Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9188A46/D64E5A7EDC8411EFB908503BC4F9AE02/615652ACDC8511EFB679963AC4F9AE02.roa
File: 615652ACDC8511EFB679963AC4F9AE02.roa (raw, json)
Hash identifier: 9I8QJS4Cg7vGotOUFbelZi7Etfb9i9aF8Pyn4M3mL/s=
Subject key identifier: A8:2B:C7:D8:7A:7D:B8:AB:03:A9:33:74:70:05:E7:78:07:A7:B8:FA
Certificate issuer: /CN=A9188A46/serialNumber=A88EE23FF8D70828CEDBC701E78C80747FFC11CA
Certificate serial: 02
Authority key identifier: A8:8E:E2:3F:F8:D7:08:28:CE:DB:C7:01:E7:8C:80:74:7F:FC:11:CA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qI7iP_jXCCjO28cB54yAdH_8Eco.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9188A46/D64E5A7EDC8411EFB908503BC4F9AE02/615652ACDC8511EFB679963AC4F9AE02.roa
Signing time: Mon 27 Jan 2025 08:04:49 +0000
ROA not before: Mon 27 Jan 2025 08:04:49 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 63917
IP address blocks: 103.44.16.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 27 Jan 2025 09:57:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9188A46, serialNumber=A88EE23FF8D70828CEDBC701E78C80747FFC11CA
Validity
Not Before: Jan 27 08:04:49 2025 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=67973e21-0d97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:9a:bd:ab:62:1c:fb:24:08:87:6e:a4:19:6b:
dc:41:ce:4c:66:b6:43:bd:30:75:76:a1:5b:9f:6c:
5d:61:f8:8e:68:a0:27:c3:ae:ec:ac:21:c8:6a:da:
fa:e0:d3:e2:e1:f0:17:20:de:d3:50:43:c7:9e:ed:
14:ee:de:d2:eb:54:9e:b0:7c:7e:de:0c:b5:4f:82:
73:ac:d3:3c:e6:d5:06:36:73:b7:9a:9e:fb:cd:b0:
8e:6b:8e:34:3d:b7:7c:28:78:6d:c3:41:dc:7f:0e:
45:8e:12:c6:10:58:42:00:0d:12:94:df:7a:5a:81:
8e:43:c4:ad:a6:4e:68:86:76:66:5f:b8:e6:4e:db:
ce:e6:e3:58:5e:6f:4f:87:02:87:ed:03:2c:21:b6:
a7:ba:01:3f:e8:5f:7e:9a:01:26:11:aa:9d:3d:e5:
63:12:1c:e4:aa:7a:1b:63:8e:48:7a:21:00:15:68:
af:f0:b1:7e:72:39:46:15:70:2d:7c:f6:79:79:4d:
e5:19:4c:0c:44:68:53:44:49:30:ce:58:bc:cb:58:
74:a6:86:4a:bd:47:d6:83:b0:e4:d6:14:86:38:77:
9e:2d:63:9a:85:f6:0c:3a:0e:2e:ad:88:a4:5f:ab:
68:ad:8b:2f:c8:e6:d8:bf:e7:98:85:7f:6c:e0:2a:
82:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:2B:C7:D8:7A:7D:B8:AB:03:A9:33:74:70:05:E7:78:07:A7:B8:FA
X509v3 Authority Key Identifier:
keyid:A8:8E:E2:3F:F8:D7:08:28:CE:DB:C7:01:E7:8C:80:74:7F:FC:11:CA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9188A46/D64E5A7EDC8411EFB908503BC4F9AE02/qI7iP_jXCCjO28cB54yAdH_8Eco.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qI7iP_jXCCjO28cB54yAdH_8Eco.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9188A46/D64E5A7EDC8411EFB908503BC4F9AE02/615652ACDC8511EFB679963AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.44.16.0/23
Signature Algorithm: sha256WithRSAEncryption
a4:29:5e:f0:38:f1:56:41:70:c6:45:16:8e:4e:5d:93:bc:8d:
8f:17:d6:2a:52:9f:24:11:aa:20:5e:1f:33:46:8a:c6:b2:6b:
6f:8a:a3:8a:d1:ee:b1:18:09:16:0e:56:c9:a5:ee:43:2d:00:
88:79:03:3c:0f:e5:fa:61:4e:51:aa:fa:9d:0e:4a:ce:1d:a7:
8e:8f:fa:9c:11:b5:5d:63:9f:fa:38:16:c1:b4:cb:6f:00:d1:
62:9b:ff:bc:93:9c:f4:7d:e3:55:7d:49:80:e8:79:a4:86:50:
d3:c5:d4:72:db:d2:3a:03:a6:38:f2:8e:92:cc:25:59:f8:b3:
d8:d4:a3:24:91:e4:de:16:51:96:a9:51:97:de:a4:16:af:2e:
ff:e5:14:bf:f9:68:fd:1f:49:b3:00:0b:70:ec:b0:f6:49:ec:
37:b6:c7:ba:05:a3:b8:db:5c:09:38:d7:c2:a5:1e:8c:99:15:
74:8e:26:27:df:28:65:3b:70:2a:f7:3a:9c:7e:1a:bf:8d:cc:
7e:91:1e:74:8e:56:31:68:ef:90:a7:63:0e:f1:0a:5e:c9:09:
fe:31:dc:d7:9c:b5:59:84:4d:d2:5c:63:fb:12:16:dc:21:73:
fc:79:2d:99:96:48:14:11:3c:7b:38:ff:e1:ab:1a:4c:6c:25:
48:7a:f7:9a
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE4
OEE0NjExMC8GA1UEBRMoQTg4RUUyM0ZGOEQ3MDgyOENFREJDNzAxRTc4QzgwNzQ3
RkZDMTFDQTAeFw0yNTAxMjcwODA0NDlaFw0yNjAxMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3OTczZTIxLTBkOTcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCxmr2rYhz7JAiHbqQZa9xBzkxmtkO9MHV2oVufbF1h+I5ooCfDruysIchq2vrg
0+Lh8Bcg3tNQQ8ee7RTu3tLrVJ6wfH7eDLVPgnOs0zzm1QY2c7eanvvNsI5rjjQ9
t3woeG3DQdx/DkWOEsYQWEIADRKU33pagY5DxK2mTmiGdmZfuOZO287m41heb0+H
AoftAywhtqe6AT/oX36aASYRqp095WMSHOSqehtjjkh6IQAVaK/wsX5yOUYVcC18
9nl5TeUZTAxEaFNESTDOWLzLWHSmhkq9R9aDsOTWFIY4d54tY5qF9gw6Di6tiKRf
q2itiy/I5ti/55iFf2zgKoI3AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUqCvH2Hp9
uKsDqTN0cAXneAenuPowHwYDVR0jBBgwFoAUqI7iP/jXCCjO28cB54yAdH/8Ecow
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTg4QTQ2L0Q2NEU1QTdFREM4
NDExRUZCOTA4NTAzQkM0RjlBRTAyL3FJN2lQX2pYQ0NqTzI4Y0I1NHlBZEhfOEVj
by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvcUk3aVBfalhDQ2pPMjhjQjU0eUFkSF84RWNvLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4
OEE0Ni9ENjRFNUE3RURDODQxMUVGQjkwODUwM0JDNEY5QUUwMi82MTU2NTJBQ0RD
ODUxMUVGQjY3OTk2M0FDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWcsEDANBgkqhkiG9w0BAQsFAAOCAQEApCle8DjxVkFwxkUW
jk5dk7yNjxfWKlKfJBGqIF4fM0aKxrJrb4qjitHusRgJFg5WyaXuQy0AiHkDPA/l
+mFOUar6nQ5Kzh2njo/6nBG1XWOf+jgWwbTLbwDRYpv/vJOc9H3jVX1JgOh5pIZQ
08XUctvSOgOmOPKOkswlWfiz2NSjJJHk3hZRlqlRl96kFq8u/+UUv/lo/R9JswAL
cOyw9knsN7bHugWjuNtcCTjXwqUejJkVdI4mJ98oZTtwKvc6nH4av43MfpEedI5W
MWjvkKdjDvEKXskJ/jHc15y1WYRN0lxj+xIW3CFz/HktmZZIFBE8ezj/4asaTGwl
SHr3mg==
-----END CERTIFICATE-----
Generated at Thu Apr 17 18:29:56 2025 by rpki-client