Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B74E8/47F6201243EA11EC84AB6347C4F9AE02/AE3FB66CC0A711EE97A2E984C4F9AE02.roa
File: AE3FB66CC0A711EE97A2E984C4F9AE02.roa (raw, json)
Hash identifier: Ix/wkqO8g6tCW/mF9xuvjHsIvXDmTxWCFh3+3h4aWew=
Subject key identifier: 03:50:B8:04:E6:66:DC:CE:87:BE:D5:31:64:47:98:B9:00:2B:84:EF
Certificate issuer: /CN=A91B74E8/serialNumber=6C080A2BA7DAAC95D4D93488A900151AE3A59DF8
Certificate serial: 045B
Authority key identifier: 6C:08:0A:2B:A7:DA:AC:95:D4:D9:34:88:A9:00:15:1A:E3:A5:9D:F8
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bAgKK6farJXU2TSIqQAVGuOlnfg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B74E8/47F6201243EA11EC84AB6347C4F9AE02/AE3FB66CC0A711EE97A2E984C4F9AE02.roa
Signing time: Tue 31 Dec 2024 00:02:22 +0000
ROA not before: Tue 31 Dec 2024 00:02:22 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 149000
IP address blocks: 103.176.3.0/24 maxlen: 24
2001:df0:740::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:05:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1115 (0x45b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B74E8
Validity
Not Before: Dec 31 00:02:22 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=6773348e-d4fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:49:63:e6:d2:84:f9:91:27:ae:15:8f:aa:6a:
91:83:17:69:77:a9:03:f3:58:88:58:8a:c1:e5:ec:
ab:99:ba:c1:40:97:af:fc:c4:52:a1:f3:f1:0b:d8:
ae:e9:24:ad:4c:26:a7:28:7f:09:29:ce:60:20:36:
df:17:98:52:a6:38:57:7f:44:78:74:c9:1a:31:f4:
dc:47:91:d0:28:de:d5:f2:cb:30:b8:2c:cf:62:49:
84:7f:19:a9:7b:6b:00:90:4c:cc:e3:76:96:94:57:
92:ad:1b:74:cc:44:2a:08:6b:34:fd:bc:59:37:4c:
39:e3:4c:4f:50:ee:e3:c0:0e:96:2f:9d:b1:8e:72:
36:23:94:17:da:2c:c3:b7:ab:e0:28:64:44:e3:39:
d3:1d:59:e3:c7:e3:ab:20:bc:2c:12:d9:a3:46:60:
f0:a7:e7:db:d3:d3:33:00:89:e8:89:86:9a:8c:37:
4f:8f:a9:22:0d:5e:5d:ca:e7:56:b3:b7:10:23:31:
95:28:cd:f2:b2:f3:55:ac:db:be:e2:7d:e6:b5:32:
49:5a:b6:21:2f:02:23:a3:95:f1:ee:97:24:96:15:
66:94:a8:74:21:98:5c:0c:16:ea:30:b5:59:62:46:
8f:c3:29:90:07:ff:97:19:af:8a:c8:3a:d8:ec:e8:
a2:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:50:B8:04:E6:66:DC:CE:87:BE:D5:31:64:47:98:B9:00:2B:84:EF
X509v3 Authority Key Identifier:
keyid:6C:08:0A:2B:A7:DA:AC:95:D4:D9:34:88:A9:00:15:1A:E3:A5:9D:F8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B74E8/47F6201243EA11EC84AB6347C4F9AE02/bAgKK6farJXU2TSIqQAVGuOlnfg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bAgKK6farJXU2TSIqQAVGuOlnfg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B74E8/47F6201243EA11EC84AB6347C4F9AE02/AE3FB66CC0A711EE97A2E984C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.176.3.0/24
IPv6:
2001:df0:740::/48
Signature Algorithm: sha256WithRSAEncryption
0f:38:ac:f6:26:59:db:71:17:8e:a4:71:b4:f6:fa:3d:19:21:
db:81:61:43:69:9d:2f:f2:a5:c2:a6:2b:4f:68:ac:dc:e3:28:
e6:e1:3d:a8:f2:c1:47:68:87:d8:08:6e:86:c8:45:e7:30:76:
ff:5f:6c:eb:91:8f:20:f2:51:07:7b:6a:80:f6:5b:26:9f:4d:
38:6b:3d:0b:48:31:7a:76:8a:fb:9d:ea:73:e8:ca:5b:f8:9b:
7d:4f:b2:3d:22:d2:f5:fc:f3:90:2e:62:79:f9:50:09:19:62:
15:87:04:03:d1:46:d5:a6:b5:8e:bc:65:31:b5:20:ff:fa:35:
de:f0:9a:17:8d:c2:82:54:6a:d5:9f:c0:88:b3:16:b8:0f:90:
9a:c5:b6:c5:68:c1:d6:32:f5:92:55:07:cd:e0:ab:3b:79:15:
13:0a:1a:25:4e:36:5a:f8:20:94:0f:c4:28:68:19:4b:93:01:
1d:24:6f:4a:4e:a8:8a:ae:23:45:17:25:0b:03:88:06:f7:b4:
22:02:22:7d:5a:eb:39:21:ed:0a:c6:f0:66:b2:b4:8b:e6:fc:
41:8d:39:09:5d:2c:a9:02:23:1e:77:fd:cc:61:25:99:03:40:
98:cd:46:78:73:9f:72:0c:6b:9d:53:1c:52:d1:28:f9:ed:d5:
e7:5f:90:78
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICBFswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Qjc0RTgxMTAvBgNVBAUTKDZDMDgwQTJCQTdEQUFDOTVENEQ5MzQ4OEE5MDAxNTFB
RTNBNTlERjgwHhcNMjQxMjMxMDAwMjIyWhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzczMzQ4ZS1kNGZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyUlj5tKE+ZEnrhWPqmqRgxdpd6kD81iIWIrB5eyrmbrBQJev/MRSofPxC9iu
6SStTCanKH8JKc5gIDbfF5hSpjhXf0R4dMkaMfTcR5HQKN7V8sswuCzPYkmEfxmp
e2sAkEzM43aWlFeSrRt0zEQqCGs0/bxZN0w540xPUO7jwA6WL52xjnI2I5QX2izD
t6vgKGRE4znTHVnjx+OrILwsEtmjRmDwp+fb09MzAInoiYaajDdPj6kiDV5dyudW
s7cQIzGVKM3ysvNVrNu+4n3mtTJJWrYhLwIjo5Xx7pcklhVmlKh0IZhcDBbqMLVZ
YkaPwymQB/+XGa+KyDrY7OiitwIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFANQuATm
ZtzOh77VMWRHmLkAK4TvMB8GA1UdIwQYMBaAFGwICiun2qyV1Nk0iKkAFRrjpZ34
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNzRFOC80N0Y2MjAxMjQz
RUExMUVDODRBQjYzNDdDNEY5QUUwMi9iQWdLSzZmYXJKWFUyVFNJcVFBVkd1T2xu
ZmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2JBZ0tLNmZhckpYVTJUU0lxUUFWR3VPbG5mZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Qjc0RTgvNDdGNjIwMTI0M0VBMTFFQzg0QUI2MzQ3QzRGOUFFMDIvQUUzRkI2NkND
MEE3MTFFRTk3QTJFOTg0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBABnsAMwDwQCAAIwCQMHACABDfAHQDANBgkqhkiG9w0BAQsF
AAOCAQEADzis9iZZ23EXjqRxtPb6PRkh24FhQ2mdL/KlwqYrT2is3OMo5uE9qPLB
R2iH2AhuhshF5zB2/19s65GPIPJRB3tqgPZbJp9NOGs9C0gxenaK+53qc+jKW/ib
fU+yPSLS9fzzkC5ieflQCRliFYcEA9FG1aa1jrxlMbUg//o13vCaF43CglRq1Z/A
iLMWuA+QmsW2xWjB1jL1klUHzeCrO3kVEwoaJU42WvgglA/EKGgZS5MBHSRvSk6o
iq4jRRclCwOIBve0IgIifVrrOSHtCsbwZrK0i+b8QY05CV0sqQIjHnf9zGElmQNA
mM1GeHOfcgxrnVMcUtEo+e3V51+QeA==
-----END CERTIFICATE-----
Generated at Mon Apr 7 09:01:39 2025 by rpki-client