Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A913A8A4/790E610CE9C311E8A9CED648C4F9AE02/54581848BB1C11ECBF12EE13C4F9AE02.roa
File: 54581848BB1C11ECBF12EE13C4F9AE02.roa (raw, json)
Hash identifier: aM+kflsjZ8tUuwjbVXKbKLGYT8Wl/jFCbN4S+5LlhQk=
Subject key identifier: 90:A5:5C:69:C7:A7:97:C1:E2:34:EC:FD:24:3B:03:88:5A:D1:5C:11
Certificate issuer: /CN=A913A8A4/serialNumber=4D176A0B457A6E5695D37A7ECB8DCB3A73CB4812
Certificate serial: 11C5
Authority key identifier: 4D:17:6A:0B:45:7A:6E:56:95:D3:7A:7E:CB:8D:CB:3A:73:CB:48:12
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TRdqC0V6blaV03p-y43LOnPLSBI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A913A8A4/790E610CE9C311E8A9CED648C4F9AE02/54581848BB1C11ECBF12EE13C4F9AE02.roa
Signing time: Thu 28 Nov 2024 17:35:27 +0000
ROA not before: Thu 28 Nov 2024 17:35:27 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 131477
IP address blocks: 103.102.4.0/24 maxlen: 24
103.102.5.0/24 maxlen: 24
103.102.7.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 31 Mar 2025 02:43:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4549 (0x11c5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A913A8A4
Validity
Not Before: Nov 28 17:35:27 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=6748a9de-2943
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:6d:46:9d:40:45:b2:1e:84:98:77:8b:eb:d3:
07:6b:e9:6d:71:bb:37:49:59:46:5c:6f:7f:72:6f:
16:b2:bc:e3:83:33:c9:89:dc:62:de:45:d8:c7:6b:
f4:64:fc:81:91:7e:67:48:18:ea:4b:78:30:ea:f7:
c7:60:ac:81:31:8a:66:2e:d1:2c:5f:2e:6c:b3:00:
da:ed:7e:6b:a0:d4:9d:38:dc:f1:02:f1:8d:f3:4b:
a2:f2:ab:e1:90:2d:1f:42:19:0b:b5:a0:80:94:7b:
58:a3:d8:92:0a:ae:79:8c:70:f6:b8:bb:7a:81:f2:
40:2e:cd:8a:21:79:54:58:ee:b6:f3:d3:43:f4:9d:
69:6c:84:4c:80:28:67:5a:0b:3c:cb:14:3b:7d:9f:
c3:ef:90:81:f1:c0:74:d6:a8:a4:82:e0:70:af:b6:
5c:b0:ed:56:87:96:5b:8f:90:99:0e:07:54:c3:f7:
e9:95:e0:19:26:8a:1f:5a:21:96:51:05:fb:09:00:
b5:6f:42:b9:ce:31:c1:73:69:c4:59:61:b7:9e:19:
4d:1d:01:52:bd:ef:fb:8c:14:da:4a:87:28:b3:ee:
6a:a7:f8:a3:a7:69:7c:d4:4d:88:a9:48:6c:f6:21:
e3:ef:6d:58:30:87:67:61:b0:cb:e6:e5:dd:f2:60:
02:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:A5:5C:69:C7:A7:97:C1:E2:34:EC:FD:24:3B:03:88:5A:D1:5C:11
X509v3 Authority Key Identifier:
keyid:4D:17:6A:0B:45:7A:6E:56:95:D3:7A:7E:CB:8D:CB:3A:73:CB:48:12
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A913A8A4/790E610CE9C311E8A9CED648C4F9AE02/TRdqC0V6blaV03p-y43LOnPLSBI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TRdqC0V6blaV03p-y43LOnPLSBI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913A8A4/790E610CE9C311E8A9CED648C4F9AE02/54581848BB1C11ECBF12EE13C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.102.4.0/23
103.102.7.0/24
Signature Algorithm: sha256WithRSAEncryption
22:24:d3:70:6f:79:dd:8f:cf:6f:7e:88:bb:9c:37:3f:4f:85:
8b:66:96:2a:fe:03:51:71:89:14:87:21:a4:e1:c5:ae:e8:94:
de:16:ae:83:f0:ca:13:64:13:d7:ad:1f:7e:61:58:ae:75:53:
ad:b3:8b:a1:46:11:93:f9:69:81:fa:2c:c2:c6:eb:67:53:9f:
28:05:f9:2f:b5:c1:83:e3:90:f7:c4:e8:ed:de:26:fe:c7:bb:
e2:95:32:96:01:a2:70:3b:47:1f:e4:2c:88:51:f4:45:0e:49:
c4:97:2d:88:e6:11:8b:ff:eb:be:40:bc:c4:e7:77:dc:11:fd:
c1:73:ee:e5:b6:0e:37:df:e8:01:aa:d4:4a:ab:96:56:fa:94:
10:af:ae:75:9f:cd:70:19:30:f4:f9:12:cd:e0:27:01:aa:e0:
3e:a8:b9:c5:31:4c:de:ce:d9:8e:11:7b:92:65:c5:23:26:83:
9a:36:8d:8c:26:00:4f:ba:58:46:44:12:5a:43:29:9c:88:23:
57:c4:08:7f:26:b7:3e:7d:d9:5f:93:d0:9c:25:f0:0e:c7:45:
64:95:dc:83:c9:89:a1:ba:f7:01:05:5c:ad:ba:b5:c0:3d:e4:
ab:c3:97:07:02:3c:75:cc:2e:37:ef:46:bb:c6:7d:2e:5f:f8:
10:67:43:d1
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICEcUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
M0E4QTQxMTAvBgNVBAUTKDREMTc2QTBCNDU3QTZFNTY5NUQzN0E3RUNCOERDQjNB
NzNDQjQ4MTIwHhcNMjQxMTI4MTczNTI3WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzQ4YTlkZS0yOTQzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxW1GnUBFsh6EmHeL69MHa+ltcbs3SVlGXG9/cm8WsrzjgzPJidxi3kXYx2v0
ZPyBkX5nSBjqS3gw6vfHYKyBMYpmLtEsXy5sswDa7X5roNSdONzxAvGN80ui8qvh
kC0fQhkLtaCAlHtYo9iSCq55jHD2uLt6gfJALs2KIXlUWO6289ND9J1pbIRMgChn
Wgs8yxQ7fZ/D75CB8cB01qikguBwr7ZcsO1Wh5Zbj5CZDgdUw/fpleAZJoofWiGW
UQX7CQC1b0K5zjHBc2nEWWG3nhlNHQFSve/7jBTaSocos+5qp/ijp2l81E2IqUhs
9iHj721YMIdnYbDL5uXd8mAC0QIDAQABo4ICmzCCApcwHQYDVR0OBBYEFJClXGnH
p5fB4jTs/SQ7A4ha0VwRMB8GA1UdIwQYMBaAFE0XagtFem5WldN6fsuNyzpzy0gS
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzQThBNC83OTBFNjEwQ0U5
QzMxMUU4QTlDRUQ2NDhDNEY5QUUwMi9UUmRxQzBWNmJsYVYwM3AteTQzTE9uUExT
QkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1RSZHFDMFY2YmxhVjAzcC15NDNMT25QTFNCSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
M0E4QTQvNzkwRTYxMENFOUMzMTFFOEE5Q0VENjQ4QzRGOUFFMDIvNTQ1ODE4NDhC
QjFDMTFFQ0JGMTJFRTEzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAFnZgQDBABnZgcwDQYJKoZIhvcNAQELBQADggEBACIk03Bv
ed2Pz29+iLucNz9PhYtmlir+A1FxiRSHIaThxa7olN4WroPwyhNkE9etH35hWK51
U62zi6FGEZP5aYH6LMLG62dTnygF+S+1wYPjkPfE6O3eJv7Hu+KVMpYBonA7Rx/k
LIhR9EUOScSXLYjmEYv/675AvMTnd9wR/cFz7uW2Djff6AGq1Eqrllb6lBCvrnWf
zXAZMPT5Es3gJwGq4D6oucUxTN7O2Y4Re5JlxSMmg5o2jYwmAE+6WEZEElpDKZyI
I1fECH8mtz592V+T0Jwl8A7HRWSV3IPJiaG69wEFXK26tcA95KvDlwcCPHXMLjfv
RrvGfS5f+BBnQ9E=
-----END CERTIFICATE-----
Generated at Sat Apr 12 10:39:28 2025 by rpki-client