Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C7C04/A0DB35525FB411EBAB7C6A23C4F9AE02/B6F19E94169A11EFA5557A2DC4F9AE02.roa
File: B6F19E94169A11EFA5557A2DC4F9AE02.roa (raw, json)
Hash identifier: y3JXwfkfXi0mGxXLOvtvdHmfcDpkUFUNum0jb4H8hhE=
Subject key identifier: 12:1E:1C:06:B4:4D:60:0B:B5:B2:1D:9F:02:F2:93:A3:13:A7:41:00
Certificate issuer: /CN=A91C7C04/serialNumber=0AE222EC5E17A6E632B559D49C5B1EF332DA43CB
Certificate serial: 0686
Authority key identifier: 0A:E2:22:EC:5E:17:A6:E6:32:B5:59:D4:9C:5B:1E:F3:32:DA:43:CB
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CuIi7F4XpuYytVnUnFse8zLaQ8s.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C7C04/A0DB35525FB411EBAB7C6A23C4F9AE02/B6F19E94169A11EFA5557A2DC4F9AE02.roa
Signing time: Mon 02 Dec 2024 22:31:54 +0000
ROA not before: Mon 02 Dec 2024 22:31:54 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 134365
IP address blocks: 103.42.180.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 30 Dec 2024 16:57:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1670 (0x686)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C7C04
Validity
Not Before: Dec 2 22:31:54 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=674e3559-6aac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:8d:c0:24:d9:f2:9e:93:ec:61:80:3c:cd:42:
5f:b0:5e:30:b0:42:cb:29:1f:9d:8e:73:d7:5e:2d:
1c:95:c6:20:80:f4:93:50:65:d1:58:26:9f:50:1c:
04:98:1d:b2:0b:38:cf:81:00:1c:29:72:52:4f:65:
c3:f1:06:3e:bd:e4:76:8d:63:c8:22:8e:41:91:06:
b5:1b:b9:db:19:6c:8a:e0:de:4f:f4:02:4d:cc:83:
d5:7d:3e:31:05:db:64:08:80:4d:15:52:18:96:57:
77:f8:43:0e:54:e8:1d:c5:cc:72:2c:48:f5:1b:0c:
78:34:37:4c:d3:6a:ad:82:2c:5a:9e:4f:c7:a6:65:
82:25:3a:ee:d4:d9:e9:61:ea:db:84:b3:e5:e0:9c:
8a:3a:3e:89:9a:e5:49:71:62:76:31:c8:e7:96:82:
fc:b1:a3:8b:d2:38:67:2e:83:97:a6:2f:0b:68:25:
2c:c8:fb:1a:1b:32:4c:b0:aa:4c:59:89:f5:ea:a5:
6b:07:55:d0:4b:17:20:00:9d:26:d5:f4:e5:2e:d0:
6b:25:52:40:6d:0e:90:60:20:31:15:34:28:55:b0:
f2:bd:33:bd:fb:b4:03:8f:bc:e9:c4:cc:29:1a:17:
50:7a:cb:c8:55:fc:c8:08:1f:a2:8c:9b:55:df:99:
3c:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:1E:1C:06:B4:4D:60:0B:B5:B2:1D:9F:02:F2:93:A3:13:A7:41:00
X509v3 Authority Key Identifier:
keyid:0A:E2:22:EC:5E:17:A6:E6:32:B5:59:D4:9C:5B:1E:F3:32:DA:43:CB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C7C04/A0DB35525FB411EBAB7C6A23C4F9AE02/CuIi7F4XpuYytVnUnFse8zLaQ8s.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CuIi7F4XpuYytVnUnFse8zLaQ8s.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C7C04/A0DB35525FB411EBAB7C6A23C4F9AE02/B6F19E94169A11EFA5557A2DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.42.180.0/22
Signature Algorithm: sha256WithRSAEncryption
58:cf:ef:6a:b8:d9:30:ff:a0:c8:a0:bf:82:f8:43:23:8d:37:
e6:86:be:3a:0a:b1:53:22:92:78:40:34:d9:98:79:88:5a:2b:
25:4f:d0:ca:ec:90:c8:0a:a8:9d:4a:2d:cd:d1:82:dc:11:da:
2c:20:fd:ae:71:d5:df:9e:12:5e:2e:13:1e:40:6e:ec:63:ed:
a0:25:4a:bf:bb:1e:86:79:dc:3a:4a:a9:06:6d:2b:46:56:d3:
6e:4f:ed:cc:f5:0e:09:4d:28:5f:fb:4b:aa:9a:fd:76:65:8c:
8e:d6:94:d7:7f:25:08:2f:67:6f:c0:f6:2a:26:36:57:56:35:
74:83:bc:08:44:44:07:6b:9e:7d:30:04:6d:17:43:fa:83:fe:
82:41:80:84:3d:8d:72:66:5f:83:73:f2:8d:74:5a:06:96:1b:
22:32:33:89:ca:7f:8b:34:44:c0:a6:6f:dc:bc:af:e1:85:2d:
b7:77:04:73:45:7c:67:f9:cf:63:b0:51:02:1a:97:07:6e:75:
e5:6b:ec:23:3b:33:4b:27:65:e7:f6:6d:4f:6f:a9:4a:d5:2b:
2f:c0:7a:eb:f3:c6:a5:b7:e6:4e:f0:65:5d:60:49:51:60:19:
d2:4d:c2:52:c5:f0:af:ef:31:75:36:37:7a:8b:32:26:32:98:
87:08:13:12
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBoYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzdDMDQxMTAvBgNVBAUTKDBBRTIyMkVDNUUxN0E2RTYzMkI1NTlENDlDNUIxRUYz
MzJEQTQzQ0IwHhcNMjQxMjAyMjIzMTU0WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzRlMzU1OS02YWFjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAto3AJNnynpPsYYA8zUJfsF4wsELLKR+djnPXXi0clcYggPSTUGXRWCafUBwE
mB2yCzjPgQAcKXJST2XD8QY+veR2jWPIIo5BkQa1G7nbGWyK4N5P9AJNzIPVfT4x
BdtkCIBNFVIYlld3+EMOVOgdxcxyLEj1Gwx4NDdM02qtgixank/HpmWCJTru1Nnp
YerbhLPl4JyKOj6JmuVJcWJ2McjnloL8saOL0jhnLoOXpi8LaCUsyPsaGzJMsKpM
WYn16qVrB1XQSxcgAJ0m1fTlLtBrJVJAbQ6QYCAxFTQoVbDyvTO9+7QDj7zpxMwp
GhdQesvIVfzICB+ijJtV35k8RwIDAQABo4IClTCCApEwHQYDVR0OBBYEFBIeHAa0
TWALtbIdnwLyk6MTp0EAMB8GA1UdIwQYMBaAFAriIuxeF6bmMrVZ1JxbHvMy2kPL
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDN0MwNC9BMERCMzU1MjVG
QjQxMUVCQUI3QzZBMjNDNEY5QUUwMi9DdUlpN0Y0WHB1WXl0Vm5VbkZzZTh6TGFR
OHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0N1SWk3RjRYcHVZeXRWblVuRnNlOHpMYVE4cy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzdDMDQvQTBEQjM1NTI1RkI0MTFFQkFCN0M2QTIzQzRGOUFFMDIvQjZGMTlFOTQx
NjlBMTFFRkE1NTU3QTJEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJnKrQwDQYJKoZIhvcNAQELBQADggEBAFjP72q42TD/oMig
v4L4QyONN+aGvjoKsVMiknhANNmYeYhaKyVP0MrskMgKqJ1KLc3RgtwR2iwg/a5x
1d+eEl4uEx5Abuxj7aAlSr+7HoZ53DpKqQZtK0ZW025P7cz1DglNKF/7S6qa/XZl
jI7WlNd/JQgvZ2/A9iomNldWNXSDvAhERAdrnn0wBG0XQ/qD/oJBgIQ9jXJmX4Nz
8o10WgaWGyIyM4nKf4s0RMCmb9y8r+GFLbd3BHNFfGf5z2OwUQIalwdudeVr7CM7
M0snZef2bU9vqUrVKy/AeuvzxqW35k7wZV1gSVFgGdJNwlLF8K/vMXU2N3qLMiYy
mIcIExI=
-----END CERTIFICATE-----
Generated at Sun Apr 6 21:02:11 2025 by rpki-client