Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B569E/2525C7C84D2511EDA6DDD22EC4F9AE02/B6C2A6FE4D2711ED8D49D62FC4F9AE02.roa
File: B6C2A6FE4D2711ED8D49D62FC4F9AE02.roa (raw, json)
Hash identifier: L374pkLhJAG7gkwheUCAJTGzKCxPmLD6iNP0REfUkis=
Subject key identifier: 7D:12:FB:B0:FE:55:44:34:C3:32:33:15:B1:93:DC:69:7A:02:49:D4
Certificate issuer: /CN=A91B569E/serialNumber=DCB839319FD52EAD9FCB97782984FD1FD4492C17
Certificate serial: 019F
Authority key identifier: DC:B8:39:31:9F:D5:2E:AD:9F:CB:97:78:29:84:FD:1F:D4:49:2C:17
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3Lg5MZ_VLq2fy5d4KYT9H9RJLBc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B569E/2525C7C84D2511EDA6DDD22EC4F9AE02/B6C2A6FE4D2711ED8D49D62FC4F9AE02.roa
Signing time: Tue 17 Dec 2024 01:54:47 +0000
ROA not before: Tue 17 Dec 2024 01:54:47 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 150372
IP address blocks: 103.19.122.0/24 maxlen: 24
103.19.123.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 23 Dec 2024 06:38:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 415 (0x19f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B569E, serialNumber=DCB839319FD52EAD9FCB97782984FD1FD4492C17
Validity
Not Before: Dec 17 01:54:47 2024 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=6760d9e6-fb2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:fc:c5:71:bc:cd:27:19:80:17:df:aa:0a:88:
19:2a:db:11:36:95:9e:59:70:47:5f:43:3b:3c:71:
30:5d:0d:69:f1:82:32:3a:3e:85:3f:48:e8:17:66:
7a:df:b2:ee:19:42:87:78:ec:cc:ce:56:07:40:d7:
6b:49:11:5c:6c:bb:03:46:1a:26:c0:49:76:7d:26:
9f:14:88:85:00:7a:4d:5e:b9:a8:2e:2e:a3:35:1f:
bc:f1:21:05:c3:f0:54:e7:c4:be:f1:22:84:1b:f7:
ec:37:6b:54:d8:65:6d:ff:7e:83:c5:3f:f0:c2:9d:
26:30:22:17:b4:86:78:fe:bf:51:31:06:7e:55:23:
5c:18:1c:6d:62:bc:53:71:bb:50:77:93:90:d3:64:
dd:05:9d:c3:12:41:c3:62:79:13:ff:8a:76:25:d2:
8f:2c:f1:95:f1:fd:cc:54:c4:73:7f:0a:3d:f4:97:
52:f1:a8:1c:9c:e1:17:b6:30:71:e8:74:b7:d3:8a:
33:d1:13:38:97:74:91:1b:95:c3:a9:17:41:20:6d:
1b:66:50:3a:82:98:36:c8:dd:8c:16:c0:69:91:6a:
44:62:c5:da:d6:2f:cd:c3:0e:0d:f0:bc:66:5f:dc:
9b:0f:8e:ac:aa:02:e9:8f:26:a9:36:4f:81:27:3e:
39:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:12:FB:B0:FE:55:44:34:C3:32:33:15:B1:93:DC:69:7A:02:49:D4
X509v3 Authority Key Identifier:
keyid:DC:B8:39:31:9F:D5:2E:AD:9F:CB:97:78:29:84:FD:1F:D4:49:2C:17
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B569E/2525C7C84D2511EDA6DDD22EC4F9AE02/3Lg5MZ_VLq2fy5d4KYT9H9RJLBc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3Lg5MZ_VLq2fy5d4KYT9H9RJLBc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B569E/2525C7C84D2511EDA6DDD22EC4F9AE02/B6C2A6FE4D2711ED8D49D62FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.19.122.0/23
Signature Algorithm: sha256WithRSAEncryption
2b:dc:97:b4:47:fb:ac:62:b6:8f:94:8d:94:f1:de:6c:1e:c6:
ab:29:1f:20:2c:b4:b4:5f:37:0d:4c:32:73:51:c4:14:b6:ce:
b6:3c:c8:54:ca:16:70:a3:b4:27:af:76:a0:46:90:8a:a8:0f:
98:66:38:4c:d4:1f:17:36:a5:85:41:45:92:04:1a:10:c4:29:
79:1a:7f:51:2d:37:48:f6:2a:41:2c:b7:46:69:87:0a:ff:6f:
44:d9:05:6c:01:85:47:7d:c3:7e:34:52:73:77:a6:26:c2:cc:
c9:1d:86:35:1b:f9:c6:39:83:0c:1d:ef:4e:67:79:48:97:38:
04:9d:92:e9:ca:eb:26:84:24:a4:8d:4a:88:3b:43:86:cc:ed:
78:9c:05:20:97:64:93:96:50:31:00:79:55:3a:53:56:11:5b:
0a:74:05:37:92:a9:93:c8:44:00:d2:2c:b7:ee:72:0f:eb:54:
21:7e:1a:ac:76:0c:d8:46:78:ef:45:5d:ee:66:16:d5:1a:0b:
75:02:2f:9d:ec:18:11:3a:43:2e:d2:f8:6f:05:7c:7d:ff:3c:
eb:33:53:8d:28:10:29:95:f0:eb:63:8e:53:cf:29:4c:77:f3:
8c:73:1d:51:5e:1a:7d:1d:7f:ef:f5:16:35:07:4c:76:4d:08:
eb:40:44:71
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAZ8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjU2OUUxMTAvBgNVBAUTKERDQjgzOTMxOUZENTJFQUQ5RkNCOTc3ODI5ODRGRDFG
RDQ0OTJDMTcwHhcNMjQxMjE3MDE1NDQ3WhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzYwZDllNi1mYjJlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtPzFcbzNJxmAF9+qCogZKtsRNpWeWXBHX0M7PHEwXQ1p8YIyOj6FP0joF2Z6
37LuGUKHeOzMzlYHQNdrSRFcbLsDRhomwEl2fSafFIiFAHpNXrmoLi6jNR+88SEF
w/BU58S+8SKEG/fsN2tU2GVt/36DxT/wwp0mMCIXtIZ4/r9RMQZ+VSNcGBxtYrxT
cbtQd5OQ02TdBZ3DEkHDYnkT/4p2JdKPLPGV8f3MVMRzfwo99JdS8agcnOEXtjBx
6HS304oz0RM4l3SRG5XDqRdBIG0bZlA6gpg2yN2MFsBpkWpEYsXa1i/Nww4N8Lxm
X9ybD46sqgLpjyapNk+BJz45ZwIDAQABo4IClTCCApEwHQYDVR0OBBYEFH0S+7D+
VUQ0wzIzFbGT3Gl6AknUMB8GA1UdIwQYMBaAFNy4OTGf1S6tn8uXeCmE/R/USSwX
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNTY5RS8yNTI1QzdDODRE
MjUxMUVEQTZEREQyMkVDNEY5QUUwMi8zTGc1TVpfVkxxMmZ5NWQ0S1lUOUg5UkpM
QmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzNMZzVNWl9WTHEyZnk1ZDRLWVQ5SDlSSkxCYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjU2OUUvMjUyNUM3Qzg0RDI1MTFFREE2REREMjJFQzRGOUFFMDIvQjZDMkE2RkU0
RDI3MTFFRDhENDlENjJGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnE3owDQYJKoZIhvcNAQELBQADggEBACvcl7RH+6xito+U
jZTx3mwexqspHyAstLRfNw1MMnNRxBS2zrY8yFTKFnCjtCevdqBGkIqoD5hmOEzU
Hxc2pYVBRZIEGhDEKXkaf1EtN0j2KkEst0Zphwr/b0TZBWwBhUd9w340UnN3pibC
zMkdhjUb+cY5gwwd705neUiXOASdkunK6yaEJKSNSog7Q4bM7XicBSCXZJOWUDEA
eVU6U1YRWwp0BTeSqZPIRADSLLfucg/rVCF+Gqx2DNhGeO9FXe5mFtUaC3UCL53s
GBE6Qy7S+G8FfH3/POszU40oECmV8OtjjlPPKUx384xzHVFeGn0df+/1FjUHTHZN
COtARHE=
-----END CERTIFICATE-----
Generated at Sat Apr 26 08:24:56 2025 by rpki-client