Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919FF19/D23CB0BAC1AF11EFBE7A145DC4F9AE02/63D6E9D8C1B411EF890EC467C4F9AE02.roa
File: 63D6E9D8C1B411EF890EC467C4F9AE02.roa (raw, json)
Hash identifier: pT0a/ogqhekHOvk+R0JhCxUEmlEKCZbftIwXmMHqWMs=
Subject key identifier: BC:67:34:48:D7:DC:94:5E:C2:5B:0D:F6:D1:18:0D:9C:63:F9:8D:F9
Certificate issuer: /CN=A919FF19/serialNumber=8D611F2CD73794AF801C1BF69D8848091380B4A5
Certificate serial: 07
Authority key identifier: 8D:61:1F:2C:D7:37:94:AF:80:1C:1B:F6:9D:88:48:09:13:80:B4:A5
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jWEfLNc3lK-AHBv2nYhICROAtKU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919FF19/D23CB0BAC1AF11EFBE7A145DC4F9AE02/63D6E9D8C1B411EF890EC467C4F9AE02.roa
Signing time: Tue 24 Dec 2024 05:03:19 +0000
ROA not before: Tue 24 Dec 2024 05:03:19 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 150401
IP address blocks: 103.71.59.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 30 Dec 2024 06:02:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7 (0x7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919FF19, serialNumber=8D611F2CD73794AF801C1BF69D8848091380B4A5
Validity
Not Before: Dec 24 05:03:19 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=676a4096-d965
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:07:dc:28:f6:8e:03:52:89:da:db:3f:97:44:
51:c9:42:89:e1:87:4a:29:1d:bc:d7:33:dc:5e:80:
b8:10:83:7b:be:4e:48:95:e0:f9:21:bb:0d:f3:92:
25:9d:bf:d9:a2:0a:d9:fd:d0:ec:11:c3:4c:8d:a0:
56:93:2d:cb:a5:31:93:19:46:e0:63:55:fa:77:4c:
80:a5:38:2f:cd:1f:a0:94:42:8a:e1:1f:77:c1:79:
7d:18:73:22:20:7b:df:cd:87:31:6c:5d:61:68:6e:
46:7b:17:27:c7:9e:40:89:27:ea:db:04:c9:31:02:
f5:3f:46:00:d5:5d:3f:56:4e:3c:c1:26:7f:3a:ad:
98:b1:5a:de:3a:b1:df:16:ac:34:94:a3:43:80:cd:
35:68:8b:a3:ff:30:50:96:57:d2:25:b7:b4:b4:35:
f0:79:10:65:01:90:29:de:70:6d:66:2f:37:1e:61:
40:eb:6a:2a:30:0c:c1:93:ef:78:77:ae:45:30:f6:
5b:e5:3f:13:f1:ac:b8:88:ff:b3:15:cc:54:be:b0:
3f:78:eb:65:ad:e4:3e:fd:18:cc:d4:6a:a5:a6:f8:
c5:cb:30:59:34:8b:a0:4a:d9:30:66:b0:8b:67:42:
e1:86:e6:b0:bc:03:46:27:37:60:8d:05:0e:7e:b5:
4f:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:67:34:48:D7:DC:94:5E:C2:5B:0D:F6:D1:18:0D:9C:63:F9:8D:F9
X509v3 Authority Key Identifier:
keyid:8D:61:1F:2C:D7:37:94:AF:80:1C:1B:F6:9D:88:48:09:13:80:B4:A5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919FF19/D23CB0BAC1AF11EFBE7A145DC4F9AE02/jWEfLNc3lK-AHBv2nYhICROAtKU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jWEfLNc3lK-AHBv2nYhICROAtKU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919FF19/D23CB0BAC1AF11EFBE7A145DC4F9AE02/63D6E9D8C1B411EF890EC467C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.71.59.0/24
Signature Algorithm: sha256WithRSAEncryption
78:2e:3f:d3:de:33:8b:69:ed:d2:57:32:4f:54:93:45:0e:c5:
28:b1:18:0b:ac:bb:49:e8:5d:0f:f7:e8:41:03:e7:60:1a:91:
39:75:13:1b:0a:27:86:59:bf:31:15:ed:32:e1:85:46:51:4e:
da:eb:0a:dc:ae:e7:c9:57:18:56:9b:db:8e:41:b1:eb:14:0c:
0e:c0:73:64:72:ff:0e:b2:d7:cd:19:88:00:03:dc:65:90:33:
c1:57:b4:25:fa:17:79:16:b0:24:2f:87:30:b9:79:ab:61:35:
57:28:61:48:f8:09:df:30:b2:89:1d:de:b4:ef:a7:fc:83:2f:
c6:40:2f:3d:00:ee:21:af:cb:d5:11:25:60:1e:92:32:38:f7:
e9:4b:9e:b3:d5:2d:94:eb:d8:b5:46:df:32:74:e4:34:e8:f3:
63:9a:1f:f9:eb:68:2c:c9:03:8a:8b:3f:e3:2e:71:5d:b6:c8:
79:67:70:44:8f:e9:87:4d:59:d8:87:a1:1e:0d:6e:8e:2f:46:
26:38:91:0d:03:b5:3f:16:b8:fc:6b:0a:68:60:45:ee:38:c1:
1d:15:76:13:f8:b6:19:87:91:4e:e2:fa:03:cb:7a:8b:20:0a:
de:c0:21:36:8e:70:83:52:ca:59:09:4d:12:2b:e6:2e:98:63:
f9:9e:53:eb
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBBzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE5
RkYxOTExMC8GA1UEBRMoOEQ2MTFGMkNENzM3OTRBRjgwMUMxQkY2OUQ4ODQ4MDkx
MzgwQjRBNTAeFw0yNDEyMjQwNTAzMTlaFw0yNjAzMDIwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3NmE0MDk2LWQ5NjUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDAB9wo9o4DUona2z+XRFHJQonhh0opHbzXM9xegLgQg3u+TkiV4Pkhuw3zkiWd
v9miCtn90OwRw0yNoFaTLculMZMZRuBjVfp3TIClOC/NH6CUQorhH3fBeX0YcyIg
e9/NhzFsXWFobkZ7FyfHnkCJJ+rbBMkxAvU/RgDVXT9WTjzBJn86rZixWt46sd8W
rDSUo0OAzTVoi6P/MFCWV9Ilt7S0NfB5EGUBkCnecG1mLzceYUDraiowDMGT73h3
rkUw9lvlPxPxrLiI/7MVzFS+sD9462Wt5D79GMzUaqWm+MXLMFk0i6BK2TBmsItn
QuGG5rC8A0YnN2CNBQ5+tU+5AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUvGc0SNfc
lF7CWw320RgNnGP5jfkwHwYDVR0jBBgwFoAUjWEfLNc3lK+AHBv2nYhICROAtKUw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTlGRjE5L0QyM0NCMEJBQzFB
RjExRUZCRTdBMTQ1REM0RjlBRTAyL2pXRWZMTmMzbEstQUhCdjJuWWhJQ1JPQXRL
VS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvaldFZkxOYzNsSy1BSEJ2Mm5ZaElDUk9BdEtVLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5
RkYxOS9EMjNDQjBCQUMxQUYxMUVGQkU3QTE0NURDNEY5QUUwMi82M0Q2RTlEOEMx
QjQxMUVGODkwRUM0NjdDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAGdHOzANBgkqhkiG9w0BAQsFAAOCAQEAeC4/094zi2nt0lcy
T1STRQ7FKLEYC6y7SehdD/foQQPnYBqROXUTGwonhlm/MRXtMuGFRlFO2usK3K7n
yVcYVpvbjkGx6xQMDsBzZHL/DrLXzRmIAAPcZZAzwVe0JfoXeRawJC+HMLl5q2E1
VyhhSPgJ3zCyiR3etO+n/IMvxkAvPQDuIa/L1RElYB6SMjj36Uues9UtlOvYtUbf
MnTkNOjzY5of+etoLMkDios/4y5xXbbIeWdwRI/ph01Z2IehHg1uji9GJjiRDQO1
Pxa4/GsKaGBF7jjBHRV2E/i2GYeRTuL6A8t6iyAK3sAhNo5wg1LKWQlNEivmLphj
+Z5T6w==
-----END CERTIFICATE-----
Generated at Thu Apr 17 21:02:29 2025 by rpki-client