Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917315B/D735A3B4ED4B11ECA9553778C4F9AE02/D9B1C1A4B8DC11EFAC3A644AC4F9AE02.roa
File: D9B1C1A4B8DC11EFAC3A644AC4F9AE02.roa (raw, json)
Hash identifier: /AJxmcwMxmI8Qkx1whPyvET6zaGzUDTqAwQ3wlGAypo=
Subject key identifier: 23:E8:7B:5F:36:B7:6C:23:73:C5:6F:B3:43:EA:B1:43:4D:D8:95:42
Certificate issuer: /CN=A917315B/serialNumber=196F92773293E4954B4D97A5D37AC820A745C2E0
Certificate serial: 02A8
Authority key identifier: 19:6F:92:77:32:93:E4:95:4B:4D:97:A5:D3:7A:C8:20:A7:45:C2:E0
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GW-SdzKT5JVLTZel03rIIKdFwuA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917315B/D735A3B4ED4B11ECA9553778C4F9AE02/D9B1C1A4B8DC11EFAC3A644AC4F9AE02.roa
Signing time: Thu 12 Dec 2024 23:00:47 +0000
ROA not before: Thu 12 Dec 2024 23:00:47 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 208171
IP address blocks: 103.189.191.0/24 maxlen: 24
2001:df0:d840::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 20 Dec 2024 12:09:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 680 (0x2a8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917315B
Validity
Not Before: Dec 12 23:00:47 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=675b6b1f-987c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:50:6a:ca:01:ef:f6:5d:78:c7:97:f4:4c:a1:
c8:6f:ca:69:eb:2d:21:b0:e7:68:da:08:9a:37:35:
6b:82:48:8e:c8:ad:10:dd:04:7d:96:75:2d:9c:cc:
2a:03:c3:31:a7:36:09:80:d3:30:0b:c2:e6:1e:dc:
7d:16:a3:ee:dc:50:c4:c7:69:2f:e8:72:78:b1:f5:
1a:17:f7:6b:14:4e:be:78:a2:ea:8f:a4:97:1a:f2:
7b:3d:fd:a5:36:b9:e8:48:60:3d:41:96:91:76:c6:
58:e7:2e:b3:b2:80:e9:86:de:5b:67:dd:a1:1f:68:
bd:11:8f:39:02:f7:cd:2c:fe:d2:fb:78:a9:6e:99:
df:7e:0d:92:db:1c:e4:ae:2a:09:af:99:f3:d1:63:
5f:bd:e7:1b:a9:db:63:11:eb:f3:9f:0a:9c:08:47:
91:26:c9:c7:78:6b:4e:00:16:ad:df:b1:7e:45:fb:
8f:55:37:1e:6f:fa:7c:13:88:bf:e6:3c:64:07:39:
43:fa:25:07:0a:63:a0:a7:5a:50:fc:6a:96:ee:65:
a7:6a:c8:69:26:5c:b3:34:5f:94:a6:ff:e8:a2:ef:
f0:98:75:ff:cf:d9:2f:1a:b7:9f:d1:98:17:7b:0a:
b0:d9:95:84:12:cc:e5:4c:7c:71:6b:61:e5:c6:9e:
18:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:E8:7B:5F:36:B7:6C:23:73:C5:6F:B3:43:EA:B1:43:4D:D8:95:42
X509v3 Authority Key Identifier:
keyid:19:6F:92:77:32:93:E4:95:4B:4D:97:A5:D3:7A:C8:20:A7:45:C2:E0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917315B/D735A3B4ED4B11ECA9553778C4F9AE02/GW-SdzKT5JVLTZel03rIIKdFwuA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GW-SdzKT5JVLTZel03rIIKdFwuA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917315B/D735A3B4ED4B11ECA9553778C4F9AE02/D9B1C1A4B8DC11EFAC3A644AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.189.191.0/24
IPv6:
2001:df0:d840::/48
Signature Algorithm: sha256WithRSAEncryption
03:47:ae:dc:c4:c7:2f:b1:00:0f:7a:9e:11:ee:61:d0:6d:77:
df:c4:da:cc:d9:b9:c9:44:47:3b:8b:8e:37:16:35:29:f0:da:
99:3e:80:d6:d9:53:f6:db:12:45:a7:82:7e:6c:6d:3f:17:cd:
f7:e3:b3:1b:93:78:ea:c2:47:58:92:21:93:40:bf:bb:81:59:
59:48:d9:c3:b0:b8:d6:5c:77:8c:46:c9:b8:00:8d:b0:dd:e0:
05:ea:0e:d9:f3:76:b5:ec:b4:0f:24:ea:6e:25:71:d8:81:6f:
2d:18:6c:44:1f:6a:20:2c:1a:12:4d:fa:f2:67:43:19:7f:28:
78:81:e6:ec:59:3a:ca:99:48:73:97:fc:6c:64:ba:d5:7c:66:
c8:d5:8a:d4:c5:4e:2f:7e:3e:94:32:f8:6c:27:25:e0:c7:20:
20:fd:4b:f2:e4:6d:49:9c:3f:01:b7:25:0c:13:ab:19:5e:8f:
f2:b2:76:b5:5c:d8:8a:9b:34:80:95:92:bf:dd:a4:bd:79:5c:
2d:5f:66:c3:9e:3b:4c:27:b8:a4:58:4b:f3:72:48:1e:d8:ea:
6d:ea:e2:f0:be:ea:4f:a2:18:6a:74:3c:d8:92:2b:83:2e:5b:
5a:64:39:48:dd:14:0d:17:32:f9:e4:4a:e8:7d:2b:22:dc:71:
ca:cd:b1:c4
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICAqgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzMxNUIxMTAvBgNVBAUTKDE5NkY5Mjc3MzI5M0U0OTU0QjREOTdBNUQzN0FDODIw
QTc0NUMyRTAwHhcNMjQxMjEyMjMwMDQ3WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzViNmIxZi05ODdjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAy1BqygHv9l14x5f0TKHIb8pp6y0hsOdo2giaNzVrgkiOyK0Q3QR9lnUtnMwq
A8MxpzYJgNMwC8LmHtx9FqPu3FDEx2kv6HJ4sfUaF/drFE6+eKLqj6SXGvJ7Pf2l
NrnoSGA9QZaRdsZY5y6zsoDpht5bZ92hH2i9EY85AvfNLP7S+3ipbpnffg2S2xzk
rioJr5nz0WNfvecbqdtjEevznwqcCEeRJsnHeGtOABat37F+RfuPVTceb/p8E4i/
5jxkBzlD+iUHCmOgp1pQ/GqW7mWnashpJlyzNF+Upv/oou/wmHX/z9kvGref0ZgX
ewqw2ZWEEszlTHxxa2Hlxp4YYwIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFCPoe182
t2wjc8Vvs0PqsUNN2JVCMB8GA1UdIwQYMBaAFBlvkncyk+SVS02XpdN6yCCnRcLg
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MzE1Qi9ENzM1QTNCNEVE
NEIxMUVDQTk1NTM3NzhDNEY5QUUwMi9HVy1TZHpLVDVKVkxUWmVsMDNySUlLZEZ3
dUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0dXLVNkektUNUpWTFRaZWwwM3JJSUtkRnd1QS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzMxNUIvRDczNUEzQjRFRDRCMTFFQ0E5NTUzNzc4QzRGOUFFMDIvRDlCMUMxQTRC
OERDMTFFRkFDM0E2NDRBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBABnvb8wDwQCAAIwCQMHACABDfDYQDANBgkqhkiG9w0BAQsF
AAOCAQEAA0eu3MTHL7EAD3qeEe5h0G1338TazNm5yURHO4uONxY1KfDamT6A1tlT
9tsSRaeCfmxtPxfN9+OzG5N46sJHWJIhk0C/u4FZWUjZw7C41lx3jEbJuACNsN3g
BeoO2fN2tey0DyTqbiVx2IFvLRhsRB9qICwaEk368mdDGX8oeIHm7Fk6yplIc5f8
bGS61XxmyNWK1MVOL34+lDL4bCcl4McgIP1L8uRtSZw/AbclDBOrGV6P8rJ2tVzY
ips0gJWSv92kvXlcLV9mw547TCe4pFhL83JIHtjqberi8L7qT6IYanQ82JIrgy5b
WmQ5SN0UDRcy+eRK6H0rItxxys2xxA==
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:34:01 2025 by rpki-client