Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E5D0C/891B4ECA323611EC89838756C4F9AE02/AB4727F6B07511EFA2A16813C4F9AE02.roa
File: AB4727F6B07511EFA2A16813C4F9AE02.roa (raw, json)
Hash identifier: ytmBw4QfE9tX2ibHqPx80zao3WxHW7bQ2gS1TBDeGxQ=
Subject key identifier: 3D:57:4D:7A:D2:AC:4F:8E:8F:85:6F:64:0A:72:1F:D0:AA:73:69:FA
Certificate issuer: /CN=A91E5D0C/serialNumber=3E73B2BE13037BE744391D3A899CDD202B82F76D
Certificate serial: 047C
Authority key identifier: 3E:73:B2:BE:13:03:7B:E7:44:39:1D:3A:89:9C:DD:20:2B:82:F7:6D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PnOyvhMDe-dEOR06iZzdICuC920.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E5D0C/891B4ECA323611EC89838756C4F9AE02/AB4727F6B07511EFA2A16813C4F9AE02.roa
Signing time: Fri 03 Jan 2025 09:14:05 +0000
ROA not before: Fri 03 Jan 2025 09:14:05 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 147179
IP address blocks: 103.174.44.0/24 maxlen: 24
103.174.45.0/24 maxlen: 24
2407:fa40::/32 maxlen: 32
Validation: Failed, certificate revoked on Sun 16 Feb 2025 09:47:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1148 (0x47c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E5D0C
Validity
Not Before: Jan 3 09:14:05 2025 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=6777aa5d-e201
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:ec:20:af:a6:e8:2e:89:46:29:6d:62:97:0a:
95:8b:b2:08:cb:8a:da:a0:71:ab:19:77:8c:28:fa:
45:8c:8b:2f:ac:6b:38:9e:49:94:18:9a:58:40:fc:
57:55:99:d4:19:9f:28:06:f5:84:c2:06:58:96:3e:
48:ff:33:f3:0f:c5:24:a3:82:c4:0c:e8:9a:76:5b:
4f:b9:e4:96:a5:40:3b:aa:eb:09:c3:69:5a:a5:fd:
9c:c1:bf:f6:2e:57:9e:5e:49:dc:8e:c5:2b:17:7f:
6d:0a:18:48:33:df:16:69:11:a7:d5:84:48:2c:b0:
94:52:a9:03:69:5a:3d:10:bc:f6:bb:44:72:0c:44:
fc:3c:13:69:12:5f:b0:11:37:74:cd:3a:8f:5a:82:
46:74:b0:a6:9d:b9:d9:2e:e1:97:aa:dd:21:ff:d8:
2b:7f:d2:55:c8:53:32:3c:af:e9:8f:22:30:70:6f:
e0:7c:b6:f1:d3:6b:a6:4d:98:d7:a5:76:00:98:d2:
f8:fa:35:a1:36:9a:a8:c7:fe:3b:09:14:7b:ad:20:
39:d5:0d:06:05:6a:d8:8f:48:80:5d:ec:d9:23:50:
4c:5c:43:a9:fa:b7:1b:d3:a3:d5:18:58:e9:a3:72:
49:21:23:b1:82:b9:fa:6f:35:64:7a:ac:3d:55:25:
15:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:57:4D:7A:D2:AC:4F:8E:8F:85:6F:64:0A:72:1F:D0:AA:73:69:FA
X509v3 Authority Key Identifier:
keyid:3E:73:B2:BE:13:03:7B:E7:44:39:1D:3A:89:9C:DD:20:2B:82:F7:6D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E5D0C/891B4ECA323611EC89838756C4F9AE02/PnOyvhMDe-dEOR06iZzdICuC920.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PnOyvhMDe-dEOR06iZzdICuC920.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E5D0C/891B4ECA323611EC89838756C4F9AE02/AB4727F6B07511EFA2A16813C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.174.44.0/23
IPv6:
2407:fa40::/32
Signature Algorithm: sha256WithRSAEncryption
65:ea:54:a6:c9:de:01:31:2b:0f:40:68:4d:b2:4b:5d:aa:12:
6e:96:18:03:db:cd:35:de:9f:1a:ae:b1:b7:c5:39:84:67:7d:
84:84:1c:68:df:b2:28:a5:85:8d:82:18:72:6b:e1:9b:ad:05:
8b:f7:2d:8e:b0:83:53:9f:e7:c2:f3:56:76:69:69:b6:c8:e8:
9d:60:06:76:25:1e:a2:00:68:5c:6e:e5:f5:3a:c0:b2:3a:de:
b7:e3:d2:9a:cc:96:71:07:62:55:24:d4:a1:26:55:b7:96:fc:
69:ad:38:bd:02:ce:fe:24:05:39:cf:cc:dd:3a:f1:06:f8:60:
5e:c1:1b:d3:a9:b3:e2:7c:a0:3d:b3:63:fa:8b:a7:aa:8d:f3:
cc:42:c2:cf:db:02:80:3c:70:ad:79:3b:4d:97:9f:fd:83:ee:
49:85:93:84:11:fc:e4:34:76:c9:a3:57:cc:1b:ad:d2:79:3d:
c0:96:1a:48:27:45:e0:e1:97:12:5c:63:5f:fd:e9:67:aa:e7:
7c:ca:51:6b:fb:8e:fe:0b:e9:68:45:91:92:30:3e:0f:da:d3:
c3:4e:df:6b:f5:1f:5f:a2:04:ee:8d:a6:6c:3c:3d:84:ad:1e:
79:93:5f:d1:01:7a:fc:69:01:71:97:71:1c:f8:c6:9a:58:4d:
89:09:63:91
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICBHwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTVEMEMxMTAvBgNVBAUTKDNFNzNCMkJFMTMwMzdCRTc0NDM5MUQzQTg5OUNERDIw
MkI4MkY3NkQwHhcNMjUwMTAzMDkxNDA1WhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzc3YWE1ZC1lMjAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxOwgr6boLolGKW1ilwqVi7IIy4raoHGrGXeMKPpFjIsvrGs4nkmUGJpYQPxX
VZnUGZ8oBvWEwgZYlj5I/zPzD8Uko4LEDOiadltPueSWpUA7qusJw2lapf2cwb/2
LleeXkncjsUrF39tChhIM98WaRGn1YRILLCUUqkDaVo9ELz2u0RyDET8PBNpEl+w
ETd0zTqPWoJGdLCmnbnZLuGXqt0h/9grf9JVyFMyPK/pjyIwcG/gfLbx02umTZjX
pXYAmNL4+jWhNpqox/47CRR7rSA51Q0GBWrYj0iAXezZI1BMXEOp+rcb06PVGFjp
o3JJISOxgrn6bzVkeqw9VSUV6wIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFD1XTXrS
rE+Oj4VvZApyH9Cqc2n6MB8GA1UdIwQYMBaAFD5zsr4TA3vnRDkdOomc3SArgvdt
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNUQwQy84OTFCNEVDQTMy
MzYxMUVDODk4Mzg3NTZDNEY5QUUwMi9Qbk95dmhNRGUtZEVPUjA2aVp6ZElDdUM5
MjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1BuT3l2aE1EZS1kRU9SMDZpWnpkSUN1QzkyMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTVEMEMvODkxQjRFQ0EzMjM2MTFFQzg5ODM4NzU2QzRGOUFFMDIvQUI0NzI3RjZC
MDc1MTFFRkEyQTE2ODEzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAFnriwwDQQCAAIwBwMFACQH+kAwDQYJKoZIhvcNAQELBQAD
ggEBAGXqVKbJ3gExKw9AaE2yS12qEm6WGAPbzTXenxqusbfFOYRnfYSEHGjfsiil
hY2CGHJr4ZutBYv3LY6wg1Of58LzVnZpabbI6J1gBnYlHqIAaFxu5fU6wLI63rfj
0prMlnEHYlUk1KEmVbeW/GmtOL0Czv4kBTnPzN068Qb4YF7BG9Ops+J8oD2zY/qL
p6qN88xCws/bAoA8cK15O02Xn/2D7kmFk4QR/OQ0dsmjV8wbrdJ5PcCWGkgnReDh
lxJcY1/96Weq53zKUWv7jv4L6WhFkZIwPg/a08NO32v1H1+iBO6Npmw8PYStHnmT
X9EBevxpAXGXcRz4xppYTYkJY5E=
-----END CERTIFICATE-----
Generated at Sat Apr 12 09:39:37 2025 by rpki-client