Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9153646/6B8EFA5AFF9811E987C80A6AC4F9AE02/48F1847A526611EEB6730D84C4F9AE02.roa
File: 48F1847A526611EEB6730D84C4F9AE02.roa (raw, json)
Hash identifier: CbGi/3rIn0XcIt9BwYIEWkblUYezPDmQbCoXDoiNS30=
Subject key identifier: 7A:AE:1F:27:0C:CB:2A:44:C1:48:D6:13:5B:E8:88:04:03:25:E0:16
Certificate issuer: /CN=A9153646/serialNumber=3492EFFE9622B1FFF881597003763C1BA24A1E06
Certificate serial: 06EA
Authority key identifier: 34:92:EF:FE:96:22:B1:FF:F8:81:59:70:03:76:3C:1B:A2:4A:1E:06
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NJLv_pYisf_4gVlwA3Y8G6JKHgY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9153646/6B8EFA5AFF9811E987C80A6AC4F9AE02/48F1847A526611EEB6730D84C4F9AE02.roa
Signing time: Sun 22 Dec 2024 18:26:30 +0000
ROA not before: Sun 22 Dec 2024 18:26:30 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 150744
IP address blocks: 103.203.177.0/24 maxlen: 24
103.203.178.0/24 maxlen: 24
223.29.214.0/24 maxlen: 24
2401:b8c0:a::/48 maxlen: 48
2401:b8c0:d::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 03 Apr 2025 07:01:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1770 (0x6ea)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9153646
Validity
Not Before: Dec 22 18:26:30 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=676859d6-81da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:b6:a1:44:b7:aa:34:15:8f:5d:54:79:38:9d:
6f:fd:2b:86:61:a1:85:b5:8f:f9:c3:42:d6:f5:1d:
22:b3:c5:31:0f:a8:62:14:6e:5d:ba:0f:2d:f1:7d:
d5:ca:70:dc:c1:9d:90:51:36:41:42:69:a7:b1:2e:
28:4c:79:86:9e:d9:18:1e:a9:f2:4b:0d:ff:b8:10:
1f:d6:50:97:fc:4b:c6:14:6a:01:08:98:b2:56:49:
c3:29:54:fb:9d:90:c4:7d:73:3e:8d:c9:94:2d:1d:
da:2f:7b:02:9b:d9:35:e3:51:81:55:fe:79:e4:cf:
ae:25:01:7d:0b:c8:e5:45:52:d4:13:49:6b:19:35:
dd:53:1b:ed:32:12:9b:59:b2:f1:46:0c:e8:0e:d8:
e1:0d:c9:93:02:c7:17:1c:be:f2:cb:59:63:6b:33:
c5:3d:11:07:55:27:f5:11:8b:16:ff:6f:fe:09:02:
b4:a8:b0:de:5c:46:b4:f1:61:0a:0d:bc:e5:63:57:
66:c0:50:5d:54:94:1f:4d:0b:69:d6:d8:39:7d:98:
19:86:5f:33:df:a0:4c:5a:5c:58:8a:cc:a3:b2:b1:
7b:ef:b6:ea:95:dc:c5:e5:5c:5d:81:75:b4:b6:dc:
35:8b:7c:a0:ef:20:2c:d3:18:b6:53:bd:8b:3d:37:
9a:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:AE:1F:27:0C:CB:2A:44:C1:48:D6:13:5B:E8:88:04:03:25:E0:16
X509v3 Authority Key Identifier:
keyid:34:92:EF:FE:96:22:B1:FF:F8:81:59:70:03:76:3C:1B:A2:4A:1E:06
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9153646/6B8EFA5AFF9811E987C80A6AC4F9AE02/NJLv_pYisf_4gVlwA3Y8G6JKHgY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NJLv_pYisf_4gVlwA3Y8G6JKHgY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9153646/6B8EFA5AFF9811E987C80A6AC4F9AE02/48F1847A526611EEB6730D84C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.203.177.0-103.203.178.255
223.29.214.0/24
IPv6:
2401:b8c0:a::/48
2401:b8c0:d::/48
Signature Algorithm: sha256WithRSAEncryption
3e:ca:b4:a6:42:e1:24:9d:92:90:9c:4c:32:5f:fb:05:65:c8:
52:75:f8:8f:ab:36:2b:d8:30:3a:4e:81:ce:47:f3:3c:e4:33:
aa:8c:72:5e:36:45:3e:92:63:4e:b7:65:78:d2:22:40:6a:ad:
3d:ea:a8:8a:cc:ab:0c:38:31:aa:5b:5e:4a:79:60:5f:92:fe:
e6:2b:45:0f:84:74:7a:51:65:d3:a3:0a:e2:94:22:5c:b7:6c:
88:63:4b:fb:41:39:ea:f6:7c:29:a0:be:a8:8c:b0:ef:c2:d5:
2d:11:00:9c:ed:3d:4c:7c:5a:60:17:32:ee:75:dd:50:af:b1:
bb:d7:bb:fa:9f:24:79:26:30:d3:dd:08:3a:4a:dc:a2:22:d5:
12:ed:81:b5:40:f0:dc:a8:9f:67:a2:61:cc:c2:43:cd:06:58:
b0:df:bf:97:95:48:96:fa:bf:c4:09:5c:db:76:de:db:b4:92:
f4:1e:eb:c2:31:18:52:10:19:93:1e:ff:42:37:68:8a:84:00:
ce:77:2f:ab:47:cf:dc:83:38:a1:21:12:65:16:4e:d0:fb:e2:
84:61:47:4d:3d:a4:05:1f:9a:83:48:b4:3d:e1:ad:81:7b:08:
ec:0f:9c:7e:10:9e:54:06:6d:37:35:72:2c:89:ac:f8:db:e8:
9b:dd:04:41
-----BEGIN CERTIFICATE-----
MIIFmTCCBIGgAwIBAgICBuowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTM2NDYxMTAvBgNVBAUTKDM0OTJFRkZFOTYyMkIxRkZGODgxNTk3MDAzNzYzQzFC
QTI0QTFFMDYwHhcNMjQxMjIyMTgyNjMwWhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzY4NTlkNi04MWRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5bahRLeqNBWPXVR5OJ1v/SuGYaGFtY/5w0LW9R0is8UxD6hiFG5dug8t8X3V
ynDcwZ2QUTZBQmmnsS4oTHmGntkYHqnySw3/uBAf1lCX/EvGFGoBCJiyVknDKVT7
nZDEfXM+jcmULR3aL3sCm9k141GBVf555M+uJQF9C8jlRVLUE0lrGTXdUxvtMhKb
WbLxRgzoDtjhDcmTAscXHL7yy1ljazPFPREHVSf1EYsW/2/+CQK0qLDeXEa08WEK
DbzlY1dmwFBdVJQfTQtp1tg5fZgZhl8z36BMWlxYisyjsrF777bqldzF5VxdgXW0
ttw1i3yg7yAs0xi2U72LPTeaKQIDAQABo4ICvTCCArkwHQYDVR0OBBYEFHquHycM
yypEwUjWE1voiAQDJeAWMB8GA1UdIwQYMBaAFDSS7/6WIrH/+IFZcAN2PBuiSh4G
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MzY0Ni82QjhFRkE1QUZG
OTgxMUU5ODdDODBBNkFDNEY5QUUwMi9OSkx2X3BZaXNmXzRnVmx3QTNZOEc2SktI
Z1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL05KTHZfcFlpc2ZfNGdWbHdBM1k4RzZKS0hnWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTM2NDYvNkI4RUZBNUFGRjk4MTFFOTg3QzgwQTZBQzRGOUFFMDIvNDhGMTg0N0E1
MjY2MTFFRUI2NzMwRDg0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwRwYIKwYBBQUHAQcBAf8E
ODA2MBoEAgABMBQwDAMEAGfLsQMEAGfLsgMEAN8d1jAYBAIAAjASAwcAJAG4wAAK
AwcAJAG4wAANMA0GCSqGSIb3DQEBCwUAA4IBAQA+yrSmQuEknZKQnEwyX/sFZchS
dfiPqzYr2DA6ToHOR/M85DOqjHJeNkU+kmNOt2V40iJAaq096qiKzKsMODGqW15K
eWBfkv7mK0UPhHR6UWXTowrilCJct2yIY0v7QTnq9nwpoL6ojLDvwtUtEQCc7T1M
fFpgFzLudd1Qr7G717v6nyR5JjDT3Qg6StyiItUS7YG1QPDcqJ9nomHMwkPNBliw
37+XlUiW+r/ECVzbdt7btJL0HuvCMRhSEBmTHv9CN2iKhADOdy+rR8/cgzihIRJl
Fk7Q++KEYUdNPaQFH5qDSLQ94a2BewjsD5x+EJ5UBm03NXIsiaz42+ib3QRB
-----END CERTIFICATE-----
Generated at Sat Apr 5 22:24:14 2025 by rpki-client