Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912FAA0/A6337BE225DC11EC951ECE82C4F9AE02/5A591BB025E011EC9E89C60AC4F9AE02.roa
File: 5A591BB025E011EC9E89C60AC4F9AE02.roa (raw, json)
Hash identifier: ovfcNK4D7rwx00mHFL/cHgH9ttVvBH5xhBuXlHzvMgY=
Subject key identifier: DF:81:0C:70:A6:A1:B3:61:3E:DA:D2:E1:13:57:C6:D4:47:22:8A:0F
Certificate issuer: /CN=A912FAA0/serialNumber=C535B6343EA9BF59EA82EEEE3AFB8A4000DE8BB2
Certificate serial: 041F
Authority key identifier: C5:35:B6:34:3E:A9:BF:59:EA:82:EE:EE:3A:FB:8A:40:00:DE:8B:B2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xTW2ND6pv1nqgu7uOvuKQADei7I.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912FAA0/A6337BE225DC11EC951ECE82C4F9AE02/5A591BB025E011EC9E89C60AC4F9AE02.roa
Signing time: Wed 03 Jul 2024 01:42:43 +0000
ROA not before: Wed 03 Jul 2024 01:42:43 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 146993
IP address blocks: 103.255.56.0/22 maxlen: 24
Validation: Failed, certificate revoked on Sat 07 Sep 2024 12:05:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1055 (0x41f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912FAA0, serialNumber=C535B6343EA9BF59EA82EEEE3AFB8A4000DE8BB2
Validity
Not Before: Jul 3 01:42:43 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=6684ac93-8f09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:c8:2b:c5:73:41:6e:6a:ce:57:e4:73:6d:79:
2e:ce:59:5b:8f:0f:3b:c0:53:02:38:5c:f7:b1:9d:
e4:cb:9f:1b:90:23:94:02:88:c0:a0:02:08:64:b4:
7d:25:97:d0:da:34:40:dc:f1:8a:94:64:b1:2f:22:
32:d2:55:95:70:0e:ff:03:a6:76:4d:af:22:b6:9f:
8f:39:b3:4e:b7:e9:37:41:a6:68:92:88:0d:82:67:
5a:e7:68:27:37:52:89:51:cd:70:d1:7c:66:3e:63:
f3:28:37:7b:20:70:b0:a8:e6:a9:11:c6:9a:72:37:
fd:22:43:14:53:6d:4f:fa:00:a2:05:3b:28:41:07:
9d:21:04:d3:74:b1:3d:67:26:f6:53:6a:5a:2d:82:
de:93:8a:4f:7b:32:a7:74:16:1b:f0:c4:b0:5f:fa:
98:f9:b2:02:52:27:8e:96:7e:9d:25:97:22:ec:28:
58:a4:56:af:60:3e:6b:9e:db:cc:a2:41:ed:6c:70:
7b:9a:d2:66:18:e7:07:e0:01:77:6c:4a:67:98:73:
9b:05:19:02:c1:6d:0d:f7:9b:80:f8:81:c0:e9:72:
cd:fa:f2:c1:a7:2f:62:af:f2:a4:19:e9:e3:2e:42:
cc:08:9c:63:1b:cb:07:ea:18:0b:3f:45:2e:0d:70:
7c:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:81:0C:70:A6:A1:B3:61:3E:DA:D2:E1:13:57:C6:D4:47:22:8A:0F
X509v3 Authority Key Identifier:
keyid:C5:35:B6:34:3E:A9:BF:59:EA:82:EE:EE:3A:FB:8A:40:00:DE:8B:B2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912FAA0/A6337BE225DC11EC951ECE82C4F9AE02/xTW2ND6pv1nqgu7uOvuKQADei7I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xTW2ND6pv1nqgu7uOvuKQADei7I.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912FAA0/A6337BE225DC11EC951ECE82C4F9AE02/5A591BB025E011EC9E89C60AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.255.56.0/22
Signature Algorithm: sha256WithRSAEncryption
80:c2:e0:09:0c:d0:c9:0b:a5:1e:2c:7b:8d:b1:42:cb:55:d6:
b4:35:69:b7:37:15:cb:e2:38:d0:c9:23:f5:34:9b:a8:3a:31:
2e:0e:08:02:76:f3:65:b6:63:c1:8b:02:3f:64:f6:f2:40:29:
6d:67:9a:9b:a1:6b:37:e8:34:36:18:0d:55:c9:9e:e8:18:73:
f3:28:46:a3:e5:c8:f5:f8:ab:5c:90:b2:97:0e:27:ea:bc:b2:
31:1e:6b:47:c7:5a:7d:a6:56:85:97:ee:44:6b:17:01:e9:7d:
4a:00:cd:13:c3:23:dd:40:45:8f:63:37:1a:c1:72:53:bc:0b:
f7:3c:17:a8:85:0d:56:95:a4:34:77:c3:98:a7:2a:9e:b4:53:
a2:50:3b:82:50:36:65:d4:ae:57:53:47:c8:a1:b5:3d:64:41:
3b:10:44:46:45:0b:68:11:e8:e0:44:1e:bb:a7:63:2a:e4:56:
43:2f:5e:71:63:94:0e:6e:b3:aa:a4:5b:8c:48:39:c0:38:d7:
e0:bd:12:a5:81:81:2f:72:4b:7e:ac:e4:0c:37:87:4d:fc:a1:
06:9e:1d:9f:47:ce:c5:f5:f6:e2:d7:af:de:53:7e:a2:8c:27:
82:98:c6:44:ca:b3:e3:b8:60:a0:58:90:4d:a1:78:3a:d9:24:
c4:71:dd:6f
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBB8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MkZBQTAxMTAvBgNVBAUTKEM1MzVCNjM0M0VBOUJGNTlFQTgyRUVFRTNBRkI4QTQw
MDBERThCQjIwHhcNMjQwNzAzMDE0MjQzWhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02Njg0YWM5My04ZjA5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA78grxXNBbmrOV+RzbXkuzllbjw87wFMCOFz3sZ3ky58bkCOUAojAoAIIZLR9
JZfQ2jRA3PGKlGSxLyIy0lWVcA7/A6Z2Ta8itp+PObNOt+k3QaZokogNgmda52gn
N1KJUc1w0XxmPmPzKDd7IHCwqOapEcaacjf9IkMUU21P+gCiBTsoQQedIQTTdLE9
Zyb2U2paLYLek4pPezKndBYb8MSwX/qY+bICUieOln6dJZci7ChYpFavYD5rntvM
okHtbHB7mtJmGOcH4AF3bEpnmHObBRkCwW0N95uA+IHA6XLN+vLBpy9ir/KkGenj
LkLMCJxjG8sH6hgLP0UuDXB8aQIDAQABo4IClTCCApEwHQYDVR0OBBYEFN+BDHCm
obNhPtrS4RNXxtRHIooPMB8GA1UdIwQYMBaAFMU1tjQ+qb9Z6oLu7jr7ikAA3ouy
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyRkFBMC9BNjMzN0JFMjI1
REMxMUVDOTUxRUNFODJDNEY5QUUwMi94VFcyTkQ2cHYxbnFndTd1T3Z1S1FBRGVp
N0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3hUVzJORDZwdjFucWd1N3VPdnVLUUFEZWk3SS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MkZBQTAvQTYzMzdCRTIyNURDMTFFQzk1MUVDRTgyQzRGOUFFMDIvNUE1OTFCQjAy
NUUwMTFFQzlFODlDNjBBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJn/zgwDQYJKoZIhvcNAQELBQADggEBAIDC4AkM0MkLpR4s
e42xQstV1rQ1abc3FcviONDJI/U0m6g6MS4OCAJ282W2Y8GLAj9k9vJAKW1nmpuh
azfoNDYYDVXJnugYc/MoRqPlyPX4q1yQspcOJ+q8sjEea0fHWn2mVoWX7kRrFwHp
fUoAzRPDI91ARY9jNxrBclO8C/c8F6iFDVaVpDR3w5inKp60U6JQO4JQNmXUrldT
R8ihtT1kQTsQREZFC2gR6OBEHrunYyrkVkMvXnFjlA5us6qkW4xIOcA41+C9EqWB
gS9yS36s5Aw3h038oQaeHZ9HzsX19uLXr95TfqKMJ4KYxkTKs+O4YKBYkE2heDrZ
JMRx3W8=
-----END CERTIFICATE-----
Generated at Sun Apr 13 04:25:33 2025 by rpki-client