Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91BB6DE/A53AB74C9C3811EB81BE1560C4F9AE02/CFD5A5D6E52211EDBE69751CC4F9AE02.roa
File: CFD5A5D6E52211EDBE69751CC4F9AE02.roa (raw, json)
Hash identifier: Uxna9EOz+6pJaAlkHxxX+LK+gUiau8RuDTt3VqrrPoE=
Subject key identifier: 3E:C9:8B:F7:CE:A2:07:9D:37:49:81:D3:DA:D5:48:39:79:ED:C9:1B
Certificate issuer: /CN=A91BB6DE/serialNumber=5AE6336939EA8F5EFB2A21E430673F80CCD5055A
Certificate serial: 014F
Authority key identifier: 5A:E6:33:69:39:EA:8F:5E:FB:2A:21:E4:30:67:3F:80:CC:D5:05:5A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WuYzaTnqj177KiHkMGc_gMzVBVo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91BB6DE/A53AB74C9C3811EB81BE1560C4F9AE02/CFD5A5D6E52211EDBE69751CC4F9AE02.roa
Signing time: Fri 22 Nov 2024 22:42:53 +0000
ROA not before: Fri 22 Nov 2024 22:42:53 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 142127
IP address blocks: 103.157.200.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 04 Mar 2025 13:54:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 335 (0x14f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91BB6DE
Validity
Not Before: Nov 22 22:42:53 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=674108ed-8331
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:94:fb:4f:5f:94:d6:14:cb:f0:26:6c:10:9c:
a8:48:e6:8f:16:cb:86:f2:fc:19:0c:de:e0:04:f5:
02:f5:f3:23:12:5c:4e:88:8d:e2:b3:10:bc:3f:7e:
f0:49:61:30:f6:c6:f3:82:1c:0d:be:c8:53:17:ef:
e4:2a:87:25:13:27:6f:66:43:c6:5c:cf:a5:91:e3:
b2:13:2f:6b:bf:ba:9f:30:c6:08:5e:8f:47:0e:5d:
ce:3c:8d:20:9c:73:5a:8f:9b:a0:d4:01:b9:1f:f1:
52:07:4d:72:95:4b:f0:af:cc:67:43:1b:39:95:4d:
b8:4b:b6:16:4f:68:c9:b8:fd:02:f9:ff:65:d7:4b:
77:33:e2:92:e9:1b:93:f3:42:a3:62:78:72:9a:a2:
c3:d6:2b:3e:01:c4:33:a3:5b:94:ec:7b:dd:6c:94:
19:bb:78:3d:f7:48:65:94:ca:58:7d:6c:51:ef:9e:
09:55:6b:67:30:2c:9c:e3:2a:7c:2e:e4:28:b9:c7:
b0:71:15:a3:2b:be:c4:d9:3b:a3:dd:7d:5c:e6:94:
da:d6:0a:e8:57:f8:25:d3:ec:42:7f:a8:a6:ad:cb:
38:be:6a:f5:a0:82:26:7d:6e:3b:bb:71:e2:fa:ab:
cc:b9:3d:e6:62:0d:f1:b3:2f:f5:5a:d4:96:2f:cd:
fd:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:C9:8B:F7:CE:A2:07:9D:37:49:81:D3:DA:D5:48:39:79:ED:C9:1B
X509v3 Authority Key Identifier:
keyid:5A:E6:33:69:39:EA:8F:5E:FB:2A:21:E4:30:67:3F:80:CC:D5:05:5A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91BB6DE/A53AB74C9C3811EB81BE1560C4F9AE02/WuYzaTnqj177KiHkMGc_gMzVBVo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WuYzaTnqj177KiHkMGc_gMzVBVo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BB6DE/A53AB74C9C3811EB81BE1560C4F9AE02/CFD5A5D6E52211EDBE69751CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.157.200.0/23
Signature Algorithm: sha256WithRSAEncryption
1b:b4:d0:57:1c:b9:36:98:ed:60:48:ef:08:19:b6:bd:4c:5b:
a7:c0:1a:62:a2:4d:38:3f:e2:b1:be:a3:f2:fe:ba:eb:2e:c8:
a0:5c:e1:1f:e6:a0:07:4d:24:f4:1b:a6:31:b5:96:cd:1f:fe:
ea:a4:88:e1:e4:5d:b3:43:94:ac:91:89:29:bb:ae:36:8b:d8:
a9:be:5c:a1:ee:2d:e6:6b:db:97:8a:c5:f0:23:db:cb:89:b4:
34:b3:53:3e:3f:87:3c:72:65:16:1e:e8:6f:c1:87:65:9d:a0:
ff:5b:57:23:a7:9b:31:a7:63:a2:20:7f:84:fc:a0:9b:ce:94:
96:90:9e:db:5d:59:17:38:ef:d7:4d:b9:c7:94:5c:ba:bb:e4:
b6:9f:b5:dc:1a:8d:69:30:90:1c:6a:1f:44:04:94:8d:a5:bf:
66:54:e4:1e:03:e6:ea:0d:cc:40:1a:e3:1b:f2:82:ca:eb:4a:
53:ba:41:ad:83:31:89:20:3f:21:47:4c:18:7b:5e:1e:38:33:
d2:1b:61:eb:3b:df:81:bf:b4:95:60:a2:0f:92:36:ee:91:11:
de:93:27:a0:d4:c8:c1:13:2b:95:c1:e5:67:97:cb:1b:45:b4:
63:db:e6:68:f9:75:98:b3:46:84:38:f2:31:a1:6e:f4:46:52:
66:b7:b6:de
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAU8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QkI2REUxMTAvBgNVBAUTKDVBRTYzMzY5MzlFQThGNUVGQjJBMjFFNDMwNjczRjgw
Q0NENTA1NUEwHhcNMjQxMTIyMjI0MjUzWhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzQxMDhlZC04MzMxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0JT7T1+U1hTL8CZsEJyoSOaPFsuG8vwZDN7gBPUC9fMjElxOiI3isxC8P37w
SWEw9sbzghwNvshTF+/kKoclEydvZkPGXM+lkeOyEy9rv7qfMMYIXo9HDl3OPI0g
nHNaj5ug1AG5H/FSB01ylUvwr8xnQxs5lU24S7YWT2jJuP0C+f9l10t3M+KS6RuT
80KjYnhymqLD1is+AcQzo1uU7HvdbJQZu3g990hllMpYfWxR754JVWtnMCyc4yp8
LuQoucewcRWjK77E2Tuj3X1c5pTa1groV/gl0+xCf6imrcs4vmr1oIImfW47u3Hi
+qvMuT3mYg3xsy/1WtSWL839IwIDAQABo4IClTCCApEwHQYDVR0OBBYEFD7Ji/fO
ogedN0mB09rVSDl57ckbMB8GA1UdIwQYMBaAFFrmM2k56o9e+yoh5DBnP4DM1QVa
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQjZERS9BNTNBQjc0QzlD
MzgxMUVCODFCRTE1NjBDNEY5QUUwMi9XdVl6YVRucWoxNzdLaUhrTUdjX2dNelZC
Vm8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1d1WXphVG5xajE3N0tpSGtNR2NfZ016VkJWby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QkI2REUvQTUzQUI3NEM5QzM4MTFFQjgxQkUxNTYwQzRGOUFFMDIvQ0ZENUE1RDZF
NTIyMTFFREJFNjk3NTFDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnncgwDQYJKoZIhvcNAQELBQADggEBABu00FccuTaY7WBI
7wgZtr1MW6fAGmKiTTg/4rG+o/L+uusuyKBc4R/moAdNJPQbpjG1ls0f/uqkiOHk
XbNDlKyRiSm7rjaL2Km+XKHuLeZr25eKxfAj28uJtDSzUz4/hzxyZRYe6G/Bh2Wd
oP9bVyOnmzGnY6Igf4T8oJvOlJaQnttdWRc479dNuceUXLq75LaftdwajWkwkBxq
H0QElI2lv2ZU5B4D5uoNzEAa4xvygsrrSlO6Qa2DMYkgPyFHTBh7Xh44M9IbYes7
34G/tJVgog+SNu6REd6TJ6DUyMETK5XB5WeXyxtFtGPb5mj5dZizRoQ48jGhbvRG
Uma3tt4=
-----END CERTIFICATE-----
Generated at Sun Apr 6 21:57:56 2025 by rpki-client