Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9119F89/D35AA5AA7BE111EB8FF5F752C4F9AE02/285658B6B63E11EF84D55D13C4F9AE02.roa
File: 285658B6B63E11EF84D55D13C4F9AE02.roa (raw, json)
Hash identifier: /eV4t7lnF3TQF9S+OTSj4+IcvJ2/IggDvIz+z9b445E=
Subject key identifier: 1D:E5:9A:0E:1F:1C:F4:05:D7:19:D2:9B:1E:9C:05:55:9D:04:EA:B1
Certificate issuer: /CN=A9119F89/serialNumber=55088A315BCB5098BEEF665AA9CBDFD32A205820
Certificate serial: 062A
Authority key identifier: 55:08:8A:31:5B:CB:50:98:BE:EF:66:5A:A9:CB:DF:D3:2A:20:58:20
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VQiKMVvLUJi-72Zaqcvf0yogWCA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9119F89/D35AA5AA7BE111EB8FF5F752C4F9AE02/285658B6B63E11EF84D55D13C4F9AE02.roa
Signing time: Mon 09 Dec 2024 14:59:15 +0000
ROA not before: Mon 09 Dec 2024 14:59:15 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 51847
IP address blocks: 103.100.157.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 16 Dec 2024 01:59:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1578 (0x62a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9119F89
Validity
Not Before: Dec 9 14:59:15 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=675705c3-c92a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:d3:c6:69:72:51:01:c3:16:6f:7d:71:1d:e2:
82:2d:bd:87:f3:f9:8f:b6:80:8e:f2:4d:fb:f8:e7:
7a:79:e4:e6:79:ea:94:a6:80:0f:98:45:8c:4b:4e:
c4:2d:5d:8b:17:ec:7e:a2:2c:3f:41:c6:66:31:07:
f6:25:1d:f9:1e:3a:b8:90:df:95:75:35:46:55:35:
da:c1:f0:25:e4:71:9b:0a:fb:89:ca:ad:c4:17:9d:
b4:f8:80:43:b4:0f:30:d3:f8:b1:69:43:38:fd:2b:
cd:fb:df:73:7d:cf:32:6d:dc:36:4b:a5:fe:00:3b:
9f:9a:cf:5f:3d:d8:8f:90:2e:05:76:51:f9:fa:78:
8f:3e:c4:bb:9f:35:0a:b4:c2:7f:46:6b:84:b2:31:
49:e4:c9:29:63:8e:10:8d:a3:e3:e8:85:ba:9a:9d:
9b:df:50:d8:df:07:ad:08:74:da:6c:70:43:db:3f:
76:14:e3:63:f0:bb:d0:24:17:85:6e:07:9c:e2:b9:
d8:cc:20:fe:53:ac:79:59:99:d6:33:15:ca:b8:52:
15:66:aa:3e:78:61:39:23:d8:0d:4c:92:6d:3b:fa:
4c:dc:81:45:7b:b2:d9:92:72:44:2e:d3:9f:17:5d:
cd:65:22:f8:b5:23:83:d9:79:34:de:b9:4f:f9:a0:
3e:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:E5:9A:0E:1F:1C:F4:05:D7:19:D2:9B:1E:9C:05:55:9D:04:EA:B1
X509v3 Authority Key Identifier:
keyid:55:08:8A:31:5B:CB:50:98:BE:EF:66:5A:A9:CB:DF:D3:2A:20:58:20
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9119F89/D35AA5AA7BE111EB8FF5F752C4F9AE02/VQiKMVvLUJi-72Zaqcvf0yogWCA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VQiKMVvLUJi-72Zaqcvf0yogWCA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9119F89/D35AA5AA7BE111EB8FF5F752C4F9AE02/285658B6B63E11EF84D55D13C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.100.157.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:7d:25:bf:71:22:dd:e5:c0:87:f2:b4:1e:da:0e:82:da:9c:
62:1e:54:bc:e9:97:c6:a5:bc:05:ae:d1:dc:48:87:1e:38:c8:
49:26:49:82:57:7a:6c:80:a8:fc:f5:94:97:87:6b:e0:c2:1f:
42:ff:7d:20:92:ea:5d:19:40:74:32:80:d2:5e:30:ea:28:63:
76:b5:1a:ba:82:e0:7f:e1:6d:28:88:9e:67:c9:75:ed:3d:b7:
a6:9b:93:f8:b1:2b:0a:c5:fc:ce:8e:a9:a3:33:71:35:27:16:
4b:39:76:5e:ec:ab:98:c1:6c:e5:7d:59:5f:59:60:c4:53:f8:
ee:d8:89:ce:4e:82:5c:81:b5:ad:2e:86:b1:bf:96:c6:71:54:
3a:cb:0d:cf:c5:37:5c:56:05:ac:cb:06:3f:76:59:a4:c9:33:
7c:48:72:c9:c4:4a:10:fe:53:f7:5d:cd:e0:72:16:e5:1e:1b:
c3:c6:5d:de:7b:d4:e1:db:6e:f6:e2:82:6a:1f:f6:38:6a:75:
4e:4c:55:41:1d:07:98:65:c8:ba:b6:c4:c4:a1:9c:72:80:7a:
b4:19:e5:6e:23:2a:0c:97:2d:17:42:b4:bc:9f:3a:d1:27:8a:
bc:46:54:55:6d:eb:cc:5c:f2:b4:7d:74:6a:58:8f:bb:41:60:
93:70:94:71
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBiowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTlGODkxMTAvBgNVBAUTKDU1MDg4QTMxNUJDQjUwOThCRUVGNjY1QUE5Q0JERkQz
MkEyMDU4MjAwHhcNMjQxMjA5MTQ1OTE1WhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzU3MDVjMy1jOTJhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAydPGaXJRAcMWb31xHeKCLb2H8/mPtoCO8k37+Od6eeTmeeqUpoAPmEWMS07E
LV2LF+x+oiw/QcZmMQf2JR35Hjq4kN+VdTVGVTXawfAl5HGbCvuJyq3EF520+IBD
tA8w0/ixaUM4/SvN+99zfc8ybdw2S6X+ADufms9fPdiPkC4FdlH5+niPPsS7nzUK
tMJ/RmuEsjFJ5MkpY44QjaPj6IW6mp2b31DY3wetCHTabHBD2z92FONj8LvQJBeF
bgec4rnYzCD+U6x5WZnWMxXKuFIVZqo+eGE5I9gNTJJtO/pM3IFFe7LZknJELtOf
F13NZSL4tSOD2Xk03rlP+aA+ywIDAQABo4IClTCCApEwHQYDVR0OBBYEFB3lmg4f
HPQF1xnSmx6cBVWdBOqxMB8GA1UdIwQYMBaAFFUIijFby1CYvu9mWqnL39MqIFgg
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExOUY4OS9EMzVBQTVBQTdC
RTExMUVCOEZGNUY3NTJDNEY5QUUwMi9WUWlLTVZ2TFVKaS03MlphcWN2ZjB5b2dX
Q0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1ZRaUtNVnZMVUppLTcyWmFxY3ZmMHlvZ1dDQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTlGODkvRDM1QUE1QUE3QkUxMTFFQjhGRjVGNzUyQzRGOUFFMDIvMjg1NjU4QjZC
NjNFMTFFRjg0RDU1RDEzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnZJ0wDQYJKoZIhvcNAQELBQADggEBAHp9Jb9xIt3lwIfy
tB7aDoLanGIeVLzpl8alvAWu0dxIhx44yEkmSYJXemyAqPz1lJeHa+DCH0L/fSCS
6l0ZQHQygNJeMOooY3a1GrqC4H/hbSiInmfJde09t6abk/ixKwrF/M6OqaMzcTUn
Fks5dl7sq5jBbOV9WV9ZYMRT+O7Yic5OglyBta0uhrG/lsZxVDrLDc/FN1xWBazL
Bj92WaTJM3xIcsnEShD+U/ddzeByFuUeG8PGXd571OHbbvbigmof9jhqdU5MVUEd
B5hlyLq2xMShnHKAerQZ5W4jKgyXLRdCtLyfOtEnirxGVFVt68xc8rR9dGpYj7tB
YJNwlHE=
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:08:00 2025 by rpki-client