Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9124B27/500618DCC6E811EF87AE690DC4F9AE02/78BF511EC75411EFA951A20CC4F9AE02.roa
File: 78BF511EC75411EFA951A20CC4F9AE02.roa (raw, json)
Hash identifier: arQEXSAaLKFMVrT86+f4J7ruFMUec5YhAr9nzVPc5o0=
Subject key identifier: AD:12:6E:B2:8B:65:B6:38:51:1E:E5:A9:9C:5D:3F:9C:23:21:1F:1A
Certificate issuer: /CN=A9124B27/serialNumber=523AC58DA9840D0B1CAA89BDFF9E0DCE46767C4A
Certificate serial: 0A
Authority key identifier: 52:3A:C5:8D:A9:84:0D:0B:1C:AA:89:BD:FF:9E:0D:CE:46:76:7C:4A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UjrFjamEDQscqom9_54NzkZ2fEo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9124B27/500618DCC6E811EF87AE690DC4F9AE02/78BF511EC75411EFA951A20CC4F9AE02.roa
Signing time: Tue 31 Dec 2024 08:51:49 +0000
ROA not before: Tue 31 Dec 2024 08:51:49 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 138411
IP address blocks: 103.124.205.0/24 maxlen: 24
103.124.207.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 31 Dec 2024 13:58:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10 (0xa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9124B27, serialNumber=523AC58DA9840D0B1CAA89BDFF9E0DCE46767C4A
Validity
Not Before: Dec 31 08:51:49 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=6773b0a5-3577
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:29:1e:83:24:43:4c:48:1d:d6:0b:9a:9b:f6:
74:f7:0a:88:0c:bd:d6:de:5f:ca:9c:77:ab:75:3d:
b5:69:1a:5c:cf:6c:ff:bc:f7:76:5e:61:76:bc:d1:
59:3b:84:a0:bc:04:a9:76:85:08:d7:be:bd:8a:ff:
57:d7:68:b3:8f:41:30:9c:a9:59:0c:e6:6d:16:a8:
8c:3d:2c:72:b5:b8:64:ed:68:a2:01:ae:4b:1e:49:
7a:d9:2d:45:ee:03:bc:df:ff:5c:c1:e5:48:42:05:
7f:d2:58:ad:10:53:93:86:ef:36:d9:05:5c:ab:f1:
ef:ae:ed:cc:d2:0c:70:fd:eb:08:9b:01:2e:87:b3:
36:73:a3:c6:27:f3:1f:9c:5f:5e:66:7c:aa:67:f6:
de:5e:f1:10:46:40:30:15:b2:51:06:3e:fa:f4:0f:
05:2e:d4:c9:8e:75:84:c4:fc:79:8c:95:a3:36:80:
c8:f5:1e:ce:65:2d:17:03:fe:1a:d1:37:a7:55:9b:
92:a8:c5:85:ce:9a:1b:90:3f:87:ae:f7:28:c2:dd:
41:6f:97:62:d9:a2:ef:16:49:60:57:5e:6f:82:d3:
e8:5c:7f:1f:4f:d3:cb:f4:6e:42:27:4d:32:8f:d2:
c0:fa:1b:95:46:9f:f4:3c:81:e2:47:7e:31:8c:f0:
a2:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:12:6E:B2:8B:65:B6:38:51:1E:E5:A9:9C:5D:3F:9C:23:21:1F:1A
X509v3 Authority Key Identifier:
keyid:52:3A:C5:8D:A9:84:0D:0B:1C:AA:89:BD:FF:9E:0D:CE:46:76:7C:4A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9124B27/500618DCC6E811EF87AE690DC4F9AE02/UjrFjamEDQscqom9_54NzkZ2fEo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UjrFjamEDQscqom9_54NzkZ2fEo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9124B27/500618DCC6E811EF87AE690DC4F9AE02/78BF511EC75411EFA951A20CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.124.205.0/24
103.124.207.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:c8:11:48:3e:74:ff:7c:80:70:c0:b8:41:cf:00:83:79:7c:
bb:08:2f:47:73:78:00:ea:75:fd:f6:e5:a0:08:74:8d:a0:fe:
55:e6:6e:fa:5d:d6:65:25:60:3f:76:76:7b:df:50:67:ed:c9:
25:d7:3a:91:13:bb:8f:bc:65:b7:3a:b2:87:aa:94:8a:aa:31:
59:81:84:cd:d3:f0:82:8c:af:10:cd:16:ae:c7:80:d3:f7:17:
18:03:d3:3a:2a:a2:31:ff:c6:fd:94:0d:88:f2:f5:1d:a6:b3:
4c:9a:50:31:0d:b1:10:53:05:78:11:56:48:ee:bc:03:54:ad:
ae:2b:1f:a0:65:48:13:d3:2d:67:42:ad:36:b4:d6:6d:7d:b3:
e6:02:3f:74:d1:82:08:6a:09:80:46:12:45:9b:33:81:02:2f:
32:ea:fd:0f:7d:bd:46:07:a4:6a:73:94:3d:e2:c2:d6:21:83:
1b:6f:64:c9:57:0b:d9:56:1d:b5:7c:fa:c0:55:2f:5b:fb:eb:
1b:38:9f:8a:a6:59:c2:af:fe:ac:f5:e9:7e:18:3c:48:d1:c1:
ad:91:23:e1:ed:93:ae:a0:d1:fe:1a:aa:7f:3b:dc:73:cd:b9:
e6:e3:da:c8:7c:91:8e:dc:80:2f:7a:89:8e:b6:d7:26:78:66:
ca:40:23:5c
-----BEGIN CERTIFICATE-----
MIIFdjCCBF6gAwIBAgIBCjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEy
NEIyNzExMC8GA1UEBRMoNTIzQUM1OERBOTg0MEQwQjFDQUE4OUJERkY5RTBEQ0U0
Njc2N0M0QTAeFw0yNDEyMzEwODUxNDlaFw0yNjAxMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3NzNiMGE1LTM1NzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDxKR6DJENMSB3WC5qb9nT3CogMvdbeX8qcd6t1PbVpGlzPbP+893ZeYXa80Vk7
hKC8BKl2hQjXvr2K/1fXaLOPQTCcqVkM5m0WqIw9LHK1uGTtaKIBrkseSXrZLUXu
A7zf/1zB5UhCBX/SWK0QU5OG7zbZBVyr8e+u7czSDHD96wibAS6HszZzo8Yn8x+c
X15mfKpn9t5e8RBGQDAVslEGPvr0DwUu1MmOdYTE/HmMlaM2gMj1Hs5lLRcD/hrR
N6dVm5KoxYXOmhuQP4eu9yjC3UFvl2LZou8WSWBXXm+C0+hcfx9P08v0bkInTTKP
0sD6G5VGn/Q8geJHfjGM8KLPAgMBAAGjggKbMIIClzAdBgNVHQ4EFgQUrRJusotl
tjhRHuWpnF0/nCMhHxowHwYDVR0jBBgwFoAUUjrFjamEDQscqom9/54NzkZ2fEow
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTI0QjI3LzUwMDYxOERDQzZF
ODExRUY4N0FFNjkwREM0RjlBRTAyL1VqckZqYW1FRFFzY3FvbTlfNTROemtaMmZF
by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvVWpyRmphbUVEUXNjcW9tOV81NE56a1oyZkVvLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy
NEIyNy81MDA2MThEQ0M2RTgxMUVGODdBRTY5MERDNEY5QUUwMi83OEJGNTExRUM3
NTQxMUVGQTk1MUEyMENDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAlBggrBgEFBQcBBwEB/wQW
MBQwEgQCAAEwDAMEAGd8zQMEAGd8zzANBgkqhkiG9w0BAQsFAAOCAQEAncgRSD50
/3yAcMC4Qc8Ag3l8uwgvR3N4AOp1/fbloAh0jaD+VeZu+l3WZSVgP3Z2e99QZ+3J
Jdc6kRO7j7xltzqyh6qUiqoxWYGEzdPwgoyvEM0WrseA0/cXGAPTOiqiMf/G/ZQN
iPL1HaazTJpQMQ2xEFMFeBFWSO68A1StrisfoGVIE9MtZ0KtNrTWbX2z5gI/dNGC
CGoJgEYSRZszgQIvMur9D329RgekanOUPeLC1iGDG29kyVcL2VYdtXz6wFUvW/vr
GzifiqZZwq/+rPXpfhg8SNHBrZEj4e2TrqDR/hqqfzvcc8255uPayHyRjtyAL3qJ
jrbXJnhmykAjXA==
-----END CERTIFICATE-----
Generated at Tue Apr 22 00:35:06 2025 by rpki-client