Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B88CA/5696E746346511EFAF6DEB4EC4F9AE02/386E2B60B2D411EFB81FE23CC4F9AE02.roa
File: 386E2B60B2D411EFB81FE23CC4F9AE02.roa (raw, json)
Hash identifier: 0hRhgW2njlTc5aRgr/SGjvz8Fuz7BDlN4pT7EYIgZgA=
Subject key identifier: F9:F1:0E:F6:94:79:DF:E7:A6:EB:65:45:42:06:15:0A:9C:92:C0:73
Certificate issuer: /CN=A91B88CA/serialNumber=F625E6CC039026FF5BC9D6BDC42D8D1C18ABF33B
Certificate serial: 67
Authority key identifier: F6:25:E6:CC:03:90:26:FF:5B:C9:D6:BD:C4:2D:8D:1C:18:AB:F3:3B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9iXmzAOQJv9byda9xC2NHBir8zs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B88CA/5696E746346511EFAF6DEB4EC4F9AE02/386E2B60B2D411EFB81FE23CC4F9AE02.roa
Signing time: Thu 05 Dec 2024 06:44:31 +0000
ROA not before: Thu 05 Dec 2024 06:44:31 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 150706
IP address blocks: 103.67.52.0/23 maxlen: 23
103.117.136.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 05 Dec 2024 08:22:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 103 (0x67)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B88CA, serialNumber=F625E6CC039026FF5BC9D6BDC42D8D1C18ABF33B
Validity
Not Before: Dec 5 06:44:31 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=67514bcf-a96b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:97:36:9c:3b:38:52:b0:c9:f8:2e:e0:6c:63:
69:d8:70:57:34:2a:74:f7:83:69:c8:3b:6c:3d:02:
26:ad:ab:5b:82:34:8e:7a:ad:da:30:82:2a:42:01:
f3:0e:0a:1a:f4:b6:d0:bb:d2:c4:cf:e8:b2:8f:e1:
4a:a2:a2:c4:63:29:14:41:f3:14:15:e9:10:ed:06:
02:64:28:7a:95:51:9f:fe:5c:46:22:35:66:a0:00:
e8:c2:06:62:2b:b8:0e:f9:43:b0:a7:e1:4e:d5:3d:
a8:a2:90:6f:5b:b0:00:28:72:ec:2d:3d:c8:92:54:
26:c5:68:80:6f:e6:b0:ac:9a:fc:d1:10:29:1e:66:
21:d6:19:81:b3:c1:9b:a9:de:d3:33:44:50:3b:1b:
5f:ee:1c:a9:22:a5:d1:b3:cf:81:2b:90:68:b3:9b:
43:e6:43:34:cf:00:d3:09:b3:92:d1:89:7d:f3:f0:
91:3c:09:bd:af:b3:ab:8a:4f:5c:4f:b5:d8:6d:e9:
de:69:49:3e:5a:91:75:0c:b7:30:19:5c:a1:97:d7:
a6:a5:49:86:01:95:6d:d7:f3:f2:52:6d:82:91:2b:
98:08:ef:04:42:9f:d8:78:1a:31:fe:bc:fb:ed:e8:
e4:08:b6:95:b7:8b:84:dc:3c:25:1f:10:bd:48:4e:
28:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:F1:0E:F6:94:79:DF:E7:A6:EB:65:45:42:06:15:0A:9C:92:C0:73
X509v3 Authority Key Identifier:
keyid:F6:25:E6:CC:03:90:26:FF:5B:C9:D6:BD:C4:2D:8D:1C:18:AB:F3:3B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B88CA/5696E746346511EFAF6DEB4EC4F9AE02/9iXmzAOQJv9byda9xC2NHBir8zs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9iXmzAOQJv9byda9xC2NHBir8zs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B88CA/5696E746346511EFAF6DEB4EC4F9AE02/386E2B60B2D411EFB81FE23CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.67.52.0/23
103.117.136.0/22
Signature Algorithm: sha256WithRSAEncryption
bf:a7:27:74:55:31:32:e2:81:9d:8e:22:8c:e7:df:0a:3f:46:
f1:a3:a0:c1:b7:38:37:1e:13:9c:a1:e5:89:bf:c7:8c:e8:bf:
50:d9:34:7e:9b:d2:c1:3e:33:80:61:1d:a8:25:ec:dd:e9:df:
ed:ef:d6:e1:10:c3:84:83:fb:0e:10:10:0d:eb:c6:2b:bf:53:
e8:10:46:e4:cc:f8:a2:68:36:72:96:6f:ba:40:65:50:16:9e:
67:9f:77:89:35:4a:00:b7:ca:dc:30:a8:8a:bd:7a:dc:b5:24:
01:d3:39:f7:fe:37:18:7c:f5:80:ea:d7:df:3f:10:99:9d:28:
ea:67:6b:f5:ef:86:9a:b8:f7:69:d4:dc:2b:57:86:31:de:07:
ea:c4:cb:26:3c:09:10:75:ed:fa:0b:e6:8f:75:1c:77:6a:69:
81:01:1b:58:2a:b5:27:5c:81:76:ca:e0:d7:5a:98:84:7b:95:
3d:c2:95:f1:14:5b:7e:7d:5e:12:e4:1a:b2:91:a1:69:5e:b3:
61:35:9c:e5:48:e9:00:8d:68:0e:61:25:b2:f0:e0:db:40:36:
73:da:82:00:ac:fb:d1:7d:92:12:09:b9:b3:47:b9:97:50:4f:
7c:0f:24:2d:65:21:93:3f:42:f0:eb:5c:75:d2:33:ff:3f:5a:
b8:1a:1d:16
-----BEGIN CERTIFICATE-----
MIIFdjCCBF6gAwIBAgIBZzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC
ODhDQTExMC8GA1UEBRMoRjYyNUU2Q0MwMzkwMjZGRjVCQzlENkJEQzQyRDhEMUMx
OEFCRjMzQjAeFw0yNDEyMDUwNjQ0MzFaFw0yNjAxMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3NTE0YmNmLWE5NmIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC7lzacOzhSsMn4LuBsY2nYcFc0KnT3g2nIO2w9Aiatq1uCNI56rdowgipCAfMO
Chr0ttC70sTP6LKP4UqiosRjKRRB8xQV6RDtBgJkKHqVUZ/+XEYiNWagAOjCBmIr
uA75Q7Cn4U7VPaiikG9bsAAocuwtPciSVCbFaIBv5rCsmvzRECkeZiHWGYGzwZup
3tMzRFA7G1/uHKkipdGzz4ErkGizm0PmQzTPANMJs5LRiX3z8JE8Cb2vs6uKT1xP
tdht6d5pST5akXUMtzAZXKGX16alSYYBlW3X8/JSbYKRK5gI7wRCn9h4GjH+vPvt
6OQItpW3i4TcPCUfEL1ITihvAgMBAAGjggKbMIIClzAdBgNVHQ4EFgQU+fEO9pR5
3+em62VFQgYVCpySwHMwHwYDVR0jBBgwFoAU9iXmzAOQJv9byda9xC2NHBir8zsw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUI4OENBLzU2OTZFNzQ2MzQ2
NTExRUZBRjZERUI0RUM0RjlBRTAyLzlpWG16QU9RSnY5YnlkYTl4QzJOSEJpcjh6
cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvOWlYbXpBT1FKdjlieWRhOXhDMk5IQmlyOHpzLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC
ODhDQS81Njk2RTc0NjM0NjUxMUVGQUY2REVCNEVDNEY5QUUwMi8zODZFMkI2MEIy
RDQxMUVGQjgxRkUyM0NDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAlBggrBgEFBQcBBwEB/wQW
MBQwEgQCAAEwDAMEAWdDNAMEAmd1iDANBgkqhkiG9w0BAQsFAAOCAQEAv6cndFUx
MuKBnY4ijOffCj9G8aOgwbc4Nx4TnKHlib/HjOi/UNk0fpvSwT4zgGEdqCXs3enf
7e/W4RDDhIP7DhAQDevGK79T6BBG5Mz4omg2cpZvukBlUBaeZ593iTVKALfK3DCo
ir163LUkAdM59/43GHz1gOrX3z8QmZ0o6mdr9e+Gmrj3adTcK1eGMd4H6sTLJjwJ
EHXt+gvmj3Ucd2ppgQEbWCq1J1yBdsrg11qYhHuVPcKV8RRbfn1eEuQaspGhaV6z
YTWc5UjpAI1oDmElsvDg20A2c9qCAKz70X2SEgm5s0e5l1BPfA8kLWUhkz9C8Otc
ddIz/z9auBodFg==
-----END CERTIFICATE-----
Generated at Tue Apr 22 06:13:05 2025 by rpki-client