Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E4C30/0F1F7CE8964111EDBA9DCC4FC4F9AE02/2027AAD6D61C11EDAB348D50C4F9AE02.roa
File: 2027AAD6D61C11EDAB348D50C4F9AE02.roa (raw, json)
Hash identifier: 4jAni62DS4CLVxzu7C47I+UABsGqUuYdHmFTqXb6mFM=
Subject key identifier: 0B:3F:CF:19:63:57:0E:96:3F:6A:56:60:3A:8A:D0:D0:4F:6A:48:AE
Certificate issuer: /CN=A91E4C30/serialNumber=58A0DDD02555C837486D55435186DCC576A1283E
Certificate serial: 019A
Authority key identifier: 58:A0:DD:D0:25:55:C8:37:48:6D:55:43:51:86:DC:C5:76:A1:28:3E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WKDd0CVVyDdIbVVDUYbcxXahKD4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E4C30/0F1F7CE8964111EDBA9DCC4FC4F9AE02/2027AAD6D61C11EDAB348D50C4F9AE02.roa
Signing time: Thu 27 Feb 2025 04:27:18 +0000
ROA not before: Thu 27 Feb 2025 04:27:18 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 151080
IP address blocks: 103.61.240.0/23 maxlen: 23
103.61.240.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 04 Mar 2025 05:40:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 410 (0x19a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E4C30
Validity
Not Before: Feb 27 04:27:18 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=67bfe9a6-f569
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:d5:84:4d:c9:f4:5d:39:9b:a6:39:70:53:be:
a5:b1:01:04:02:c3:44:99:ac:0f:63:08:79:0b:a6:
87:de:f6:63:27:34:75:f2:81:6e:39:e3:ab:f2:1d:
65:cb:46:03:21:c2:1d:2c:cb:f5:0a:21:f5:7d:cb:
1d:3a:69:ad:28:5e:a0:2d:0d:0c:ea:5a:18:94:95:
52:0b:8f:c3:a5:1e:c4:9a:a6:47:9e:54:9e:73:da:
c8:1b:38:9d:ad:1d:ae:9a:a7:15:13:35:0d:f5:e2:
3c:c5:13:25:ad:e1:28:2f:1c:88:2e:83:84:5e:ab:
00:8a:20:15:b3:81:7e:b3:5d:84:03:4d:db:9a:69:
98:e6:07:ef:8c:ed:22:36:6e:f8:a7:7a:16:d8:f4:
20:0c:19:e7:53:f9:09:47:87:21:90:f5:06:df:4b:
7c:6f:6c:16:52:9e:5c:b4:e9:32:4e:11:8e:e9:8a:
ab:69:a8:7d:54:95:e5:91:8c:21:ae:3d:6a:af:9d:
b6:f5:c0:cf:f6:82:e9:f0:44:1e:8d:e9:5c:07:2f:
76:45:38:65:22:3a:2a:96:25:6c:5f:f4:76:96:a7:
67:70:ad:3d:e4:07:1e:93:6e:06:1d:f5:ed:52:de:
2e:6a:a8:38:6d:8c:88:ac:a1:67:37:a5:60:68:61:
65:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:3F:CF:19:63:57:0E:96:3F:6A:56:60:3A:8A:D0:D0:4F:6A:48:AE
X509v3 Authority Key Identifier:
keyid:58:A0:DD:D0:25:55:C8:37:48:6D:55:43:51:86:DC:C5:76:A1:28:3E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E4C30/0F1F7CE8964111EDBA9DCC4FC4F9AE02/WKDd0CVVyDdIbVVDUYbcxXahKD4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WKDd0CVVyDdIbVVDUYbcxXahKD4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E4C30/0F1F7CE8964111EDBA9DCC4FC4F9AE02/2027AAD6D61C11EDAB348D50C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.61.240.0/23
Signature Algorithm: sha256WithRSAEncryption
03:3b:99:52:9d:e0:25:a6:ba:80:0f:d9:bb:8b:5f:27:98:84:
de:35:ac:29:45:77:d6:94:45:27:f1:1f:80:67:65:0e:a6:74:
f9:95:8b:9c:59:83:71:f2:23:bd:ae:0d:ee:a6:05:5f:04:50:
43:c3:d0:48:6c:ab:eb:ad:1a:49:62:5c:d9:77:eb:e8:41:d3:
8d:1f:9e:7f:79:5a:a7:40:8f:14:51:85:3d:16:1a:8b:96:b5:
fb:df:91:c2:b5:f0:d3:6d:66:07:37:d0:0e:bb:b5:53:1a:62:
56:94:39:3a:cf:ac:69:a4:28:d9:a9:5c:85:10:b1:d0:92:bb:
eb:55:9e:c5:50:a9:6b:f9:d4:a3:7a:ca:ae:f6:33:94:8c:3d:
8d:22:cc:41:9b:6b:85:b0:b5:28:91:03:30:1f:15:4d:11:a5:
f1:39:26:7c:aa:25:08:42:6f:78:dc:9d:25:08:42:80:fb:13:
35:e7:de:3b:46:96:ac:cb:99:a0:36:95:3f:84:8b:02:5c:4d:
c2:48:8a:30:72:d6:35:e6:32:62:cb:95:17:3b:3c:c6:00:fd:
19:40:41:29:a3:f5:e9:cf:dc:a7:80:6e:b7:20:b0:a5:5a:4e:
bc:8e:8d:50:74:f5:9e:20:63:f9:39:17:fb:b5:29:7e:42:f5:
31:37:3f:52
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAZowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTRDMzAxMTAvBgNVBAUTKDU4QTBEREQwMjU1NUM4Mzc0ODZENTU0MzUxODZEQ0M1
NzZBMTI4M0UwHhcNMjUwMjI3MDQyNzE4WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2JmZTlhNi1mNTY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA8NWETcn0XTmbpjlwU76lsQEEAsNEmawPYwh5C6aH3vZjJzR18oFuOeOr8h1l
y0YDIcIdLMv1CiH1fcsdOmmtKF6gLQ0M6loYlJVSC4/DpR7EmqZHnlSec9rIGzid
rR2umqcVEzUN9eI8xRMlreEoLxyILoOEXqsAiiAVs4F+s12EA03bmmmY5gfvjO0i
Nm74p3oW2PQgDBnnU/kJR4chkPUG30t8b2wWUp5ctOkyThGO6Yqraah9VJXlkYwh
rj1qr5229cDP9oLp8EQejelcBy92RThlIjoqliVsX/R2lqdncK095Acek24GHfXt
Ut4uaqg4bYyIrKFnN6VgaGFlvQIDAQABo4IClTCCApEwHQYDVR0OBBYEFAs/zxlj
Vw6WP2pWYDqK0NBPakiuMB8GA1UdIwQYMBaAFFig3dAlVcg3SG1VQ1GG3MV2oSg+
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNEMzMC8wRjFGN0NFODk2
NDExMUVEQkE5RENDNEZDNEY5QUUwMi9XS0RkMENWVnlEZEliVlZEVVliY3hYYWhL
RDQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1dLRGQwQ1ZWeURkSWJWVkRVWWJjeFhhaEtENC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTRDMzAvMEYxRjdDRTg5NjQxMTFFREJBOURDQzRGQzRGOUFFMDIvMjAyN0FBRDZE
NjFDMTFFREFCMzQ4RDUwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnPfAwDQYJKoZIhvcNAQELBQADggEBAAM7mVKd4CWmuoAP
2buLXyeYhN41rClFd9aURSfxH4BnZQ6mdPmVi5xZg3HyI72uDe6mBV8EUEPD0Ehs
q+utGkliXNl36+hB040fnn95WqdAjxRRhT0WGouWtfvfkcK18NNtZgc30A67tVMa
YlaUOTrPrGmkKNmpXIUQsdCSu+tVnsVQqWv51KN6yq72M5SMPY0izEGba4WwtSiR
AzAfFU0RpfE5JnyqJQhCb3jcnSUIQoD7EzXn3jtGlqzLmaA2lT+EiwJcTcJIijBy
1jXmMmLLlRc7PMYA/RlAQSmj9enP3KeAbrcgsKVaTryOjVB09Z4gY/k5F/u1KX5C
9TE3P1I=
-----END CERTIFICATE-----
Generated at Mon Apr 7 00:09:19 2025 by rpki-client