGsmcNt
ZBPsW5RYPj0Ex9gbrNpdMB8GA1UdIwQYMBaAFGaRq+waRv280mB8TfF6VM4zNMIS
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5OUUzRi9EOEM1MUFDQTVD
RjMxMUU5OTJGRDYyMkFDNEY5QUUwMi9acEdyN0JwR19ielNZSHhOOFhwVXpqTTB3
aEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1pwR3I3QnBHX2J6U1lIeE44WHBVempNMHdoSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTlFM0YvRDhDNTFBQ0E1Q0YzMTFFOTkyRkQ2MjJBQzRGOUFFMDIvMTY2NzYwQTg1
Q0Y1MTFFOUExRjVFRTJCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJnF0wwDQYJKoZIhvcNAQELBQADggEBAENiF+HZMJiKZ8PU
t3a1wZ2i+f7solY0g32HIh6A+KaisG3rYlIsEm9GuLuwiYf59I2JXGLNg/P1XG0a
0J3EI6JchSjGc+k/CbUTw6N0tGzRf3CUKGe0VZtoRkds4Mmk2p7PiVqvnAX7cCsY
1RtPAoUpisJnucOB1fkQbFvpv3iOtk0Wp0brejxZp44SRVh85cl+CmPgDkD7fZIV
G8wNlOKzHacXqAEmXLsZUQ77eVLUyvyySc2Isvm77IaRW3NCdV35XwuTDBjEAT+f
1DpFa1MjSHuUtYGwYZ4qT/TGowxYxtijnsW/yjSEaVRHlFGnyShS2G7+LlNX2DkC
Ez76JJ8=
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:43:53 2025 by rpki-client