Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E4DFA/845984CE1A8511ECA76AEA3AC4F9AE02/BAB0F65ABC9F11EFADB43F16C4F9AE02.roa
File: BAB0F65ABC9F11EFADB43F16C4F9AE02.roa (raw, json)
Hash identifier: UZpkgSdVLBapcOfpYNY3RiG6hUG2IDvGwhY1IfI2KbY=
Subject key identifier: B9:B9:7A:FF:32:96:52:38:5C:61:64:AC:47:83:14:E3:75:7B:9C:A2
Certificate issuer: /CN=A91E4DFA/serialNumber=2078AD5BBDF1D4C5B970BBE2934D9A355DB31CE8
Certificate serial: 049B
Authority key identifier: 20:78:AD:5B:BD:F1:D4:C5:B9:70:BB:E2:93:4D:9A:35:5D:B3:1C:E8
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IHitW73x1MW5cLvik02aNV2zHOg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E4DFA/845984CE1A8511ECA76AEA3AC4F9AE02/BAB0F65ABC9F11EFADB43F16C4F9AE02.roa
Signing time: Tue 17 Dec 2024 17:52:49 +0000
ROA not before: Tue 17 Dec 2024 17:52:49 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 54702
IP address blocks: 103.173.84.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 25 Feb 2025 16:30:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1179 (0x49b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E4DFA, serialNumber=2078AD5BBDF1D4C5B970BBE2934D9A355DB31CE8
Validity
Not Before: Dec 17 17:52:49 2024 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=6761ba71-91ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:c4:71:18:34:b2:38:e3:ee:62:82:2c:32:8c:
64:bb:5f:ca:e8:0b:68:65:b0:f4:ef:e1:7f:70:4f:
45:fb:41:6a:79:98:57:91:59:cf:18:54:a5:0c:8b:
4d:27:cc:d1:a7:99:de:9f:e0:b0:48:7c:bb:78:a3:
17:4f:01:6f:07:aa:db:ee:df:cc:12:bb:37:c6:26:
6c:1d:7a:66:b9:80:92:54:ea:8d:99:79:55:38:b5:
82:fe:a4:fa:59:5e:48:93:a0:1c:a3:a0:89:d6:55:
ef:84:a8:95:50:20:66:c9:02:c6:3d:21:af:48:11:
55:cd:3a:05:ed:71:d4:d6:e2:71:73:56:11:4f:39:
7f:9b:fb:90:1e:76:7a:92:e1:6e:32:57:22:ea:75:
be:3c:7e:d4:b7:ac:ec:b7:b4:c3:b3:b6:22:f1:c1:
7e:e6:b0:ec:c5:7c:fe:89:9e:7b:fd:b7:f3:43:ea:
54:4a:a9:55:fa:c3:8f:66:81:92:b7:03:4a:56:e2:
f3:6d:93:17:a0:6a:92:16:ee:6d:98:3c:74:8f:60:
3f:76:99:ab:1b:99:17:78:a1:49:93:f9:bc:f0:57:
12:63:85:f6:a2:58:6f:69:38:63:70:9d:76:97:66:
ce:ef:c9:de:06:68:ca:70:98:52:87:44:bd:b4:f7:
ee:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:B9:7A:FF:32:96:52:38:5C:61:64:AC:47:83:14:E3:75:7B:9C:A2
X509v3 Authority Key Identifier:
keyid:20:78:AD:5B:BD:F1:D4:C5:B9:70:BB:E2:93:4D:9A:35:5D:B3:1C:E8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E4DFA/845984CE1A8511ECA76AEA3AC4F9AE02/IHitW73x1MW5cLvik02aNV2zHOg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IHitW73x1MW5cLvik02aNV2zHOg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E4DFA/845984CE1A8511ECA76AEA3AC4F9AE02/BAB0F65ABC9F11EFADB43F16C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.173.84.0/23
Signature Algorithm: sha256WithRSAEncryption
a9:ac:93:63:2b:b0:c7:63:12:77:39:39:44:5e:42:9e:28:3d:
3a:72:90:f7:bb:10:e1:15:87:2c:05:52:5a:02:3b:dc:f4:d3:
7e:0f:a6:2a:4a:dd:96:58:b9:99:c5:78:c8:29:8e:01:17:00:
bc:6a:7f:d6:e4:10:d7:ad:7e:84:78:88:28:21:9d:d4:2d:a5:
b6:1d:a9:6a:53:16:b2:c8:c0:24:28:0c:bc:92:72:8c:fc:de:
5f:93:18:0f:50:7c:bc:c6:09:c3:27:9a:79:3b:69:b6:fc:13:
88:4e:18:65:14:40:15:92:f8:7d:57:d4:9c:2e:0b:61:7e:ec:
20:6f:56:a1:59:9d:bd:ae:12:b6:e0:8c:d2:fe:93:59:52:cf:
c4:3c:80:e9:6f:e3:21:12:91:68:91:51:b5:fd:92:f8:9e:49:
3c:c9:4c:78:e8:82:f8:c5:a4:64:42:2c:f0:67:60:8b:14:79:
e6:9f:e7:09:9f:fa:af:f7:98:6c:ce:1a:15:e3:1f:ed:24:92:
94:30:59:f6:47:fb:eb:f1:b1:36:ac:e9:81:67:df:c4:24:6a:
21:b5:f7:64:c2:df:3d:43:b4:5c:b8:2a:93:51:9b:1d:33:ed:
f0:bc:ab:24:77:b3:bb:1c:95:25:e8:47:9c:51:29:5f:f4:f9:
d4:d9:52:31
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBJswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTRERkExMTAvBgNVBAUTKDIwNzhBRDVCQkRGMUQ0QzVCOTcwQkJFMjkzNEQ5QTM1
NURCMzFDRTgwHhcNMjQxMjE3MTc1MjQ5WhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzYxYmE3MS05MWVhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAr8RxGDSyOOPuYoIsMoxku1/K6AtoZbD07+F/cE9F+0FqeZhXkVnPGFSlDItN
J8zRp5nen+CwSHy7eKMXTwFvB6rb7t/MErs3xiZsHXpmuYCSVOqNmXlVOLWC/qT6
WV5Ik6Aco6CJ1lXvhKiVUCBmyQLGPSGvSBFVzToF7XHU1uJxc1YRTzl/m/uQHnZ6
kuFuMlci6nW+PH7Ut6zst7TDs7Yi8cF+5rDsxXz+iZ57/bfzQ+pUSqlV+sOPZoGS
twNKVuLzbZMXoGqSFu5tmDx0j2A/dpmrG5kXeKFJk/m88FcSY4X2olhvaThjcJ12
l2bO78neBmjKcJhSh0S9tPfuEwIDAQABo4IClTCCApEwHQYDVR0OBBYEFLm5ev8y
llI4XGFkrEeDFON1e5yiMB8GA1UdIwQYMBaAFCB4rVu98dTFuXC74pNNmjVdsxzo
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNERGQS84NDU5ODRDRTFB
ODUxMUVDQTc2QUVBM0FDNEY5QUUwMi9JSGl0VzczeDFNVzVjTHZpazAyYU5WMnpI
T2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0lIaXRXNzN4MU1XNWNMdmlrMDJhTlYyekhPZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTRERkEvODQ1OTg0Q0UxQTg1MTFFQ0E3NkFFQTNBQzRGOUFFMDIvQkFCMEY2NUFC
QzlGMTFFRkFEQjQzRjE2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnrVQwDQYJKoZIhvcNAQELBQADggEBAKmsk2MrsMdjEnc5
OUReQp4oPTpykPe7EOEVhywFUloCO9z0034PpipK3ZZYuZnFeMgpjgEXALxqf9bk
ENetfoR4iCghndQtpbYdqWpTFrLIwCQoDLyScoz83l+TGA9QfLzGCcMnmnk7abb8
E4hOGGUUQBWS+H1X1JwuC2F+7CBvVqFZnb2uErbgjNL+k1lSz8Q8gOlv4yESkWiR
UbX9kvieSTzJTHjogvjFpGRCLPBnYIsUeeaf5wmf+q/3mGzOGhXjH+0kkpQwWfZH
++vxsTas6YFn38QkaiG192TC3z1DtFy4KpNRmx0z7fC8qyR3s7sclSXoR5xRKV/0
+dTZUjE=
-----END CERTIFICATE-----
Generated at Sun Apr 13 05:11:09 2025 by rpki-client