Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917928F/16FF5F825B9D11EFB1D42146C4F9AE02/760FA4AA5B9D11EFBFA0A41FC4F9AE02.roa
File: 760FA4AA5B9D11EFBFA0A41FC4F9AE02.roa (raw, json)
Hash identifier: d04/iE4Hw4tBlN+dFOYC2mZgawS3W8Y477ndxOLmHUM=
Subject key identifier: 85:CA:BF:E2:65:24:D0:70:9F:94:E0:28:E9:6B:F7:FD:6E:22:6C:7A
Certificate issuer: /CN=A917928F/serialNumber=550B160FF4F5DD7D84AC3E8B959DD79A42FB57DA
Certificate serial: 55
Authority key identifier: 55:0B:16:0F:F4:F5:DD:7D:84:AC:3E:8B:95:9D:D7:9A:42:FB:57:DA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VQsWD_T13X2ErD6LlZ3XmkL7V9o.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917928F/16FF5F825B9D11EFB1D42146C4F9AE02/760FA4AA5B9D11EFBFA0A41FC4F9AE02.roa
Signing time: Sun 19 Jan 2025 05:28:31 +0000
ROA not before: Sun 19 Jan 2025 05:28:31 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 26658
IP address blocks: 59.152.48.0/22 maxlen: 22
103.205.164.0/22 maxlen: 22
Validation: Failed, certificate revoked on Fri 07 Mar 2025 09:44:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 85 (0x55)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917928F
Validity
Not Before: Jan 19 05:28:31 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=678c8d7e-4d1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:ab:5e:f9:aa:e8:2d:d7:79:95:cb:77:a1:7f:
53:8e:fa:e5:6a:0f:d8:72:70:e3:7d:41:ee:8a:7f:
37:a2:72:85:ac:39:a3:30:61:78:f9:41:01:de:b7:
b7:90:13:36:c5:4f:c4:b9:b1:06:3b:7a:d1:08:14:
c3:5d:d0:be:57:57:be:7c:ed:f0:ff:81:6c:0f:c6:
b1:1c:b0:d1:a8:8a:21:3a:66:58:7a:2e:46:29:bb:
cb:83:0e:58:ac:62:5c:b3:32:97:e0:38:69:e6:d3:
24:49:10:53:08:e1:63:36:98:c4:2e:ce:9b:4a:85:
9e:18:51:0b:e5:87:ee:da:87:07:34:1d:31:df:f6:
3e:ef:c3:26:32:e3:51:fc:dd:35:98:06:ff:4b:00:
39:98:0f:5b:7b:d3:0b:33:db:0e:16:c3:a4:df:30:
b7:12:79:4c:5b:0f:20:32:1f:b0:0b:e1:dc:61:f9:
92:a5:ec:f1:1d:53:e2:3d:0b:62:52:0b:fd:38:8e:
5b:04:a4:2d:5a:89:73:bc:d3:e6:e3:48:61:31:4d:
4f:64:ad:12:6d:4b:98:ed:0b:45:91:b7:03:3b:b5:
eb:56:b4:fa:e0:f9:7d:22:00:6e:99:f5:45:99:aa:
ae:45:dc:30:39:0f:3c:75:ce:b2:5f:72:40:a7:e0:
71:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:CA:BF:E2:65:24:D0:70:9F:94:E0:28:E9:6B:F7:FD:6E:22:6C:7A
X509v3 Authority Key Identifier:
keyid:55:0B:16:0F:F4:F5:DD:7D:84:AC:3E:8B:95:9D:D7:9A:42:FB:57:DA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917928F/16FF5F825B9D11EFB1D42146C4F9AE02/VQsWD_T13X2ErD6LlZ3XmkL7V9o.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VQsWD_T13X2ErD6LlZ3XmkL7V9o.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917928F/16FF5F825B9D11EFB1D42146C4F9AE02/760FA4AA5B9D11EFBFA0A41FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
59.152.48.0/22
103.205.164.0/22
Signature Algorithm: sha256WithRSAEncryption
b6:47:30:23:ec:06:41:a6:5b:41:ea:5d:9f:e1:88:4a:f9:d1:
f2:2d:44:99:17:6d:08:e0:9f:fd:eb:01:20:c8:f7:95:fb:b2:
c3:9e:5f:ec:0f:77:36:ba:18:53:77:0a:6f:2a:ea:c7:2e:02:
17:bb:f0:35:29:6e:e1:9f:d4:03:84:ae:54:8e:46:9d:f5:c4:
93:fc:00:69:6e:02:e1:54:35:1f:71:76:3a:dd:aa:b0:1a:c9:
e4:a1:48:76:f2:a9:de:15:79:24:d3:a4:9d:9f:64:2e:22:4d:
2c:a9:99:d4:3f:cf:50:34:f3:bb:8a:f0:69:d5:84:5f:c1:28:
02:90:f0:4d:ec:b4:79:8e:4c:4e:81:1f:59:b4:c9:35:a5:a7:
d4:97:14:27:c8:93:18:5c:56:30:fd:f6:68:42:c7:9c:99:ab:
21:f6:5b:f0:2b:7c:ab:06:8c:3e:c7:37:db:7c:d6:f6:f6:da:
ab:2c:38:c0:ce:f8:03:f9:7c:09:76:91:ff:99:3a:b4:65:45:
cd:32:be:3d:3d:92:3f:ef:46:a6:be:04:47:d5:8c:51:5a:cd:
1c:15:cb:2f:d4:78:1d:94:1d:9b:83:2d:c6:20:a6:51:ca:21:
c6:5c:72:63:29:a9:93:74:d2:09:eb:b3:a2:14:25:79:8a:21:
5b:ef:c1:76
-----BEGIN CERTIFICATE-----
MIIFdjCCBF6gAwIBAgIBVTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3
OTI4RjExMC8GA1UEBRMoNTUwQjE2MEZGNEY1REQ3RDg0QUMzRThCOTU5REQ3OUE0
MkZCNTdEQTAeFw0yNTAxMTkwNTI4MzFaFw0yNjAzMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3OGM4ZDdlLTRkMWEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDCq175qugt13mVy3ehf1OO+uVqD9hycON9Qe6KfzeicoWsOaMwYXj5QQHet7eQ
EzbFT8S5sQY7etEIFMNd0L5XV7587fD/gWwPxrEcsNGoiiE6Zlh6LkYpu8uDDlis
YlyzMpfgOGnm0yRJEFMI4WM2mMQuzptKhZ4YUQvlh+7ahwc0HTHf9j7vwyYy41H8
3TWYBv9LADmYD1t70wsz2w4Ww6TfMLcSeUxbDyAyH7AL4dxh+ZKl7PEdU+I9C2JS
C/04jlsEpC1aiXO80+bjSGExTU9krRJtS5jtC0WRtwM7tetWtPrg+X0iAG6Z9UWZ
qq5F3DA5Dzx1zrJfckCn4HEjAgMBAAGjggKbMIIClzAdBgNVHQ4EFgQUhcq/4mUk
0HCflOAo6Wv3/W4ibHowHwYDVR0jBBgwFoAUVQsWD/T13X2ErD6LlZ3XmkL7V9ow
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTc5MjhGLzE2RkY1RjgyNUI5
RDExRUZCMUQ0MjE0NkM0RjlBRTAyL1ZRc1dEX1QxM1gyRXJENkxsWjNYbWtMN1Y5
by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvVlFzV0RfVDEzWDJFckQ2TGxaM1hta0w3VjlvLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
OTI4Ri8xNkZGNUY4MjVCOUQxMUVGQjFENDIxNDZDNEY5QUUwMi83NjBGQTRBQTVC
OUQxMUVGQkZBMEE0MUZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAlBggrBgEFBQcBBwEB/wQW
MBQwEgQCAAEwDAMEAjuYMAMEAmfNpDANBgkqhkiG9w0BAQsFAAOCAQEAtkcwI+wG
QaZbQepdn+GISvnR8i1EmRdtCOCf/esBIMj3lfuyw55f7A93NroYU3cKbyrqxy4C
F7vwNSlu4Z/UA4SuVI5GnfXEk/wAaW4C4VQ1H3F2Ot2qsBrJ5KFIdvKp3hV5JNOk
nZ9kLiJNLKmZ1D/PUDTzu4rwadWEX8EoApDwTey0eY5MToEfWbTJNaWn1JcUJ8iT
GFxWMP32aELHnJmrIfZb8Ct8qwaMPsc323zW9vbaqyw4wM74A/l8CXaR/5k6tGVF
zTK+PT2SP+9Gpr4ER9WMUVrNHBXLL9R4HZQdm4MtxiCmUcohxlxyYympk3TSCeuz
ohQleYohW+/Bdg==
-----END CERTIFICATE-----
Generated at Sat Apr 5 21:08:00 2025 by rpki-client