Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9124B27/500618DCC6E811EF87AE690DC4F9AE02/55B9F18AC77F11EFAC58F47CC4F9AE02.roa
File: 55B9F18AC77F11EFAC58F47CC4F9AE02.roa (raw, json)
Hash identifier: X018lQNhAu7Mp7Q6PgjTxiYuLRsZCLKdTT1rCYP6p2Y=
Subject key identifier: A4:73:DF:38:71:C0:8C:20:9A:06:45:2A:E7:F4:71:5B:EA:E6:85:29
Certificate issuer: /CN=A9124B27/serialNumber=523AC58DA9840D0B1CAA89BDFF9E0DCE46767C4A
Certificate serial: 0C
Authority key identifier: 52:3A:C5:8D:A9:84:0D:0B:1C:AA:89:BD:FF:9E:0D:CE:46:76:7C:4A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UjrFjamEDQscqom9_54NzkZ2fEo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9124B27/500618DCC6E811EF87AE690DC4F9AE02/55B9F18AC77F11EFAC58F47CC4F9AE02.roa
Signing time: Tue 31 Dec 2024 13:58:38 +0000
ROA not before: Tue 31 Dec 2024 13:58:38 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 138411
IP address blocks: 103.124.205.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:15:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 12 (0xc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9124B27, serialNumber=523AC58DA9840D0B1CAA89BDFF9E0DCE46767C4A
Validity
Not Before: Dec 31 13:58:38 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=6773f88e-78d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:9f:30:0d:a5:25:83:c0:47:80:25:2f:b5:0a:
c1:8e:ba:db:75:7c:5d:2b:23:ff:87:26:51:d1:43:
b0:8c:1d:0a:93:ec:7c:84:8c:75:e5:ab:13:ed:11:
ef:c0:03:2d:3a:3a:5f:e9:40:15:25:6c:60:43:fc:
c2:f7:68:ae:39:25:23:ce:74:d8:b0:de:fe:bf:1c:
1b:ac:24:ee:3a:4b:94:28:39:dc:72:8c:1c:58:07:
3a:c2:dd:c5:26:a6:46:b0:e7:3d:25:88:e8:ab:06:
be:f5:2e:3f:40:7e:32:27:4c:1a:46:08:b7:8d:dc:
b1:b0:f2:23:73:4e:f0:2e:d7:d5:f7:a0:61:33:93:
5c:30:35:d0:6f:5e:a9:88:4a:50:2e:77:82:d8:79:
89:07:e5:eb:16:5d:ce:fc:6e:a8:e4:22:a1:8e:b5:
d2:98:5c:7e:c5:fc:6f:5e:81:b0:b9:b6:1d:21:bd:
4b:c0:ba:88:78:23:68:bd:6d:8a:69:34:18:ed:29:
f3:c7:ea:87:dd:1a:af:a2:fe:94:8f:04:7a:9e:99:
bc:3d:d2:95:ff:91:b8:f4:21:68:01:9a:2f:e4:3c:
7d:a3:ef:da:ed:6f:7d:23:7c:be:76:0a:aa:00:6d:
49:9d:3f:de:7a:6a:32:bb:cd:93:aa:ea:12:fd:1e:
70:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:73:DF:38:71:C0:8C:20:9A:06:45:2A:E7:F4:71:5B:EA:E6:85:29
X509v3 Authority Key Identifier:
keyid:52:3A:C5:8D:A9:84:0D:0B:1C:AA:89:BD:FF:9E:0D:CE:46:76:7C:4A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9124B27/500618DCC6E811EF87AE690DC4F9AE02/UjrFjamEDQscqom9_54NzkZ2fEo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UjrFjamEDQscqom9_54NzkZ2fEo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9124B27/500618DCC6E811EF87AE690DC4F9AE02/55B9F18AC77F11EFAC58F47CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.124.205.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:7d:b6:96:5b:a1:de:2d:ba:68:64:7a:94:db:bc:e0:3a:67:
0b:68:ea:b1:37:5b:a1:0a:31:f7:7c:5f:35:4a:04:f3:d7:cd:
fc:69:55:5c:31:64:80:c2:7c:9c:e0:1e:a0:40:20:ca:18:ac:
6c:68:0a:98:5c:15:5d:c0:56:9c:35:1e:0a:a1:04:6f:3d:42:
7b:cb:30:2b:53:e5:0d:e5:fb:6a:82:6f:58:5f:0a:10:cd:78:
19:fd:c0:51:75:0a:71:92:b3:5b:1d:84:c9:c8:1e:09:f2:19:
93:20:c1:23:b4:8a:d1:a7:20:b3:25:d8:4f:7a:43:86:4f:1a:
eb:f6:1d:77:b9:e1:a8:95:99:3d:6e:e8:f9:56:f6:c9:14:67:
5f:b2:a5:4c:11:5f:82:45:1b:e8:56:2c:10:69:de:34:91:4d:
ac:eb:8e:fe:8d:bf:5f:e5:80:07:77:f8:ca:01:5e:13:26:b1:
ab:e5:b1:f7:5f:71:f8:90:29:f4:37:75:de:b2:f5:cb:c2:cf:
cc:d2:69:11:ad:d6:f6:e5:a9:2b:f6:b5:bb:b3:16:a8:11:fb:
51:a2:0d:27:a4:17:4c:e9:19:5e:79:53:17:22:d4:c7:48:5e:
9b:7f:da:cc:62:e1:1e:e8:bc:3a:18:2c:dd:43:a2:f9:69:1e:
80:f6:8b:06
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBDDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEy
NEIyNzExMC8GA1UEBRMoNTIzQUM1OERBOTg0MEQwQjFDQUE4OUJERkY5RTBEQ0U0
Njc2N0M0QTAeFw0yNDEyMzExMzU4MzhaFw0yNjAxMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3NzNmODhlLTc4ZDAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQD0nzANpSWDwEeAJS+1CsGOutt1fF0rI/+HJlHRQ7CMHQqT7HyEjHXlqxPtEe/A
Ay06Ol/pQBUlbGBD/ML3aK45JSPOdNiw3v6/HBusJO46S5QoOdxyjBxYBzrC3cUm
pkaw5z0liOirBr71Lj9AfjInTBpGCLeN3LGw8iNzTvAu19X3oGEzk1wwNdBvXqmI
SlAud4LYeYkH5esWXc78bqjkIqGOtdKYXH7F/G9egbC5th0hvUvAuoh4I2i9bYpp
NBjtKfPH6ofdGq+i/pSPBHqembw90pX/kbj0IWgBmi/kPH2j79rtb30jfL52CqoA
bUmdP956ajK7zZOq6hL9HnBPAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUpHPfOHHA
jCCaBkUq5/RxW+rmhSkwHwYDVR0jBBgwFoAUUjrFjamEDQscqom9/54NzkZ2fEow
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTI0QjI3LzUwMDYxOERDQzZF
ODExRUY4N0FFNjkwREM0RjlBRTAyL1VqckZqYW1FRFFzY3FvbTlfNTROemtaMmZF
by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvVWpyRmphbUVEUXNjcW9tOV81NE56a1oyZkVvLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy
NEIyNy81MDA2MThEQ0M2RTgxMUVGODdBRTY5MERDNEY5QUUwMi81NUI5RjE4QUM3
N0YxMUVGQUM1OEY0N0NDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAGd8zTANBgkqhkiG9w0BAQsFAAOCAQEAen22lluh3i26aGR6
lNu84DpnC2jqsTdboQox93xfNUoE89fN/GlVXDFkgMJ8nOAeoEAgyhisbGgKmFwV
XcBWnDUeCqEEbz1Ce8swK1PlDeX7aoJvWF8KEM14Gf3AUXUKcZKzWx2EycgeCfIZ
kyDBI7SK0acgsyXYT3pDhk8a6/Ydd7nhqJWZPW7o+Vb2yRRnX7KlTBFfgkUb6FYs
EGneNJFNrOuO/o2/X+WAB3f4ygFeEyaxq+Wx919x+JAp9Dd13rL1y8LPzNJpEa3W
9uWpK/a1u7MWqBH7UaINJ6QXTOkZXnlTFyLUx0hem3/azGLhHui8Ohgs3UOi+Wke
gPaLBg==
-----END CERTIFICATE-----
Generated at Sat Apr 19 00:53:54 2025 by rpki-client