Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/B9A66D88A22A11EFBF21F71FC4F9AE02.roa
File: B9A66D88A22A11EFBF21F71FC4F9AE02.roa (raw, json)
Hash identifier: 7txw3SHOETt4ijIM5CLrPEf0EaErIQt4WlpiVDbKHLM=
Subject key identifier: 01:D7:C5:56:A9:D1:87:7F:CF:51:70:E7:26:5D:44:A4:1A:32:2D:04
Certificate issuer: /CN=A91A4402/serialNumber=B4116A8E6DA991FDCF71626E7BEA11FF69CBA846
Certificate serial: 0B7C
Authority key identifier: B4:11:6A:8E:6D:A9:91:FD:CF:71:62:6E:7B:EA:11:FF:69:CB:A8:46
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tBFqjm2pkf3PcWJue-oR_2nLqEY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/B9A66D88A22A11EFBF21F71FC4F9AE02.roa
Signing time: Mon 24 Mar 2025 05:16:44 +0000
ROA not before: Mon 24 Mar 2025 05:16:44 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 5065
IP address blocks: 103.13.16.0/24 maxlen: 24
103.13.17.0/24 maxlen: 24
103.15.32.0/24 maxlen: 24
103.15.33.0/24 maxlen: 24
103.15.34.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 26 Mar 2025 08:01:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2940 (0xb7c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A4402
Validity
Not Before: Mar 24 05:16:44 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=67e0eabc-ac9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:4e:93:c5:b6:3a:4d:3b:53:8a:4c:3d:f7:69:
d5:13:b7:b8:7c:a3:5d:f0:b2:a5:6c:91:9f:e4:cc:
c6:e9:c7:0c:6b:63:00:a1:f7:d1:71:55:f5:11:28:
cf:f7:8f:96:e3:08:fd:d5:ab:0b:f6:62:1d:b5:97:
5b:50:54:53:b1:f3:df:f7:78:3c:00:fb:ff:e2:2a:
a1:39:e7:61:a7:d2:9c:49:fd:6d:66:62:c1:8c:b1:
cb:5e:cc:d8:80:80:64:33:92:2c:82:22:05:e2:45:
95:b0:23:32:fe:50:7f:c5:14:fc:0d:4f:87:5b:40:
1c:03:b9:4e:ea:83:5f:ff:15:f5:4d:77:83:e7:38:
82:a8:69:8b:7d:69:f7:24:3d:0a:41:60:e9:ae:9f:
02:b4:07:99:85:26:cf:23:2b:cb:74:2e:c1:56:4e:
dc:26:2b:b1:7d:47:47:fa:f0:06:c1:cb:27:38:c8:
ad:22:b9:ca:d0:13:09:2e:26:ae:a0:cc:c1:b8:d5:
d9:06:b4:d1:5c:15:e2:c8:2f:1a:02:3b:65:23:81:
f6:b3:16:05:19:3d:96:ab:f9:41:65:22:c7:2f:be:
3e:22:4c:27:fc:ac:38:1c:52:1d:ba:56:bb:a6:ef:
1c:61:ff:68:c4:f0:55:08:4c:2f:d5:7f:a7:c4:b9:
af:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:D7:C5:56:A9:D1:87:7F:CF:51:70:E7:26:5D:44:A4:1A:32:2D:04
X509v3 Authority Key Identifier:
keyid:B4:11:6A:8E:6D:A9:91:FD:CF:71:62:6E:7B:EA:11:FF:69:CB:A8:46
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/tBFqjm2pkf3PcWJue-oR_2nLqEY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tBFqjm2pkf3PcWJue-oR_2nLqEY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/B9A66D88A22A11EFBF21F71FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.13.16.0/23
103.15.32.0-103.15.34.255
Signature Algorithm: sha256WithRSAEncryption
91:74:f1:79:5b:a5:ea:b4:07:af:ba:55:c9:17:99:8e:39:39:
a1:59:f7:a1:f9:e8:2b:39:d9:19:c8:a4:dc:92:19:a3:c6:20:
69:81:11:67:45:fd:66:70:f1:48:eb:c1:6c:b1:bc:82:8e:46:
f0:12:7a:bc:25:39:24:79:44:57:28:11:84:de:17:a8:83:73:
3c:b8:2c:c8:ab:47:a2:af:29:2c:d7:c3:cc:f1:05:8e:24:0c:
58:9e:7d:3e:dc:a2:62:a5:d1:55:96:c3:59:41:af:3c:4f:07:
63:86:69:ce:97:7a:43:fe:45:99:ad:b0:21:ed:2a:ec:e7:95:
88:6f:e2:8a:ee:31:c5:05:59:e5:60:72:88:28:46:af:ab:79:
bf:14:ed:07:98:7e:27:9b:68:c5:4b:49:21:90:b7:f0:17:14:
35:e9:32:52:39:e6:a0:1d:74:68:a8:80:f4:34:8f:00:4b:25:
12:87:ae:c7:d9:2b:46:c2:c5:d3:9e:99:d7:54:f8:54:66:ca:
d8:34:ec:97:6b:90:f9:38:75:ba:8f:ca:48:1d:70:26:27:18:
6d:54:b5:70:ae:7d:c4:4b:fb:5a:16:3d:20:39:7b:02:72:68:
91:14:51:0a:9c:e0:e4:a4:22:97:b9:38:f5:b5:75:cd:99:bb:
c0:8a:c7:a5
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgICC3wwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTQ0MDIxMTAvBgNVBAUTKEI0MTE2QThFNkRBOTkxRkRDRjcxNjI2RTdCRUExMUZG
NjlDQkE4NDYwHhcNMjUwMzI0MDUxNjQ0WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02N2UwZWFiYy1hYzllMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvk6TxbY6TTtTikw992nVE7e4fKNd8LKlbJGf5MzG6ccMa2MAoffRcVX1ESjP
94+W4wj91asL9mIdtZdbUFRTsfPf93g8APv/4iqhOedhp9KcSf1tZmLBjLHLXszY
gIBkM5IsgiIF4kWVsCMy/lB/xRT8DU+HW0AcA7lO6oNf/xX1TXeD5ziCqGmLfWn3
JD0KQWDprp8CtAeZhSbPIyvLdC7BVk7cJiuxfUdH+vAGwcsnOMitIrnK0BMJLiau
oMzBuNXZBrTRXBXiyC8aAjtlI4H2sxYFGT2Wq/lBZSLHL74+Ikwn/Kw4HFIdula7
pu8cYf9oxPBVCEwv1X+nxLmvGQIDAQABo4ICozCCAp8wHQYDVR0OBBYEFAHXxVap
0Yd/z1Fw5yZdRKQaMi0EMB8GA1UdIwQYMBaAFLQRao5tqZH9z3FibnvqEf9py6hG
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNDQwMi9GREJGRDAyMDNE
OTYxMUVBOEVBMDcwMkZDNEY5QUUwMi90QkZxam0ycGtmM1BjV0p1ZS1vUl8ybkxx
RVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3RCRnFqbTJwa2YzUGNXSnVlLW9SXzJuTHFFWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTQ0MDIvRkRCRkQwMjAzRDk2MTFFQThFQTA3MDJGQzRGOUFFMDIvQjlBNjZEODhB
MjJBMTFFRkJGMjFGNzFGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLQYIKwYBBQUHAQcBAf8E
HjAcMBoEAgABMBQDBAFnDRAwDAMEBWcPIAMEAGcPIjANBgkqhkiG9w0BAQsFAAOC
AQEAkXTxeVul6rQHr7pVyReZjjk5oVn3ofnoKznZGcik3JIZo8YgaYERZ0X9ZnDx
SOvBbLG8go5G8BJ6vCU5JHlEVygRhN4XqINzPLgsyKtHoq8pLNfDzPEFjiQMWJ59
PtyiYqXRVZbDWUGvPE8HY4Zpzpd6Q/5Fma2wIe0q7OeViG/iiu4xxQVZ5WByiChG
r6t5vxTtB5h+J5toxUtJIZC38BcUNekyUjnmoB10aKiA9DSPAEslEoeux9krRsLF
056Z11T4VGbK2DTsl2uQ+Th1uo/KSB1wJicYbVS1cK59xEv7WhY9IDl7AnJokRRR
Cpzg5KQil7k49bV1zZm7wIrHpQ==
-----END CERTIFICATE-----
Generated at Sat Apr 5 01:52:51 2025 by rpki-client