Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F3C87/E782854EEF0B11ED81DD2D72C4F9AE02/63350EDEB55611EF985D9818C4F9AE02.roa
File: 63350EDEB55611EF985D9818C4F9AE02.roa (raw, json)
Hash identifier: CE2MzT6yvoai/od7oSAtfQctUYgP1gj+G3uOML2zueU=
Subject key identifier: 6A:15:ED:23:D1:F1:8B:CB:54:9A:4F:B5:C7:F5:D8:5C:46:B5:BF:5B
Certificate issuer: /CN=A91F3C87/serialNumber=EF9FE381DA3D42EB7C4E0D049CCAE7228E28FB4B
Certificate serial: 0150
Authority key identifier: EF:9F:E3:81:DA:3D:42:EB:7C:4E:0D:04:9C:CA:E7:22:8E:28:FB:4B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/75_jgdo9Qut8Tg0EnMrnIo4o-0s.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F3C87/E782854EEF0B11ED81DD2D72C4F9AE02/63350EDEB55611EF985D9818C4F9AE02.roa
Signing time: Mon 09 Dec 2024 03:06:20 +0000
ROA not before: Mon 09 Dec 2024 03:06:20 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 20473
IP address blocks: 43.224.150.0/24 maxlen: 24
103.43.173.0/24 maxlen: 24
103.43.175.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 23 Dec 2024 07:37:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 336 (0x150)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F3C87, serialNumber=EF9FE381DA3D42EB7C4E0D049CCAE7228E28FB4B
Validity
Not Before: Dec 9 03:06:20 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=67565eac-105f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:6c:ae:39:ef:4f:0a:e0:37:b8:51:42:b4:c7:
c4:46:3d:77:95:0e:6d:14:58:4b:80:be:fe:70:d3:
7b:18:79:5f:a0:36:ee:91:41:1b:fa:09:f4:60:33:
2b:55:19:e0:dc:2d:f0:c0:6f:4a:7d:f9:6f:e2:95:
73:3c:6d:01:3f:37:40:23:45:6b:62:d5:25:ce:db:
d5:75:c5:b0:49:32:8e:41:4b:59:e8:2a:c0:1e:ed:
31:22:87:49:5a:d8:7a:57:02:d3:39:6e:38:1e:d7:
54:53:cd:72:dc:78:95:30:a3:cd:80:7f:a5:c3:a8:
16:26:2e:ae:68:85:f6:d1:4f:67:a9:40:0c:65:e8:
7a:b1:af:bd:7a:89:9b:0e:ae:d2:cb:ea:3f:28:8c:
2d:7a:e5:2d:43:1f:37:a5:4b:b3:4c:56:ee:da:5d:
29:57:75:41:32:62:19:1f:d4:b5:35:75:65:51:ab:
6d:b7:46:03:30:3f:8c:f7:e0:47:9b:31:d5:7b:57:
02:e4:79:4b:7d:40:64:dd:91:ae:e6:fc:d5:d2:e1:
55:3e:8a:9f:1f:b7:a0:6b:aa:96:46:2c:db:b2:9e:
ce:bb:cd:8a:60:bf:90:0c:d2:e2:6e:07:a8:21:9b:
74:63:fc:82:18:8f:91:8e:ef:ab:f0:c2:f4:fb:9a:
5d:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:15:ED:23:D1:F1:8B:CB:54:9A:4F:B5:C7:F5:D8:5C:46:B5:BF:5B
X509v3 Authority Key Identifier:
keyid:EF:9F:E3:81:DA:3D:42:EB:7C:4E:0D:04:9C:CA:E7:22:8E:28:FB:4B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F3C87/E782854EEF0B11ED81DD2D72C4F9AE02/75_jgdo9Qut8Tg0EnMrnIo4o-0s.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/75_jgdo9Qut8Tg0EnMrnIo4o-0s.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F3C87/E782854EEF0B11ED81DD2D72C4F9AE02/63350EDEB55611EF985D9818C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.224.150.0/24
103.43.173.0/24
103.43.175.0/24
Signature Algorithm: sha256WithRSAEncryption
96:a9:53:ed:cc:b6:7c:f5:d6:d1:04:d3:6e:fe:3a:0d:2c:80:
12:40:e8:5d:e6:c9:86:8b:e7:c8:4b:50:a6:16:41:dc:dc:c6:
95:18:5b:80:e6:c6:46:66:36:8d:f4:1b:02:da:76:81:fc:f8:
82:86:b7:f4:d2:51:d3:8b:a3:5f:93:aa:de:0b:52:0f:ab:7a:
30:29:7b:f4:fb:32:3e:36:d4:e8:2c:f5:43:d0:2f:0b:31:29:
c8:94:dc:c6:ae:8c:b6:f5:9d:88:ba:03:12:e4:50:4a:e0:09:
94:3e:71:ec:ff:c2:96:41:54:d6:0f:c9:69:7d:42:a0:dd:28:
20:b5:ce:81:cd:cb:e6:13:07:1b:28:61:72:cf:2a:2c:4c:95:
ac:e5:6a:95:98:f6:19:76:f4:7a:96:d1:e3:ff:92:49:9b:26:
0a:79:7d:3f:f0:a1:3b:ff:4e:34:c8:7f:b1:f8:f5:e5:af:d8:
11:98:b1:39:ed:2c:60:f0:44:fe:a1:4e:6a:c4:ad:46:59:67:
b2:98:e5:d8:96:21:8b:92:71:d9:6f:19:58:c4:25:21:50:06:
2a:e3:63:8e:af:99:d9:94:60:8f:d7:a3:2f:8e:50:af:25:71:
9c:a5:f8:37:a9:82:2e:4d:ab:b5:16:c5:92:14:91:08:93:1d:
4d:ef:a5:56
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICAVAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjNDODcxMTAvBgNVBAUTKEVGOUZFMzgxREEzRDQyRUI3QzRFMEQwNDlDQ0FFNzIy
OEUyOEZCNEIwHhcNMjQxMjA5MDMwNjIwWhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzU2NWVhYy0xMDVmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0myuOe9PCuA3uFFCtMfERj13lQ5tFFhLgL7+cNN7GHlfoDbukUEb+gn0YDMr
VRng3C3wwG9Kfflv4pVzPG0BPzdAI0VrYtUlztvVdcWwSTKOQUtZ6CrAHu0xIodJ
Wth6VwLTOW44HtdUU81y3HiVMKPNgH+lw6gWJi6uaIX20U9nqUAMZeh6sa+9eomb
Dq7Sy+o/KIwteuUtQx83pUuzTFbu2l0pV3VBMmIZH9S1NXVlUattt0YDMD+M9+BH
mzHVe1cC5HlLfUBk3ZGu5vzV0uFVPoqfH7ega6qWRizbsp7Ou82KYL+QDNLibgeo
IZt0Y/yCGI+Rju+r8ML0+5pdOwIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFGoV7SPR
8YvLVJpPtcf12FxGtb9bMB8GA1UdIwQYMBaAFO+f44HaPULrfE4NBJzK5yKOKPtL
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGM0M4Ny9FNzgyODU0RUVG
MEIxMUVEODFERDJENzJDNEY5QUUwMi83NV9qZ2RvOVF1dDhUZzBFbk1ybklvNG8t
MHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzc1X2pnZG85UXV0OFRnMEVuTXJuSW80by0wcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjNDODcvRTc4Mjg1NEVFRjBCMTFFRDgxREQyRDcyQzRGOUFFMDIvNjMzNTBFREVC
NTU2MTFFRjk4NUQ5ODE4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAAr4JYDBABnK60DBABnK68wDQYJKoZIhvcNAQELBQADggEB
AJapU+3Mtnz11tEE027+Og0sgBJA6F3myYaL58hLUKYWQdzcxpUYW4DmxkZmNo30
GwLadoH8+IKGt/TSUdOLo1+Tqt4LUg+rejApe/T7Mj421Ogs9UPQLwsxKciU3Mau
jLb1nYi6AxLkUErgCZQ+cez/wpZBVNYPyWl9QqDdKCC1zoHNy+YTBxsoYXLPKixM
lazlapWY9hl29HqW0eP/kkmbJgp5fT/woTv/TjTIf7H49eWv2BGYsTntLGDwRP6h
TmrErUZZZ7KY5diWIYuScdlvGVjEJSFQBirjY46vmdmUYI/Xoy+OUK8lcZyl+Dep
gi5Nq7UWxZIUkQiTHU3vpVY=
-----END CERTIFICATE-----
Generated at Sat Apr 26 08:04:11 2025 by rpki-client