Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EEE1B/206DFC28643811EB94683B4EC4F9AE02/A012E0B617C811ED95FB874FC4F9AE02.roa
File: A012E0B617C811ED95FB874FC4F9AE02.roa (raw, json)
Hash identifier: F3eGce0lTbww1uwyDWzWlNRW0CEK/RivZec6OVafsys=
Subject key identifier: 3F:A6:80:B3:7A:C0:90:D5:EB:33:76:ED:75:6E:04:B9:D9:C8:23:38
Certificate issuer: /CN=A91EEE1B/serialNumber=85902908828B0331E948D46EDB3825FF603DB986
Certificate serial: 05D0
Authority key identifier: 85:90:29:08:82:8B:03:31:E9:48:D4:6E:DB:38:25:FF:60:3D:B9:86
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hZApCIKLAzHpSNRu2zgl_2A9uYY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EEE1B/206DFC28643811EB94683B4EC4F9AE02/A012E0B617C811ED95FB874FC4F9AE02.roa
Signing time: Wed 10 Jan 2024 23:42:06 +0000
ROA not before: Wed 10 Jan 2024 23:42:06 +0000
ROA not after: Thu 01 May 2025 00:00:00 +0000
asID: 36131
IP address blocks: 103.208.252.0/22 maxlen: 23
103.208.254.0/24 maxlen: 24
103.208.255.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 21 May 2024 02:18:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1488 (0x5d0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EEE1B
Validity
Not Before: Jan 10 23:42:06 2024 GMT
Not After : May 1 00:00:00 2025 GMT
Subject: CN=659f2b4e-ba26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:e0:1b:d1:05:61:bd:54:7c:28:3f:25:5b:0c:
63:70:9e:fa:3a:b6:77:8d:6e:62:e9:7a:0b:30:32:
f0:d3:9c:c5:da:8d:4f:ad:2f:cd:05:60:5e:7e:8f:
75:42:40:60:8c:d9:d7:44:75:db:06:22:e6:f6:75:
62:04:cd:79:e8:07:ac:a7:1c:5d:3c:47:f0:fe:d7:
c9:1e:15:96:f5:dc:71:b7:bc:be:e8:57:9f:f9:e2:
40:f9:42:7f:82:80:cc:63:f9:f6:d9:9a:29:4a:f8:
c4:a2:1a:28:99:16:6b:a5:38:e3:b5:b1:73:ca:b7:
39:7c:79:1c:b0:cf:8c:b7:1f:ba:30:f4:fc:d5:d3:
51:55:c2:5f:89:bc:c8:66:b4:31:3a:4f:a2:13:a5:
60:20:b1:25:6d:d0:f0:8e:e2:0a:14:9f:75:ef:26:
9d:00:5b:a0:a5:71:c9:1d:29:f3:cb:44:3d:ba:39:
19:16:90:70:df:63:9e:76:e5:f3:2c:f3:e4:f6:94:
25:48:07:b2:37:98:7d:26:43:4e:51:3e:ed:ed:18:
d5:d2:a9:7d:cd:d0:29:dd:ca:55:6b:36:61:26:6b:
67:36:a1:51:ba:ac:ed:21:4b:3d:a3:f0:70:bf:71:
6e:ae:26:45:8b:e2:ae:94:3d:4d:5f:f2:70:c3:b8:
3e:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:A6:80:B3:7A:C0:90:D5:EB:33:76:ED:75:6E:04:B9:D9:C8:23:38
X509v3 Authority Key Identifier:
keyid:85:90:29:08:82:8B:03:31:E9:48:D4:6E:DB:38:25:FF:60:3D:B9:86
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EEE1B/206DFC28643811EB94683B4EC4F9AE02/hZApCIKLAzHpSNRu2zgl_2A9uYY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hZApCIKLAzHpSNRu2zgl_2A9uYY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EEE1B/206DFC28643811EB94683B4EC4F9AE02/A012E0B617C811ED95FB874FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.208.252.0/22
Signature Algorithm: sha256WithRSAEncryption
43:77:d2:2c:11:12:8c:03:91:07:38:18:6b:11:ef:25:c9:55:
cd:93:6b:ba:e1:d3:4b:7b:ac:36:85:44:f4:60:48:e9:f2:b5:
07:a1:1a:16:d7:54:81:be:dd:b5:b4:e5:f9:f8:ee:01:a5:c1:
69:11:f8:22:be:a6:be:be:94:6c:22:1c:e0:8d:15:12:58:2a:
b5:0f:76:0c:e9:21:9a:70:57:5f:71:61:6a:b4:3f:2d:88:d7:
81:4a:a5:0f:c9:34:35:3c:86:92:4c:06:09:37:ad:15:b9:bb:
36:6f:f7:86:4a:92:21:a7:fe:a4:87:fa:7d:9d:0b:96:a8:14:
d5:8c:e4:90:44:98:f3:e2:69:37:0c:a9:6b:66:41:f9:9b:dc:
5f:dc:eb:be:af:db:6c:21:a8:27:de:09:08:ec:40:c7:8a:5e:
11:8e:3c:ef:ed:32:2d:78:b7:7d:a5:e0:dc:74:ae:8f:aa:6a:
6b:d0:21:9e:9b:00:a2:46:2d:68:c6:9e:1a:64:75:b9:af:4d:
bf:d1:ca:fe:13:f5:a1:b1:11:7c:7a:f0:da:c5:7c:71:df:2e:
65:d8:23:0a:21:25:8c:06:96:84:f5:8b:40:fd:e4:36:43:25:
a3:85:c8:8c:5e:d9:16:01:39:78:83:d1:9a:82:e6:73:db:7a:
3e:f6:f3:dc
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBdAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUVFMUIxMTAvBgNVBAUTKDg1OTAyOTA4ODI4QjAzMzFFOTQ4RDQ2RURCMzgyNUZG
NjAzREI5ODYwHhcNMjQwMTEwMjM0MjA2WhcNMjUwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTlmMmI0ZS1iYTI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0+Ab0QVhvVR8KD8lWwxjcJ76OrZ3jW5i6XoLMDLw05zF2o1PrS/NBWBefo91
QkBgjNnXRHXbBiLm9nViBM156AespxxdPEfw/tfJHhWW9dxxt7y+6Fef+eJA+UJ/
goDMY/n22ZopSvjEohoomRZrpTjjtbFzyrc5fHkcsM+Mtx+6MPT81dNRVcJfibzI
ZrQxOk+iE6VgILElbdDwjuIKFJ917yadAFugpXHJHSnzy0Q9ujkZFpBw32OeduXz
LPPk9pQlSAeyN5h9JkNOUT7t7RjV0ql9zdAp3cpVazZhJmtnNqFRuqztIUs9o/Bw
v3FuriZFi+KulD1NX/Jww7g+vQIDAQABo4IClTCCApEwHQYDVR0OBBYEFD+mgLN6
wJDV6zN27XVuBLnZyCM4MB8GA1UdIwQYMBaAFIWQKQiCiwMx6UjUbts4Jf9gPbmG
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFRUUxQi8yMDZERkMyODY0
MzgxMUVCOTQ2ODNCNEVDNEY5QUUwMi9oWkFwQ0lLTEF6SHBTTlJ1MnpnbF8yQTl1
WVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2haQXBDSUtMQXpIcFNOUnUyemdsXzJBOXVZWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUVFMUIvMjA2REZDMjg2NDM4MTFFQjk0NjgzQjRFQzRGOUFFMDIvQTAxMkUwQjYx
N0M4MTFFRDk1RkI4NzRGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJn0PwwDQYJKoZIhvcNAQELBQADggEBAEN30iwREowDkQc4
GGsR7yXJVc2Ta7rh00t7rDaFRPRgSOnytQehGhbXVIG+3bW05fn47gGlwWkR+CK+
pr6+lGwiHOCNFRJYKrUPdgzpIZpwV19xYWq0Py2I14FKpQ/JNDU8hpJMBgk3rRW5
uzZv94ZKkiGn/qSH+n2dC5aoFNWM5JBEmPPiaTcMqWtmQfmb3F/c676v22whqCfe
CQjsQMeKXhGOPO/tMi14t32l4Nx0ro+qamvQIZ6bAKJGLWjGnhpkdbmvTb/Ryv4T
9aGxEXx68NrFfHHfLmXYIwohJYwGloT1i0D95DZDJaOFyIxe2RYBOXiD0ZqC5nPb
ej7289w=
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:20:18 2025 by rpki-client