Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91BAD56/818B4D021AAE11ED9B74AE51C4F9AE02/8BF25C3C777D11ED9F54B75EC4F9AE02.roa
File: 8BF25C3C777D11ED9F54B75EC4F9AE02.roa (raw, json)
Hash identifier: WzDhelPPEDQuZuvaKJRg1qx2hqnkCTlff2H/gFYAX1k=
Subject key identifier: 6B:40:46:B8:9D:8C:4A:FC:39:F6:89:A1:3F:E6:58:A8:77:F3:32:42
Certificate issuer: /CN=A91BAD56/serialNumber=1EECA03A77652B9070B5E133809A223830C89CF9
Certificate serial: 0216
Authority key identifier: 1E:EC:A0:3A:77:65:2B:90:70:B5:E1:33:80:9A:22:38:30:C8:9C:F9
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HuygOndlK5BwteEzgJoiODDInPk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91BAD56/818B4D021AAE11ED9B74AE51C4F9AE02/8BF25C3C777D11ED9F54B75EC4F9AE02.roa
Signing time: Wed 25 Dec 2024 01:44:59 +0000
ROA not before: Wed 25 Dec 2024 01:44:59 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 140683
IP address blocks: 103.176.91.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 18 Mar 2025 03:59:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 534 (0x216)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91BAD56
Validity
Not Before: Dec 25 01:44:59 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=676b639b-ab8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:ec:5d:d1:af:09:ae:72:c5:fc:18:16:c0:05:
a2:62:44:2b:d4:53:fd:00:b7:3f:66:ad:d8:cd:66:
30:17:f2:de:6c:cd:f5:37:6d:9a:ec:8b:e9:1f:d0:
ef:7d:db:ba:bd:73:95:28:d6:de:28:a1:f8:e1:dc:
6b:e9:64:d0:05:96:fb:ec:7d:9e:ef:43:fa:d0:03:
9c:fc:ba:5c:bc:ea:76:f6:21:27:61:1d:2a:b5:d9:
9e:e8:34:03:0a:87:de:f4:c3:17:be:ff:64:9b:15:
4d:b9:13:1e:45:34:af:83:6a:33:4e:4a:18:78:71:
2c:93:7a:57:dc:65:c8:40:95:5a:2b:fd:05:3f:49:
e5:ef:ce:99:11:87:d2:6b:dd:ec:85:0f:9c:e4:59:
16:00:eb:c8:19:1d:df:56:0f:3a:c3:89:70:d2:6f:
0e:a9:5e:74:7d:03:f9:b9:c1:60:5f:dc:c8:d1:96:
fa:d0:5a:de:34:a9:b1:0b:12:cd:c3:3a:2c:dc:48:
71:21:e7:fb:f3:a2:be:cc:c2:5c:a2:ed:38:82:fb:
aa:75:f3:8d:96:57:f4:95:4f:45:87:58:78:2f:ad:
55:73:0f:d7:40:e6:49:fa:a4:a9:cd:2c:d0:e8:e6:
4f:a5:1e:e6:85:a8:03:8d:5d:4d:c1:a2:36:d1:bb:
33:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:40:46:B8:9D:8C:4A:FC:39:F6:89:A1:3F:E6:58:A8:77:F3:32:42
X509v3 Authority Key Identifier:
keyid:1E:EC:A0:3A:77:65:2B:90:70:B5:E1:33:80:9A:22:38:30:C8:9C:F9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91BAD56/818B4D021AAE11ED9B74AE51C4F9AE02/HuygOndlK5BwteEzgJoiODDInPk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HuygOndlK5BwteEzgJoiODDInPk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BAD56/818B4D021AAE11ED9B74AE51C4F9AE02/8BF25C3C777D11ED9F54B75EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.176.91.0/24
Signature Algorithm: sha256WithRSAEncryption
49:8b:05:8d:ad:24:90:e9:e4:32:16:0c:11:59:47:e0:50:b9:
a6:84:ad:2d:c5:38:3a:5d:40:78:25:43:07:c8:9a:49:bf:53:
64:60:dc:78:b0:f8:9e:ab:d8:3b:67:2b:5d:d0:57:af:6e:b8:
93:33:d8:9a:28:c1:90:33:70:b4:3a:52:a9:9d:29:6c:21:77:
e7:05:b5:3b:de:21:76:41:76:71:e6:9d:1a:df:da:21:df:4c:
e3:63:d9:d0:d2:c3:cf:f9:9e:b2:c6:25:fd:e6:a9:73:d2:bc:
51:ac:9c:ca:ef:51:3a:97:d1:09:83:57:00:d6:b4:fe:76:5c:
4e:c7:5d:f4:0d:d1:8d:53:54:69:68:d6:e7:48:d4:eb:15:ce:
d2:ef:fe:2d:4a:d3:1f:e1:02:7d:04:2d:38:4b:0f:3d:db:b9:
91:ac:b0:65:f6:f2:9c:5d:2c:e9:93:39:ad:f0:21:8c:fc:6e:
11:61:c0:84:a8:a9:5d:cf:ad:af:bc:d5:95:9b:7a:fa:1a:63:
4a:cd:93:cd:26:b7:a5:f6:41:ee:70:3b:c1:78:9c:e9:21:8f:
78:71:c2:b0:25:2d:be:0c:22:b5:88:b6:3a:d8:d0:78:fe:bb:
02:22:80:a0:71:7e:ba:13:71:26:61:33:6c:ff:46:6e:84:1f:
fb:24:b0:2e
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAhYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QkFENTYxMTAvBgNVBAUTKDFFRUNBMDNBNzc2NTJCOTA3MEI1RTEzMzgwOUEyMjM4
MzBDODlDRjkwHhcNMjQxMjI1MDE0NDU5WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzZiNjM5Yi1hYjhiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAn+xd0a8JrnLF/BgWwAWiYkQr1FP9ALc/Zq3YzWYwF/LebM31N22a7IvpH9Dv
fdu6vXOVKNbeKKH44dxr6WTQBZb77H2e70P60AOc/LpcvOp29iEnYR0qtdme6DQD
Cofe9MMXvv9kmxVNuRMeRTSvg2ozTkoYeHEsk3pX3GXIQJVaK/0FP0nl786ZEYfS
a93shQ+c5FkWAOvIGR3fVg86w4lw0m8OqV50fQP5ucFgX9zI0Zb60FreNKmxCxLN
wzos3EhxIef786K+zMJcou04gvuqdfONllf0lU9Fh1h4L61Vcw/XQOZJ+qSpzSzQ
6OZPpR7mhagDjV1NwaI20bszjwIDAQABo4IClTCCApEwHQYDVR0OBBYEFGtARrid
jEr8OfaJoT/mWKh38zJCMB8GA1UdIwQYMBaAFB7soDp3ZSuQcLXhM4CaIjgwyJz5
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQUQ1Ni84MThCNEQwMjFB
QUUxMUVEOUI3NEFFNTFDNEY5QUUwMi9IdXlnT25kbEs1Qnd0ZUV6Z0pvaU9ERElu
UGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0h1eWdPbmRsSzVCd3RlRXpnSm9pT0RESW5Qay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QkFENTYvODE4QjREMDIxQUFFMTFFRDlCNzRBRTUxQzRGOUFFMDIvOEJGMjVDM0M3
NzdEMTFFRDlGNTRCNzVFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnsFswDQYJKoZIhvcNAQELBQADggEBAEmLBY2tJJDp5DIW
DBFZR+BQuaaErS3FODpdQHglQwfImkm/U2Rg3Hiw+J6r2DtnK13QV69uuJMz2Joo
wZAzcLQ6UqmdKWwhd+cFtTveIXZBdnHmnRrf2iHfTONj2dDSw8/5nrLGJf3mqXPS
vFGsnMrvUTqX0QmDVwDWtP52XE7HXfQN0Y1TVGlo1udI1OsVztLv/i1K0x/hAn0E
LThLDz3buZGssGX28pxdLOmTOa3wIYz8bhFhwISoqV3Pra+81ZWbevoaY0rNk80m
t6X2Qe5wO8F4nOkhj3hxwrAlLb4MIrWItjrY0Hj+uwIigKBxfroTcSZhM2z/Rm6E
H/sksC4=
-----END CERTIFICATE-----
Generated at Fri Apr 11 15:59:46 2025 by rpki-client