Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9172C8D/9A11086469BA11EABC0BD863C4F9AE02/64AFBE3E69BC11EA97D4FE67C4F9AE02.roa
File: 64AFBE3E69BC11EA97D4FE67C4F9AE02.roa (raw, json)
Hash identifier: 685klVtnOsXxHXFltT5d8iEDelbvG3enFCNhIdcPG00=
Subject key identifier: 64:D6:44:1C:9F:A8:7A:D2:16:43:63:1F:C1:76:BA:C3:B1:25:F9:8D
Certificate issuer: /CN=A9172C8D/serialNumber=E714A81497C8177868CBB4CDB338C3EF6CE9E953
Certificate serial: 09E7
Authority key identifier: E7:14:A8:14:97:C8:17:78:68:CB:B4:CD:B3:38:C3:EF:6C:E9:E9:53
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5xSoFJfIF3hoy7TNszjD72zp6VM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9172C8D/9A11086469BA11EABC0BD863C4F9AE02/64AFBE3E69BC11EA97D4FE67C4F9AE02.roa
Signing time: Sat 30 Nov 2024 20:09:13 +0000
ROA not before: Sat 30 Nov 2024 20:09:13 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 58895
IP address blocks: 103.102.156.0/22 maxlen: 22
103.102.156.0/24 maxlen: 24
103.102.157.0/24 maxlen: 24
103.102.158.0/24 maxlen: 24
103.102.159.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 11 Dec 2024 06:29:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2535 (0x9e7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9172C8D, serialNumber=E714A81497C8177868CBB4CDB338C3EF6CE9E953
Validity
Not Before: Nov 30 20:09:13 2024 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=674b70e9-79ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:2e:5d:50:f7:3d:18:49:c6:c7:cb:35:72:48:
5d:55:4e:70:67:69:10:9d:5f:ed:76:b0:d7:0e:3c:
29:62:a0:3e:3f:7d:81:17:c2:c1:04:79:a4:ab:46:
ff:94:08:be:45:4f:5f:be:4b:1d:7c:d0:df:f8:f9:
bb:82:57:ed:73:c0:05:c0:ed:7c:a6:54:01:72:d7:
4e:fc:14:91:6a:cc:cd:b5:07:7b:16:98:26:46:89:
37:40:82:ba:49:fd:78:ae:0e:e0:f0:51:34:97:76:
1c:b8:a8:ed:34:7a:a4:32:58:2b:b9:ec:eb:75:d8:
2f:06:30:1e:06:68:8d:95:65:e8:c5:37:66:c7:11:
fd:f4:3d:8f:22:f0:12:d6:d9:86:7f:1f:75:56:be:
46:cc:9b:f2:e8:4c:22:8e:b2:61:f4:d9:9c:cb:0f:
40:db:80:ba:6a:23:54:52:15:e9:03:e7:74:00:d9:
48:a0:4d:42:0c:2f:c0:90:60:bb:72:e7:49:f6:17:
1b:9d:90:c7:19:7a:bd:b1:46:fa:f2:b8:7c:98:c3:
4e:06:4e:46:a7:0a:4c:0c:df:2a:fc:49:0f:cd:4e:
43:65:1b:1c:0d:c0:17:18:8b:4a:05:11:a3:a2:b8:
21:ec:99:bc:cc:45:d3:1b:e0:8f:ff:f3:c1:5c:7a:
74:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:D6:44:1C:9F:A8:7A:D2:16:43:63:1F:C1:76:BA:C3:B1:25:F9:8D
X509v3 Authority Key Identifier:
keyid:E7:14:A8:14:97:C8:17:78:68:CB:B4:CD:B3:38:C3:EF:6C:E9:E9:53
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9172C8D/9A11086469BA11EABC0BD863C4F9AE02/5xSoFJfIF3hoy7TNszjD72zp6VM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5xSoFJfIF3hoy7TNszjD72zp6VM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9172C8D/9A11086469BA11EABC0BD863C4F9AE02/64AFBE3E69BC11EA97D4FE67C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.102.156.0/22
Signature Algorithm: sha256WithRSAEncryption
14:8b:80:14:15:85:af:51:c0:66:19:9e:66:e7:8c:e8:98:ca:
1c:9d:65:3c:29:44:02:f8:7a:07:ce:a6:2a:0a:6a:bf:f8:9e:
21:ff:cb:ae:6a:da:d5:b4:2a:21:42:a7:d1:94:18:f3:57:e3:
5b:52:d9:e8:c7:d8:85:1c:b1:79:73:f7:92:89:cc:40:5f:9a:
f9:21:b7:57:38:34:01:5d:7b:4b:29:66:29:98:a3:96:56:88:
f5:74:43:62:c2:7e:c5:c0:3f:cf:69:d2:c9:88:02:f9:07:4d:
9d:26:c3:0e:38:90:a7:e4:59:d1:1c:12:bf:45:1e:bf:e1:94:
0a:6c:fd:dd:8d:3b:5e:26:f3:8c:8f:90:28:78:b0:65:92:67:
af:43:72:74:28:77:41:15:d9:fe:20:e1:5c:4f:85:27:cc:96:
58:bd:af:8b:6d:59:e0:8d:72:bb:2d:95:62:d7:4f:28:8a:13:
10:f8:34:77:de:6d:e8:87:3d:46:d7:c8:51:b4:08:dd:08:a9:
14:9f:9b:87:14:ce:20:a8:37:91:3e:b5:81:8b:a1:90:13:0e:
ef:00:8c:35:c5:27:dd:0b:ac:db:51:5e:2b:0a:c9:9a:98:27:
a5:5e:42:07:e9:c3:a5:94:69:eb:91:70:71:0e:f1:74:81:07:
b4:c1:ed:66
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCecwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzJDOEQxMTAvBgNVBAUTKEU3MTRBODE0OTdDODE3Nzg2OENCQjRDREIzMzhDM0VG
NkNFOUU5NTMwHhcNMjQxMTMwMjAwOTEzWhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzRiNzBlOS03OWNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAty5dUPc9GEnGx8s1ckhdVU5wZ2kQnV/tdrDXDjwpYqA+P32BF8LBBHmkq0b/
lAi+RU9fvksdfNDf+Pm7glftc8AFwO18plQBctdO/BSRaszNtQd7FpgmRok3QIK6
Sf14rg7g8FE0l3YcuKjtNHqkMlgruezrddgvBjAeBmiNlWXoxTdmxxH99D2PIvAS
1tmGfx91Vr5GzJvy6EwijrJh9Nmcyw9A24C6aiNUUhXpA+d0ANlIoE1CDC/AkGC7
cudJ9hcbnZDHGXq9sUb68rh8mMNOBk5GpwpMDN8q/EkPzU5DZRscDcAXGItKBRGj
orgh7Jm8zEXTG+CP//PBXHp0MQIDAQABo4IClTCCApEwHQYDVR0OBBYEFGTWRByf
qHrSFkNjH8F2usOxJfmNMB8GA1UdIwQYMBaAFOcUqBSXyBd4aMu0zbM4w+9s6elT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MkM4RC85QTExMDg2NDY5
QkExMUVBQkMwQkQ4NjNDNEY5QUUwMi81eFNvRkpmSUYzaG95N1ROc3pqRDcyenA2
Vk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzV4U29GSmZJRjNob3k3VE5zempENzJ6cDZWTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzJDOEQvOUExMTA4NjQ2OUJBMTFFQUJDMEJEODYzQzRGOUFFMDIvNjRBRkJFM0U2
OUJDMTFFQTk3RDRGRTY3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJnZpwwDQYJKoZIhvcNAQELBQADggEBABSLgBQVha9RwGYZ
nmbnjOiYyhydZTwpRAL4egfOpioKar/4niH/y65q2tW0KiFCp9GUGPNX41tS2ejH
2IUcsXlz95KJzEBfmvkht1c4NAFde0spZimYo5ZWiPV0Q2LCfsXAP89p0smIAvkH
TZ0mww44kKfkWdEcEr9FHr/hlAps/d2NO14m84yPkCh4sGWSZ69DcnQod0EV2f4g
4VxPhSfMlli9r4ttWeCNcrstlWLXTyiKExD4NHfebeiHPUbXyFG0CN0IqRSfm4cU
ziCoN5E+tYGLoZATDu8AjDXFJ90LrNtRXisKyZqYJ6VeQgfpw6WUaeuRcHEO8XSB
B7TB7WY=
-----END CERTIFICATE-----
Generated at Fri Apr 18 16:30:13 2025 by rpki-client