Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91BF4A1/0F587A88B1CC11ED85F25A3DC4F9AE02/FD91D382FDFE11EEA991412FC4F9AE02.roa
File: FD91D382FDFE11EEA991412FC4F9AE02.roa (raw, json)
Hash identifier: S3olMU2Q2szKDW5ZZRX94OHhKdlbwW/qSPf93vtjlIQ=
Subject key identifier: CD:12:BA:A2:C6:65:45:96:DE:67:60:30:DD:3B:17:2B:F5:5D:E0:34
Certificate issuer: /CN=A91BF4A1/serialNumber=4FEE47943ABE13E38556A73C281B90E3549237DC
Certificate serial: 0185
Authority key identifier: 4F:EE:47:94:3A:BE:13:E3:85:56:A7:3C:28:1B:90:E3:54:92:37:DC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/T-5HlDq-E-OFVqc8KBuQ41SSN9w.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91BF4A1/0F587A88B1CC11ED85F25A3DC4F9AE02/FD91D382FDFE11EEA991412FC4F9AE02.roa
Signing time: Fri 07 Mar 2025 02:48:57 +0000
ROA not before: Fri 07 Mar 2025 02:48:57 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 140683
IP address blocks: 103.163.208.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 18 Mar 2025 04:08:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 389 (0x185)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91BF4A1, serialNumber=4FEE47943ABE13E38556A73C281B90E3549237DC
Validity
Not Before: Mar 7 02:48:57 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=67ca5e98-000a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:3f:63:c7:81:26:39:fb:2f:82:b4:34:89:04:
79:11:49:0a:19:2c:3a:b4:d1:f4:e1:58:03:da:8c:
d7:e0:2b:1f:b9:b9:b6:72:29:03:05:24:6b:fb:a4:
c4:6f:9c:e9:50:a0:33:e5:3f:12:0a:bf:aa:61:c0:
31:f8:0e:b9:5a:bc:ff:d0:b4:89:bb:a7:06:04:91:
81:76:7c:c2:7c:4c:e4:06:74:67:54:70:d7:ef:ce:
cd:1c:38:cb:14:16:a0:5b:3d:19:d3:52:f2:d7:0a:
b4:af:5c:9f:b7:f3:85:4f:0b:31:3c:f1:0d:48:a6:
6e:f5:6f:3b:55:35:c3:a5:25:9c:a8:97:4e:f2:48:
48:fe:60:a1:2e:1d:91:5e:3e:c0:b4:4e:2b:5c:e1:
ae:fb:ba:8d:22:74:be:08:57:86:f4:1e:cf:2f:c7:
65:8e:5f:54:82:cb:01:b7:16:5e:af:ee:7f:85:45:
59:44:69:14:b1:a5:28:e7:78:1c:9f:55:bd:61:73:
36:39:a8:15:29:66:eb:53:0d:31:2b:28:66:66:6d:
d7:95:1e:ba:71:a2:ce:10:33:0b:35:5f:4e:19:e7:
2c:3c:67:b5:14:24:17:e1:8a:27:4c:5d:2c:bd:0d:
c6:6d:3b:ce:5d:69:0f:fb:8a:b4:f3:14:86:51:b8:
3f:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:12:BA:A2:C6:65:45:96:DE:67:60:30:DD:3B:17:2B:F5:5D:E0:34
X509v3 Authority Key Identifier:
keyid:4F:EE:47:94:3A:BE:13:E3:85:56:A7:3C:28:1B:90:E3:54:92:37:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91BF4A1/0F587A88B1CC11ED85F25A3DC4F9AE02/T-5HlDq-E-OFVqc8KBuQ41SSN9w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/T-5HlDq-E-OFVqc8KBuQ41SSN9w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BF4A1/0F587A88B1CC11ED85F25A3DC4F9AE02/FD91D382FDFE11EEA991412FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.163.208.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:c3:00:aa:53:96:22:4e:af:66:ae:06:e3:ee:a0:a2:ae:82:
97:2b:aa:83:85:74:a4:54:c9:e5:4f:68:f4:c0:74:ce:ec:fa:
61:c0:dd:d0:4a:6d:74:10:fc:7a:7b:50:6a:32:d3:a2:32:e1:
de:dd:c6:1a:9c:60:40:ce:0a:67:d9:ba:e5:8a:79:d0:11:61:
03:e1:6d:3e:22:72:79:28:f1:64:4b:4c:19:9b:93:b3:df:ee:
ca:c7:cc:1a:85:ed:5b:dd:6c:fb:14:49:d2:2c:9a:26:64:9d:
10:4b:8a:8e:f0:e6:cf:b1:58:a1:c2:49:39:e1:60:37:f5:f1:
bf:95:c3:f6:ae:ac:73:83:6b:98:17:7f:19:72:f9:91:70:90:
28:86:26:85:b8:d6:87:ba:8f:86:54:a9:db:c0:3a:da:22:a8:
aa:96:0b:80:96:04:dc:fd:8a:cd:d1:e1:3b:14:76:09:dc:a4:
1a:e0:51:87:9e:4c:69:b8:e0:e6:c6:f7:53:3c:6c:0b:87:0a:
c1:0a:b9:39:59:b3:91:c4:e0:0c:3a:14:b8:6e:5c:6d:20:c4:
a5:c1:c7:2b:c7:ab:99:19:3c:3b:e2:32:ec:59:37:00:28:a1:
80:d2:d6:8e:7a:22:6b:2d:95:c8:62:20:50:d5:15:5c:f0:2c:
89:67:9f:08
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAYUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QkY0QTExMTAvBgNVBAUTKDRGRUU0Nzk0M0FCRTEzRTM4NTU2QTczQzI4MUI5MEUz
NTQ5MjM3REMwHhcNMjUwMzA3MDI0ODU3WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02N2NhNWU5OC0wMDBhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtj9jx4EmOfsvgrQ0iQR5EUkKGSw6tNH04VgD2ozX4Csfubm2cikDBSRr+6TE
b5zpUKAz5T8SCr+qYcAx+A65Wrz/0LSJu6cGBJGBdnzCfEzkBnRnVHDX787NHDjL
FBagWz0Z01Ly1wq0r1yft/OFTwsxPPENSKZu9W87VTXDpSWcqJdO8khI/mChLh2R
Xj7AtE4rXOGu+7qNInS+CFeG9B7PL8dljl9UgssBtxZer+5/hUVZRGkUsaUo53gc
n1W9YXM2OagVKWbrUw0xKyhmZm3XlR66caLOEDMLNV9OGecsPGe1FCQX4YonTF0s
vQ3GbTvOXWkP+4q08xSGUbg/JwIDAQABo4IClTCCApEwHQYDVR0OBBYEFM0SuqLG
ZUWW3mdgMN07Fyv1XeA0MB8GA1UdIwQYMBaAFE/uR5Q6vhPjhVanPCgbkONUkjfc
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCRjRBMS8wRjU4N0E4OEIx
Q0MxMUVEODVGMjVBM0RDNEY5QUUwMi9ULTVIbERxLUUtT0ZWcWM4S0J1UTQxU1NO
OXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1QtNUhsRHEtRS1PRlZxYzhLQnVRNDFTU045dy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QkY0QTEvMEY1ODdBODhCMUNDMTFFRDg1RjI1QTNEQzRGOUFFMDIvRkQ5MUQzODJG
REZFMTFFRUE5OTE0MTJGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABno9AwDQYJKoZIhvcNAQELBQADggEBAB7DAKpTliJOr2au
BuPuoKKugpcrqoOFdKRUyeVPaPTAdM7s+mHA3dBKbXQQ/Hp7UGoy06Iy4d7dxhqc
YEDOCmfZuuWKedARYQPhbT4icnko8WRLTBmbk7Pf7srHzBqF7VvdbPsUSdIsmiZk
nRBLio7w5s+xWKHCSTnhYDf18b+Vw/aurHODa5gXfxly+ZFwkCiGJoW41oe6j4ZU
qdvAOtoiqKqWC4CWBNz9is3R4TsUdgncpBrgUYeeTGm44ObG91M8bAuHCsEKuTlZ
s5HE4Aw6FLhuXG0gxKXBxyvHq5kZPDviMuxZNwAooYDS1o56ImstlchiIFDVFVzw
LIlnnwg=
-----END CERTIFICATE-----
Generated at Sat Apr 26 08:09:53 2025 by rpki-client