Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EB002/E24F8234022E11EF856F5132C4F9AE02/A8E08476F1BB11EF9C4FBD41C4F9AE02.roa
File: A8E08476F1BB11EF9C4FBD41C4F9AE02.roa (raw, json)
Hash identifier: wizBRHqAhxq5TDJd9ORO3aI0XD9YwCzlFRUIm/jjcVM=
Subject key identifier: 81:86:DE:76:98:D4:A9:AD:9B:D5:0B:4B:DA:5E:AC:8D:F9:C5:D5:9C
Certificate issuer: /CN=A91EB002/serialNumber=9EF3E604A63F2CEF4BDDE37DCA890D0451967AEC
Certificate serial: AA
Authority key identifier: 9E:F3:E6:04:A6:3F:2C:EF:4B:DD:E3:7D:CA:89:0D:04:51:96:7A:EC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nvPmBKY_LO9L3eN9yokNBFGWeuw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EB002/E24F8234022E11EF856F5132C4F9AE02/A8E08476F1BB11EF9C4FBD41C4F9AE02.roa
Signing time: Sun 23 Feb 2025 07:56:17 +0000
ROA not before: Sun 23 Feb 2025 07:56:17 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 152714
IP address blocks: 103.40.166.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 27 May 2025 16:40:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 170 (0xaa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EB002, serialNumber=9EF3E604A63F2CEF4BDDE37DCA890D0451967AEC
Validity
Not Before: Feb 23 07:56:17 2025 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=67bad4a0-e411
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:86:d0:8e:e3:f3:06:c4:42:3b:8a:b0:2e:7c:
fa:ed:02:c0:84:24:08:81:5f:4f:45:b6:f2:66:d7:
7c:7a:59:4f:d6:09:4c:7b:19:13:1e:6a:01:1a:0a:
ec:a2:c2:d7:84:ab:01:16:90:80:2c:9f:e7:ed:b8:
16:6a:06:fc:d6:40:ab:87:07:f4:21:5c:21:e6:67:
ec:22:2c:f9:a9:c5:42:eb:55:b3:54:1a:c4:39:64:
a7:c6:f0:dd:ca:51:08:7a:79:47:25:66:60:c8:04:
c5:4d:e2:3d:71:f7:53:e1:5d:91:d2:57:3f:b9:f1:
98:6d:c2:88:74:16:e9:10:4c:79:c7:f8:af:07:9f:
7d:c9:5f:49:1b:df:d3:96:db:9b:3d:66:0b:68:90:
59:7a:0c:eb:6e:be:06:af:26:e1:43:ff:77:97:21:
3d:48:64:b0:56:25:20:f6:e8:27:7c:c3:2d:5f:74:
4c:5a:f8:e8:20:9b:7f:37:f9:02:c0:66:16:a9:ba:
ad:0f:b7:73:3a:a1:16:3e:81:e4:fa:d4:1f:15:79:
60:95:6a:0e:04:3a:37:06:02:e0:c3:12:43:50:64:
77:b4:8d:7c:bf:2c:22:88:3e:01:be:7d:38:49:0b:
35:4c:bd:67:db:78:ac:b5:64:7c:48:3f:6f:ef:0b:
4e:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:86:DE:76:98:D4:A9:AD:9B:D5:0B:4B:DA:5E:AC:8D:F9:C5:D5:9C
X509v3 Authority Key Identifier:
keyid:9E:F3:E6:04:A6:3F:2C:EF:4B:DD:E3:7D:CA:89:0D:04:51:96:7A:EC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EB002/E24F8234022E11EF856F5132C4F9AE02/nvPmBKY_LO9L3eN9yokNBFGWeuw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nvPmBKY_LO9L3eN9yokNBFGWeuw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EB002/E24F8234022E11EF856F5132C4F9AE02/A8E08476F1BB11EF9C4FBD41C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.40.166.0/23
Signature Algorithm: sha256WithRSAEncryption
29:a9:13:8b:43:8c:4d:ad:1c:bf:69:0c:65:16:28:30:d1:53:
e9:88:79:db:ff:1e:47:ac:60:14:c4:8f:67:1e:b6:ba:81:e0:
db:f6:f1:e7:4e:fa:20:04:a8:dd:eb:1f:cc:22:e4:e7:b6:c8:
60:54:1c:00:16:9a:43:ec:59:74:05:67:22:c7:40:29:8a:a4:
f1:dc:5d:53:e4:44:3d:a1:1f:41:89:c8:6b:4e:e3:99:4f:88:
b9:4c:0e:f7:bf:8f:14:ca:be:25:23:14:08:64:6e:aa:45:90:
bf:6a:67:6f:59:2a:61:f9:f8:32:5f:ff:0d:00:83:af:e1:aa:
9a:2a:26:aa:a4:f2:31:eb:1e:5c:dc:7e:8a:4d:95:91:46:d2:
46:81:cf:b5:42:ff:9f:de:eb:a6:e8:12:8c:61:15:13:73:5f:
be:eb:e3:68:13:41:70:fe:ea:a2:13:69:77:f4:b7:29:47:ff:
f1:97:f3:31:9d:d6:79:6c:db:77:19:9e:1b:dc:22:cb:c5:a6:
30:29:6a:69:a9:eb:46:af:44:92:e0:1f:a5:25:b6:e4:28:58:
9f:7b:86:1e:03:79:1b:ed:d1:55:72:3f:6c:6e:72:28:17:40:
ff:fb:f2:e6:9d:b8:dc:31:66:84:65:47:00:df:b9:6b:39:87:
ea:e4:4e:64
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAKowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUIwMDIxMTAvBgNVBAUTKDlFRjNFNjA0QTYzRjJDRUY0QkRERTM3RENBODkwRDA0
NTE5NjdBRUMwHhcNMjUwMjIzMDc1NjE3WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2JhZDRhMC1lNDExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArYbQjuPzBsRCO4qwLnz67QLAhCQIgV9PRbbyZtd8ellP1glMexkTHmoBGgrs
osLXhKsBFpCALJ/n7bgWagb81kCrhwf0IVwh5mfsIiz5qcVC61WzVBrEOWSnxvDd
ylEIenlHJWZgyATFTeI9cfdT4V2R0lc/ufGYbcKIdBbpEEx5x/ivB599yV9JG9/T
ltubPWYLaJBZegzrbr4GrybhQ/93lyE9SGSwViUg9ugnfMMtX3RMWvjoIJt/N/kC
wGYWqbqtD7dzOqEWPoHk+tQfFXlglWoOBDo3BgLgwxJDUGR3tI18vywiiD4Bvn04
SQs1TL1n23istWR8SD9v7wtOEQIDAQABo4IClTCCApEwHQYDVR0OBBYEFIGG3naY
1Kmtm9ULS9perI35xdWcMB8GA1UdIwQYMBaAFJ7z5gSmPyzvS93jfcqJDQRRlnrs
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQjAwMi9FMjRGODIzNDAy
MkUxMUVGODU2RjUxMzJDNEY5QUUwMi9udlBtQktZX0xPOUwzZU45eW9rTkJGR1dl
dXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL252UG1CS1lfTE85TDNlTjl5b2tOQkZHV2V1dy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUIwMDIvRTI0RjgyMzQwMjJFMTFFRjg1NkY1MTMyQzRGOUFFMDIvQThFMDg0NzZG
MUJCMTFFRjlDNEZCRDQxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnKKYwDQYJKoZIhvcNAQELBQADggEBACmpE4tDjE2tHL9p
DGUWKDDRU+mIedv/HkesYBTEj2cetrqB4Nv28edO+iAEqN3rH8wi5Oe2yGBUHAAW
mkPsWXQFZyLHQCmKpPHcXVPkRD2hH0GJyGtO45lPiLlMDve/jxTKviUjFAhkbqpF
kL9qZ29ZKmH5+DJf/w0Ag6/hqpoqJqqk8jHrHlzcfopNlZFG0kaBz7VC/5/e66bo
EoxhFRNzX77r42gTQXD+6qITaXf0tylH//GX8zGd1nls23cZnhvcIsvFpjApammp
60avRJLgH6UltuQoWJ97hh4DeRvt0VVyP2xucigXQP/78uaduNwxZoRlRwDfuWs5
h+rkTmQ=
-----END CERTIFICATE-----
Generated at Fri Jun 20 20:51:07 2025 by rpki-client