Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91403E9/17613234AC3A11ED9740B655C4F9AE02/028335CAC3BC11EEB6DE185EC4F9AE02.roa
File: 028335CAC3BC11EEB6DE185EC4F9AE02.roa (raw, json)
Hash identifier: 59PcgSGm7rJI65w5shaTtyU/0EPniP8y6wD2GVDpdAo=
Subject key identifier: 41:CC:EA:3C:DF:11:EA:6C:5B:C3:46:A7:86:00:C7:3F:94:3A:F9:D7
Certificate issuer: /CN=A91403E9/serialNumber=92FEFE8AE829F0A5A501B57506FAE4E5C11A1D97
Certificate serial: 019B
Authority key identifier: 92:FE:FE:8A:E8:29:F0:A5:A5:01:B5:75:06:FA:E4:E5:C1:1A:1D:97
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kv7-iugp8KWlAbV1Bvrk5cEaHZc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91403E9/17613234AC3A11ED9740B655C4F9AE02/028335CAC3BC11EEB6DE185EC4F9AE02.roa
Signing time: Sun 23 Mar 2025 03:19:14 +0000
ROA not before: Sun 23 Mar 2025 03:19:14 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 150745
IP address blocks: 103.81.28.0/24 maxlen: 24
103.81.29.0/24 maxlen: 24
2001:df1:e940::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 24 Mar 2025 16:12:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 411 (0x19b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91403E9, serialNumber=92FEFE8AE829F0A5A501B57506FAE4E5C11A1D97
Validity
Not Before: Mar 23 03:19:14 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67df7db2-efa6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:3b:e5:f9:db:6b:f3:5c:d3:cf:a0:b5:b4:b1:
7d:98:b4:f5:0a:86:51:c8:af:d8:55:fa:71:aa:cd:
15:77:c7:a4:df:ca:5c:67:9d:9f:79:6d:25:e9:cf:
c4:d3:33:b7:f4:7d:f6:cf:ce:40:04:77:f9:be:74:
fd:64:87:5d:9a:11:82:e8:56:3e:ea:74:39:79:82:
44:e3:28:cc:64:c4:1e:eb:67:9d:cb:69:1f:d6:0c:
68:f6:49:17:23:b6:88:4c:54:3c:c1:73:22:f5:3d:
0c:6d:85:75:2b:04:9d:0b:db:b3:0b:28:e2:bb:cf:
da:bb:c7:17:f8:44:4a:38:fd:43:a6:3e:5b:d1:4a:
65:be:5a:6f:fa:f1:bd:89:ee:a6:3d:58:8e:e8:26:
64:71:40:bd:a9:9d:48:cb:2b:31:79:9e:8d:24:5c:
6a:9a:fd:0c:50:4d:a6:b7:37:d0:2e:8a:64:bc:f0:
e6:0b:92:9f:cf:ea:86:4b:68:82:3f:05:ca:87:91:
bd:a4:80:98:bd:12:4e:e3:fb:ba:3a:31:eb:5a:57:
a5:4e:41:fa:16:42:9b:ea:ec:11:a3:77:51:93:54:
bd:66:c8:76:0c:4e:67:97:92:72:df:9e:0c:89:c0:
01:8a:dd:7c:9d:6b:3c:35:36:f9:02:3f:71:28:72:
d3:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:CC:EA:3C:DF:11:EA:6C:5B:C3:46:A7:86:00:C7:3F:94:3A:F9:D7
X509v3 Authority Key Identifier:
keyid:92:FE:FE:8A:E8:29:F0:A5:A5:01:B5:75:06:FA:E4:E5:C1:1A:1D:97
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91403E9/17613234AC3A11ED9740B655C4F9AE02/kv7-iugp8KWlAbV1Bvrk5cEaHZc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kv7-iugp8KWlAbV1Bvrk5cEaHZc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91403E9/17613234AC3A11ED9740B655C4F9AE02/028335CAC3BC11EEB6DE185EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.81.28.0/23
IPv6:
2001:df1:e940::/48
Signature Algorithm: sha256WithRSAEncryption
36:c6:55:78:6a:44:ab:44:a9:2e:2d:56:3c:f8:82:6b:31:c0:
0e:b6:58:53:ea:01:a0:21:c0:70:16:60:a5:1d:95:f1:8b:4b:
1a:70:56:1b:34:33:f7:26:12:64:17:bd:e8:77:04:d8:d0:91:
b3:6f:2a:82:3a:3b:db:44:74:aa:fa:5b:fa:6d:38:46:9f:7c:
10:f8:8e:7c:d5:a1:a1:93:c4:36:24:cf:53:8b:5d:96:04:62:
41:42:1f:af:d5:8c:e6:94:c3:e1:d4:24:91:8b:fc:5b:06:c2:
80:83:0a:a1:71:fa:71:7f:91:00:80:5c:da:47:e5:83:ff:c8:
bf:5e:e7:33:ef:6e:a5:c8:45:80:8c:6b:9b:be:a5:0b:ee:70:
bb:db:98:e8:a2:24:d5:3d:62:ed:9b:b4:c2:06:5e:c0:0d:01:
64:b1:65:a1:df:84:b1:73:cc:ff:6d:2c:f2:e6:e6:ba:3c:58:
ab:93:04:26:f9:e7:2d:74:ea:2f:c7:c9:69:e4:3e:e4:10:09:
26:03:18:de:73:ba:9f:88:75:17:22:de:87:f8:2c:f4:18:fc:
ce:60:88:db:46:ff:9d:ab:25:10:40:44:83:65:1d:6e:9e:af:
63:2b:a8:4c:14:74:b5:a5:4e:94:0b:d1:67:87:61:ab:90:47:
f7:fa:eb:eb
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICAZswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDAzRTkxMTAvBgNVBAUTKDkyRkVGRThBRTgyOUYwQTVBNTAxQjU3NTA2RkFFNEU1
QzExQTFEOTcwHhcNMjUwMzIzMDMxOTE0WhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2RmN2RiMi1lZmE2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA7Tvl+dtr81zTz6C1tLF9mLT1CoZRyK/YVfpxqs0Vd8ek38pcZ52feW0l6c/E
0zO39H32z85ABHf5vnT9ZIddmhGC6FY+6nQ5eYJE4yjMZMQe62edy2kf1gxo9kkX
I7aITFQ8wXMi9T0MbYV1KwSdC9uzCyjiu8/au8cX+ERKOP1Dpj5b0Uplvlpv+vG9
ie6mPViO6CZkcUC9qZ1IyysxeZ6NJFxqmv0MUE2mtzfQLopkvPDmC5Kfz+qGS2iC
PwXKh5G9pICYvRJO4/u6OjHrWlelTkH6FkKb6uwRo3dRk1S9Zsh2DE5nl5Jy354M
icABit18nWs8NTb5Aj9xKHLTDQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFEHM6jzf
EepsW8NGp4YAxz+UOvnXMB8GA1UdIwQYMBaAFJL+/oroKfClpQG1dQb65OXBGh2X
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MDNFOS8xNzYxMzIzNEFD
M0ExMUVEOTc0MEI2NTVDNEY5QUUwMi9rdjctaXVncDhLV2xBYlYxQnZyazVjRWFI
WmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2t2Ny1pdWdwOEtXbEFiVjFCdnJrNWNFYUhaYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDAzRTkvMTc2MTMyMzRBQzNBMTFFRDk3NDBCNjU1QzRGOUFFMDIvMDI4MzM1Q0FD
M0JDMTFFRUI2REUxODVFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnURwwDwQCAAIwCQMHACABDfHpQDANBgkqhkiG9w0BAQsF
AAOCAQEANsZVeGpEq0SpLi1WPPiCazHADrZYU+oBoCHAcBZgpR2V8YtLGnBWGzQz
9yYSZBe96HcE2NCRs28qgjo720R0qvpb+m04Rp98EPiOfNWhoZPENiTPU4tdlgRi
QUIfr9WM5pTD4dQkkYv8WwbCgIMKoXH6cX+RAIBc2kflg//Iv17nM+9upchFgIxr
m76lC+5wu9uY6KIk1T1i7Zu0wgZewA0BZLFlod+EsXPM/20s8ubmujxYq5MEJvnn
LXTqL8fJaeQ+5BAJJgMY3nO6n4h1FyLeh/gs9Bj8zmCI20b/naslEEBEg2Udbp6v
YyuoTBR0taVOlAvRZ4dhq5BH9/rr6w==
-----END CERTIFICATE-----
Generated at Tue Apr 22 06:13:02 2025 by rpki-client