Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9131157/06B2B8E2072611F083F3FC75C4F9AE02/A7671DAA07B711F0AA01D60EC4F9AE02.roa
File: A7671DAA07B711F0AA01D60EC4F9AE02.roa (raw, json)
Hash identifier: iJwwDwc2Qg7qOFLB+e0s2PatYTkgBiiWIPO8D4KTb14=
Subject key identifier: F1:61:36:31:FB:17:8C:1D:72:28:1A:9A:F4:20:4A:FB:CE:78:F6:E8
Certificate issuer: /CN=A9131157/serialNumber=262EC20D32BC132D7D204C34482229792421CF70
Certificate serial: 0E
Authority key identifier: 26:2E:C2:0D:32:BC:13:2D:7D:20:4C:34:48:22:29:79:24:21:CF:70
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ji7CDTK8Ey19IEw0SCIpeSQhz3A.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9131157/06B2B8E2072611F083F3FC75C4F9AE02/A7671DAA07B711F0AA01D60EC4F9AE02.roa
Signing time: Sun 23 Mar 2025 07:33:06 +0000
ROA not before: Sun 23 Mar 2025 07:33:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 141767
IP address blocks: 203.9.210.0/23 maxlen: 23
203.9.210.0/24 maxlen: 24
203.9.211.0/24 maxlen: 24
2001:df3:91c0::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 23 Mar 2025 22:49:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14 (0xe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9131157
Validity
Not Before: Mar 23 07:33:06 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67dfb932-5cfc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:f7:f8:91:23:39:56:3b:00:f6:97:1e:c7:e6:
6a:09:4c:2b:96:27:35:05:93:01:98:59:eb:46:f5:
a4:e7:3a:1c:94:72:f7:d2:cf:73:d0:b5:69:5d:6d:
ec:f2:68:27:8f:65:9e:0a:f0:4c:c4:b9:8f:cf:25:
17:14:31:5c:81:9f:3f:5e:bf:7c:44:9f:eb:6b:1f:
a1:cc:ef:1b:d1:22:bd:55:b7:82:ac:0a:00:ce:8d:
80:09:04:d8:5d:ed:7b:fa:48:02:b3:65:ce:b0:58:
d9:2e:ff:06:44:64:16:6f:74:f9:cc:7a:c3:6d:84:
a7:c9:6f:49:d8:d8:60:e4:ea:3b:09:78:d5:96:eb:
b3:67:3c:0a:13:61:58:66:e6:9f:f7:82:ce:24:a4:
e6:35:1a:9d:37:28:76:f8:fc:31:84:32:34:72:b0:
08:70:71:5e:fe:ac:57:fc:dd:13:7c:f2:8f:54:27:
41:b3:65:7a:fa:a2:fd:29:38:ce:eb:c4:4d:7f:35:
6b:f3:02:c6:06:bf:e7:4c:fb:69:bc:5a:ef:ca:07:
35:ad:cd:b8:8c:4a:86:68:db:e9:ec:24:9f:87:72:
10:a3:57:80:4d:ee:da:1f:f7:58:a3:c1:88:65:83:
43:95:6c:58:e5:3e:59:a0:11:06:b0:f3:db:ca:34:
b0:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:61:36:31:FB:17:8C:1D:72:28:1A:9A:F4:20:4A:FB:CE:78:F6:E8
X509v3 Authority Key Identifier:
keyid:26:2E:C2:0D:32:BC:13:2D:7D:20:4C:34:48:22:29:79:24:21:CF:70
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9131157/06B2B8E2072611F083F3FC75C4F9AE02/Ji7CDTK8Ey19IEw0SCIpeSQhz3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ji7CDTK8Ey19IEw0SCIpeSQhz3A.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9131157/06B2B8E2072611F083F3FC75C4F9AE02/A7671DAA07B711F0AA01D60EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.9.210.0/23
IPv6:
2001:df3:91c0::/48
Signature Algorithm: sha256WithRSAEncryption
0c:f9:a8:1e:79:e6:7f:69:74:28:61:dc:6d:58:3e:6d:42:aa:
38:da:88:45:b3:fd:f7:00:db:c9:c0:84:8f:cd:c8:c6:43:c6:
1c:04:a1:d3:38:ea:a0:62:22:84:db:4f:cc:9f:34:dd:e7:8e:
da:f2:c8:3b:bb:81:c6:08:4f:59:85:ac:5f:4c:b7:d8:8f:8e:
c5:fd:ec:6b:e2:c0:87:55:44:48:c8:84:e4:82:43:b5:d5:aa:
4b:9e:d8:a3:94:e4:44:7a:cd:40:7e:93:99:3c:dd:1f:04:cb:
d0:42:9f:84:88:f3:7b:a4:78:95:96:6f:09:6e:45:a5:99:37:
10:4d:c8:91:76:7d:5a:14:51:57:dc:44:b0:a9:dd:f8:5a:c2:
91:f7:41:85:da:0b:7d:0d:c0:dc:29:d1:c3:1f:5a:a9:ff:b1:
89:e3:f5:c1:5f:97:37:70:a6:8d:30:09:24:7d:cb:7b:90:ea:
ce:c3:16:17:c0:31:04:22:28:ae:63:12:ad:cf:cd:d2:7f:da:
26:9b:7b:92:51:ce:74:3d:db:b7:6a:b8:87:23:ff:4c:74:3d:
e3:23:e7:b9:ff:8d:16:d1:6b:f2:9e:fd:9f:41:25:5d:ca:7a:
64:04:e0:1f:4d:3e:35:b6:f4:6e:cd:9d:7e:67:44:9e:88:ea:
bb:e8:17:8b
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIBDjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEz
MTE1NzExMC8GA1UEBRMoMjYyRUMyMEQzMkJDMTMyRDdEMjA0QzM0NDgyMjI5Nzky
NDIxQ0Y3MDAeFw0yNTAzMjMwNzMzMDZaFw0yNTA3MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3ZGZiOTMyLTVjZmMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDW9/iRIzlWOwD2lx7H5moJTCuWJzUFkwGYWetG9aTnOhyUcvfSz3PQtWldbezy
aCePZZ4K8EzEuY/PJRcUMVyBnz9ev3xEn+trH6HM7xvRIr1Vt4KsCgDOjYAJBNhd
7Xv6SAKzZc6wWNku/wZEZBZvdPnMesNthKfJb0nY2GDk6jsJeNWW67NnPAoTYVhm
5p/3gs4kpOY1Gp03KHb4/DGEMjRysAhwcV7+rFf83RN88o9UJ0GzZXr6ov0pOM7r
xE1/NWvzAsYGv+dM+2m8Wu/KBzWtzbiMSoZo2+nsJJ+HchCjV4BN7tof91ijwYhl
g0OVbFjlPlmgEQaw89vKNLCnAgMBAAGjggKmMIICojAdBgNVHQ4EFgQU8WE2MfsX
jB1yKBqa9CBK+8549ugwHwYDVR0jBBgwFoAUJi7CDTK8Ey19IEw0SCIpeSQhz3Aw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTMxMTU3LzA2QjJCOEUyMDcy
NjExRjA4M0YzRkM3NUM0RjlBRTAyL0ppN0NEVEs4RXkxOUlFdzBTQ0lwZVNRaHoz
QS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvSmk3Q0RUSzhFeTE5SUV3MFNDSXBlU1FoejNBLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz
MTE1Ny8wNkIyQjhFMjA3MjYxMUYwODNGM0ZDNzVDNEY5QUUwMi9BNzY3MURBQTA3
QjcxMUYwQUEwMUQ2MEVDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh
MB8wDAQCAAEwBgMEAcsJ0jAPBAIAAjAJAwcAIAEN85HAMA0GCSqGSIb3DQEBCwUA
A4IBAQAM+ageeeZ/aXQoYdxtWD5tQqo42ohFs/33ANvJwISPzcjGQ8YcBKHTOOqg
YiKE20/MnzTd547a8sg7u4HGCE9ZhaxfTLfYj47F/exr4sCHVURIyITkgkO11apL
ntijlOREes1AfpOZPN0fBMvQQp+EiPN7pHiVlm8JbkWlmTcQTciRdn1aFFFX3ESw
qd34WsKR90GF2gt9DcDcKdHDH1qp/7GJ4/XBX5c3cKaNMAkkfct7kOrOwxYXwDEE
IiiuYxKtz83Sf9omm3uSUc50Pdu3ariHI/9MdD3jI+e5/40W0Wvynv2fQSVdynpk
BOAfTT41tvRuzZ1+Z0SeiOq76BeL
-----END CERTIFICATE-----
Generated at Sat Apr 5 23:46:28 2025 by rpki-client