Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B0720/209F8B74A79B11EC8DD2B157C4F9AE02/B58877BC91ED11EE854A5B66C4F9AE02.roa
File: B58877BC91ED11EE854A5B66C4F9AE02.roa (raw, json)
Hash identifier: HDUVSlghX8qequ9tcWaMeJYNVw3L+ziTLXbWH3vvcbo=
Subject key identifier: A8:E1:B0:52:BE:B8:25:0A:47:53:C5:CF:7E:57:CE:C4:11:E1:B6:6B
Certificate issuer: /CN=A91B0720/serialNumber=1B036BFF87807CBFC6E91236CB086D4FE2B0993D
Certificate serial: 0361
Authority key identifier: 1B:03:6B:FF:87:80:7C:BF:C6:E9:12:36:CB:08:6D:4F:E2:B0:99:3D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GwNr_4eAfL_G6RI2ywhtT-KwmT0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B0720/209F8B74A79B11EC8DD2B157C4F9AE02/B58877BC91ED11EE854A5B66C4F9AE02.roa
Signing time: Tue 03 Dec 2024 10:10:12 +0000
ROA not before: Tue 03 Dec 2024 10:10:12 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 139042
IP address blocks: 103.138.146.0/24 maxlen: 24
103.138.147.0/24 maxlen: 24
2407:3b40::/32 maxlen: 32
2407:3b40:8000::/36 maxlen: 36
2407:3b40:b000::/36 maxlen: 36
2407:3b40:c000::/36 maxlen: 36
Validation: Failed, certificate revoked on Thu 02 Jan 2025 10:55:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 865 (0x361)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B0720
Validity
Not Before: Dec 3 10:10:12 2024 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=674ed904-5808
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:91:f9:17:86:a6:fe:fc:67:e9:a9:4e:24:1a:
f4:56:a2:4f:f7:82:16:94:42:ce:a7:83:2b:49:24:
26:9b:1b:ec:57:42:a5:d7:53:74:46:35:26:d2:57:
d7:b8:8c:00:41:dc:56:66:c6:f9:d9:85:86:1d:17:
da:49:45:2b:dc:14:48:f7:09:0c:0d:cd:ca:ed:79:
4f:df:fc:75:ac:1c:2f:15:ce:4d:ef:df:ce:62:58:
d2:e6:6e:e0:55:d4:fa:3f:16:2b:0f:f9:bb:f2:c9:
88:86:61:03:38:11:95:4c:48:bb:79:1e:70:35:0b:
d0:96:b2:e1:b0:8a:84:1d:d7:fb:c3:61:13:e4:98:
ac:6a:32:71:6e:9b:f1:33:c7:5f:7b:80:d2:f4:b2:
07:fb:ad:89:e6:48:1f:58:4b:49:ff:41:47:23:5b:
3e:14:f0:76:7d:af:f5:83:65:96:8e:6b:ea:62:f1:
dd:bc:56:e8:54:5f:92:56:9c:99:b4:17:1c:cc:da:
62:90:dd:17:ac:4b:59:0d:59:ce:43:1f:b4:69:53:
d0:90:0f:80:ec:ee:a0:a6:53:0f:d2:ce:cf:23:e0:
70:8b:8c:05:6f:28:7f:a1:81:cf:f8:66:16:cd:ad:
ce:d1:1b:d4:7b:9d:c5:27:44:be:f8:a4:41:68:2b:
c8:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:E1:B0:52:BE:B8:25:0A:47:53:C5:CF:7E:57:CE:C4:11:E1:B6:6B
X509v3 Authority Key Identifier:
keyid:1B:03:6B:FF:87:80:7C:BF:C6:E9:12:36:CB:08:6D:4F:E2:B0:99:3D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B0720/209F8B74A79B11EC8DD2B157C4F9AE02/GwNr_4eAfL_G6RI2ywhtT-KwmT0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GwNr_4eAfL_G6RI2ywhtT-KwmT0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B0720/209F8B74A79B11EC8DD2B157C4F9AE02/B58877BC91ED11EE854A5B66C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.138.146.0/23
IPv6:
2407:3b40::/32
Signature Algorithm: sha256WithRSAEncryption
59:cd:b1:23:f2:9b:29:71:83:91:6e:a3:23:51:36:89:44:73:
7c:da:b8:aa:1f:79:12:d7:b5:cc:11:93:f8:1c:dc:19:27:1b:
02:8a:6f:a1:94:44:9a:1e:2c:52:ae:47:ca:2a:2a:e0:ba:ef:
70:17:bf:2e:ee:d6:13:15:1b:77:28:02:0f:ce:b0:0c:4b:89:
84:f0:53:dc:f8:69:ae:49:6e:d6:15:d6:8f:cf:ca:a8:40:77:
22:e7:66:fd:1b:1c:d3:6d:02:07:3b:a7:ba:8c:14:02:17:27:
80:a2:76:75:35:bf:01:85:ba:b0:31:59:69:10:89:dc:18:35:
8c:6a:00:e4:56:1e:f3:da:99:e1:57:e7:0a:a4:12:fd:bc:91:
b3:1a:9c:67:f1:56:d5:6b:ec:64:d4:b9:dc:12:6f:4d:7b:5e:
21:c2:6a:a9:4d:65:e0:2d:83:9c:88:15:8f:4b:b4:a3:df:1f:
c3:d8:31:5f:d0:d0:bb:39:5e:c3:81:eb:40:21:53:aa:a7:a6:
cc:ce:41:97:bc:dc:e0:de:b6:6d:2b:f3:e1:fc:3d:17:d4:6e:
cb:2a:4a:e0:90:ed:b0:10:29:00:82:b4:2b:3c:d9:39:05:98:
36:10:df:db:4a:57:72:56:f0:20:7d:2e:23:66:b3:c8:05:f2:
23:47:00:ce
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICA2EwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjA3MjAxMTAvBgNVBAUTKDFCMDM2QkZGODc4MDdDQkZDNkU5MTIzNkNCMDg2RDRG
RTJCMDk5M0QwHhcNMjQxMjAzMTAxMDEyWhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzRlZDkwNC01ODA4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqJH5F4am/vxn6alOJBr0VqJP94IWlELOp4MrSSQmmxvsV0Kl11N0RjUm0lfX
uIwAQdxWZsb52YWGHRfaSUUr3BRI9wkMDc3K7XlP3/x1rBwvFc5N79/OYljS5m7g
VdT6PxYrD/m78smIhmEDOBGVTEi7eR5wNQvQlrLhsIqEHdf7w2ET5JisajJxbpvx
M8dfe4DS9LIH+62J5kgfWEtJ/0FHI1s+FPB2fa/1g2WWjmvqYvHdvFboVF+SVpyZ
tBcczNpikN0XrEtZDVnOQx+0aVPQkA+A7O6gplMP0s7PI+Bwi4wFbyh/oYHP+GYW
za3O0RvUe53FJ0S++KRBaCvIXwIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFKjhsFK+
uCUKR1PFz35XzsQR4bZrMB8GA1UdIwQYMBaAFBsDa/+HgHy/xukSNssIbU/isJk9
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMDcyMC8yMDlGOEI3NEE3
OUIxMUVDOEREMkIxNTdDNEY5QUUwMi9Hd05yXzRlQWZMX0c2UkkyeXdodFQtS3dt
VDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0d3TnJfNGVBZkxfRzZSSTJ5d2h0VC1Ld21UMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjA3MjAvMjA5RjhCNzRBNzlCMTFFQzhERDJCMTU3QzRGOUFFMDIvQjU4ODc3QkM5
MUVEMTFFRTg1NEE1QjY2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAFnipIwDQQCAAIwBwMFACQHO0AwDQYJKoZIhvcNAQELBQAD
ggEBAFnNsSPymylxg5FuoyNRNolEc3zauKofeRLXtcwRk/gc3BknGwKKb6GURJoe
LFKuR8oqKuC673AXvy7u1hMVG3coAg/OsAxLiYTwU9z4aa5JbtYV1o/PyqhAdyLn
Zv0bHNNtAgc7p7qMFAIXJ4CidnU1vwGFurAxWWkQidwYNYxqAORWHvPameFX5wqk
Ev28kbManGfxVtVr7GTUudwSb017XiHCaqlNZeAtg5yIFY9LtKPfH8PYMV/Q0Ls5
XsOB60AhU6qnpszOQZe83ODetm0r8+H8PRfUbssqSuCQ7bAQKQCCtCs82TkFmDYQ
39tKV3JW8CB9LiNms8gF8iNHAM4=
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:14:04 2025 by rpki-client