Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C7C04/A0DB35525FB411EBAB7C6A23C4F9AE02/CD0B290A232111EF8E1B807FC4F9AE02.roa
File: CD0B290A232111EF8E1B807FC4F9AE02.roa (raw, json)
Hash identifier: 45X13rX0pELO678Wdiaypic0M3Iflv/gqWEYg4aAIh4=
Subject key identifier: 59:CF:EF:90:3E:0D:4B:F7:6F:08:A1:F0:BD:E2:74:E9:12:85:F2:28
Certificate issuer: /CN=A91C7C04/serialNumber=0AE222EC5E17A6E632B559D49C5B1EF332DA43CB
Certificate serial: 0688
Authority key identifier: 0A:E2:22:EC:5E:17:A6:E6:32:B5:59:D4:9C:5B:1E:F3:32:DA:43:CB
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CuIi7F4XpuYytVnUnFse8zLaQ8s.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C7C04/A0DB35525FB411EBAB7C6A23C4F9AE02/CD0B290A232111EF8E1B807FC4F9AE02.roa
Signing time: Mon 02 Dec 2024 22:31:55 +0000
ROA not before: Mon 02 Dec 2024 22:31:55 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 136933
IP address blocks: 103.42.182.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 26 Feb 2025 14:03:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1672 (0x688)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C7C04, serialNumber=0AE222EC5E17A6E632B559D49C5B1EF332DA43CB
Validity
Not Before: Dec 2 22:31:55 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=674e355b-290d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:1b:b3:52:04:fa:20:83:be:ac:bf:5c:fc:13:
01:37:0a:ed:c5:6d:c2:a6:74:10:c2:db:fa:c8:18:
96:27:65:2c:23:10:dc:1b:72:7f:31:3f:58:7b:d8:
5a:e5:49:d7:8b:d9:9f:52:eb:4a:e0:0b:2b:61:19:
0a:2d:73:93:de:14:2b:2c:db:33:3a:47:05:94:75:
d3:8a:44:3e:5f:80:7e:ed:23:bf:08:a2:8a:7a:9b:
05:4d:b1:aa:06:9d:01:f2:03:13:7a:f5:b8:eb:45:
08:fb:bb:e6:1f:55:49:b5:ce:84:3f:ec:73:fd:ae:
40:86:cd:ae:05:18:43:07:33:cc:50:fb:5c:63:d5:
95:5d:df:10:90:35:d4:be:24:c5:0e:a2:41:c2:e1:
d0:6b:f2:c0:db:5f:d4:db:a1:e1:42:06:94:db:98:
0e:fd:53:32:7f:8a:93:25:fd:1a:c4:fa:8f:e1:32:
dc:8e:21:21:10:ba:9a:73:b5:8a:28:de:64:65:b1:
c2:db:0d:b2:4d:ad:ec:94:25:e9:3f:9d:5d:50:b8:
c9:9f:9c:0e:e1:13:d1:43:bd:6b:fb:3b:94:92:37:
5c:39:49:d5:12:f9:f3:c6:19:32:65:95:32:e3:58:
f1:e3:d6:ee:fa:ae:2f:5d:36:0c:09:ba:4e:bc:44:
a3:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:CF:EF:90:3E:0D:4B:F7:6F:08:A1:F0:BD:E2:74:E9:12:85:F2:28
X509v3 Authority Key Identifier:
keyid:0A:E2:22:EC:5E:17:A6:E6:32:B5:59:D4:9C:5B:1E:F3:32:DA:43:CB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C7C04/A0DB35525FB411EBAB7C6A23C4F9AE02/CuIi7F4XpuYytVnUnFse8zLaQ8s.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CuIi7F4XpuYytVnUnFse8zLaQ8s.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C7C04/A0DB35525FB411EBAB7C6A23C4F9AE02/CD0B290A232111EF8E1B807FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.42.182.0/24
Signature Algorithm: sha256WithRSAEncryption
74:dc:30:4f:9d:6c:9a:c9:82:be:b6:cd:fb:ef:58:76:a7:d3:
bd:44:87:d8:7c:3d:1e:05:db:34:a0:95:ff:8f:da:37:63:36:
a4:9e:26:14:6f:c8:70:ab:17:7d:19:f4:2a:61:83:88:33:7e:
6b:9f:8d:67:57:fa:9d:03:e6:0d:61:48:02:5e:d7:a3:83:22:
8f:23:e2:7d:23:e4:55:66:17:23:de:af:ab:e0:64:06:ea:9c:
a3:0d:7e:3d:82:e5:f1:76:99:3b:d7:bd:ef:73:bf:18:a6:40:
bb:84:1e:29:7f:42:6c:17:19:31:1b:26:af:af:c3:1b:f3:ab:
3f:01:10:37:67:e9:f7:52:00:15:6f:7f:3a:a0:02:2d:69:e3:
b7:f0:c8:bb:58:33:34:f8:e2:ba:b5:21:3f:58:0a:24:95:dc:
ca:c2:d2:9d:0b:01:7a:40:3a:80:49:5a:10:06:1b:19:96:4e:
c3:5a:9e:25:60:bf:d4:1e:92:59:94:ed:ff:69:ce:cf:ee:4f:
84:69:4e:79:0c:c1:f4:47:38:96:d4:72:44:30:8f:dd:6a:e9:
e5:bc:86:9d:e4:5d:8a:99:d3:fe:27:81:0f:84:89:83:b9:da:
49:1e:9c:93:4d:c7:4c:8b:0d:da:28:09:c4:b5:3f:cf:0a:b8:
3c:0c:55:5d
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBogwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzdDMDQxMTAvBgNVBAUTKDBBRTIyMkVDNUUxN0E2RTYzMkI1NTlENDlDNUIxRUYz
MzJEQTQzQ0IwHhcNMjQxMjAyMjIzMTU1WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzRlMzU1Yi0yOTBkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA9huzUgT6IIO+rL9c/BMBNwrtxW3CpnQQwtv6yBiWJ2UsIxDcG3J/MT9Ye9ha
5UnXi9mfUutK4AsrYRkKLXOT3hQrLNszOkcFlHXTikQ+X4B+7SO/CKKKepsFTbGq
Bp0B8gMTevW460UI+7vmH1VJtc6EP+xz/a5Ahs2uBRhDBzPMUPtcY9WVXd8QkDXU
viTFDqJBwuHQa/LA21/U26HhQgaU25gO/VMyf4qTJf0axPqP4TLcjiEhELqac7WK
KN5kZbHC2w2yTa3slCXpP51dULjJn5wO4RPRQ71r+zuUkjdcOUnVEvnzxhkyZZUy
41jx49bu+q4vXTYMCbpOvESj4QIDAQABo4IClTCCApEwHQYDVR0OBBYEFFnP75A+
DUv3bwih8L3idOkShfIoMB8GA1UdIwQYMBaAFAriIuxeF6bmMrVZ1JxbHvMy2kPL
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDN0MwNC9BMERCMzU1MjVG
QjQxMUVCQUI3QzZBMjNDNEY5QUUwMi9DdUlpN0Y0WHB1WXl0Vm5VbkZzZTh6TGFR
OHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0N1SWk3RjRYcHVZeXRWblVuRnNlOHpMYVE4cy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzdDMDQvQTBEQjM1NTI1RkI0MTFFQkFCN0M2QTIzQzRGOUFFMDIvQ0QwQjI5MEEy
MzIxMTFFRjhFMUI4MDdGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnKrYwDQYJKoZIhvcNAQELBQADggEBAHTcME+dbJrJgr62
zfvvWHan071Eh9h8PR4F2zSglf+P2jdjNqSeJhRvyHCrF30Z9Cphg4gzfmufjWdX
+p0D5g1hSAJe16ODIo8j4n0j5FVmFyPer6vgZAbqnKMNfj2C5fF2mTvXve9zvxim
QLuEHil/QmwXGTEbJq+vwxvzqz8BEDdn6fdSABVvfzqgAi1p47fwyLtYMzT44rq1
IT9YCiSV3MrC0p0LAXpAOoBJWhAGGxmWTsNaniVgv9QeklmU7f9pzs/uT4RpTnkM
wfRHOJbUckQwj91q6eW8hp3kXYqZ0/4ngQ+EiYO52kkenJNNx0yLDdooCcS1P88K
uDwMVV0=
-----END CERTIFICATE-----
Generated at Mon Apr 14 04:27:19 2025 by rpki-client