Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E3814/2542B4225D7111EC9908914DC4F9AE02/4E9E48C6B0C111EFBFFB5A24C4F9AE02.roa
File: 4E9E48C6B0C111EFBFFB5A24C4F9AE02.roa (raw, json)
Hash identifier: jU4GIVtGPEKm3mzNhsxPRH4vQ1ZUdRKxQVrd2WqVW8g=
Subject key identifier: CF:24:EC:4C:6E:3E:42:97:BA:42:3E:44:B8:80:45:AD:60:60:A0:73
Certificate issuer: /CN=A91E3814/serialNumber=9113A16869B7D01E789EE09FE26E6AFA37CF3E47
Certificate serial: 03E8
Authority key identifier: 91:13:A1:68:69:B7:D0:1E:78:9E:E0:9F:E2:6E:6A:FA:37:CF:3E:47
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kROhaGm30B54nuCf4m5q-jfPPkc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E3814/2542B4225D7111EC9908914DC4F9AE02/4E9E48C6B0C111EFBFFB5A24C4F9AE02.roa
Signing time: Mon 02 Dec 2024 15:22:57 +0000
ROA not before: Mon 02 Dec 2024 15:22:57 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 136969
IP address blocks: 103.148.93.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 25 Mar 2025 05:22:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1000 (0x3e8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E3814
Validity
Not Before: Dec 2 15:22:57 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=674dd0d0-b3d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:74:c8:d1:d6:a3:02:0c:97:75:d3:86:2e:d2:
38:95:76:f9:01:7d:b5:f7:03:74:3b:a4:b3:9f:f8:
f8:5f:e7:da:64:dc:aa:68:a7:91:3d:f0:33:3a:10:
c1:a6:59:7e:28:d9:76:f2:ab:fd:d5:9d:0d:86:fd:
1f:ea:6d:9d:6c:da:fe:86:19:c4:ba:15:1f:6a:b5:
73:a9:31:ad:6d:ce:e9:9b:b5:fa:20:8e:23:b3:1d:
22:f0:35:15:79:b5:52:d4:23:47:7d:0a:da:f4:5d:
cf:10:81:88:06:b4:53:c5:11:7f:1b:b2:e9:a2:80:
3b:42:f0:70:73:e6:7a:e0:25:d9:11:bb:7b:6d:45:
39:8a:bd:3a:50:c5:4f:c1:b2:4b:0a:5c:e4:bd:7d:
6d:d9:b8:bc:d3:11:46:2f:54:dd:a2:c8:a4:8e:fd:
89:56:1f:fa:83:f0:cf:86:35:4d:b5:a2:4c:38:0a:
90:29:1e:4d:64:b6:1d:ab:52:59:22:e9:59:84:66:
f5:ac:25:53:27:20:fa:c2:c1:78:c3:ee:40:3f:78:
57:af:e4:f8:7a:8b:53:05:60:67:e7:49:10:e9:e9:
7d:57:59:dd:87:00:65:35:d5:eb:ae:fd:c1:43:75:
c9:b6:59:81:b6:85:a7:7a:fe:7b:54:f4:08:7f:b5:
ba:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:24:EC:4C:6E:3E:42:97:BA:42:3E:44:B8:80:45:AD:60:60:A0:73
X509v3 Authority Key Identifier:
keyid:91:13:A1:68:69:B7:D0:1E:78:9E:E0:9F:E2:6E:6A:FA:37:CF:3E:47
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E3814/2542B4225D7111EC9908914DC4F9AE02/kROhaGm30B54nuCf4m5q-jfPPkc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kROhaGm30B54nuCf4m5q-jfPPkc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E3814/2542B4225D7111EC9908914DC4F9AE02/4E9E48C6B0C111EFBFFB5A24C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.148.93.0/24
Signature Algorithm: sha256WithRSAEncryption
af:a6:4b:8f:ec:1f:58:ca:75:a5:bb:ab:5b:ca:d5:45:81:b1:
c3:21:61:f0:00:b3:cb:72:78:28:1c:17:0e:79:5b:79:da:5b:
30:b3:20:6d:1b:ce:81:27:22:4d:3a:ef:c4:46:6f:4a:63:1a:
eb:50:29:06:cf:4c:92:35:96:21:f0:8b:b5:58:56:61:84:27:
2f:5e:68:35:49:5d:bc:d7:b8:0d:06:69:8f:c5:c3:dc:c0:3a:
18:ac:9e:fd:18:16:cc:5d:fb:25:60:f8:19:38:38:e7:03:c7:
4e:07:cd:48:fd:9a:f9:40:d6:f0:22:38:46:3c:23:d7:cf:fa:
87:cb:74:4c:5a:fc:b2:e0:72:76:ca:80:9b:7e:d7:9c:43:64:
69:74:d7:33:2e:1b:df:d8:1f:29:e6:85:fb:51:da:70:3e:f6:
05:fc:32:29:a4:83:f2:1d:84:72:db:0c:b0:23:ca:96:e3:47:
d2:93:bc:44:ed:1c:4e:cc:16:3a:99:e2:a7:9b:17:5b:00:6c:
a0:12:81:5b:a8:be:77:b6:39:af:fc:95:93:ab:2a:43:d4:fd:
a1:a8:c3:24:8f:27:b8:d6:f8:85:b9:8a:95:43:5a:58:a1:77:
b9:a3:ce:18:b7:40:28:7d:5e:a6:22:ac:37:d8:f0:98:e2:4c:
dc:e4:f9:47
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICA+gwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTM4MTQxMTAvBgNVBAUTKDkxMTNBMTY4NjlCN0QwMUU3ODlFRTA5RkUyNkU2QUZB
MzdDRjNFNDcwHhcNMjQxMjAyMTUyMjU3WhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02NzRkZDBkMC1iM2Q1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAq3TI0dajAgyXddOGLtI4lXb5AX219wN0O6Szn/j4X+faZNyqaKeRPfAzOhDB
pll+KNl28qv91Z0Nhv0f6m2dbNr+hhnEuhUfarVzqTGtbc7pm7X6II4jsx0i8DUV
ebVS1CNHfQra9F3PEIGIBrRTxRF/G7LpooA7QvBwc+Z64CXZEbt7bUU5ir06UMVP
wbJLClzkvX1t2bi80xFGL1Tdosikjv2JVh/6g/DPhjVNtaJMOAqQKR5NZLYdq1JZ
IulZhGb1rCVTJyD6wsF4w+5AP3hXr+T4eotTBWBn50kQ6el9V1ndhwBlNdXrrv3B
Q3XJtlmBtoWnev57VPQIf7W6awIDAQABo4IClTCCApEwHQYDVR0OBBYEFM8k7Exu
PkKXukI+RLiARa1gYKBzMB8GA1UdIwQYMBaAFJEToWhpt9AeeJ7gn+Juavo3zz5H
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMzgxNC8yNTQyQjQyMjVE
NzExMUVDOTkwODkxNERDNEY5QUUwMi9rUk9oYUdtMzBCNTRudUNmNG01cS1qZlBQ
a2MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2tST2hhR20zMEI1NG51Q2Y0bTVxLWpmUFBrYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTM4MTQvMjU0MkI0MjI1RDcxMTFFQzk5MDg5MTREQzRGOUFFMDIvNEU5RTQ4QzZC
MEMxMTFFRkJGRkI1QTI0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnlF0wDQYJKoZIhvcNAQELBQADggEBAK+mS4/sH1jKdaW7
q1vK1UWBscMhYfAAs8tyeCgcFw55W3naWzCzIG0bzoEnIk0678RGb0pjGutQKQbP
TJI1liHwi7VYVmGEJy9eaDVJXbzXuA0GaY/Fw9zAOhisnv0YFsxd+yVg+Bk4OOcD
x04HzUj9mvlA1vAiOEY8I9fP+ofLdExa/LLgcnbKgJt+15xDZGl01zMuG9/YHynm
hftR2nA+9gX8Mimkg/IdhHLbDLAjypbjR9KTvETtHE7MFjqZ4qebF1sAbKASgVuo
vne2Oa/8lZOrKkPU/aGowySPJ7jW+IW5ipVDWlihd7mjzhi3QCh9XqYirDfY8Jji
TNzk+Uc=
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:58:10 2025 by rpki-client