Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EBA0E/DBBED206C00511EDA255FA10C4F9AE02/BB2A40229BA811EF88DC4B0DC4F9AE02.roa
File: BB2A40229BA811EF88DC4B0DC4F9AE02.roa (raw, json)
Hash identifier: 4pKkroH8uyE6t4m0FB2SMmLt/U7+dbbacgbhkXRypl8=
Subject key identifier: C6:7D:24:A7:0A:29:10:D0:69:0B:69:42:69:E3:81:A4:DC:95:6E:BD
Certificate issuer: /CN=A91EBA0E/serialNumber=926D9ADC6FB873D765BB41227280C1F11846EE17
Certificate serial: 0159
Authority key identifier: 92:6D:9A:DC:6F:B8:73:D7:65:BB:41:22:72:80:C1:F1:18:46:EE:17
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/km2a3G-4c9dlu0EicoDB8RhG7hc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EBA0E/DBBED206C00511EDA255FA10C4F9AE02/BB2A40229BA811EF88DC4B0DC4F9AE02.roa
Signing time: Sun 01 Dec 2024 03:06:09 +0000
ROA not before: Sun 01 Dec 2024 03:06:09 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 151966
IP address blocks: 103.174.86.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 02 Dec 2024 10:46:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 345 (0x159)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EBA0E
Validity
Not Before: Dec 1 03:06:09 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=674bd2a1-728a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:c0:20:e0:47:87:b0:34:b8:c0:ed:03:f8:c5:
06:aa:2a:43:d6:f5:8d:76:b0:49:2f:0e:d4:56:49:
60:85:90:2e:56:5a:73:8f:d9:1c:4d:e6:88:4c:0c:
bd:86:6f:b7:18:ce:7f:78:4f:b1:94:1a:0e:eb:cc:
f5:f4:15:01:61:27:f4:13:09:58:4f:59:33:19:d1:
f8:b7:74:aa:60:80:87:df:1c:6d:16:5d:9e:55:f7:
bb:4e:4f:a7:d9:11:2f:e2:1c:d2:20:cc:09:ac:6d:
70:9c:b9:76:18:58:55:5c:e2:e0:f2:ea:ce:8c:47:
46:27:78:2c:71:32:4b:4d:b9:f3:e9:bf:a4:4c:f8:
05:3b:87:c5:a9:2e:5c:61:54:16:f1:d4:9c:7d:bc:
5b:78:1b:72:b9:f6:8e:a9:0c:8f:cd:40:62:53:6c:
ff:f7:aa:dc:69:e6:fd:34:0f:b8:20:9b:18:f6:59:
af:91:8e:e2:f2:c3:a2:f5:b1:df:15:16:e6:bf:4c:
d3:9f:58:fe:03:06:3b:8d:fb:05:0c:dc:86:ce:d3:
ca:41:28:eb:ad:39:09:2b:79:bc:e7:b5:73:49:cc:
13:04:6b:c1:e2:44:f0:76:cf:cb:23:39:a6:7b:84:
97:42:16:af:28:7f:53:f4:71:52:90:3c:ff:8d:63:
6f:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:7D:24:A7:0A:29:10:D0:69:0B:69:42:69:E3:81:A4:DC:95:6E:BD
X509v3 Authority Key Identifier:
keyid:92:6D:9A:DC:6F:B8:73:D7:65:BB:41:22:72:80:C1:F1:18:46:EE:17
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EBA0E/DBBED206C00511EDA255FA10C4F9AE02/km2a3G-4c9dlu0EicoDB8RhG7hc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/km2a3G-4c9dlu0EicoDB8RhG7hc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EBA0E/DBBED206C00511EDA255FA10C4F9AE02/BB2A40229BA811EF88DC4B0DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.174.86.0/23
Signature Algorithm: sha256WithRSAEncryption
4f:9d:ec:75:6c:4b:4b:05:9b:44:1a:79:55:2f:5c:65:3a:b5:
32:6e:7f:31:90:fa:36:b3:6e:b3:7a:fb:b7:57:07:66:b7:c6:
3f:5b:4c:68:6a:03:d8:27:b2:e1:49:49:52:16:ed:6a:a7:1f:
7e:b6:14:2b:e2:97:e9:31:72:cc:fc:19:7a:d7:a6:8e:8b:96:
4e:d3:30:56:40:a4:46:66:d2:83:a3:1c:41:b3:6a:2f:1a:32:
7c:7c:ef:f9:91:fa:b6:16:8e:4a:cf:c4:20:cf:78:a6:a2:61:
de:df:3a:1b:06:4a:42:4c:5f:55:95:80:b8:b0:34:32:c0:6e:
0a:07:3f:21:5d:25:f7:53:56:fe:42:36:82:90:a5:d9:c1:17:
62:bf:03:93:6c:c3:f2:58:f1:17:7c:e5:76:db:6f:b1:5b:f8:
69:c4:f9:42:8d:bd:36:d2:33:f5:11:fc:49:8d:65:54:c6:0c:
aa:5b:5f:36:bb:9a:2d:48:57:2e:a6:b9:a3:86:a9:12:27:00:
03:18:9a:b0:2a:96:02:ed:90:17:17:9d:7c:96:b1:f8:4d:cf:
d4:c6:66:f0:3f:5a:ed:5e:a6:ec:d6:02:fa:49:65:d3:9a:49:
15:dc:6a:28:7a:28:fb:56:1e:42:d9:8b:67:c3:5c:55:3e:61:
f3:3b:c8:8f
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAVkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUJBMEUxMTAvBgNVBAUTKDkyNkQ5QURDNkZCODczRDc2NUJCNDEyMjcyODBDMUYx
MTg0NkVFMTcwHhcNMjQxMjAxMDMwNjA5WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzRiZDJhMS03MjhhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtcAg4EeHsDS4wO0D+MUGqipD1vWNdrBJLw7UVklghZAuVlpzj9kcTeaITAy9
hm+3GM5/eE+xlBoO68z19BUBYSf0EwlYT1kzGdH4t3SqYICH3xxtFl2eVfe7Tk+n
2REv4hzSIMwJrG1wnLl2GFhVXOLg8urOjEdGJ3gscTJLTbnz6b+kTPgFO4fFqS5c
YVQW8dScfbxbeBtyufaOqQyPzUBiU2z/96rcaeb9NA+4IJsY9lmvkY7i8sOi9bHf
FRbmv0zTn1j+AwY7jfsFDNyGztPKQSjrrTkJK3m857VzScwTBGvB4kTwds/LIzmm
e4SXQhavKH9T9HFSkDz/jWNvjQIDAQABo4IClTCCApEwHQYDVR0OBBYEFMZ9JKcK
KRDQaQtpQmnjgaTclW69MB8GA1UdIwQYMBaAFJJtmtxvuHPXZbtBInKAwfEYRu4X
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQkEwRS9EQkJFRDIwNkMw
MDUxMUVEQTI1NUZBMTBDNEY5QUUwMi9rbTJhM0ctNGM5ZGx1MEVpY29EQjhSaEc3
aGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2ttMmEzRy00YzlkbHUwRWljb0RCOFJoRzdoYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUJBMEUvREJCRUQyMDZDMDA1MTFFREEyNTVGQTEwQzRGOUFFMDIvQkIyQTQwMjI5
QkE4MTFFRjg4REM0QjBEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnrlYwDQYJKoZIhvcNAQELBQADggEBAE+d7HVsS0sFm0Qa
eVUvXGU6tTJufzGQ+jazbrN6+7dXB2a3xj9bTGhqA9gnsuFJSVIW7WqnH362FCvi
l+kxcsz8GXrXpo6Llk7TMFZApEZm0oOjHEGzai8aMnx87/mR+rYWjkrPxCDPeKai
Yd7fOhsGSkJMX1WVgLiwNDLAbgoHPyFdJfdTVv5CNoKQpdnBF2K/A5Nsw/JY8Rd8
5Xbbb7Fb+GnE+UKNvTbSM/UR/EmNZVTGDKpbXza7mi1IVy6muaOGqRInAAMYmrAq
lgLtkBcXnXyWsfhNz9TGZvA/Wu1epuzWAvpJZdOaSRXcaih6KPtWHkLZi2fDXFU+
YfM7yI8=
-----END CERTIFICATE-----
Generated at Sun Apr 6 02:34:01 2025 by rpki-client