Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B98F0/8A1AE1F4672C11EA8393DF25C4F9AE02/0B782968C2A011EF8E69CF37C4F9AE02.roa
File: 0B782968C2A011EF8E69CF37C4F9AE02.roa (raw, json)
Hash identifier: Qvg3+6pnfOYzXfI9qrrdDhYHJZK+RcqmSL7InKfMVvE=
Subject key identifier: 0B:A5:8E:A9:5A:A4:18:F3:81:45:19:16:67:24:E6:8E:AD:F3:CD:4E
Certificate issuer: /CN=A91B98F0/serialNumber=9ED2E1A2405C99EE75E7C3903DF7240CAAABFB25
Certificate serial: 0A1E
Authority key identifier: 9E:D2:E1:A2:40:5C:99:EE:75:E7:C3:90:3D:F7:24:0C:AA:AB:FB:25
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ntLhokBcme5158OQPfckDKqr-yU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B98F0/8A1AE1F4672C11EA8393DF25C4F9AE02/0B782968C2A011EF8E69CF37C4F9AE02.roa
Signing time: Wed 25 Dec 2024 09:10:12 +0000
ROA not before: Wed 25 Dec 2024 09:10:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 152918
IP address blocks: 103.149.144.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 24 Mar 2025 15:48:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2590 (0xa1e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B98F0, serialNumber=9ED2E1A2405C99EE75E7C3903DF7240CAAABFB25
Validity
Not Before: Dec 25 09:10:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=676bcbf3-73de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:d5:81:9b:aa:4f:01:8c:82:b9:52:4a:e5:5b:
1f:17:74:cd:07:46:d5:a3:13:5d:41:b9:f6:cd:9f:
ac:06:fd:f4:2b:40:d3:31:3a:b7:bd:1a:eb:29:3b:
7b:06:5a:39:1f:5f:23:98:20:bd:fa:c5:5d:89:26:
41:90:51:29:18:dc:f5:f0:09:8f:1f:8c:83:71:72:
1f:f0:7b:10:29:79:ee:19:ba:c3:5c:69:17:b9:4b:
5e:ce:77:a7:ae:60:8b:84:2c:cf:c2:b3:4a:5c:32:
4d:c0:7b:fd:b2:fc:ae:d1:16:77:42:07:62:70:93:
49:30:cf:ff:d3:12:9f:7c:54:b8:06:cd:34:74:b2:
2e:f1:42:d9:b6:fe:dc:9c:61:00:0c:6f:6f:7e:24:
e5:19:f3:1f:51:15:4a:cc:55:d9:4e:2f:ae:4f:1e:
00:d4:b6:12:35:5c:5f:e6:33:a9:41:9d:1f:ba:74:
76:e1:ae:1c:5a:aa:3f:57:c8:5c:57:da:e3:69:c8:
bc:7c:39:f2:b4:d2:bf:94:0d:30:c9:64:7c:b1:78:
52:89:91:f6:03:56:7b:06:a5:a2:3f:7d:21:3b:1d:
3f:ef:76:95:a3:07:20:1f:d5:d0:39:d6:95:a3:e1:
0e:b4:b8:84:27:1b:67:40:29:4b:5b:81:c4:77:9b:
c7:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:A5:8E:A9:5A:A4:18:F3:81:45:19:16:67:24:E6:8E:AD:F3:CD:4E
X509v3 Authority Key Identifier:
keyid:9E:D2:E1:A2:40:5C:99:EE:75:E7:C3:90:3D:F7:24:0C:AA:AB:FB:25
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B98F0/8A1AE1F4672C11EA8393DF25C4F9AE02/ntLhokBcme5158OQPfckDKqr-yU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ntLhokBcme5158OQPfckDKqr-yU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B98F0/8A1AE1F4672C11EA8393DF25C4F9AE02/0B782968C2A011EF8E69CF37C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.149.144.0/24
Signature Algorithm: sha256WithRSAEncryption
38:4e:9c:6c:5f:f3:bb:a7:41:03:fc:62:c1:c9:ac:52:3f:5f:
f7:3e:35:ec:b8:69:73:1c:73:4d:50:b2:a9:af:8d:d7:1a:e8:
64:36:a9:25:1b:12:3c:cc:9f:96:33:a2:fe:70:1b:e9:fe:c4:
10:cf:da:65:d1:b3:ee:4a:7f:01:4c:1c:48:ff:55:be:e1:04:
3a:40:36:ba:95:67:81:c4:72:6b:af:2d:37:68:b7:27:cd:2d:
c3:05:e6:e1:25:b2:89:f4:4c:18:10:f0:5a:31:fb:fc:91:39:
cc:82:44:ff:3f:99:af:d5:0d:83:f6:8e:f8:c5:56:55:13:4e:
55:6d:7e:36:9c:77:7c:2c:8c:9d:f0:de:7c:77:62:98:91:b0:
2a:b5:25:61:3d:7a:14:85:13:d6:0d:9d:e6:0f:98:c4:8d:fc:
55:86:ca:d4:9d:31:55:c0:c3:96:19:86:10:1c:13:03:ed:35:
9b:a9:62:b8:a8:26:64:97:dc:9f:77:66:7c:16:9d:07:b5:f0:
67:4d:dc:76:71:f1:00:45:8f:cf:72:d7:39:3a:b7:c6:2d:8f:
c9:46:eb:b2:1a:de:88:1f:86:de:ac:e6:e9:85:61:ad:0e:c4:
94:01:b7:ed:15:b4:c8:4a:ff:a4:1b:12:66:9f:83:57:e9:07:
f4:ab:27:8d
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCh4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Qjk4RjAxMTAvBgNVBAUTKDlFRDJFMUEyNDA1Qzk5RUU3NUU3QzM5MDNERjcyNDBD
QUFBQkZCMjUwHhcNMjQxMjI1MDkxMDEyWhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzZiY2JmMy03M2RlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAstWBm6pPAYyCuVJK5VsfF3TNB0bVoxNdQbn2zZ+sBv30K0DTMTq3vRrrKTt7
Blo5H18jmCC9+sVdiSZBkFEpGNz18AmPH4yDcXIf8HsQKXnuGbrDXGkXuUteznen
rmCLhCzPwrNKXDJNwHv9svyu0RZ3QgdicJNJMM//0xKffFS4Bs00dLIu8ULZtv7c
nGEADG9vfiTlGfMfURVKzFXZTi+uTx4A1LYSNVxf5jOpQZ0funR24a4cWqo/V8hc
V9rjaci8fDnytNK/lA0wyWR8sXhSiZH2A1Z7BqWiP30hOx0/73aVowcgH9XQOdaV
o+EOtLiEJxtnQClLW4HEd5vHgQIDAQABo4IClTCCApEwHQYDVR0OBBYEFAuljqla
pBjzgUUZFmck5o6t881OMB8GA1UdIwQYMBaAFJ7S4aJAXJnudefDkD33JAyqq/sl
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCOThGMC84QTFBRTFGNDY3
MkMxMUVBODM5M0RGMjVDNEY5QUUwMi9udExob2tCY21lNTE1OE9RUGZja0RLcXIt
eVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL250TGhva0JjbWU1MTU4T1FQZmNrREtxci15VS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Qjk4RjAvOEExQUUxRjQ2NzJDMTFFQTgzOTNERjI1QzRGOUFFMDIvMEI3ODI5NjhD
MkEwMTFFRjhFNjlDRjM3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnlZAwDQYJKoZIhvcNAQELBQADggEBADhOnGxf87unQQP8
YsHJrFI/X/c+Ney4aXMcc01Qsqmvjdca6GQ2qSUbEjzMn5Yzov5wG+n+xBDP2mXR
s+5KfwFMHEj/Vb7hBDpANrqVZ4HEcmuvLTdotyfNLcMF5uElson0TBgQ8Fox+/yR
OcyCRP8/ma/VDYP2jvjFVlUTTlVtfjacd3wsjJ3w3nx3YpiRsCq1JWE9ehSFE9YN
neYPmMSN/FWGytSdMVXAw5YZhhAcEwPtNZupYrioJmSX3J93ZnwWnQe18GdN3HZx
8QBFj89y1zk6t8Ytj8lG67Ia3ogfht6s5umFYa0OxJQBt+0VtMhK/6QbEmafg1fp
B/SrJ40=
-----END CERTIFICATE-----
Generated at Sat Apr 19 05:01:18 2025 by rpki-client