Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A913DC07/4EB9EDD6336211ECA7AC5131C4F9AE02/2DD5A508DB0011EFACE5316FC4F9AE02.roa
File: 2DD5A508DB0011EFACE5316FC4F9AE02.roa (raw, json)
Hash identifier: RBaNxf1yvBmrMaWBqk/mNxbrWpd2bESj/b8WArRiR/0=
Subject key identifier: CC:AA:95:0B:E4:47:13:B5:7B:1D:15:35:9D:EF:B4:9D:6A:32:8C:2B
Certificate issuer: /CN=A913DC07/serialNumber=ECAA3D15FA8B14DAAAFE2059A4019B20F527F83D
Certificate serial: 046D
Authority key identifier: EC:AA:3D:15:FA:8B:14:DA:AA:FE:20:59:A4:01:9B:20:F5:27:F8:3D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7Ko9FfqLFNqq_iBZpAGbIPUn-D0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A913DC07/4EB9EDD6336211ECA7AC5131C4F9AE02/2DD5A508DB0011EFACE5316FC4F9AE02.roa
Signing time: Sat 25 Jan 2025 09:38:49 +0000
ROA not before: Sat 25 Jan 2025 09:38:49 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 139720
IP address blocks: 103.167.16.0/24 maxlen: 24
2001:df6:a280::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 25 Jan 2025 10:28:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1133 (0x46d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A913DC07, serialNumber=ECAA3D15FA8B14DAAAFE2059A4019B20F527F83D
Validity
Not Before: Jan 25 09:38:49 2025 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=6794b128-5830
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:37:77:c5:4c:72:b4:57:78:7b:68:c4:cb:fd:
7a:98:a5:51:59:2c:02:82:67:7c:6b:b1:3f:34:ef:
7f:7e:3c:b2:7f:b5:51:7b:2e:ac:16:e7:ed:8d:24:
36:14:a4:c7:bc:0d:d2:15:fd:95:56:de:ac:11:31:
7d:53:a1:7e:35:ba:79:e5:82:a2:ac:d9:7e:e9:db:
f4:71:b7:e5:e3:73:a1:b6:50:74:1b:84:c3:5e:b1:
ad:c7:40:06:a0:d0:b3:26:ff:4b:61:6b:0e:fc:67:
3e:74:cf:77:f4:8c:10:41:0e:23:51:29:08:a9:3e:
11:b2:c6:83:21:48:14:a7:8a:5d:2c:ca:d9:30:29:
88:89:cf:e1:f1:6f:62:01:1c:bc:5a:d9:3a:0c:a5:
ad:11:a5:2a:a4:23:43:87:d5:59:f1:eb:e8:25:5b:
2c:4c:32:af:ed:80:83:d9:32:e9:55:8f:af:64:b5:
91:92:92:6f:d5:9c:62:8c:8a:11:8c:1b:f0:e1:0e:
21:b0:69:fd:07:bd:39:8f:c5:1c:79:9e:e5:2b:da:
55:ee:1c:f7:3f:e5:ba:3d:f2:5b:66:68:a0:a2:34:
48:d8:95:22:0c:f4:3a:37:58:e2:da:68:c5:4a:a6:
c7:7e:51:a8:5b:bc:1f:16:38:28:9e:92:71:d4:f0:
5f:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:AA:95:0B:E4:47:13:B5:7B:1D:15:35:9D:EF:B4:9D:6A:32:8C:2B
X509v3 Authority Key Identifier:
keyid:EC:AA:3D:15:FA:8B:14:DA:AA:FE:20:59:A4:01:9B:20:F5:27:F8:3D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A913DC07/4EB9EDD6336211ECA7AC5131C4F9AE02/7Ko9FfqLFNqq_iBZpAGbIPUn-D0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7Ko9FfqLFNqq_iBZpAGbIPUn-D0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913DC07/4EB9EDD6336211ECA7AC5131C4F9AE02/2DD5A508DB0011EFACE5316FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.167.16.0/24
IPv6:
2001:df6:a280::/48
Signature Algorithm: sha256WithRSAEncryption
09:9d:f9:70:4a:01:ff:0a:9a:e5:4a:63:c6:7d:74:7f:11:89:
cb:b3:81:7c:fe:e0:e9:10:22:89:b3:02:29:db:3c:6e:4e:c5:
30:e2:84:c1:ab:ec:c9:89:97:ed:20:55:fc:87:24:79:18:46:
f3:64:2a:34:0c:da:f4:9a:f6:df:aa:23:5c:e6:f4:bd:b1:2e:
2c:76:cd:6a:5d:d1:08:a4:cf:91:6f:b8:98:7b:be:cd:0b:e4:
26:90:9a:b3:ea:7f:ae:15:8b:cb:f0:a3:a3:0a:0c:c5:43:c5:
58:c4:95:c6:ec:0e:ab:d0:7e:50:6f:b9:b3:3b:2a:35:50:9c:
b8:8e:18:62:4f:7a:71:63:aa:46:53:62:74:88:03:4d:a9:03:
22:97:4c:1a:58:1d:69:3a:b7:a7:5a:6a:c0:68:e3:0b:be:0e:
97:f1:c1:98:8e:66:9c:d2:9b:cb:c5:12:4e:41:23:13:05:ba:
1b:c3:f5:c9:01:1c:e7:15:f4:6a:d9:f7:96:9e:73:98:48:a3:
df:ea:9f:b0:1e:6f:b3:9e:6b:b9:b8:09:2e:b9:03:b1:c2:05:
c9:f2:3a:9d:95:e1:c1:a8:31:8e:1f:60:bf:a8:be:f7:c6:71:
20:51:33:df:24:80:78:5f:bd:34:63:a3:c7:ac:30:35:6b:3e:
3f:e7:fc:d8
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICBG0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
M0RDMDcxMTAvBgNVBAUTKEVDQUEzRDE1RkE4QjE0REFBQUZFMjA1OUE0MDE5QjIw
RjUyN0Y4M0QwHhcNMjUwMTI1MDkzODQ5WhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzk0YjEyOC01ODMwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnTd3xUxytFd4e2jEy/16mKVRWSwCgmd8a7E/NO9/fjyyf7VRey6sFuftjSQ2
FKTHvA3SFf2VVt6sETF9U6F+Nbp55YKirNl+6dv0cbfl43OhtlB0G4TDXrGtx0AG
oNCzJv9LYWsO/Gc+dM939IwQQQ4jUSkIqT4RssaDIUgUp4pdLMrZMCmIic/h8W9i
ARy8Wtk6DKWtEaUqpCNDh9VZ8evoJVssTDKv7YCD2TLpVY+vZLWRkpJv1ZxijIoR
jBvw4Q4hsGn9B705j8UceZ7lK9pV7hz3P+W6PfJbZmigojRI2JUiDPQ6N1ji2mjF
SqbHflGoW7wfFjgonpJx1PBfxQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFMyqlQvk
RxO1ex0VNZ3vtJ1qMowrMB8GA1UdIwQYMBaAFOyqPRX6ixTaqv4gWaQBmyD1J/g9
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzREMwNy80RUI5RURENjMz
NjIxMUVDQTdBQzUxMzFDNEY5QUUwMi83S285RmZxTEZOcXFfaUJacEFHYklQVW4t
RDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzdLbzlGZnFMRk5xcV9pQlpwQUdiSVBVbi1EMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
M0RDMDcvNEVCOUVERDYzMzYyMTFFQ0E3QUM1MTMxQzRGOUFFMDIvMkRENUE1MDhE
QjAwMTFFRkFDRTUzMTZGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBABnpxAwDwQCAAIwCQMHACABDfaigDANBgkqhkiG9w0BAQsF
AAOCAQEACZ35cEoB/wqa5Upjxn10fxGJy7OBfP7g6RAiibMCKds8bk7FMOKEwavs
yYmX7SBV/IckeRhG82QqNAza9Jr236ojXOb0vbEuLHbNal3RCKTPkW+4mHu+zQvk
JpCas+p/rhWLy/CjowoMxUPFWMSVxuwOq9B+UG+5szsqNVCcuI4YYk96cWOqRlNi
dIgDTakDIpdMGlgdaTq3p1pqwGjjC74Ol/HBmI5mnNKby8USTkEjEwW6G8P1yQEc
5xX0atn3lp5zmEij3+qfsB5vs55rubgJLrkDscIFyfI6nZXhwagxjh9gv6i+98Zx
IFEz3ySAeF+9NGOjx6wwNWs+P+f82A==
-----END CERTIFICATE-----
Generated at Fri Apr 18 20:34:28 2025 by rpki-client