Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EA723/2CD7F5C8B27D11ED8856FA81C4F9AE02/A948EB7AE90A11EEAD95B85FC4F9AE02.roa
File: A948EB7AE90A11EEAD95B85FC4F9AE02.roa (raw, json)
Hash identifier: lgResqozHMSjBCPcbPjf0wTjzslhaQ7QQ5VEGI72qEc=
Subject key identifier: 92:69:DE:D4:4A:17:8C:38:26:1F:AE:0D:15:52:93:48:E4:CC:D1:DD
Certificate issuer: /CN=A91EA723/serialNumber=B90422559B58C4DAA89F224D49C71FF44F9BCA34
Certificate serial: D6
Authority key identifier: B9:04:22:55:9B:58:C4:DA:A8:9F:22:4D:49:C7:1F:F4:4F:9B:CA:34
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uQQiVZtYxNqonyJNSccf9E-byjQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EA723/2CD7F5C8B27D11ED8856FA81C4F9AE02/A948EB7AE90A11EEAD95B85FC4F9AE02.roa
Signing time: Fri 29 Mar 2024 05:57:59 +0000
ROA not before: Fri 29 Mar 2024 05:57:59 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 134785
IP address blocks: 103.93.32.0/24 maxlen: 24
103.93.33.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 19 Mar 2025 16:13:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 214 (0xd6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EA723
Validity
Not Before: Mar 29 05:57:59 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=66065867-9f04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fc:81:c2:13:7f:4f:6f:48:79:79:a7:d6:7d:89:
a2:f7:2b:7e:bc:2f:3b:c6:21:ce:f7:84:62:df:dc:
78:6c:71:1b:f0:2e:a5:f1:20:d3:9c:5f:3d:37:36:
1d:e1:77:e0:a6:23:34:53:28:33:e4:29:65:e2:4d:
25:04:2f:cf:f8:8d:f9:ab:82:d9:53:de:57:a1:32:
4c:f5:fb:0e:50:54:f2:6a:24:38:5f:b2:9d:a8:0f:
bb:57:0e:d1:ce:bd:e0:06:0f:15:ad:18:4c:2a:55:
6a:af:84:6a:01:a4:97:53:3b:e6:23:8f:d8:45:bd:
d4:4e:7c:1d:7b:e8:1b:30:af:cf:62:9b:3f:b9:ef:
24:86:95:de:fc:3a:f3:c8:8e:a4:20:27:d2:e9:20:
df:bf:e7:74:87:ad:11:ee:3f:b4:6c:d2:3e:84:9f:
3d:46:27:25:31:64:1e:c6:e4:e3:76:18:84:48:56:
11:ae:b3:86:bd:d5:b1:44:95:b1:6c:8f:12:8e:cc:
55:90:43:d6:f8:8d:20:b8:33:2b:1f:22:1c:05:f5:
df:13:d5:95:4b:7f:74:e4:d4:84:0e:0f:fe:a3:89:
e4:a4:98:73:b3:38:d8:bf:fc:56:98:7b:bf:44:af:
07:c3:12:9e:06:1c:fd:78:7d:0a:20:b1:af:fc:00:
ed:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:69:DE:D4:4A:17:8C:38:26:1F:AE:0D:15:52:93:48:E4:CC:D1:DD
X509v3 Authority Key Identifier:
keyid:B9:04:22:55:9B:58:C4:DA:A8:9F:22:4D:49:C7:1F:F4:4F:9B:CA:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EA723/2CD7F5C8B27D11ED8856FA81C4F9AE02/uQQiVZtYxNqonyJNSccf9E-byjQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uQQiVZtYxNqonyJNSccf9E-byjQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EA723/2CD7F5C8B27D11ED8856FA81C4F9AE02/A948EB7AE90A11EEAD95B85FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.93.32.0/23
Signature Algorithm: sha256WithRSAEncryption
6c:7d:97:d6:6d:35:77:c5:d9:da:e6:07:3a:fa:fb:5f:36:9f:
49:09:a4:16:71:a0:40:7f:ed:de:e4:95:f3:1e:7b:d7:eb:28:
1a:8e:67:9e:46:36:e9:2e:0d:b4:de:4d:71:86:d3:e0:39:b5:
93:d6:6a:14:bd:1e:cd:57:76:2c:81:87:28:42:46:db:90:98:
2b:ce:cb:25:35:4b:b2:14:4a:72:5a:c0:b1:e8:73:91:2e:ef:
f0:8d:50:9f:a0:75:96:0c:c6:f5:34:af:b2:5f:74:63:1d:1e:
fd:4e:d5:e2:63:9f:d7:89:3c:6d:33:76:51:25:1e:b9:85:a4:
5a:6d:69:2c:77:4c:88:2e:7f:51:7f:9c:4f:05:02:d8:2f:cf:
ea:dc:4e:57:b9:65:6b:b0:c0:75:0a:f9:b2:62:fb:15:2e:5f:
2e:61:47:5d:4e:7c:66:52:2d:6c:3f:db:fd:d1:c5:5b:c6:3b:
fc:fb:c6:f8:a1:90:84:82:30:c6:7a:7f:e3:35:fd:a7:8c:d9:
b6:2a:f1:bb:8c:17:df:35:2d:37:4b:74:41:e8:d2:b3:b2:a1:
c2:2e:fc:2a:93:43:e5:f0:de:d7:c8:49:95:0e:9b:e2:11:f9:
33:58:ac:9a:7f:13:78:9d:8a:86:a4:06:c1:07:a7:27:f3:7d:
a5:26:cd:89
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICANYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUE3MjMxMTAvBgNVBAUTKEI5MDQyMjU1OUI1OEM0REFBODlGMjI0RDQ5QzcxRkY0
NEY5QkNBMzQwHhcNMjQwMzI5MDU1NzU5WhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02NjA2NTg2Ny05ZjA0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA/IHCE39Pb0h5eafWfYmi9yt+vC87xiHO94Ri39x4bHEb8C6l8SDTnF89NzYd
4XfgpiM0Uygz5Cll4k0lBC/P+I35q4LZU95XoTJM9fsOUFTyaiQ4X7KdqA+7Vw7R
zr3gBg8VrRhMKlVqr4RqAaSXUzvmI4/YRb3UTnwde+gbMK/PYps/ue8khpXe/Drz
yI6kICfS6SDfv+d0h60R7j+0bNI+hJ89RiclMWQexuTjdhiESFYRrrOGvdWxRJWx
bI8SjsxVkEPW+I0guDMrHyIcBfXfE9WVS3905NSEDg/+o4nkpJhzszjYv/xWmHu/
RK8HwxKeBhz9eH0KILGv/ADtrQIDAQABo4IClTCCApEwHQYDVR0OBBYEFJJp3tRK
F4w4Jh+uDRVSk0jkzNHdMB8GA1UdIwQYMBaAFLkEIlWbWMTaqJ8iTUnHH/RPm8o0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQTcyMy8yQ0Q3RjVDOEIy
N0QxMUVEODg1NkZBODFDNEY5QUUwMi91UVFpVlp0WXhOcW9ueUpOU2NjZjlFLWJ5
alEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3VRUWlWWnRZeE5xb255Sk5TY2NmOUUtYnlqUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUE3MjMvMkNEN0Y1QzhCMjdEMTFFRDg4NTZGQTgxQzRGOUFFMDIvQTk0OEVCN0FF
OTBBMTFFRUFEOTVCODVGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnXSAwDQYJKoZIhvcNAQELBQADggEBAGx9l9ZtNXfF2drm
Bzr6+182n0kJpBZxoEB/7d7klfMee9frKBqOZ55GNukuDbTeTXGG0+A5tZPWahS9
Hs1XdiyBhyhCRtuQmCvOyyU1S7IUSnJawLHoc5Eu7/CNUJ+gdZYMxvU0r7JfdGMd
Hv1O1eJjn9eJPG0zdlElHrmFpFptaSx3TIguf1F/nE8FAtgvz+rcTle5ZWuwwHUK
+bJi+xUuXy5hR11OfGZSLWw/2/3RxVvGO/z7xvihkISCMMZ6f+M1/aeM2bYq8buM
F981LTdLdEHo0rOyocIu/CqTQ+Xw3tfISZUOm+IR+TNYrJp/E3idioakBsEHpyfz
faUmzYk=
-----END CERTIFICATE-----
Generated at Sat Apr 5 05:57:27 2025 by rpki-client