Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B25F2/EF90CD4E03B011EA85F02934C4F9AE02/132926D68A0B11EE84250E7BC4F9AE02.roa
File: 132926D68A0B11EE84250E7BC4F9AE02.roa (raw, json)
Hash identifier: lqq2TzI+1AHZIKM1iL/Xvc3Hh0YDpzg8dw6O1bC0NJg=
Subject key identifier: 1F:9E:63:4E:06:6C:22:88:14:3B:DC:B5:93:0B:45:F7:67:C5:FA:1A
Certificate issuer: /CN=A91B25F2/serialNumber=B6C87BB58728F76F6F90A09DFD6BAA1AD4E73BCA
Certificate serial: 0C0E
Authority key identifier: B6:C8:7B:B5:87:28:F7:6F:6F:90:A0:9D:FD:6B:AA:1A:D4:E7:3B:CA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tsh7tYco929vkKCd_WuqGtTnO8o.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B25F2/EF90CD4E03B011EA85F02934C4F9AE02/132926D68A0B11EE84250E7BC4F9AE02.roa
Signing time: Thu 26 Dec 2024 18:36:56 +0000
ROA not before: Thu 26 Dec 2024 18:36:56 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 135881
IP address blocks: 43.230.210.0/23 maxlen: 24
103.78.224.0/22 maxlen: 24
2407:ff80::/32 maxlen: 36
Validation: Failed, certificate revoked on Thu 30 Jan 2025 17:35:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3086 (0xc0e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B25F2
Validity
Not Before: Dec 26 18:36:56 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=676da248-eaa0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:fd:a0:ec:9d:fb:de:fd:92:d3:c4:f6:3e:fe:
d3:cc:c8:99:5c:15:b4:3b:5c:5e:58:84:41:62:a8:
bd:17:7f:ec:66:10:35:0c:e4:66:1c:16:72:85:c3:
29:90:fd:18:57:93:e8:41:9c:1a:2d:30:0e:0f:e6:
46:de:f8:e6:17:38:80:85:63:32:79:6c:33:52:45:
f1:54:84:a6:37:3b:0e:bc:70:ea:20:be:95:50:62:
ea:e1:41:9b:54:6d:a8:34:93:9b:ce:d2:0c:95:ce:
46:12:a8:a7:07:d3:df:14:53:b5:66:6e:72:0f:c8:
7b:be:38:fd:50:1e:49:04:b3:7a:be:63:12:68:04:
3f:ea:ae:20:ac:ac:7b:d5:1d:db:c2:8b:3f:11:0e:
72:2f:f7:dc:ce:fa:f0:83:e7:e7:f1:19:8c:2d:64:
f9:99:6d:f8:81:e0:33:94:81:54:11:6e:88:14:46:
8c:12:6b:3b:67:b0:1d:98:05:e8:2d:01:a9:17:45:
6b:dd:17:7c:ec:ef:b7:97:51:ee:a4:3c:d3:75:86:
de:68:82:4d:11:6e:4c:be:81:86:55:d2:24:96:df:
32:75:31:a3:97:c5:8e:db:8a:aa:10:01:7b:c4:fe:
e3:20:ad:ac:76:58:2d:ab:91:e6:f4:63:bf:4d:94:
54:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:9E:63:4E:06:6C:22:88:14:3B:DC:B5:93:0B:45:F7:67:C5:FA:1A
X509v3 Authority Key Identifier:
keyid:B6:C8:7B:B5:87:28:F7:6F:6F:90:A0:9D:FD:6B:AA:1A:D4:E7:3B:CA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B25F2/EF90CD4E03B011EA85F02934C4F9AE02/tsh7tYco929vkKCd_WuqGtTnO8o.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tsh7tYco929vkKCd_WuqGtTnO8o.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B25F2/EF90CD4E03B011EA85F02934C4F9AE02/132926D68A0B11EE84250E7BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.230.210.0/23
103.78.224.0/22
IPv6:
2407:ff80::/32
Signature Algorithm: sha256WithRSAEncryption
a3:e8:9a:e0:c6:3f:46:c8:eb:6d:04:15:47:b7:56:2d:6d:2a:
61:96:0e:52:75:39:6a:3b:9d:6d:32:07:72:77:5e:03:d8:b1:
6b:3a:9e:d8:04:c7:89:17:9f:4d:97:db:2b:44:f5:66:7b:ff:
b3:b4:5e:98:1f:bc:5a:b7:c2:02:06:75:cf:3b:b9:be:e3:89:
8c:85:09:0b:41:3e:8c:56:4c:f4:9e:95:78:99:22:3c:5b:28:
36:e6:b8:c5:2e:7d:0d:40:33:76:cf:9b:81:6d:06:a1:9a:54:
29:f7:d2:b7:4d:a0:28:fb:c3:2d:ba:65:0a:b3:3b:61:d1:64:
65:8e:7c:6b:9d:d3:cd:ce:39:bb:55:3f:f0:2a:6f:41:8d:10:
d5:f1:5b:97:a5:16:45:7e:49:b4:bd:32:ca:b7:c6:62:d8:09:
3e:02:bc:51:88:8d:81:5e:4c:2f:15:5b:45:26:d9:fc:c9:89:
fb:3a:06:91:af:11:60:58:c7:04:1d:3c:d4:6f:26:71:ba:c3:
19:b7:a7:fd:ad:79:a6:ac:24:fa:29:b0:82:c7:f1:fd:2f:8d:
cf:16:e0:b3:d4:e1:1f:15:76:a2:2d:c9:8c:16:eb:92:80:13:
9d:5d:51:9e:d9:5a:ea:38:6e:15:68:06:34:20:c4:ba:82:24:
76:3a:59:5a
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICDA4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjI1RjIxMTAvBgNVBAUTKEI2Qzg3QkI1ODcyOEY3NkY2RjkwQTA5REZENkJBQTFB
RDRFNzNCQ0EwHhcNMjQxMjI2MTgzNjU2WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzZkYTI0OC1lYWEwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArv2g7J373v2S08T2Pv7TzMiZXBW0O1xeWIRBYqi9F3/sZhA1DORmHBZyhcMp
kP0YV5PoQZwaLTAOD+ZG3vjmFziAhWMyeWwzUkXxVISmNzsOvHDqIL6VUGLq4UGb
VG2oNJObztIMlc5GEqinB9PfFFO1Zm5yD8h7vjj9UB5JBLN6vmMSaAQ/6q4grKx7
1R3bwos/EQ5yL/fczvrwg+fn8RmMLWT5mW34geAzlIFUEW6IFEaMEms7Z7AdmAXo
LQGpF0Vr3Rd87O+3l1HupDzTdYbeaIJNEW5MvoGGVdIklt8ydTGjl8WO24qqEAF7
xP7jIK2sdlgtq5Hm9GO/TZRUowIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFB+eY04G
bCKIFDvctZMLRfdnxfoaMB8GA1UdIwQYMBaAFLbIe7WHKPdvb5Cgnf1rqhrU5zvK
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMjVGMi9FRjkwQ0Q0RTAz
QjAxMUVBODVGMDI5MzRDNEY5QUUwMi90c2g3dFljbzkyOXZrS0NkX1d1cUd0VG5P
OG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3RzaDd0WWNvOTI5dmtLQ2RfV3VxR3RUbk84by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjI1RjIvRUY5MENENEUwM0IwMTFFQTg1RjAyOTM0QzRGOUFFMDIvMTMyOTI2RDY4
QTBCMTFFRTg0MjUwRTdCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAEr5tIDBAJnTuAwDQQCAAIwBwMFACQH/4AwDQYJKoZIhvcN
AQELBQADggEBAKPomuDGP0bI620EFUe3Vi1tKmGWDlJ1OWo7nW0yB3J3XgPYsWs6
ntgEx4kXn02X2ytE9WZ7/7O0XpgfvFq3wgIGdc87ub7jiYyFCQtBPoxWTPSelXiZ
IjxbKDbmuMUufQ1AM3bPm4FtBqGaVCn30rdNoCj7wy26ZQqzO2HRZGWOfGud083O
ObtVP/Aqb0GNENXxW5elFkV+SbS9Msq3xmLYCT4CvFGIjYFeTC8VW0Um2fzJifs6
BpGvEWBYxwQdPNRvJnG6wxm3p/2teaasJPopsILH8f0vjc8W4LPU4R8VdqItyYwW
65KAE51dUZ7ZWuo4bhVoBjQgxLqCJHY6WVo=
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:23:06 2025 by rpki-client