Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9115AC8/BA6D27D46C5D11ED8C5C641CC4F9AE02/671373E6666B11EEAB1E227CC4F9AE02.roa
File: 671373E6666B11EEAB1E227CC4F9AE02.roa (raw, json)
Hash identifier: lBS00IQtBtHUtv8OMzUru0jQJoHbZtusmzklmc18RY4=
Subject key identifier: 65:72:1F:89:F0:85:57:DC:EF:FF:CE:12:74:55:4D:B4:39:1C:0B:28
Certificate issuer: /CN=A9115AC8/serialNumber=6445237E56EE89442BF314352CFC543D65D1B60E
Certificate serial: 0192
Authority key identifier: 64:45:23:7E:56:EE:89:44:2B:F3:14:35:2C:FC:54:3D:65:D1:B6:0E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZEUjflbuiUQr8xQ1LPxUPWXRtg4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9115AC8/BA6D27D46C5D11ED8C5C641CC4F9AE02/671373E6666B11EEAB1E227CC4F9AE02.roa
Signing time: Mon 23 Dec 2024 02:17:50 +0000
ROA not before: Mon 23 Dec 2024 02:17:50 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 38026
IP address blocks: 103.42.202.0/24 maxlen: 24
103.42.203.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 08 Mar 2025 15:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 402 (0x192)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9115AC8, serialNumber=6445237E56EE89442BF314352CFC543D65D1B60E
Validity
Not Before: Dec 23 02:17:50 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=6768c84e-4fa0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:fc:bd:4b:5c:80:78:db:13:db:31:d8:4c:92:
9f:69:dc:ed:d0:c7:f0:61:d2:81:75:d5:a2:67:46:
c5:4f:f6:9e:64:2e:34:d9:f4:02:e9:63:de:61:37:
c0:fa:d7:de:dd:70:04:ad:57:62:26:fd:d1:66:36:
e7:76:05:91:20:72:90:39:39:d3:f4:8a:3b:2f:81:
de:4d:c1:97:89:a3:4b:ae:d1:72:0a:8e:37:5f:35:
ce:9c:ab:cc:99:07:12:c0:a0:d8:ce:0b:25:ba:65:
3f:b2:f0:df:2d:c1:42:d9:e4:61:d1:d6:93:4f:68:
64:02:05:7a:5d:8c:1f:5a:4b:2b:44:60:00:60:ac:
bb:86:14:c2:77:e1:11:56:78:19:d3:9e:56:45:2a:
d2:aa:13:18:7a:6c:08:28:9a:06:ef:1c:2c:6a:e1:
56:ca:85:f5:04:01:de:e4:f0:8a:fc:48:85:98:e2:
f3:87:91:c3:a0:99:8d:a4:15:c0:20:b8:98:82:5f:
e4:49:2b:92:a1:27:97:18:d7:19:13:cc:7c:9f:02:
49:3a:ce:cd:a6:98:07:17:bb:85:77:42:77:a0:d0:
f8:44:0e:09:7b:f6:a2:45:a4:47:1d:86:fa:70:52:
d2:ab:84:13:51:d1:65:66:e3:8a:06:a2:86:b7:e0:
9b:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:72:1F:89:F0:85:57:DC:EF:FF:CE:12:74:55:4D:B4:39:1C:0B:28
X509v3 Authority Key Identifier:
keyid:64:45:23:7E:56:EE:89:44:2B:F3:14:35:2C:FC:54:3D:65:D1:B6:0E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9115AC8/BA6D27D46C5D11ED8C5C641CC4F9AE02/ZEUjflbuiUQr8xQ1LPxUPWXRtg4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZEUjflbuiUQr8xQ1LPxUPWXRtg4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9115AC8/BA6D27D46C5D11ED8C5C641CC4F9AE02/671373E6666B11EEAB1E227CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.42.202.0/23
Signature Algorithm: sha256WithRSAEncryption
0d:aa:6c:c0:6f:08:da:1e:f9:f8:b3:16:6f:79:73:25:04:4a:
c9:23:e2:f3:9f:ea:1a:b4:ba:94:c5:af:01:a8:4f:0d:db:bf:
6f:48:ed:b8:6d:e9:72:ec:39:f4:b9:32:32:69:ff:5f:30:16:
fa:4e:ff:ed:21:d3:7e:8d:38:03:45:64:9a:b7:f2:3a:d2:2f:
6f:af:c5:f6:eb:07:47:26:20:51:51:37:a1:f5:45:a0:eb:53:
bc:e8:fd:0a:38:a9:b1:b1:02:56:91:13:c3:7a:b3:de:57:a4:
f5:28:33:68:ee:b2:0f:56:bf:c5:5c:2b:8d:c2:44:c6:87:ed:
16:b0:12:24:85:b1:4b:6d:c6:ad:18:6e:4c:65:fc:81:3d:6d:
1b:bf:b9:87:c1:27:02:dc:3b:1b:d1:66:94:58:80:54:2f:53:
11:a3:74:51:6c:ab:98:4d:0a:5c:35:f9:26:32:a6:00:5b:c3:
07:1f:16:5c:ab:a0:2f:95:78:9c:93:0c:22:70:b3:0c:8a:60:
e7:79:5c:b7:1f:68:db:d6:9d:1a:d7:dd:8e:b9:30:0f:38:8b:
ab:2e:51:6b:69:a3:3c:c3:52:f7:ba:78:43:65:ad:6a:82:2f:
aa:7c:bd:df:cd:93:75:82:83:63:77:76:9b:b6:7c:84:ed:75:
a8:6d:df:04
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAZIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTVBQzgxMTAvBgNVBAUTKDY0NDUyMzdFNTZFRTg5NDQyQkYzMTQzNTJDRkM1NDNE
NjVEMUI2MEUwHhcNMjQxMjIzMDIxNzUwWhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzY4Yzg0ZS00ZmEwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA8/y9S1yAeNsT2zHYTJKfadzt0MfwYdKBddWiZ0bFT/aeZC402fQC6WPeYTfA
+tfe3XAErVdiJv3RZjbndgWRIHKQOTnT9Io7L4HeTcGXiaNLrtFyCo43XzXOnKvM
mQcSwKDYzgslumU/svDfLcFC2eRh0daTT2hkAgV6XYwfWksrRGAAYKy7hhTCd+ER
VngZ055WRSrSqhMYemwIKJoG7xwsauFWyoX1BAHe5PCK/EiFmOLzh5HDoJmNpBXA
ILiYgl/kSSuSoSeXGNcZE8x8nwJJOs7NppgHF7uFd0J3oND4RA4Je/aiRaRHHYb6
cFLSq4QTUdFlZuOKBqKGt+CbYwIDAQABo4IClTCCApEwHQYDVR0OBBYEFGVyH4nw
hVfc7//OEnRVTbQ5HAsoMB8GA1UdIwQYMBaAFGRFI35W7olEK/MUNSz8VD1l0bYO
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExNUFDOC9CQTZEMjdENDZD
NUQxMUVEOEM1QzY0MUNDNEY5QUUwMi9aRVVqZmxidWlVUXI4eFExTFB4VVBXWFJ0
ZzQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1pFVWpmbGJ1aVVRcjh4UTFMUHhVUFdYUnRnNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTVBQzgvQkE2RDI3RDQ2QzVEMTFFRDhDNUM2NDFDQzRGOUFFMDIvNjcxMzczRTY2
NjZCMTFFRUFCMUUyMjdDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnKsowDQYJKoZIhvcNAQELBQADggEBAA2qbMBvCNoe+fiz
Fm95cyUESskj4vOf6hq0upTFrwGoTw3bv29I7bht6XLsOfS5MjJp/18wFvpO/+0h
036NOANFZJq38jrSL2+vxfbrB0cmIFFRN6H1RaDrU7zo/Qo4qbGxAlaRE8N6s95X
pPUoM2jusg9Wv8VcK43CRMaH7RawEiSFsUttxq0Ybkxl/IE9bRu/uYfBJwLcOxvR
ZpRYgFQvUxGjdFFsq5hNClw1+SYypgBbwwcfFlyroC+VeJyTDCJwswyKYOd5XLcf
aNvWnRrX3Y65MA84i6suUWtpozzDUve6eENlrWqCL6p8vd/Nk3WCg2N3dpu2fITt
daht3wQ=
-----END CERTIFICATE-----
Generated at Sun Apr 13 04:35:48 2025 by rpki-client