Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B72D9/AA23FA96697111ECB625930CC4F9AE02/55CD1A722ACC11EE9FF1653AC4F9AE02.roa
File: 55CD1A722ACC11EE9FF1653AC4F9AE02.roa (raw, json)
Hash identifier: NXGjFEpVsHlmYJIdUp9HNH3j97G2Rxb8UcvIQufw6VA=
Subject key identifier: A8:A8:29:4A:C6:D8:0B:A9:4D:A7:40:76:8D:FB:FD:1D:43:60:1D:5B
Certificate issuer: /CN=A91B72D9/serialNumber=41E5DC2155069FF317E5EE38C75B7889C22197E3
Certificate serial: 0409
Authority key identifier: 41:E5:DC:21:55:06:9F:F3:17:E5:EE:38:C7:5B:78:89:C2:21:97:E3
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QeXcIVUGn_MX5e44x1t4icIhl-M.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B72D9/AA23FA96697111ECB625930CC4F9AE02/55CD1A722ACC11EE9FF1653AC4F9AE02.roa
Signing time: Fri 21 Feb 2025 01:53:44 +0000
ROA not before: Fri 21 Feb 2025 01:53:44 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 149414
IP address blocks: 103.178.220.0/24 maxlen: 24
103.178.221.0/24 maxlen: 24
2001:df0:3e40::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 27 Feb 2025 17:57:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1033 (0x409)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B72D9
Validity
Not Before: Feb 21 01:53:44 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=67b7dca7-b3da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:45:02:db:9c:a9:a2:2e:ca:2f:67:1c:0d:80:
6f:24:dd:ea:68:5f:b5:19:d2:01:b5:16:6e:e8:e1:
8a:9d:b7:d4:34:7c:b2:30:6b:52:7d:cf:ed:45:06:
a0:05:67:27:96:b4:89:df:68:f0:18:30:7b:3f:15:
f1:c4:0d:f5:4e:1a:fc:21:1b:61:4d:2e:d4:dc:0f:
8f:d1:e6:a1:25:db:7d:4d:d7:7b:71:92:41:22:21:
13:51:19:50:14:cb:a4:c2:e6:91:57:08:7a:36:7c:
e2:ea:92:a5:a8:3a:e7:e3:1d:1f:4c:ab:df:5c:cb:
f8:de:8e:5c:ef:49:83:65:fc:d4:6e:22:8c:b0:79:
b3:2d:0f:e6:41:ec:59:0f:aa:fd:04:ff:f8:cd:5f:
71:d7:2a:5d:c4:e3:a1:6f:61:83:6a:3c:17:78:e5:
bd:2f:5d:ab:7c:9a:2b:cd:f9:76:3b:de:07:e9:06:
38:e8:18:04:00:89:a5:84:09:a9:4c:44:4f:49:84:
e7:67:4d:1f:eb:a4:e5:5e:8d:ba:76:f3:e6:91:e6:
e5:b0:c4:1c:b6:ed:9d:93:1a:ca:64:70:fd:72:d1:
f5:97:be:10:50:29:49:06:c4:5b:d0:fe:0a:18:a9:
ad:05:3a:96:a7:2f:87:89:55:cf:05:00:92:e4:b3:
9b:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:A8:29:4A:C6:D8:0B:A9:4D:A7:40:76:8D:FB:FD:1D:43:60:1D:5B
X509v3 Authority Key Identifier:
keyid:41:E5:DC:21:55:06:9F:F3:17:E5:EE:38:C7:5B:78:89:C2:21:97:E3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B72D9/AA23FA96697111ECB625930CC4F9AE02/QeXcIVUGn_MX5e44x1t4icIhl-M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QeXcIVUGn_MX5e44x1t4icIhl-M.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B72D9/AA23FA96697111ECB625930CC4F9AE02/55CD1A722ACC11EE9FF1653AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.178.220.0/23
IPv6:
2001:df0:3e40::/48
Signature Algorithm: sha256WithRSAEncryption
40:58:49:7b:e4:71:45:af:e1:31:5a:2f:9d:7c:c6:36:7e:96:
48:41:9b:f0:20:1a:ac:5a:90:85:f7:9c:3b:e2:45:07:a0:cb:
d4:8d:65:b6:8b:88:f5:f9:33:ea:24:36:99:1d:82:6b:ce:3c:
b7:5b:03:77:5d:67:09:f9:e5:1f:85:6d:71:5a:d5:dd:dd:ac:
02:61:2c:70:00:28:93:a1:cc:96:df:2d:16:fb:4f:b6:b1:68:
66:63:b5:c9:2d:2a:cd:24:a1:3c:77:6d:f3:d4:07:e6:4f:ed:
e8:4a:8e:05:70:a1:b9:db:bf:08:4a:5b:f1:6b:3e:44:52:3f:
10:68:10:16:e1:23:ed:46:fa:26:33:90:18:e7:bd:00:62:7a:
c5:28:7a:40:47:4d:7c:72:b7:2f:b8:bc:9b:d9:0c:e3:1e:d0:
3a:b4:8b:98:47:a9:ca:1b:b0:e9:2b:1d:a1:c4:8f:ae:53:ea:
c5:67:41:d0:ab:dd:25:b3:c2:7b:11:e5:14:69:22:5f:80:d4:
80:36:cf:fd:67:18:56:47:cf:a6:37:4e:78:08:98:a1:c7:7f:
96:db:88:93:05:e3:a0:d6:a4:db:53:8c:e7:39:58:27:27:78:
d3:9a:32:df:5e:93:3c:15:80:a5:8c:62:ed:ad:7e:7c:10:4d:
22:7d:e6:a5
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICBAkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjcyRDkxMTAvBgNVBAUTKDQxRTVEQzIxNTUwNjlGRjMxN0U1RUUzOEM3NUI3ODg5
QzIyMTk3RTMwHhcNMjUwMjIxMDE1MzQ0WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2I3ZGNhNy1iM2RhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwUUC25ypoi7KL2ccDYBvJN3qaF+1GdIBtRZu6OGKnbfUNHyyMGtSfc/tRQag
BWcnlrSJ32jwGDB7PxXxxA31Thr8IRthTS7U3A+P0eahJdt9Tdd7cZJBIiETURlQ
FMukwuaRVwh6Nnzi6pKlqDrn4x0fTKvfXMv43o5c70mDZfzUbiKMsHmzLQ/mQexZ
D6r9BP/4zV9x1ypdxOOhb2GDajwXeOW9L12rfJorzfl2O94H6QY46BgEAImlhAmp
TERPSYTnZ00f66TlXo26dvPmkeblsMQctu2dkxrKZHD9ctH1l74QUClJBsRb0P4K
GKmtBTqWpy+HiVXPBQCS5LObAQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFKioKUrG
2AupTadAdo37/R1DYB1bMB8GA1UdIwQYMBaAFEHl3CFVBp/zF+XuOMdbeInCIZfj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNzJEOS9BQTIzRkE5NjY5
NzExMUVDQjYyNTkzMENDNEY5QUUwMi9RZVhjSVZVR25fTVg1ZTQ0eDF0NGljSWhs
LU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1FlWGNJVlVHbl9NWDVlNDR4MXQ0aWNJaGwtTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjcyRDkvQUEyM0ZBOTY2OTcxMTFFQ0I2MjU5MzBDQzRGOUFFMDIvNTVDRDFBNzIy
QUNDMTFFRTlGRjE2NTNBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnstwwDwQCAAIwCQMHACABDfA+QDANBgkqhkiG9w0BAQsF
AAOCAQEAQFhJe+RxRa/hMVovnXzGNn6WSEGb8CAarFqQhfecO+JFB6DL1I1ltouI
9fkz6iQ2mR2Ca848t1sDd11nCfnlH4VtcVrV3d2sAmEscAAok6HMlt8tFvtPtrFo
ZmO1yS0qzSShPHdt89QH5k/t6EqOBXChudu/CEpb8Ws+RFI/EGgQFuEj7Ub6JjOQ
GOe9AGJ6xSh6QEdNfHK3L7i8m9kM4x7QOrSLmEepyhuw6SsdocSPrlPqxWdB0Kvd
JbPCexHlFGkiX4DUgDbP/WcYVkfPpjdOeAiYocd/ltuIkwXjoNak21OM5zlYJyd4
05oy316TPBWApYxi7a1+fBBNIn3mpQ==
-----END CERTIFICATE-----
Generated at Sat Apr 12 08:15:01 2025 by rpki-client