Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B7691/82164D047D5911EDBEB55D0AC4F9AE02/33EC894A7D5E11EDA43E0186C4F9AE02.roa
File: 33EC894A7D5E11EDA43E0186C4F9AE02.roa (raw, json)
Hash identifier: pSIOLeioA6hgpC8T4zz1BlezsTmCGQfo4yE7f476TeM=
Subject key identifier: F8:59:D4:CB:9E:AC:E9:5F:41:DF:A9:48:18:C4:96:7D:6F:0B:81:94
Certificate issuer: /CN=A91B7691/serialNumber=EC0C9A58CB0ACD4273B45E1B91813BFFFFD08140
Certificate serial: 0193
Authority key identifier: EC:0C:9A:58:CB:0A:CD:42:73:B4:5E:1B:91:81:3B:FF:FF:D0:81:40
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7AyaWMsKzUJztF4bkYE7___QgUA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B7691/82164D047D5911EDBEB55D0AC4F9AE02/33EC894A7D5E11EDA43E0186C4F9AE02.roa
Signing time: Sat 01 Feb 2025 02:38:18 +0000
ROA not before: Sat 01 Feb 2025 02:38:18 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 135772
IP address blocks: 103.54.230.0/23 maxlen: 24
2400:cc60::/32 maxlen: 36
Validation: Failed, certificate revoked on Tue 18 Feb 2025 12:27:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 403 (0x193)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B7691
Validity
Not Before: Feb 1 02:38:18 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=679d891a-22c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:8e:9d:5d:c8:3c:c3:07:94:71:45:1b:b5:ad:
9f:e7:bc:ae:8b:d8:e8:25:3c:3a:73:8e:b6:44:ad:
fd:39:e0:2d:81:de:f1:4e:b2:c5:a7:6e:33:14:0c:
1a:5c:55:6d:0c:60:8c:cd:cd:b3:74:a7:7a:ac:49:
34:83:7c:9f:12:39:8d:2e:c5:5a:d2:ae:18:ca:49:
75:f4:61:58:32:dd:a3:e4:39:0b:b4:79:5f:6b:5d:
82:dd:11:ee:43:4d:8c:e1:cf:5d:6f:42:48:f3:76:
25:48:2d:84:2a:2b:51:f9:5c:62:2c:50:de:f3:8d:
fc:7b:a2:71:e3:f8:f2:17:6c:e5:c0:55:ce:7c:18:
40:b9:a1:e3:1a:f3:11:6f:98:dc:f9:44:34:1c:d3:
aa:b4:b4:64:57:98:67:86:22:d6:ae:83:f3:87:a2:
16:a2:3a:f9:52:05:16:1c:17:55:d1:f3:da:13:14:
6f:b6:29:66:c7:0f:d3:24:07:de:0b:2b:65:72:ac:
65:1b:01:a3:f3:6c:1d:83:d2:1f:71:b2:19:d6:11:
a2:cb:75:7b:19:24:4e:cf:50:5a:71:cf:62:ec:33:
be:9e:8d:4f:61:0b:db:23:23:1b:86:67:06:37:40:
71:5a:64:a0:db:8a:ce:06:42:62:38:d3:90:31:6b:
4f:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:59:D4:CB:9E:AC:E9:5F:41:DF:A9:48:18:C4:96:7D:6F:0B:81:94
X509v3 Authority Key Identifier:
keyid:EC:0C:9A:58:CB:0A:CD:42:73:B4:5E:1B:91:81:3B:FF:FF:D0:81:40
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B7691/82164D047D5911EDBEB55D0AC4F9AE02/7AyaWMsKzUJztF4bkYE7___QgUA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7AyaWMsKzUJztF4bkYE7___QgUA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B7691/82164D047D5911EDBEB55D0AC4F9AE02/33EC894A7D5E11EDA43E0186C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.54.230.0/23
IPv6:
2400:cc60::/32
Signature Algorithm: sha256WithRSAEncryption
68:f1:22:80:8d:5b:6a:7c:5f:9e:2e:0b:7c:81:00:9c:1b:75:
6f:1c:62:05:80:da:e2:a4:72:7b:5a:b5:96:da:2a:77:dc:6c:
89:80:5b:3d:63:68:26:e1:4e:57:a6:6a:b1:5e:5d:b3:8d:ed:
22:ba:45:f5:e6:58:f1:4f:f3:d6:53:c5:53:db:e5:cd:bc:7c:
80:64:fb:27:ea:dd:59:70:d9:0c:c0:05:d3:23:65:df:36:e1:
21:c9:3e:49:d4:34:da:07:36:1f:37:45:e6:bf:f2:e4:15:25:
4f:7d:eb:65:32:e1:5e:87:9f:e9:80:2d:0f:75:dd:33:7d:52:
e4:2b:f7:c5:ed:f2:2d:8f:ad:a7:60:ad:89:34:7e:ef:53:1a:
3c:f2:36:19:60:a9:4c:fc:ad:57:1a:a5:e4:6d:45:6b:17:e4:
82:69:cf:66:74:e6:9b:1d:41:bf:24:a0:47:8c:a1:ec:1a:ce:
72:b9:a0:0b:14:20:7c:2b:02:49:ce:c9:b0:d6:be:15:d1:a9:
4c:0d:cb:50:c8:46:05:d8:10:75:27:f3:9e:26:05:10:2b:dd:
9d:95:d6:12:c6:fd:1d:ab:9d:45:dc:ef:e5:d9:14:48:f2:28:
92:18:db:6c:a9:2e:74:ff:b4:23:51:e2:b3:07:0c:cc:7a:9b:
89:fc:ca:bb
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICAZMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Qjc2OTExMTAvBgNVBAUTKEVDMEM5QTU4Q0IwQUNENDI3M0I0NUUxQjkxODEzQkZG
RkZEMDgxNDAwHhcNMjUwMjAxMDIzODE4WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzlkODkxYS0yMmM0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvo6dXcg8wweUcUUbta2f57yui9joJTw6c462RK39OeAtgd7xTrLFp24zFAwa
XFVtDGCMzc2zdKd6rEk0g3yfEjmNLsVa0q4Yykl19GFYMt2j5DkLtHlfa12C3RHu
Q02M4c9db0JI83YlSC2EKitR+VxiLFDe8438e6Jx4/jyF2zlwFXOfBhAuaHjGvMR
b5jc+UQ0HNOqtLRkV5hnhiLWroPzh6IWojr5UgUWHBdV0fPaExRvtilmxw/TJAfe
CytlcqxlGwGj82wdg9IfcbIZ1hGiy3V7GSROz1Bacc9i7DO+no1PYQvbIyMbhmcG
N0BxWmSg24rOBkJiONOQMWtPswIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFPhZ1Mue
rOlfQd+pSBjEln1vC4GUMB8GA1UdIwQYMBaAFOwMmljLCs1Cc7ReG5GBO///0IFA
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNzY5MS84MjE2NEQwNDdE
NTkxMUVEQkVCNTVEMEFDNEY5QUUwMi83QXlhV01zS3pVSnp0RjRia1lFN19fX1Fn
VUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzdBeWFXTXNLelVKenRGNGJrWUU3X19fUWdVQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Qjc2OTEvODIxNjREMDQ3RDU5MTFFREJFQjU1RDBBQzRGOUFFMDIvMzNFQzg5NEE3
RDVFMTFFREE0M0UwMTg2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAFnNuYwDQQCAAIwBwMFACQAzGAwDQYJKoZIhvcNAQELBQAD
ggEBAGjxIoCNW2p8X54uC3yBAJwbdW8cYgWA2uKkcntatZbaKnfcbImAWz1jaCbh
TlemarFeXbON7SK6RfXmWPFP89ZTxVPb5c28fIBk+yfq3Vlw2QzABdMjZd824SHJ
PknUNNoHNh83Rea/8uQVJU9962Uy4V6Hn+mALQ913TN9UuQr98Xt8i2PradgrYk0
fu9TGjzyNhlgqUz8rVcapeRtRWsX5IJpz2Z05psdQb8koEeMoewaznK5oAsUIHwr
AknOybDWvhXRqUwNy1DIRgXYEHUn854mBRAr3Z2V1hLG/R2rnUXc7+XZFEjyKJIY
22ypLnT/tCNR4rMHDMx6m4n8yrs=
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:06:50 2025 by rpki-client