Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91912DD/4628BEC400D811E890610637C4F9AE02/CEA21DB4D3A211EF835A565EC4F9AE02.roa
File: CEA21DB4D3A211EF835A565EC4F9AE02.roa (raw, json)
Hash identifier: aLquANFQyEz9dtn33bJPKj0TNqPyUfVuwxbCdr6k0SQ=
Subject key identifier: FC:C2:20:0F:A9:D8:B8:25:B5:0D:E1:D0:CD:20:47:52:A9:2B:1D:EE
Certificate issuer: /CN=A91912DD/serialNumber=DAE7508D11E47228DA1FE0032597BBD29F75890C
Certificate serial: 166D
Authority key identifier: DA:E7:50:8D:11:E4:72:28:DA:1F:E0:03:25:97:BB:D2:9F:75:89:0C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2udQjRHkcijaH-ADJZe70p91iQw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91912DD/4628BEC400D811E890610637C4F9AE02/CEA21DB4D3A211EF835A565EC4F9AE02.roa
Signing time: Thu 16 Jan 2025 00:42:48 +0000
ROA not before: Thu 16 Jan 2025 00:42:48 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 35634
IP address blocks: 103.63.188.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 16 Jan 2025 02:32:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5741 (0x166d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91912DD
Validity
Not Before: Jan 16 00:42:48 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=67885607-b3d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:f2:be:cc:c8:53:98:82:92:4e:5e:91:07:56:
c1:13:c1:6d:8d:b0:69:12:89:0f:9e:55:a5:d8:15:
c0:dc:8c:4f:b6:82:1a:23:03:a8:19:ba:2d:1d:30:
97:74:0c:c3:9f:49:ef:ae:49:c9:35:5c:6c:75:4e:
37:ba:ba:d1:87:35:b5:62:00:25:83:27:01:24:52:
51:d5:c8:44:9b:da:ff:3e:19:58:8d:9c:6c:ff:5a:
62:d2:48:33:86:b8:96:d1:19:51:3c:91:97:67:b7:
0b:c6:0b:e5:fc:0a:32:b2:90:ed:f9:64:29:a9:be:
4c:d0:63:13:e8:5c:98:56:4e:c2:7d:fd:aa:64:bd:
42:6f:49:61:3c:32:4b:76:75:00:3f:54:d4:5d:e6:
e7:31:a1:49:d0:cb:d8:c1:e3:33:87:56:1c:d9:4d:
c1:19:cb:8c:2a:33:cc:f5:de:d6:8b:65:5c:40:4b:
70:3b:44:05:90:bf:57:f8:ba:b1:02:f4:7b:5d:44:
7d:08:a1:1f:27:87:28:dc:f7:a6:09:b2:5e:8e:4b:
e6:af:f2:ff:ae:72:6c:38:66:b9:77:0b:e7:87:45:
4b:cd:a0:93:ec:74:85:df:db:a7:a8:be:6c:5a:dd:
79:e2:2a:02:12:c3:15:eb:56:52:29:ae:4a:c8:a3:
0c:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:C2:20:0F:A9:D8:B8:25:B5:0D:E1:D0:CD:20:47:52:A9:2B:1D:EE
X509v3 Authority Key Identifier:
keyid:DA:E7:50:8D:11:E4:72:28:DA:1F:E0:03:25:97:BB:D2:9F:75:89:0C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91912DD/4628BEC400D811E890610637C4F9AE02/2udQjRHkcijaH-ADJZe70p91iQw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2udQjRHkcijaH-ADJZe70p91iQw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91912DD/4628BEC400D811E890610637C4F9AE02/CEA21DB4D3A211EF835A565EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.63.188.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:73:a2:ab:09:a1:86:c2:cd:7a:b2:b5:80:8e:2e:d4:9b:5c:
88:c4:2b:16:fc:17:41:9d:c7:d1:a8:35:ef:5b:dd:6f:24:7f:
1e:a3:6b:d3:81:e8:38:fe:60:01:b9:2e:38:8c:b4:f1:81:ae:
c0:9b:08:97:87:02:65:3e:08:c0:39:a7:54:22:9e:95:11:e4:
72:b0:1e:78:31:b5:f5:fd:a5:4b:6b:7c:95:ea:97:1a:b1:dc:
f8:61:03:48:bb:77:47:58:c8:b2:3d:23:3a:42:08:37:51:03:
a7:8c:ac:c6:e5:d9:d2:49:b5:dd:6e:c7:4b:58:c7:cd:25:5b:
1a:b6:45:de:23:2a:31:b8:38:23:33:7a:26:20:82:a5:a3:4b:
43:b9:72:0f:6b:d8:cd:47:0c:8a:30:5d:66:fe:fa:cd:4e:6b:
6b:ce:d2:40:66:c4:be:e8:a4:28:82:2a:1e:e5:ff:13:ca:cc:
9f:4f:e0:bf:af:45:e7:19:2c:fe:71:3a:09:64:b7:57:48:58:
91:bf:5c:ac:cd:2f:8b:4f:98:ab:d5:69:53:e9:c2:7e:e5:28:
44:32:0c:14:d6:df:b5:50:57:0f:66:bc:5f:5b:db:49:8e:ab:
56:9b:77:87:37:98:ce:a5:67:95:00:43:50:85:00:fb:6f:1a:
e7:ff:5f:56
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICFm0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTEyREQxMTAvBgNVBAUTKERBRTc1MDhEMTFFNDcyMjhEQTFGRTAwMzI1OTdCQkQy
OUY3NTg5MEMwHhcNMjUwMTE2MDA0MjQ4WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzg4NTYwNy1iM2Q0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyfK+zMhTmIKSTl6RB1bBE8FtjbBpEokPnlWl2BXA3IxPtoIaIwOoGbotHTCX
dAzDn0nvrknJNVxsdU43urrRhzW1YgAlgycBJFJR1chEm9r/PhlYjZxs/1pi0kgz
hriW0RlRPJGXZ7cLxgvl/AoyspDt+WQpqb5M0GMT6FyYVk7Cff2qZL1Cb0lhPDJL
dnUAP1TUXebnMaFJ0MvYweMzh1Yc2U3BGcuMKjPM9d7Wi2VcQEtwO0QFkL9X+Lqx
AvR7XUR9CKEfJ4co3PemCbJejkvmr/L/rnJsOGa5dwvnh0VLzaCT7HSF39unqL5s
Wt154ioCEsMV61ZSKa5KyKMMyQIDAQABo4IClTCCApEwHQYDVR0OBBYEFPzCIA+p
2LgltQ3h0M0gR1KpKx3uMB8GA1UdIwQYMBaAFNrnUI0R5HIo2h/gAyWXu9KfdYkM
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5MTJERC80NjI4QkVDNDAw
RDgxMUU4OTA2MTA2MzdDNEY5QUUwMi8ydWRRalJIa2NpamFILUFESlplNzBwOTFp
UXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzJ1ZFFqUkhrY2lqYUgtQURKWmU3MHA5MWlRdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTEyREQvNDYyOEJFQzQwMEQ4MTFFODkwNjEwNjM3QzRGOUFFMDIvQ0VBMjFEQjRE
M0EyMTFFRjgzNUE1NjVFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnP7wwDQYJKoZIhvcNAQELBQADggEBAKBzoqsJoYbCzXqy
tYCOLtSbXIjEKxb8F0Gdx9GoNe9b3W8kfx6ja9OB6Dj+YAG5LjiMtPGBrsCbCJeH
AmU+CMA5p1QinpUR5HKwHngxtfX9pUtrfJXqlxqx3PhhA0i7d0dYyLI9IzpCCDdR
A6eMrMbl2dJJtd1ux0tYx80lWxq2Rd4jKjG4OCMzeiYggqWjS0O5cg9r2M1HDIow
XWb++s1Oa2vO0kBmxL7opCiCKh7l/xPKzJ9P4L+vRecZLP5xOglkt1dIWJG/XKzN
L4tPmKvVaVPpwn7lKEQyDBTW37VQVw9mvF9b20mOq1abd4c3mM6lZ5UAQ1CFAPtv
Guf/X1Y=
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:12:07 2025 by rpki-client