Route Origin Authorization
$ rpki-client -vvf rpki.rand.apnic.net/repo/A91872ED0001/0/3230332e3134372e3130382e302f32332d3233203d3e203435313633.roa
File: 3230332e3134372e3130382e302f32332d3233203d3e203435313633.roa (raw, json)
Hash identifier: adCjDOKg7leribib5SLRLrCofslb7GnExzB3OjIfJTE=
Subject key identifier: 65:44:1D:C0:13:3F:72:81:6F:DF:37:B9:95:5D:56:49:94:22:D1:14
Certificate issuer: /CN=A91872ED0001/serialNumber=C0906A19A7DE349BFA2B32B3C3EB4C2D17760CE1
Certificate serial: 6213E9553DDE33120B8FA0BD68EE875D3C2B156D
Authority key identifier: C0:90:6A:19:A7:DE:34:9B:FA:2B:32:B3:C3:EB:4C:2D:17:76:0C:E1
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wJBqGafeNJv6KzKzw-tMLRd2DOE.cer
Subject info access: rsync://rpki.rand.apnic.net/repo/A91872ED0001/0/3230332e3134372e3130382e302f32332d3233203d3e203435313633.roa
Signing time: Thu 24 Apr 2025 12:00:01 +0000
ROA not before: Thu 24 Apr 2025 11:55:01 +0000
ROA not after: Thu 23 Apr 2026 12:00:01 +0000
asID: 45163
IP address blocks: 203.147.108.0/23 maxlen: 23
Validation: Failed, certificate revoked on Fri 25 Apr 2025 00:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:13:e9:55:3d:de:33:12:0b:8f:a0:bd:68:ee:87:5d:3c:2b:15:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91872ED0001, serialNumber=C0906A19A7DE349BFA2B32B3C3EB4C2D17760CE1
Validity
Not Before: Apr 24 11:55:01 2025 GMT
Not After : Apr 23 12:00:01 2026 GMT
Subject: CN=65441DC0133F72816FDF37B9955D56499422D114
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:60:1c:1b:bb:a9:be:43:92:48:56:27:d6:bc:
6e:17:12:5b:2a:4b:66:18:ad:61:3d:4f:ef:d2:22:
cf:eb:fc:8d:59:05:5e:ad:bf:80:08:ed:56:a4:29:
a3:67:1b:6e:58:8f:41:00:47:a5:8e:98:e5:d3:f5:
0a:b3:46:23:27:4d:4e:14:98:ad:28:12:da:e0:2b:
8c:61:7c:ab:8e:2c:5c:32:1d:46:8a:e6:a5:1f:c1:
93:40:a8:01:54:11:fc:34:2a:6f:a9:f9:6c:70:39:
c4:41:01:16:60:4f:88:a2:28:e7:c0:58:1b:c0:eb:
b1:83:e4:93:7d:4a:59:47:6b:95:37:97:9d:e7:d3:
82:e2:75:24:6f:d5:6a:f2:0a:77:1e:9e:58:1a:77:
d0:df:f0:6b:51:e7:f1:5c:27:63:f7:ce:88:87:a5:
3f:9a:45:30:c8:79:ed:14:df:dc:b6:a3:0a:34:22:
37:49:e6:09:de:c7:e5:e2:fe:bd:d1:ad:21:92:ab:
07:d5:9b:a3:1b:bf:51:28:08:6d:25:03:38:72:d6:
13:a0:e9:96:fb:99:2c:60:5c:eb:99:95:b0:16:4f:
d7:83:e7:f7:52:d4:ff:5f:d0:c6:46:7f:a1:4b:d4:
00:24:7d:2b:6f:0b:f7:48:85:4a:e6:c8:ad:9f:ca:
3f:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:44:1D:C0:13:3F:72:81:6F:DF:37:B9:95:5D:56:49:94:22:D1:14
X509v3 Authority Key Identifier:
keyid:C0:90:6A:19:A7:DE:34:9B:FA:2B:32:B3:C3:EB:4C:2D:17:76:0C:E1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.rand.apnic.net/repo/A91872ED0001/0/C0906A19A7DE349BFA2B32B3C3EB4C2D17760CE1.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wJBqGafeNJv6KzKzw-tMLRd2DOE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.rand.apnic.net/repo/A91872ED0001/0/3230332e3134372e3130382e302f32332d3233203d3e203435313633.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
203.147.108.0/23
Signature Algorithm: sha256WithRSAEncryption
3a:cd:da:41:f4:af:86:eb:99:f4:a2:86:2a:8b:7c:1f:d7:70:
5b:a9:4d:6f:43:8d:70:00:f2:8a:87:15:6a:1b:51:15:c0:b7:
33:8b:33:c4:6c:b7:83:2f:d1:70:8b:21:a6:aa:e4:d0:59:2e:
b7:5e:36:62:6b:60:43:01:87:c1:ab:7d:5c:c9:6f:00:8f:60:
96:80:26:47:5c:ad:15:4c:da:49:fb:b7:36:04:1f:db:a6:dc:
de:92:fe:16:e1:de:a7:f9:49:1d:98:4f:c7:73:94:36:a4:db:
a7:0f:c6:68:1f:50:ae:35:25:df:dc:ef:20:90:ea:51:9a:a6:
19:46:38:55:23:29:72:01:c5:c7:70:06:1e:5a:b6:3f:ce:bd:
e1:d6:45:49:31:4f:18:0f:6a:9d:3d:03:46:a3:b5:f3:0f:a9:
7c:e6:1c:bd:74:06:2f:61:6d:d8:74:8c:04:cb:f9:1f:8e:bf:
4c:1b:be:25:5c:9e:b5:f9:a2:72:eb:5d:cc:b2:c5:3e:a6:bd:
b0:61:29:11:cc:55:ee:5a:c8:bd:d4:07:79:ff:98:d4:2e:9a:
a5:1b:0f:97:07:e8:52:18:67:a7:be:35:d2:7b:36:60:06:bd:
34:01:ef:17:ae:e8:13:84:62:f3:94:da:29:0d:07:dd:5d:33:
12:c2:8e:88
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIUYhPpVT3eMxILj6C9aO6HXTwrFW0wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODcyRUQwMDAxMTEwLwYDVQQFEyhDMDkwNkExOUE3
REUzNDlCRkEyQjMyQjNDM0VCNEMyRDE3NzYwQ0UxMB4XDTI1MDQyNDExNTUwMVoX
DTI2MDQyMzEyMDAwMVowMzExMC8GA1UEAxMoNjU0NDFEQzAxMzNGNzI4MTZGREYz
N0I5OTU1RDU2NDk5NDIyRDExNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMhgHBu7qb5DkkhWJ9a8bhcSWypLZhitYT1P79Iiz+v8jVkFXq2/gAjtVqQp
o2cbbliPQQBHpY6Y5dP1CrNGIydNThSYrSgS2uArjGF8q44sXDIdRormpR/Bk0Co
AVQR/DQqb6n5bHA5xEEBFmBPiKIo58BYG8DrsYPkk31KWUdrlTeXnefTguJ1JG/V
avIKdx6eWBp30N/wa1Hn8VwnY/fOiIelP5pFMMh57RTf3LajCjQiN0nmCd7H5eL+
vdGtIZKrB9Wboxu/USgIbSUDOHLWE6DplvuZLGBc65mVsBZP14Pn91LU/1/QxkZ/
oUvUACR9K28L90iFSubIrZ/KPxECAwEAAaOCAgkwggIFMB0GA1UdDgQWBBRlRB3A
Ez9ygW/fN7mVXVZJlCLRFDAfBgNVHSMEGDAWgBTAkGoZp940m/orMrPD60wtF3YM
4TAOBgNVHQ8BAf8EBAMCB4AwbQYDVR0fBGYwZDBioGCgXoZccnN5bmM6Ly9ycGtp
LnJhbmQuYXBuaWMubmV0L3JlcG8vQTkxODcyRUQwMDAxLzAvQzA5MDZBMTlBN0RF
MzQ5QkZBMkIzMkIzQzNFQjRDMkQxNzc2MENFMS5jcmwwfgYIKwYBBQUHAQEEcjBw
MG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkv
QjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvd0pCcUdhZmVOSnY2S3pL
enctdE1MUmQyRE9FLmNlcjCBiAYIKwYBBQUHAQsEfDB6MHgGCCsGAQUFBzALhmxy
c3luYzovL3Jwa2kucmFuZC5hcG5pYy5uZXQvcmVwby9BOTE4NzJFRDAwMDEvMC8z
MjMwMzMyZTMxMzQzNzJlMzEzMDM4MmUzMDJmMzIzMzJkMzIzMzIwM2QzZTIwMzQz
NTMxMzYzMy5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcB
BwEB/wQQMA4wDAQCAAEwBgMEAcuTbDANBgkqhkiG9w0BAQsFAAOCAQEAOs3aQfSv
huuZ9KKGKot8H9dwW6lNb0ONcADyiocVahtRFcC3M4szxGy3gy/RcIshpqrk0Fku
t142YmtgQwGHwat9XMlvAI9gloAmR1ytFUzaSfu3NgQf26bc3pL+FuHep/lJHZhP
x3OUNqTbpw/GaB9QrjUl39zvIJDqUZqmGUY4VSMpcgHFx3AGHlq2P8694dZFSTFP
GA9qnT0DRqO18w+pfOYcvXQGL2Ft2HSMBMv5H46/TBu+JVyetfmicutdzLLFPqa9
sGEpEcxV7lrIvdQHef+Y1C6apRsPlwfoUhhnp7410ns2YAa9NAHvF67oE4Ri85Ta
KQ0H3V0zEsKOiA==
-----END CERTIFICATE-----
Generated at Sat Apr 26 10:18:03 2025 by rpki-client