Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EA723/2CD7F5C8B27D11ED8856FA81C4F9AE02/6DB3AB6206A611F0B1BDBF81C4F9AE02.roa
File: 6DB3AB6206A611F0B1BDBF81C4F9AE02.roa (raw, json)
Hash identifier: 5plD0erFQtR0IiLzdegftl4NbacBk+R+VyziS/58WHQ=
Subject key identifier: 5B:D6:C3:28:29:5F:73:58:23:CC:B5:72:EA:9A:E2:3C:B6:D3:4E:F4
Certificate issuer: /CN=A91EA723/serialNumber=B90422559B58C4DAA89F224D49C71FF44F9BCA34
Certificate serial: 01A2
Authority key identifier: B9:04:22:55:9B:58:C4:DA:A8:9F:22:4D:49:C7:1F:F4:4F:9B:CA:34
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uQQiVZtYxNqonyJNSccf9E-byjQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EA723/2CD7F5C8B27D11ED8856FA81C4F9AE02/6DB3AB6206A611F0B1BDBF81C4F9AE02.roa
Signing time: Mon 31 Mar 2025 02:58:47 +0000
ROA not before: Mon 31 Mar 2025 02:58:47 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 135654
IP address blocks: 103.93.33.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 02 Apr 2025 12:22:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 418 (0x1a2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EA723, serialNumber=B90422559B58C4DAA89F224D49C71FF44F9BCA34
Validity
Not Before: Mar 31 02:58:47 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=67ea04e7-3bcd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:6e:03:9c:84:17:39:82:bb:f3:60:9e:4c:11:
c4:c0:bd:9d:66:27:8c:e1:a3:d6:4e:46:7f:ef:b4:
d2:7d:4c:fc:21:f9:61:0a:5f:32:a3:be:2e:05:64:
be:e6:0f:4e:82:dd:d2:f7:ce:c9:47:2d:f8:b6:4f:
48:7e:a1:f3:da:19:9e:44:4c:65:07:e8:8a:1d:1a:
28:1d:d2:8a:15:1d:fd:6f:04:7c:f2:a5:27:87:69:
ae:cc:7a:25:de:b0:8c:87:54:fc:34:12:3c:e6:48:
96:d7:8a:eb:a2:3f:ce:be:92:6f:87:a1:e8:e9:2c:
66:75:fa:51:3d:91:0f:a6:9e:51:ed:a1:41:f0:76:
9f:59:d2:78:11:1c:9a:db:47:13:4d:bb:f4:c6:a9:
75:41:35:e0:79:15:f4:56:dc:02:aa:a0:85:15:a7:
7f:04:ab:fe:a2:28:2c:80:33:3e:20:03:e8:47:31:
7f:68:d3:f3:dc:23:80:fa:7e:cf:7e:51:40:99:94:
60:aa:12:18:91:a0:e3:32:e9:ba:18:f8:1d:84:95:
ad:f3:c3:9e:8d:6d:8c:28:49:ec:45:14:d2:bc:81:
c3:d1:f5:a6:b2:1c:f9:01:f9:6b:e7:60:94:b5:03:
ed:02:5d:de:42:d5:d1:6b:df:1b:8e:c3:eb:1d:bc:
95:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:D6:C3:28:29:5F:73:58:23:CC:B5:72:EA:9A:E2:3C:B6:D3:4E:F4
X509v3 Authority Key Identifier:
keyid:B9:04:22:55:9B:58:C4:DA:A8:9F:22:4D:49:C7:1F:F4:4F:9B:CA:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EA723/2CD7F5C8B27D11ED8856FA81C4F9AE02/uQQiVZtYxNqonyJNSccf9E-byjQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uQQiVZtYxNqonyJNSccf9E-byjQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EA723/2CD7F5C8B27D11ED8856FA81C4F9AE02/6DB3AB6206A611F0B1BDBF81C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.93.33.0/24
Signature Algorithm: sha256WithRSAEncryption
14:a2:cb:64:85:34:fe:33:3f:73:b4:c7:fb:0d:4b:88:92:ba:
1d:aa:e6:da:d0:20:69:7d:b5:97:e2:6f:28:80:59:ed:90:a8:
6a:db:dc:cf:c5:cd:18:09:be:39:4f:77:63:e5:bd:22:f5:77:
ad:cc:fe:3b:7d:11:b7:6f:68:81:d3:35:23:b8:e9:77:59:f6:
6b:d6:7a:dd:49:7a:41:06:13:d3:7c:e0:ef:92:6f:c5:25:0f:
9d:c9:02:3e:4f:73:51:3e:40:18:df:5d:88:94:81:dd:fc:a9:
2f:79:f7:79:19:2c:7f:fb:f8:a8:a6:94:86:57:f8:43:e3:d1:
f6:bd:d3:0a:b5:ee:64:92:bb:8d:ef:06:83:86:48:31:fc:39:
61:68:60:5a:35:cb:47:c3:fb:19:55:14:f5:1c:43:5e:9c:3c:
b8:6d:79:33:1f:c3:35:a5:96:46:49:83:c2:19:b9:f4:ed:6a:
a2:e8:f8:74:0a:72:fc:ce:45:79:36:09:3c:79:c2:d9:65:85:
e4:5c:b8:4e:10:e9:4d:0a:a9:8a:e7:58:c9:fe:2c:c2:f1:ee:
3d:3f:ed:bc:dd:57:13:2b:42:7c:10:1f:89:2d:e9:8a:59:ba:
72:bb:05:5b:e6:00:f9:ed:0d:1c:47:6a:ad:cc:f4:fd:ff:22:
6e:54:6d:98
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAaIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUE3MjMxMTAvBgNVBAUTKEI5MDQyMjU1OUI1OEM0REFBODlGMjI0RDQ5QzcxRkY0
NEY5QkNBMzQwHhcNMjUwMzMxMDI1ODQ3WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02N2VhMDRlNy0zYmNkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3W4DnIQXOYK782CeTBHEwL2dZieM4aPWTkZ/77TSfUz8IflhCl8yo74uBWS+
5g9Ogt3S987JRy34tk9IfqHz2hmeRExlB+iKHRooHdKKFR39bwR88qUnh2muzHol
3rCMh1T8NBI85kiW14rroj/OvpJvh6Ho6SxmdfpRPZEPpp5R7aFB8HafWdJ4ERya
20cTTbv0xql1QTXgeRX0VtwCqqCFFad/BKv+oigsgDM+IAPoRzF/aNPz3COA+n7P
flFAmZRgqhIYkaDjMum6GPgdhJWt88OejW2MKEnsRRTSvIHD0fWmshz5Aflr52CU
tQPtAl3eQtXRa98bjsPrHbyVhwIDAQABo4IClTCCApEwHQYDVR0OBBYEFFvWwygp
X3NYI8y1cuqa4jy20070MB8GA1UdIwQYMBaAFLkEIlWbWMTaqJ8iTUnHH/RPm8o0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQTcyMy8yQ0Q3RjVDOEIy
N0QxMUVEODg1NkZBODFDNEY5QUUwMi91UVFpVlp0WXhOcW9ueUpOU2NjZjlFLWJ5
alEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3VRUWlWWnRZeE5xb255Sk5TY2NmOUUtYnlqUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUE3MjMvMkNEN0Y1QzhCMjdEMTFFRDg4NTZGQTgxQzRGOUFFMDIvNkRCM0FCNjIw
NkE2MTFGMEIxQkRCRjgxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnXSEwDQYJKoZIhvcNAQELBQADggEBABSiy2SFNP4zP3O0
x/sNS4iSuh2q5trQIGl9tZfibyiAWe2QqGrb3M/FzRgJvjlPd2PlvSL1d63M/jt9
EbdvaIHTNSO46XdZ9mvWet1JekEGE9N84O+Sb8UlD53JAj5Pc1E+QBjfXYiUgd38
qS9593kZLH/7+KimlIZX+EPj0fa90wq17mSSu43vBoOGSDH8OWFoYFo1y0fD+xlV
FPUcQ16cPLhteTMfwzWllkZJg8IZufTtaqLo+HQKcvzORXk2CTx5wtllheRcuE4Q
6U0KqYrnWMn+LMLx7j0/7bzdVxMrQnwQH4kt6YpZunK7BVvmAPntDRxHaq3M9P3/
Im5UbZg=
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:06:54 2025 by rpki-client