Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B569E/2525C7C84D2511EDA6DDD22EC4F9AE02/B0AAB49CCE9811EFAE326A6BC4F9AE02.roa
File: B0AAB49CCE9811EFAE326A6BC4F9AE02.roa (raw, json)
Hash identifier: bfGJawfmm7pJYTF3kPX18GVBhX/MgQVOARkAoHZnPTQ=
Subject key identifier: CA:FA:0D:66:86:F4:AA:EC:D2:C2:46:B7:7A:94:3B:69:BA:6B:65:F1
Certificate issuer: /CN=A91B569E/serialNumber=DCB839319FD52EAD9FCB97782984FD1FD4492C17
Certificate serial: 01B3
Authority key identifier: DC:B8:39:31:9F:D5:2E:AD:9F:CB:97:78:29:84:FD:1F:D4:49:2C:17
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3Lg5MZ_VLq2fy5d4KYT9H9RJLBc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B569E/2525C7C84D2511EDA6DDD22EC4F9AE02/B0AAB49CCE9811EFAE326A6BC4F9AE02.roa
Signing time: Thu 09 Jan 2025 14:47:47 +0000
ROA not before: Thu 09 Jan 2025 14:47:47 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 131474
IP address blocks: 103.19.122.0/24 maxlen: 24
103.19.123.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 11 Feb 2025 10:48:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 435 (0x1b3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B569E, serialNumber=DCB839319FD52EAD9FCB97782984FD1FD4492C17
Validity
Not Before: Jan 9 14:47:47 2025 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=677fe192-5b9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:88:ca:af:3f:2e:ee:74:84:cb:90:26:20:92:
88:b9:06:47:eb:bc:29:c2:65:e3:d8:08:da:41:42:
af:1d:52:39:14:1c:8c:6f:26:9b:90:2a:e7:73:42:
c6:08:30:15:1d:d2:0d:db:0d:a0:57:c1:07:d4:c0:
4e:17:61:cb:62:ff:22:e5:d2:48:22:e2:58:f4:e4:
57:33:bd:74:66:90:83:68:72:20:5d:e5:3c:86:b6:
a1:fa:3c:98:bb:2c:67:f7:64:6c:a6:f4:5b:25:67:
77:ef:11:73:c6:55:37:fb:ea:bf:8c:46:bd:cb:08:
9e:21:05:ca:66:71:8d:00:3b:1b:c2:4b:b1:fa:04:
ea:30:bc:f1:e0:a1:7e:a4:6b:09:a9:90:a6:ba:df:
ce:66:0c:cb:d4:13:42:0a:bc:ea:3a:c6:c0:be:df:
b7:1b:c2:da:d1:d7:0a:f2:d7:df:34:f1:17:92:33:
d5:0c:12:b7:73:4f:93:4b:a2:ca:10:0d:01:41:72:
46:6d:aa:04:31:55:fa:7a:14:d3:c6:4b:72:c7:c7:
ef:9f:51:43:a8:99:49:75:cb:32:f5:4b:ae:ce:e1:
4a:a2:31:89:f9:9a:2a:77:b8:66:07:68:64:d9:a9:
84:84:cc:4a:e1:2d:c9:1d:6e:d3:3e:58:b2:4c:5c:
30:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:FA:0D:66:86:F4:AA:EC:D2:C2:46:B7:7A:94:3B:69:BA:6B:65:F1
X509v3 Authority Key Identifier:
keyid:DC:B8:39:31:9F:D5:2E:AD:9F:CB:97:78:29:84:FD:1F:D4:49:2C:17
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B569E/2525C7C84D2511EDA6DDD22EC4F9AE02/3Lg5MZ_VLq2fy5d4KYT9H9RJLBc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3Lg5MZ_VLq2fy5d4KYT9H9RJLBc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B569E/2525C7C84D2511EDA6DDD22EC4F9AE02/B0AAB49CCE9811EFAE326A6BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.19.122.0/23
Signature Algorithm: sha256WithRSAEncryption
13:fe:1f:a3:29:1d:38:76:11:5b:2a:a7:23:b0:cf:b8:c9:6e:
2b:18:ea:97:b6:92:de:56:a4:74:10:3a:eb:95:97:9d:6a:2a:
2c:08:38:da:36:66:25:49:bb:4b:c9:4a:d1:05:a9:e0:37:05:
a8:07:6a:6d:21:01:1b:13:03:09:5d:d0:84:71:7d:d4:59:23:
b2:ff:8e:de:73:14:b6:e8:a1:25:cc:e5:ca:5f:41:be:0c:ee:
7d:6f:dc:fa:9a:3b:d6:9f:78:65:99:ff:55:44:3d:33:64:40:
d5:1d:65:c5:29:f8:34:9b:48:87:83:3c:c0:38:c0:a3:08:d7:
35:f9:67:0e:5e:30:e1:01:fd:08:98:aa:d4:26:5e:7a:56:73:
d3:b4:8d:e0:8d:e2:70:37:0c:37:2c:e6:07:76:dd:14:62:03:
51:37:ac:2e:36:a5:99:8d:f3:c8:d1:d8:b9:32:af:a0:b8:55:
ae:1d:02:c5:29:d0:66:38:07:06:d4:f9:9e:52:97:c3:15:7d:
c9:f5:12:a8:45:d9:3e:ed:64:92:d1:c3:e8:6a:6d:89:c2:55:
c2:76:60:1c:ff:89:1b:70:20:59:bf:5d:77:42:fa:cf:b6:7d:
7b:d2:55:61:66:58:bf:96:f4:eb:ac:b2:7b:d3:e0:49:28:59:
45:c8:9f:14
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAbMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjU2OUUxMTAvBgNVBAUTKERDQjgzOTMxOUZENTJFQUQ5RkNCOTc3ODI5ODRGRDFG
RDQ0OTJDMTcwHhcNMjUwMTA5MTQ0NzQ3WhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzdmZTE5Mi01YjlhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA44jKrz8u7nSEy5AmIJKIuQZH67wpwmXj2AjaQUKvHVI5FByMbyabkCrnc0LG
CDAVHdIN2w2gV8EH1MBOF2HLYv8i5dJIIuJY9ORXM710ZpCDaHIgXeU8hrah+jyY
uyxn92RspvRbJWd37xFzxlU3++q/jEa9ywieIQXKZnGNADsbwkux+gTqMLzx4KF+
pGsJqZCmut/OZgzL1BNCCrzqOsbAvt+3G8La0dcK8tffNPEXkjPVDBK3c0+TS6LK
EA0BQXJGbaoEMVX6ehTTxktyx8fvn1FDqJlJdcsy9UuuzuFKojGJ+Zoqd7hmB2hk
2amEhMxK4S3JHW7TPliyTFwwnwIDAQABo4IClTCCApEwHQYDVR0OBBYEFMr6DWaG
9Krs0sJGt3qUO2m6a2XxMB8GA1UdIwQYMBaAFNy4OTGf1S6tn8uXeCmE/R/USSwX
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNTY5RS8yNTI1QzdDODRE
MjUxMUVEQTZEREQyMkVDNEY5QUUwMi8zTGc1TVpfVkxxMmZ5NWQ0S1lUOUg5UkpM
QmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzNMZzVNWl9WTHEyZnk1ZDRLWVQ5SDlSSkxCYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjU2OUUvMjUyNUM3Qzg0RDI1MTFFREE2REREMjJFQzRGOUFFMDIvQjBBQUI0OUND
RTk4MTFFRkFFMzI2QTZCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnE3owDQYJKoZIhvcNAQELBQADggEBABP+H6MpHTh2EVsq
pyOwz7jJbisY6pe2kt5WpHQQOuuVl51qKiwIONo2ZiVJu0vJStEFqeA3BagHam0h
ARsTAwld0IRxfdRZI7L/jt5zFLbooSXM5cpfQb4M7n1v3PqaO9afeGWZ/1VEPTNk
QNUdZcUp+DSbSIeDPMA4wKMI1zX5Zw5eMOEB/QiYqtQmXnpWc9O0jeCN4nA3DDcs
5gd23RRiA1E3rC42pZmN88jR2Lkyr6C4Va4dAsUp0GY4BwbU+Z5Sl8MVfcn1EqhF
2T7tZJLRw+hqbYnCVcJ2YBz/iRtwIFm/XXdC+s+2fXvSVWFmWL+W9OussnvT4Eko
WUXInxQ=
-----END CERTIFICATE-----
Generated at Sat Apr 26 08:25:59 2025 by rpki-client