Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F3B2E/0F55C696D67D11ED86D33750C4F9AE02/A85BCF9ECE7811EF89FA3944C4F9AE02.roa
File: A85BCF9ECE7811EF89FA3944C4F9AE02.roa (raw, json)
Hash identifier: cUbCrOgyU/m3OuY8OOJtKlH/lxiAtdNX5vkVw2BemaU=
Subject key identifier: 64:A3:00:2A:41:23:5A:49:9D:8D:4B:AA:61:A4:C5:EA:81:7C:0D:97
Certificate issuer: /CN=A91F3B2E/serialNumber=4123E900E6A2EC8FE9B5D703B79280EF21407C81
Certificate serial: 0163
Authority key identifier: 41:23:E9:00:E6:A2:EC:8F:E9:B5:D7:03:B7:92:80:EF:21:40:7C:81
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QSPpAOai7I_ptdcDt5KA7yFAfIE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F3B2E/0F55C696D67D11ED86D33750C4F9AE02/A85BCF9ECE7811EF89FA3944C4F9AE02.roa
Signing time: Thu 09 Jan 2025 10:58:29 +0000
ROA not before: Thu 09 Jan 2025 10:58:29 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 138039
IP address blocks: 103.176.247.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 10 Jan 2025 17:40:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 355 (0x163)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F3B2E
Validity
Not Before: Jan 9 10:58:29 2025 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=677fabd5-bd29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:4d:7e:86:ac:30:58:35:ad:f1:f4:44:87:ad:
b4:7a:2b:fd:17:fe:14:12:d5:0e:06:36:86:9e:8b:
5d:4d:62:e9:9b:c8:2c:19:86:91:4c:6b:d5:23:08:
6f:1d:df:75:83:0f:db:49:6d:43:ff:72:e5:81:2d:
dc:e1:e7:85:fc:5f:e5:0e:bb:b5:62:b9:c0:ee:d5:
69:d8:1c:44:ea:7f:75:d5:be:62:08:97:bc:9f:4d:
a9:e5:5d:41:f4:ec:3c:fd:6a:b2:eb:0c:25:f5:52:
f9:e0:7d:1c:56:97:7f:9b:13:d9:de:95:e0:f2:71:
ed:d5:04:fc:a0:2e:37:6f:c9:85:31:b5:47:0d:e1:
09:31:a2:a2:2c:cf:ab:a2:d4:fa:98:67:e5:72:9a:
64:2d:63:71:f0:53:77:2e:6c:82:ba:f0:79:1e:ea:
71:0d:31:b7:ca:ad:77:d4:0c:d4:67:2e:d9:a2:67:
25:56:32:79:64:1a:09:ac:2a:31:7d:31:e7:b6:74:
b7:d7:5e:fc:15:da:24:7f:a3:1c:be:e2:d5:82:e7:
06:ac:d3:17:9c:f4:b5:83:49:2c:cd:39:99:1d:af:
57:a9:18:e4:45:71:48:5a:fa:57:c5:12:c5:b8:f0:
20:eb:a3:5e:40:25:97:1c:9e:72:10:5f:3d:81:c8:
a9:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:A3:00:2A:41:23:5A:49:9D:8D:4B:AA:61:A4:C5:EA:81:7C:0D:97
X509v3 Authority Key Identifier:
keyid:41:23:E9:00:E6:A2:EC:8F:E9:B5:D7:03:B7:92:80:EF:21:40:7C:81
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F3B2E/0F55C696D67D11ED86D33750C4F9AE02/QSPpAOai7I_ptdcDt5KA7yFAfIE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QSPpAOai7I_ptdcDt5KA7yFAfIE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F3B2E/0F55C696D67D11ED86D33750C4F9AE02/A85BCF9ECE7811EF89FA3944C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.176.247.0/24
Signature Algorithm: sha256WithRSAEncryption
44:95:0d:2d:93:6d:65:e5:da:f9:07:d7:77:22:57:ae:7b:81:
12:eb:d6:d4:67:ed:46:0e:3e:08:76:25:6b:35:01:4c:fb:c9:
ac:fc:df:42:43:9e:38:60:be:06:bf:0c:96:ca:8c:10:12:cf:
c0:0c:a0:3d:fd:6c:64:94:7c:cc:5a:80:9b:84:72:05:3e:d4:
1c:ac:12:e3:89:82:f1:89:94:4b:46:1b:17:d6:ed:98:8e:7a:
2f:64:b9:3e:f1:4a:6c:16:17:74:07:d0:e2:19:7f:a4:cb:b4:
d6:c3:89:4b:c4:c6:ea:98:c0:ec:c1:f2:89:e7:dd:df:c9:2a:
cd:23:d8:c6:9d:90:8f:43:84:98:0e:94:13:d3:8a:f0:0b:81:
0c:63:d8:47:7f:43:39:7c:57:cd:63:ed:0e:ad:e1:65:37:92:
53:f9:ef:7a:67:46:6a:98:e4:76:94:4b:e1:45:54:06:19:3a:
a5:b0:fa:2c:5e:48:14:f8:eb:a1:25:f8:34:ef:d9:67:0c:00:
99:63:7c:11:7f:f0:0e:58:17:94:86:65:dd:22:27:88:e5:37:
8e:cc:97:4a:11:c7:ca:85:d6:aa:01:6b:fa:00:b1:a2:c9:62:
c5:30:d2:df:cc:93:3c:c2:2a:5d:ed:f6:58:80:80:b4:5c:62:
16:40:f9:b2
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAWMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjNCMkUxMTAvBgNVBAUTKDQxMjNFOTAwRTZBMkVDOEZFOUI1RDcwM0I3OTI4MEVG
MjE0MDdDODEwHhcNMjUwMTA5MTA1ODI5WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzdmYWJkNS1iZDI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0U1+hqwwWDWt8fREh620eiv9F/4UEtUOBjaGnotdTWLpm8gsGYaRTGvVIwhv
Hd91gw/bSW1D/3LlgS3c4eeF/F/lDru1YrnA7tVp2BxE6n911b5iCJe8n02p5V1B
9Ow8/Wqy6wwl9VL54H0cVpd/mxPZ3pXg8nHt1QT8oC43b8mFMbVHDeEJMaKiLM+r
otT6mGflcppkLWNx8FN3LmyCuvB5HupxDTG3yq131AzUZy7ZomclVjJ5ZBoJrCox
fTHntnS31178Fdokf6McvuLVgucGrNMXnPS1g0kszTmZHa9XqRjkRXFIWvpXxRLF
uPAg66NeQCWXHJ5yEF89gcipCQIDAQABo4IClTCCApEwHQYDVR0OBBYEFGSjACpB
I1pJnY1LqmGkxeqBfA2XMB8GA1UdIwQYMBaAFEEj6QDmouyP6bXXA7eSgO8hQHyB
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGM0IyRS8wRjU1QzY5NkQ2
N0QxMUVEODZEMzM3NTBDNEY5QUUwMi9RU1BwQU9haTdJX3B0ZGNEdDVLQTd5RkFm
SUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1FTUHBBT2FpN0lfcHRkY0R0NUtBN3lGQWZJRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjNCMkUvMEY1NUM2OTZENjdEMTFFRDg2RDMzNzUwQzRGOUFFMDIvQTg1QkNGOUVD
RTc4MTFFRjg5RkEzOTQ0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnsPcwDQYJKoZIhvcNAQELBQADggEBAESVDS2TbWXl2vkH
13ciV657gRLr1tRn7UYOPgh2JWs1AUz7yaz830JDnjhgvga/DJbKjBASz8AMoD39
bGSUfMxagJuEcgU+1BysEuOJgvGJlEtGGxfW7ZiOei9kuT7xSmwWF3QH0OIZf6TL
tNbDiUvExuqYwOzB8onn3d/JKs0j2MadkI9DhJgOlBPTivALgQxj2Ed/Qzl8V81j
7Q6t4WU3klP573pnRmqY5HaUS+FFVAYZOqWw+ixeSBT466El+DTv2WcMAJljfBF/
8A5YF5SGZd0iJ4jlN47Ml0oRx8qF1qoBa/oAsaLJYsUw0t/MkzzCKl3t9liAgLRc
YhZA+bI=
-----END CERTIFICATE-----
Generated at Sun Apr 6 16:18:52 2025 by rpki-client