Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/CB0EBBD4C95011ED805E1360C4F9AE02.roa
File: CB0EBBD4C95011ED805E1360C4F9AE02.roa (raw, json)
Hash identifier: mJvZNT4KWuwPXFvDrOdl1DHfiTdFw0SZpsPwUEPN/Ms=
Subject key identifier: 51:74:A0:F9:72:41:CB:B1:00:4B:D9:33:90:EE:13:90:81:FD:29:FE
Certificate issuer: /CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Certificate serial: 45ED
Authority key identifier: 16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/CB0EBBD4C95011ED805E1360C4F9AE02.roa
Signing time: Thu 05 Sep 2024 03:34:29 +0000
ROA not before: Thu 05 Sep 2024 03:34:29 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 150835
IP address blocks: 103.118.30.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 06 Jan 2025 09:31:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17901 (0x45ed)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A560A
Validity
Not Before: Sep 5 03:34:29 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=66d926c5-f109
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:10:6e:20:12:9f:f1:9b:34:83:63:cf:3b:9e:
6f:de:eb:18:60:3e:57:58:6a:a2:66:0d:30:de:67:
42:85:97:32:45:cb:23:30:79:86:05:83:70:e7:9e:
f0:dd:fe:78:2b:4d:f1:30:51:0c:6d:0a:7a:c8:47:
8a:98:01:ef:9d:2b:95:4e:91:62:55:ca:2c:e6:b8:
ea:34:d3:10:a1:dd:4b:6b:41:93:09:7b:88:7a:38:
cc:b1:8c:60:32:d1:5f:ed:cf:c4:f0:84:a9:2a:86:
a1:1b:6a:e9:79:59:d5:1b:3d:a1:89:c4:28:70:68:
ea:b0:aa:f5:cd:72:a9:36:7e:88:62:63:9a:9e:70:
85:19:93:2c:81:77:72:37:cf:85:2d:58:44:ab:92:
89:a1:6e:7e:1d:73:30:e0:a7:64:dc:e5:e4:9c:17:
01:ee:eb:06:28:f7:bd:70:17:b2:3e:7b:10:6c:72:
2a:1b:10:d7:37:6c:fc:6b:55:86:5f:f4:02:b3:5c:
c5:fb:32:6c:68:51:25:82:cb:d2:1c:f9:a9:ba:04:
b0:0e:40:f6:60:53:0b:58:f4:e1:8f:5f:38:e2:ec:
bf:fd:3a:f6:7e:c2:d7:90:fc:0b:47:ef:c8:4d:92:
53:cd:37:5b:a4:d6:39:95:41:16:ae:f8:93:38:fe:
9b:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:74:A0:F9:72:41:CB:B1:00:4B:D9:33:90:EE:13:90:81:FD:29:FE
X509v3 Authority Key Identifier:
keyid:16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/CB0EBBD4C95011ED805E1360C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.118.30.0/23
Signature Algorithm: sha256WithRSAEncryption
85:58:02:73:9b:68:cd:90:7f:91:fc:50:f0:6f:23:cf:d4:38:
90:1a:d3:f8:dd:63:f1:ea:3d:71:c2:e9:44:0d:ed:3e:e6:de:
79:8a:bb:8d:c1:37:5f:d6:48:7f:ab:d2:c7:30:d9:a4:93:c2:
ce:ce:be:09:48:18:95:f6:9a:af:81:a5:f4:c8:3d:94:28:5e:
20:8f:ee:b2:d3:2d:2d:da:cc:1f:0b:5e:f1:55:95:ec:e6:40:
62:80:ad:07:f4:99:3a:78:0a:80:1d:82:69:a5:96:42:1f:5c:
04:cc:88:2e:f3:81:db:e0:cd:96:a3:47:6c:90:46:e7:48:9f:
1f:85:ed:39:4a:1a:b9:7e:2a:dc:0f:2d:08:da:22:90:fc:e0:
0c:b3:3a:ba:92:bf:38:89:17:d9:9f:11:80:8d:b7:70:3d:86:
9d:8f:96:b3:29:e6:70:01:b9:85:4b:e0:02:b2:f3:47:62:a9:
67:ed:1f:f2:e9:c7:d3:7b:f2:f1:77:de:fc:cb:32:9a:68:b5:
28:68:c0:6c:50:7b:85:9f:25:0a:27:1b:2e:52:e9:ea:e6:28:
0e:67:1e:41:71:96:68:62:19:fc:e7:b0:0b:c4:63:64:5d:22:
2c:46:a4:e2:cb:b8:40:4c:e1:c2:f8:c5:79:2f:18:10:ab:b3:
b1:7a:d2:1e
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICRe0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDE2N0MzQjIyMTc3NUZFQzA1MDM5NDY4MTUwQ0U4MTQ3
NTZBQzZGMEEwHhcNMjQwOTA1MDMzNDI5WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmQ5MjZjNS1mMTA5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0RBuIBKf8Zs0g2PPO55v3usYYD5XWGqiZg0w3mdChZcyRcsjMHmGBYNw557w
3f54K03xMFEMbQp6yEeKmAHvnSuVTpFiVcos5rjqNNMQod1La0GTCXuIejjMsYxg
MtFf7c/E8ISpKoahG2rpeVnVGz2hicQocGjqsKr1zXKpNn6IYmOannCFGZMsgXdy
N8+FLVhEq5KJoW5+HXMw4Kdk3OXknBcB7usGKPe9cBeyPnsQbHIqGxDXN2z8a1WG
X/QCs1zF+zJsaFElgsvSHPmpugSwDkD2YFMLWPThj1844uy//Tr2fsLXkPwLR+/I
TZJTzTdbpNY5lUEWrviTOP6bKQIDAQABo4IClTCCApEwHQYDVR0OBBYEFFF0oPly
QcuxAEvZM5DuE5CB/Sn+MB8GA1UdIwQYMBaAFBZ8OyIXdf7AUDlGgVDOgUdWrG8K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9BQUVCMTkxQTFE
OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9Gbnc3SWhkMV9zQlFPVWFCVU02QlIxYXNi
d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZudzdJaGQxX3NCUU9VYUJVTTZCUjFhc2J3by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvQUFFQjE5MUExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvQ0IwRUJCRDRD
OTUwMTFFRDgwNUUxMzYwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFndh4wDQYJKoZIhvcNAQELBQADggEBAIVYAnObaM2Qf5H8
UPBvI8/UOJAa0/jdY/HqPXHC6UQN7T7m3nmKu43BN1/WSH+r0scw2aSTws7OvglI
GJX2mq+BpfTIPZQoXiCP7rLTLS3azB8LXvFVlezmQGKArQf0mTp4CoAdgmmllkIf
XATMiC7zgdvgzZajR2yQRudInx+F7TlKGrl+KtwPLQjaIpD84AyzOrqSvziJF9mf
EYCNt3A9hp2PlrMp5nABuYVL4AKy80diqWftH/Lpx9N78vF33vzLMppotShowGxQ
e4WfJQonGy5S6ermKA5nHkFxlmhiGfznsAvEY2RdIixGpOLLuEBM4cL4xXkvGBCr
s7F60h4=
-----END CERTIFICATE-----
Generated at Sat Apr 5 14:41:18 2025 by rpki-client