Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91BDCF1/EB591122A83C11ECA3A4F325C4F9AE02/1880D5A2EE1411EFBC915431C4F9AE02.roa
File: 1880D5A2EE1411EFBC915431C4F9AE02.roa (raw, json)
Hash identifier: JU6Kjs3bLSKdIGaAVqJ47HvFBC0uLdl6A9uRLLWc5eU=
Subject key identifier: 60:C4:02:2E:E9:80:26:B2:AD:6F:53:F5:44:00:47:51:F6:56:32:F7
Certificate issuer: /CN=A91BDCF1/serialNumber=C44F2ACAB2A779994315AA93B323DA9B475C7B9A
Certificate serial: 036A
Authority key identifier: C4:4F:2A:CA:B2:A7:79:99:43:15:AA:93:B3:23:DA:9B:47:5C:7B:9A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xE8qyrKneZlDFaqTsyPam0dce5o.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91BDCF1/EB591122A83C11ECA3A4F325C4F9AE02/1880D5A2EE1411EFBC915431C4F9AE02.roa
Signing time: Tue 18 Feb 2025 16:19:15 +0000
ROA not before: Tue 18 Feb 2025 16:19:15 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 55933
IP address blocks: 103.178.56.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 27 Mar 2025 13:51:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 874 (0x36a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91BDCF1
Validity
Not Before: Feb 18 16:19:15 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=67b4b303-2ba0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:b9:b0:a4:a2:de:1f:27:c2:8e:e3:e6:40:3c:
c5:c9:ae:04:c0:80:89:05:c1:69:cb:72:f6:04:d2:
5b:65:bc:ed:7d:23:3a:63:93:0e:04:91:32:3a:a2:
2a:13:5f:b1:ab:a5:2a:91:57:e4:3c:a5:ec:e9:20:
ee:3e:12:48:8e:95:45:e6:87:6d:94:9b:3e:56:11:
2f:24:af:c3:f9:87:a3:f4:90:85:6f:ea:17:99:16:
47:80:67:18:7e:ea:b2:53:0e:67:89:3d:b6:52:31:
8b:0f:fe:36:66:c2:4b:03:13:4a:07:0c:e6:80:8f:
73:fc:31:9d:aa:08:e0:b9:5b:04:e1:67:71:1f:a3:
58:a7:31:2d:a9:67:f8:e0:63:ce:b0:d1:b1:a9:ef:
2c:34:43:b0:3e:ee:9b:f7:64:9f:7b:8d:eb:e1:b7:
02:65:a3:2b:05:87:b0:3a:dc:4a:31:4b:0a:5c:6f:
64:24:e4:7b:ed:00:20:a3:9a:a4:06:b4:9b:e3:b9:
09:70:c5:3e:38:1f:c9:6a:6b:9a:52:41:b1:c8:9b:
6a:a3:45:09:f0:6b:c0:eb:ec:c7:46:0b:09:5f:b3:
ad:5d:e1:1e:1a:86:73:c9:ed:e7:e1:3c:5e:e1:34:
0b:93:05:e7:ae:01:22:41:9b:12:18:c9:7e:f1:3d:
f6:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:C4:02:2E:E9:80:26:B2:AD:6F:53:F5:44:00:47:51:F6:56:32:F7
X509v3 Authority Key Identifier:
keyid:C4:4F:2A:CA:B2:A7:79:99:43:15:AA:93:B3:23:DA:9B:47:5C:7B:9A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91BDCF1/EB591122A83C11ECA3A4F325C4F9AE02/xE8qyrKneZlDFaqTsyPam0dce5o.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xE8qyrKneZlDFaqTsyPam0dce5o.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BDCF1/EB591122A83C11ECA3A4F325C4F9AE02/1880D5A2EE1411EFBC915431C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.178.56.0/24
Signature Algorithm: sha256WithRSAEncryption
81:ea:ad:fd:25:4b:1e:cf:be:ec:86:83:a6:3f:b4:6c:a1:ac:
32:a1:cb:32:16:96:fe:3b:72:90:17:d5:30:41:f2:a9:d2:c5:
d7:6e:b1:65:6c:80:bc:cf:05:60:e6:8d:09:fc:da:fc:78:de:
76:ca:7b:e1:7e:00:18:d4:86:64:ee:90:3c:91:6d:90:7e:fd:
2d:94:f5:85:92:b5:16:22:e6:ce:e0:74:c7:32:07:e4:be:3b:
00:02:87:43:1b:20:12:2d:c9:c1:30:a3:9c:5a:fa:e6:92:45:
1d:5c:0b:4d:07:dc:f3:21:7c:8b:1d:c6:22:2c:6d:8d:8b:8c:
a9:d2:f3:fa:27:e0:2c:77:88:08:e7:16:64:48:44:53:73:cd:
ee:27:4b:11:37:44:90:a6:b9:e2:35:82:17:da:9e:05:14:e7:
c1:e9:95:be:6b:73:a4:81:d9:bd:04:21:cd:f4:68:4a:5a:1f:
6a:96:c8:fb:b5:b8:95:b0:7b:01:f6:be:d5:20:23:27:ce:b7:
c5:26:8d:e5:f4:6e:2f:54:03:1a:3d:40:5a:37:9e:e6:ae:80:
60:24:05:89:de:66:d3:97:e2:15:b1:c6:a7:82:6e:0f:4f:1d:
7d:ec:b7:9d:b6:13:28:9f:8a:ae:1f:e1:ea:38:ad:02:e4:02:
9a:94:ad:6b
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICA2owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QkRDRjExMTAvBgNVBAUTKEM0NEYyQUNBQjJBNzc5OTk0MzE1QUE5M0IzMjNEQTlC
NDc1QzdCOUEwHhcNMjUwMjE4MTYxOTE1WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2I0YjMwMy0yYmEwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsbmwpKLeHyfCjuPmQDzFya4EwICJBcFpy3L2BNJbZbztfSM6Y5MOBJEyOqIq
E1+xq6UqkVfkPKXs6SDuPhJIjpVF5odtlJs+VhEvJK/D+Yej9JCFb+oXmRZHgGcY
fuqyUw5niT22UjGLD/42ZsJLAxNKBwzmgI9z/DGdqgjguVsE4WdxH6NYpzEtqWf4
4GPOsNGxqe8sNEOwPu6b92Sfe43r4bcCZaMrBYewOtxKMUsKXG9kJOR77QAgo5qk
BrSb47kJcMU+OB/JamuaUkGxyJtqo0UJ8GvA6+zHRgsJX7OtXeEeGoZzye3n4Txe
4TQLkwXnrgEiQZsSGMl+8T32GQIDAQABo4IClTCCApEwHQYDVR0OBBYEFGDEAi7p
gCayrW9T9UQAR1H2VjL3MB8GA1UdIwQYMBaAFMRPKsqyp3mZQxWqk7Mj2ptHXHua
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCRENGMS9FQjU5MTEyMkE4
M0MxMUVDQTNBNEYzMjVDNEY5QUUwMi94RThxeXJLbmVabERGYXFUc3lQYW0wZGNl
NW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3hFOHF5cktuZVpsREZhcVRzeVBhbTBkY2U1by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QkRDRjEvRUI1OTExMjJBODNDMTFFQ0EzQTRGMzI1QzRGOUFFMDIvMTg4MEQ1QTJF
RTE0MTFFRkJDOTE1NDMxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnsjgwDQYJKoZIhvcNAQELBQADggEBAIHqrf0lSx7PvuyG
g6Y/tGyhrDKhyzIWlv47cpAX1TBB8qnSxddusWVsgLzPBWDmjQn82vx43nbKe+F+
ABjUhmTukDyRbZB+/S2U9YWStRYi5s7gdMcyB+S+OwACh0MbIBItycEwo5xa+uaS
RR1cC00H3PMhfIsdxiIsbY2LjKnS8/on4Cx3iAjnFmRIRFNzze4nSxE3RJCmueI1
ghfangUU58Hplb5rc6SB2b0EIc30aEpaH2qWyPu1uJWwewH2vtUgIyfOt8UmjeX0
bi9UAxo9QFo3nuaugGAkBYneZtOX4hWxxqeCbg9PHX3st522Eyifiq4f4eo4rQLk
ApqUrWs=
-----END CERTIFICATE-----
Generated at Wed Apr 9 02:22:20 2025 by rpki-client