Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B25F2/EF90CD4E03B011EA85F02934C4F9AE02/A4EAEA20DF3011EFADFD6611C4F9AE02.roa
File: A4EAEA20DF3011EFADFD6611C4F9AE02.roa (raw, json)
Hash identifier: RJdln3FLEsn4eZij8Wwt5wimrA1i6QzmaDYN3ERTRv0=
Subject key identifier: B9:60:2A:39:59:FB:36:D0:52:28:9F:13:8A:7A:1D:F7:84:B4:87:3B
Certificate issuer: /CN=A91B25F2/serialNumber=B6C87BB58728F76F6F90A09DFD6BAA1AD4E73BCA
Certificate serial: 0C26
Authority key identifier: B6:C8:7B:B5:87:28:F7:6F:6F:90:A0:9D:FD:6B:AA:1A:D4:E7:3B:CA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tsh7tYco929vkKCd_WuqGtTnO8o.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B25F2/EF90CD4E03B011EA85F02934C4F9AE02/A4EAEA20DF3011EFADFD6611C4F9AE02.roa
Signing time: Thu 30 Jan 2025 17:37:12 +0000
ROA not before: Thu 30 Jan 2025 17:37:12 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 135881
IP address blocks: 43.230.210.0/23 maxlen: 23
43.230.210.0/24 maxlen: 24
103.78.224.0/22 maxlen: 24
2407:ff80::/32 maxlen: 36
Validation: Failed, certificate revoked on Sun 16 Feb 2025 10:39:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3110 (0xc26)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B25F2
Validity
Not Before: Jan 30 17:37:12 2025 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=679bb8c8-7e23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:9c:e6:df:10:3c:1e:6b:eb:2a:65:d0:fe:c4:
f6:03:e2:71:02:d8:04:b2:42:e4:fc:fc:ef:cf:bd:
03:bf:6c:0a:e6:c7:bc:ae:62:ab:93:69:d3:a2:51:
0d:dd:a3:74:43:f5:1c:83:17:11:7a:f5:c3:6f:90:
f2:fb:16:e9:5d:7a:9c:f2:47:88:fd:d7:e0:c4:a0:
f7:3e:29:76:38:58:9e:8a:c6:32:10:46:a2:9a:3e:
e7:62:a8:7e:37:6a:ea:c7:7d:26:58:14:89:62:f1:
e3:4c:7f:79:2a:33:e4:59:18:8e:0b:94:a7:14:6b:
92:e7:11:cb:95:b3:d3:f4:93:99:51:19:66:5b:24:
19:8d:e7:35:13:b9:cb:88:e9:43:2d:3e:0c:54:0b:
c3:98:f8:f8:56:16:f9:d8:2b:1d:db:ba:e5:d4:06:
be:5a:c5:41:11:7d:5c:eb:a1:e6:07:45:e9:c5:40:
75:c8:37:3b:be:3e:e6:7a:1d:12:35:54:36:49:82:
fe:39:3e:5c:85:30:a2:b4:5b:c1:f0:bb:76:65:6e:
f4:da:3c:b9:57:b8:73:0b:77:1c:ad:d2:64:14:3b:
87:fa:1b:27:7f:29:ea:7b:a2:ed:0a:8d:43:f0:f7:
c1:da:69:a4:25:98:20:8e:a1:64:d1:58:4f:36:0c:
fb:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:60:2A:39:59:FB:36:D0:52:28:9F:13:8A:7A:1D:F7:84:B4:87:3B
X509v3 Authority Key Identifier:
keyid:B6:C8:7B:B5:87:28:F7:6F:6F:90:A0:9D:FD:6B:AA:1A:D4:E7:3B:CA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B25F2/EF90CD4E03B011EA85F02934C4F9AE02/tsh7tYco929vkKCd_WuqGtTnO8o.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tsh7tYco929vkKCd_WuqGtTnO8o.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B25F2/EF90CD4E03B011EA85F02934C4F9AE02/A4EAEA20DF3011EFADFD6611C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.230.210.0/23
103.78.224.0/22
IPv6:
2407:ff80::/32
Signature Algorithm: sha256WithRSAEncryption
ac:0f:45:dd:3a:59:48:54:15:2c:b0:c2:05:1b:0e:09:3f:b0:
10:87:41:38:af:ac:7c:a3:d3:02:ae:32:5d:7b:86:ee:ea:01:
60:95:5e:26:d8:b4:85:64:ca:e6:39:eb:09:8b:67:d0:56:e2:
e2:30:db:a6:1c:55:0d:61:bf:97:a5:6c:0d:67:93:1e:c9:f4:
a7:6d:2e:0e:c9:76:01:c6:4c:c4:34:45:f0:71:fd:d8:d3:1f:
48:91:f0:28:9a:7e:65:90:32:d0:e9:10:b0:94:65:3d:63:d0:
28:7b:7e:12:09:5d:9c:54:82:2e:59:c6:8e:7a:38:91:c1:5c:
b5:ef:28:a9:9e:7e:f4:9c:95:c7:6b:f8:6e:d9:f7:91:b5:81:
63:8a:97:ec:2c:40:50:bd:05:cc:23:75:47:96:96:fe:3d:b2:
89:8d:e9:ed:35:d0:58:66:50:57:ac:ff:63:0c:1d:a7:79:46:
15:0a:85:90:3b:21:42:e7:4a:df:d2:7a:e6:0f:07:f7:e5:b3:
9c:4c:04:89:a1:33:af:46:ec:c6:f0:6e:28:0a:d3:31:ae:25:
07:c3:e2:a4:c8:43:af:4c:c1:2b:7f:39:aa:d6:ef:04:1a:ba:
75:e1:84:46:4f:a3:5e:72:60:35:1c:57:54:7e:a4:d5:86:14:
d6:0b:4b:f5
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICDCYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjI1RjIxMTAvBgNVBAUTKEI2Qzg3QkI1ODcyOEY3NkY2RjkwQTA5REZENkJBQTFB
RDRFNzNCQ0EwHhcNMjUwMTMwMTczNzEyWhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzliYjhjOC03ZTIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1pzm3xA8HmvrKmXQ/sT2A+JxAtgEskLk/Pzvz70Dv2wK5se8rmKrk2nTolEN
3aN0Q/UcgxcRevXDb5Dy+xbpXXqc8keI/dfgxKD3Pil2OFieisYyEEaimj7nYqh+
N2rqx30mWBSJYvHjTH95KjPkWRiOC5SnFGuS5xHLlbPT9JOZURlmWyQZjec1E7nL
iOlDLT4MVAvDmPj4Vhb52Csd27rl1Aa+WsVBEX1c66HmB0XpxUB1yDc7vj7meh0S
NVQ2SYL+OT5chTCitFvB8Lt2ZW702jy5V7hzC3ccrdJkFDuH+hsnfynqe6LtCo1D
8PfB2mmkJZggjqFk0VhPNgz7TwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFLlgKjlZ
+zbQUiifE4p6HfeEtIc7MB8GA1UdIwQYMBaAFLbIe7WHKPdvb5Cgnf1rqhrU5zvK
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMjVGMi9FRjkwQ0Q0RTAz
QjAxMUVBODVGMDI5MzRDNEY5QUUwMi90c2g3dFljbzkyOXZrS0NkX1d1cUd0VG5P
OG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3RzaDd0WWNvOTI5dmtLQ2RfV3VxR3RUbk84by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjI1RjIvRUY5MENENEUwM0IwMTFFQTg1RjAyOTM0QzRGOUFFMDIvQTRFQUVBMjBE
RjMwMTFFRkFERkQ2NjExQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAEr5tIDBAJnTuAwDQQCAAIwBwMFACQH/4AwDQYJKoZIhvcN
AQELBQADggEBAKwPRd06WUhUFSywwgUbDgk/sBCHQTivrHyj0wKuMl17hu7qAWCV
XibYtIVkyuY56wmLZ9BW4uIw26YcVQ1hv5elbA1nkx7J9KdtLg7JdgHGTMQ0RfBx
/djTH0iR8CiafmWQMtDpELCUZT1j0Ch7fhIJXZxUgi5Zxo56OJHBXLXvKKmefvSc
lcdr+G7Z95G1gWOKl+wsQFC9BcwjdUeWlv49somN6e010FhmUFes/2MMHad5RhUK
hZA7IULnSt/SeuYPB/fls5xMBImhM69G7MbwbigK0zGuJQfD4qTIQ69MwSt/OarW
7wQaunXhhEZPo15yYDUcV1R+pNWGFNYLS/U=
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:00:42 2025 by rpki-client