Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B98F0/8A1AE1F4672C11EA8393DF25C4F9AE02/7CFFFCEEA18D11EE84DFAF0EC4F9AE02.roa
File: 7CFFFCEEA18D11EE84DFAF0EC4F9AE02.roa (raw, json)
Hash identifier: wPsx9Tq8nhzprRZSFepMrjHo0pJom7iMBA5mXF1c33Y=
Subject key identifier: A5:28:7F:F5:A2:F3:1F:A4:01:7A:E8:2F:BD:CF:E3:02:34:D8:99:65
Certificate issuer: /CN=A91B98F0/serialNumber=9ED2E1A2405C99EE75E7C3903DF7240CAAABFB25
Certificate serial: 09A8
Authority key identifier: 9E:D2:E1:A2:40:5C:99:EE:75:E7:C3:90:3D:F7:24:0C:AA:AB:FB:25
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ntLhokBcme5158OQPfckDKqr-yU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B98F0/8A1AE1F4672C11EA8393DF25C4F9AE02/7CFFFCEEA18D11EE84DFAF0EC4F9AE02.roa
Signing time: Sun 12 May 2024 20:59:53 +0000
ROA not before: Sun 12 May 2024 20:59:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 151193
IP address blocks: 103.149.144.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 24 Mar 2025 15:48:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2472 (0x9a8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B98F0, serialNumber=9ED2E1A2405C99EE75E7C3903DF7240CAAABFB25
Validity
Not Before: May 12 20:59:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=66412dc8-64a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:b2:e3:a4:1c:54:2a:df:bd:56:37:b8:b7:e0:
1a:82:27:29:fd:a2:c2:c8:d5:81:f4:8a:85:8f:74:
bb:ba:df:fa:91:f8:36:3e:c3:77:b1:7a:0f:9a:2c:
65:a9:c2:42:d9:9c:0a:2b:73:ea:b8:ef:ab:ef:c7:
1f:a2:f9:35:31:b9:be:d5:a0:5e:bd:22:a9:b7:c1:
ac:83:d2:51:3a:07:29:61:7b:22:4e:6e:d1:b7:10:
7b:26:c3:ca:42:61:f1:61:d7:29:fa:88:7b:88:af:
19:cd:ef:dc:82:1b:2d:d3:ad:97:c3:8e:d6:49:fb:
0a:ba:cb:81:0c:79:f7:f1:a0:ec:06:93:71:1b:53:
a2:46:28:67:99:21:f4:ff:4f:eb:9c:0f:39:67:bf:
31:ce:80:08:b5:08:61:e1:87:49:fd:5e:55:8d:83:
b3:01:42:37:e2:da:66:4e:37:b3:a9:21:85:a7:83:
c3:b6:04:93:72:b5:23:59:16:aa:26:75:4d:46:34:
41:0b:50:5f:a4:10:91:4b:97:06:df:df:77:a5:f3:
66:1e:b9:f0:b9:2d:be:37:fe:27:33:79:49:2a:42:
29:71:78:5a:87:b6:32:18:5d:2a:d3:4a:09:b8:36:
50:05:5d:4d:34:94:54:bc:9c:b2:04:3b:3c:f6:26:
fb:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:28:7F:F5:A2:F3:1F:A4:01:7A:E8:2F:BD:CF:E3:02:34:D8:99:65
X509v3 Authority Key Identifier:
keyid:9E:D2:E1:A2:40:5C:99:EE:75:E7:C3:90:3D:F7:24:0C:AA:AB:FB:25
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B98F0/8A1AE1F4672C11EA8393DF25C4F9AE02/ntLhokBcme5158OQPfckDKqr-yU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ntLhokBcme5158OQPfckDKqr-yU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B98F0/8A1AE1F4672C11EA8393DF25C4F9AE02/7CFFFCEEA18D11EE84DFAF0EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.149.144.0/24
Signature Algorithm: sha256WithRSAEncryption
54:45:9b:bf:8e:34:c1:08:7c:01:fe:d4:7f:f3:24:cf:61:4d:
b4:9d:d5:1f:64:26:fa:ab:e5:cc:dc:eb:a5:92:57:d9:c4:4a:
fe:a8:b7:2e:09:6b:ea:df:57:bb:42:f2:a9:33:49:bb:e7:58:
7f:7c:30:c5:19:51:e2:33:ac:95:c3:c6:8e:1d:78:81:39:a3:
0d:d5:88:71:23:c7:c1:bb:d8:b5:05:68:33:76:5f:07:00:79:
65:2c:a6:76:c8:86:d4:8e:ff:b8:c3:ca:3e:50:c4:1b:70:78:
9a:b9:9b:78:84:1e:83:3e:13:8a:d3:95:d4:a3:41:35:1a:21:
f4:cc:dc:78:b1:dc:f0:a3:51:2f:70:de:91:a4:63:9e:e4:a0:
56:88:4e:60:c9:9b:ad:89:be:c0:5e:d3:0d:1b:3e:da:16:72:
14:f8:22:82:0f:82:5d:de:58:bd:d8:bd:db:e2:b4:52:d1:59:
b8:bd:fa:b6:36:11:c8:5c:33:bc:c5:f3:13:8a:e2:03:25:c0:
7f:a4:ad:ca:9f:9e:0a:ca:c5:5c:d1:19:9e:af:9d:de:33:d9:
b9:8e:4e:4c:13:aa:6a:a2:0c:bc:a1:1c:d6:1f:81:94:12:68:
c9:b7:53:24:47:b6:67:fb:e7:7e:56:bc:ed:04:df:f8:46:f5:
07:73:02:c4
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCagwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Qjk4RjAxMTAvBgNVBAUTKDlFRDJFMUEyNDA1Qzk5RUU3NUU3QzM5MDNERjcyNDBD
QUFBQkZCMjUwHhcNMjQwNTEyMjA1OTUzWhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjQxMmRjOC02NGE4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtLLjpBxUKt+9Vje4t+Aagicp/aLCyNWB9IqFj3S7ut/6kfg2PsN3sXoPmixl
qcJC2ZwKK3PquO+r78cfovk1Mbm+1aBevSKpt8Gsg9JROgcpYXsiTm7RtxB7JsPK
QmHxYdcp+oh7iK8Zze/cghst062Xw47WSfsKusuBDHn38aDsBpNxG1OiRihnmSH0
/0/rnA85Z78xzoAItQhh4YdJ/V5VjYOzAUI34tpmTjezqSGFp4PDtgSTcrUjWRaq
JnVNRjRBC1BfpBCRS5cG3993pfNmHrnwuS2+N/4nM3lJKkIpcXhah7YyGF0q00oJ
uDZQBV1NNJRUvJyyBDs89ib7MQIDAQABo4IClTCCApEwHQYDVR0OBBYEFKUof/Wi
8x+kAXroL73P4wI02JllMB8GA1UdIwQYMBaAFJ7S4aJAXJnudefDkD33JAyqq/sl
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCOThGMC84QTFBRTFGNDY3
MkMxMUVBODM5M0RGMjVDNEY5QUUwMi9udExob2tCY21lNTE1OE9RUGZja0RLcXIt
eVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL250TGhva0JjbWU1MTU4T1FQZmNrREtxci15VS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Qjk4RjAvOEExQUUxRjQ2NzJDMTFFQTgzOTNERjI1QzRGOUFFMDIvN0NGRkZDRUVB
MThEMTFFRTg0REZBRjBFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnlZAwDQYJKoZIhvcNAQELBQADggEBAFRFm7+ONMEIfAH+
1H/zJM9hTbSd1R9kJvqr5czc66WSV9nESv6oty4Ja+rfV7tC8qkzSbvnWH98MMUZ
UeIzrJXDxo4deIE5ow3ViHEjx8G72LUFaDN2XwcAeWUspnbIhtSO/7jDyj5QxBtw
eJq5m3iEHoM+E4rTldSjQTUaIfTM3Hix3PCjUS9w3pGkY57koFaITmDJm62JvsBe
0w0bPtoWchT4IoIPgl3eWL3YvdvitFLRWbi9+rY2EchcM7zF8xOK4gMlwH+krcqf
ngrKxVzRGZ6vnd4z2bmOTkwTqmqiDLyhHNYfgZQSaMm3UyRHtmf7535WvO0E3/hG
9QdzAsQ=
-----END CERTIFICATE-----
Generated at Fri Apr 18 10:45:49 2025 by rpki-client