Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919E8DB/B48E25F4B76311EF82DD8F33C4F9AE02/E9584804BE4E11EFA4B33F6DC4F9AE02.roa
File: E9584804BE4E11EFA4B33F6DC4F9AE02.roa (raw, json)
Hash identifier: xQdNOpWbK7dGxKdsg2ihMuMXpgPuUBd9QQVQ0N1SCC8=
Subject key identifier: 55:1B:D2:CD:E3:61:48:4F:80:97:E9:06:FA:D6:42:61:DD:F5:03:F5
Certificate issuer: /CN=A919E8DB/serialNumber=4061863DDF43E7B3B189E3C9C3217BC12BB35F21
Certificate serial: 07
Authority key identifier: 40:61:86:3D:DF:43:E7:B3:B1:89:E3:C9:C3:21:7B:C1:2B:B3:5F:21
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QGGGPd9D57OxiePJwyF7wSuzXyE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919E8DB/B48E25F4B76311EF82DD8F33C4F9AE02/E9584804BE4E11EFA4B33F6DC4F9AE02.roa
Signing time: Thu 19 Dec 2024 21:19:21 +0000
ROA not before: Thu 19 Dec 2024 21:19:21 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 137562
IP address blocks: 103.110.142.0/24 maxlen: 24
103.110.143.0/24 maxlen: 24
203.19.2.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 20 Dec 2024 02:57:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7 (0x7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919E8DB
Validity
Not Before: Dec 19 21:19:21 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=67648dd8-2144
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:79:9c:51:3b:5b:b1:54:64:f3:d7:d3:77:a3:
01:8f:4e:cb:10:5f:c9:18:5c:02:c7:36:d3:0c:2a:
fe:32:80:91:78:cd:ed:f0:f0:fb:42:ba:b6:37:07:
65:a1:17:6d:fa:b3:c5:3d:69:ad:0a:8a:f4:d6:58:
09:e1:58:e6:b2:12:84:37:21:a2:0e:e6:34:42:c9:
68:a6:18:d5:b2:b4:06:6b:9d:da:f8:5a:b3:e8:08:
a4:9e:9a:53:a3:c7:74:58:a0:c2:fb:d4:c1:05:27:
fd:60:71:cc:f7:0d:5e:6e:c3:a4:69:15:59:00:9e:
cf:67:cb:72:9c:45:c2:9d:12:0d:9e:bd:e7:d8:ca:
41:03:12:a5:d2:92:c3:8a:94:d6:ed:36:9c:5a:f4:
64:8f:b9:d3:b4:ec:97:54:f9:da:0e:a3:08:c1:ae:
46:45:17:80:52:33:a3:3c:01:18:3d:fc:8d:e1:b1:
a1:79:d3:bd:fe:df:fb:f2:f0:dc:08:82:4f:0e:40:
0c:84:36:06:9e:c9:e2:3c:02:07:cf:68:9d:f3:70:
fa:c0:ce:9b:13:57:a9:3a:15:eb:9b:4d:6c:6b:3a:
9b:6b:65:3e:91:db:bf:8f:c6:13:2e:69:a5:a3:5d:
a1:cc:5f:a7:4c:bf:27:9f:84:29:af:a6:b2:d3:bf:
2b:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:1B:D2:CD:E3:61:48:4F:80:97:E9:06:FA:D6:42:61:DD:F5:03:F5
X509v3 Authority Key Identifier:
keyid:40:61:86:3D:DF:43:E7:B3:B1:89:E3:C9:C3:21:7B:C1:2B:B3:5F:21
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919E8DB/B48E25F4B76311EF82DD8F33C4F9AE02/QGGGPd9D57OxiePJwyF7wSuzXyE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QGGGPd9D57OxiePJwyF7wSuzXyE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919E8DB/B48E25F4B76311EF82DD8F33C4F9AE02/E9584804BE4E11EFA4B33F6DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.110.142.0/23
203.19.2.0/24
Signature Algorithm: sha256WithRSAEncryption
84:1e:d3:1d:3a:96:cb:84:75:3e:4c:e3:a7:02:25:96:22:4b:
c6:f5:88:aa:30:c7:33:de:6e:84:e7:84:5a:d4:71:cc:58:25:
ed:a3:ca:f8:3f:b0:7f:c3:56:bc:90:bf:53:f0:4b:39:9d:ee:
3d:c2:67:3f:58:6b:33:a5:ff:3a:03:76:8b:27:38:1d:4f:cc:
e9:66:af:67:ec:03:29:c1:4d:73:de:71:fc:04:be:b7:04:70:
72:22:5e:52:3c:56:21:a6:fa:53:f1:d7:60:4c:17:78:03:c4:
41:c9:fe:34:6a:82:4c:ae:c9:22:f2:84:69:f5:5b:2a:90:a6:
d0:bb:c5:af:82:9b:5a:71:e7:1d:01:56:2a:ad:32:32:e7:3b:
0b:fe:18:b9:e0:da:6d:de:90:20:cd:f0:7e:fd:20:28:c4:6c:
e0:6f:c8:dc:87:d4:31:c8:14:98:27:8b:aa:ac:0b:11:d8:3e:
ca:76:30:67:d9:05:ea:76:8e:43:c5:c4:aa:12:23:c9:3a:ec:
89:e2:6d:cb:b7:7d:02:06:65:1b:77:e3:7b:9d:b9:a5:28:21:
67:5e:9c:f3:26:2d:c7:48:18:56:f0:15:16:57:28:e8:f2:e6:
e0:40:de:a0:0b:1b:a6:be:c4:0c:61:14:c2:b1:cf:52:e5:60:
e5:23:9f:18
-----BEGIN CERTIFICATE-----
MIIFdjCCBF6gAwIBAgIBBzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE5
RThEQjExMC8GA1UEBRMoNDA2MTg2M0RERjQzRTdCM0IxODlFM0M5QzMyMTdCQzEy
QkIzNUYyMTAeFw0yNDEyMTkyMTE5MjFaFw0yNjAxMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3NjQ4ZGQ4LTIxNDQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCreZxRO1uxVGTz19N3owGPTssQX8kYXALHNtMMKv4ygJF4ze3w8PtCurY3B2Wh
F236s8U9aa0KivTWWAnhWOayEoQ3IaIO5jRCyWimGNWytAZrndr4WrPoCKSemlOj
x3RYoML71MEFJ/1gccz3DV5uw6RpFVkAns9ny3KcRcKdEg2evefYykEDEqXSksOK
lNbtNpxa9GSPudO07JdU+doOowjBrkZFF4BSM6M8ARg9/I3hsaF5073+3/vy8NwI
gk8OQAyENgaeyeI8AgfPaJ3zcPrAzpsTV6k6FeubTWxrOptrZT6R27+PxhMuaaWj
XaHMX6dMvyefhCmvprLTvytfAgMBAAGjggKbMIIClzAdBgNVHQ4EFgQUVRvSzeNh
SE+Al+kG+tZCYd31A/UwHwYDVR0jBBgwFoAUQGGGPd9D57OxiePJwyF7wSuzXyEw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTlFOERCL0I0OEUyNUY0Qjc2
MzExRUY4MkREOEYzM0M0RjlBRTAyL1FHR0dQZDlENTdPeGllUEp3eUY3d1N1elh5
RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvUUdHR1BkOUQ1N094aWVQSnd5Rjd3U3V6WHlFLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5
RThEQi9CNDhFMjVGNEI3NjMxMUVGODJERDhGMzNDNEY5QUUwMi9FOTU4NDgwNEJF
NEUxMUVGQTRCMzNGNkRDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAlBggrBgEFBQcBBwEB/wQW
MBQwEgQCAAEwDAMEAWdujgMEAMsTAjANBgkqhkiG9w0BAQsFAAOCAQEAhB7THTqW
y4R1PkzjpwIlliJLxvWIqjDHM95uhOeEWtRxzFgl7aPK+D+wf8NWvJC/U/BLOZ3u
PcJnP1hrM6X/OgN2iyc4HU/M6WavZ+wDKcFNc95x/AS+twRwciJeUjxWIab6U/HX
YEwXeAPEQcn+NGqCTK7JIvKEafVbKpCm0LvFr4KbWnHnHQFWKq0yMuc7C/4YueDa
bd6QIM3wfv0gKMRs4G/I3IfUMcgUmCeLqqwLEdg+ynYwZ9kF6naOQ8XEqhIjyTrs
ieJty7d9AgZlG3fje525pSghZ16c8yYtx0gYVvAVFlco6PLm4EDeoAsbpr7EDGEU
wrHPUuVg5SOfGA==
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:17:03 2025 by rpki-client