Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F3B2E/0F55C696D67D11ED86D33750C4F9AE02/F261BDD0E2FD11EFA4DCA042C4F9AE02.roa
File: F261BDD0E2FD11EFA4DCA042C4F9AE02.roa (raw, json)
Hash identifier: TKN5J/XvzPwtF0cv6i8ZZVn4Rrp6RzaagKCHvSkE3hE=
Subject key identifier: 2F:52:D4:E2:D7:D0:88:5F:0E:31:F9:CA:80:40:58:5F:BD:33:28:02
Certificate issuer: /CN=A91F3B2E/serialNumber=4123E900E6A2EC8FE9B5D703B79280EF21407C81
Certificate serial: 017C
Authority key identifier: 41:23:E9:00:E6:A2:EC:8F:E9:B5:D7:03:B7:92:80:EF:21:40:7C:81
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QSPpAOai7I_ptdcDt5KA7yFAfIE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F3B2E/0F55C696D67D11ED86D33750C4F9AE02/F261BDD0E2FD11EFA4DCA042C4F9AE02.roa
Signing time: Tue 04 Feb 2025 13:42:59 +0000
ROA not before: Tue 04 Feb 2025 13:42:59 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 58895
IP address blocks: 103.176.247.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 23 Mar 2025 22:50:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 380 (0x17c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F3B2E
Validity
Not Before: Feb 4 13:42:59 2025 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=67a21963-f9a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:63:60:b2:39:68:bd:f1:f6:d8:48:08:29:b2:
58:5f:0a:4a:01:88:49:a1:5e:21:02:e2:4d:06:1f:
8d:23:1c:23:0d:e5:93:a0:aa:d7:9c:71:1b:6b:e4:
0d:12:f8:1a:4a:28:c6:62:4a:91:de:bc:c2:a7:27:
75:dd:04:83:ba:6c:cd:91:6c:e5:a4:f9:38:1a:2f:
10:cf:4a:e4:b5:de:de:b3:49:0d:44:fa:13:39:c3:
15:4f:bf:75:a4:d4:55:01:2a:34:5f:79:c8:34:da:
b9:9c:a9:22:f1:d7:d7:d6:4b:a7:4e:a5:09:2c:f3:
61:25:ca:94:a8:e5:a7:6b:ec:0a:b3:74:dd:33:f3:
b1:8e:9c:a2:aa:f0:47:77:db:d8:78:ae:da:fd:96:
a6:54:81:bd:66:62:1e:36:28:6d:67:a5:09:38:a9:
d3:9e:2c:45:8e:ce:64:d8:bb:bb:43:d6:83:7e:ea:
c9:13:c6:c4:04:22:3a:06:41:90:0e:83:2d:fa:9d:
ae:a8:12:d7:c1:05:40:67:01:81:ea:2d:8e:d3:e5:
3c:ea:9b:4b:db:20:24:d9:58:bf:8c:c5:6e:e0:b9:
c6:6b:8f:cc:6f:69:2b:bd:ec:41:b2:ab:e8:6e:da:
c9:49:81:e2:20:12:68:7a:db:51:52:f2:fa:c4:10:
44:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:52:D4:E2:D7:D0:88:5F:0E:31:F9:CA:80:40:58:5F:BD:33:28:02
X509v3 Authority Key Identifier:
keyid:41:23:E9:00:E6:A2:EC:8F:E9:B5:D7:03:B7:92:80:EF:21:40:7C:81
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F3B2E/0F55C696D67D11ED86D33750C4F9AE02/QSPpAOai7I_ptdcDt5KA7yFAfIE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QSPpAOai7I_ptdcDt5KA7yFAfIE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F3B2E/0F55C696D67D11ED86D33750C4F9AE02/F261BDD0E2FD11EFA4DCA042C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.176.247.0/24
Signature Algorithm: sha256WithRSAEncryption
23:c6:5b:5f:aa:66:a9:6a:e1:ab:45:64:13:3d:ae:b2:52:e3:
9a:9d:4b:fa:30:96:ac:16:7a:a9:b4:37:bb:c8:ce:e4:9c:be:
70:37:d2:77:94:c8:f0:34:f7:59:49:0d:09:5a:f3:73:09:2f:
ce:6c:19:0f:c3:0a:c6:c7:77:c3:e8:53:53:5f:5a:fc:fd:7d:
60:3a:66:d3:39:80:fd:15:4c:6d:d4:07:1c:50:6d:e7:d1:02:
97:b1:67:b7:a9:19:75:8e:12:3a:39:97:49:15:b0:bb:1b:b8:
95:26:de:e3:c1:30:9f:04:63:3f:6f:62:34:4d:33:d1:2f:f7:
61:0a:14:7e:17:66:8c:6b:39:9f:c7:cc:21:c6:09:55:be:04:
cc:27:b0:ab:e4:e1:27:31:77:28:99:bd:41:2b:db:b7:c8:75:
45:1a:32:d3:bf:ce:18:da:5e:94:75:d6:8d:1f:0b:45:74:a7:
6b:4c:1c:d0:49:9c:2d:ef:ad:fb:fb:16:1f:3c:0f:38:2b:7c:
6e:c5:fe:78:77:b3:ae:bc:bf:8a:30:3c:bf:3f:c0:ec:99:bf:
6e:aa:ed:fe:c8:a3:12:90:a4:77:c9:55:a7:6c:a3:33:a7:35:
60:08:c5:bf:30:39:91:ae:df:88:d1:d1:f3:6d:97:b9:c3:51:
92:0f:cb:45
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAXwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjNCMkUxMTAvBgNVBAUTKDQxMjNFOTAwRTZBMkVDOEZFOUI1RDcwM0I3OTI4MEVG
MjE0MDdDODEwHhcNMjUwMjA0MTM0MjU5WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2EyMTk2My1mOWEyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAr2NgsjlovfH22EgIKbJYXwpKAYhJoV4hAuJNBh+NIxwjDeWToKrXnHEba+QN
EvgaSijGYkqR3rzCpyd13QSDumzNkWzlpPk4Gi8Qz0rktd7es0kNRPoTOcMVT791
pNRVASo0X3nINNq5nKki8dfX1kunTqUJLPNhJcqUqOWna+wKs3TdM/OxjpyiqvBH
d9vYeK7a/ZamVIG9ZmIeNihtZ6UJOKnTnixFjs5k2Lu7Q9aDfurJE8bEBCI6BkGQ
DoMt+p2uqBLXwQVAZwGB6i2O0+U86ptL2yAk2Vi/jMVu4LnGa4/Mb2krvexBsqvo
btrJSYHiIBJoettRUvL6xBBE9QIDAQABo4IClTCCApEwHQYDVR0OBBYEFC9S1OLX
0IhfDjH5yoBAWF+9MygCMB8GA1UdIwQYMBaAFEEj6QDmouyP6bXXA7eSgO8hQHyB
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGM0IyRS8wRjU1QzY5NkQ2
N0QxMUVEODZEMzM3NTBDNEY5QUUwMi9RU1BwQU9haTdJX3B0ZGNEdDVLQTd5RkFm
SUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1FTUHBBT2FpN0lfcHRkY0R0NUtBN3lGQWZJRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjNCMkUvMEY1NUM2OTZENjdEMTFFRDg2RDMzNzUwQzRGOUFFMDIvRjI2MUJERDBF
MkZEMTFFRkE0RENBMDQyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnsPcwDQYJKoZIhvcNAQELBQADggEBACPGW1+qZqlq4atF
ZBM9rrJS45qdS/owlqwWeqm0N7vIzuScvnA30neUyPA091lJDQla83MJL85sGQ/D
CsbHd8PoU1NfWvz9fWA6ZtM5gP0VTG3UBxxQbefRApexZ7epGXWOEjo5l0kVsLsb
uJUm3uPBMJ8EYz9vYjRNM9Ev92EKFH4XZoxrOZ/HzCHGCVW+BMwnsKvk4ScxdyiZ
vUEr27fIdUUaMtO/zhjaXpR11o0fC0V0p2tMHNBJnC3vrfv7Fh88DzgrfG7F/nh3
s668v4owPL8/wOyZv26q7f7IoxKQpHfJVadsozOnNWAIxb8wOZGu34jR0fNtl7nD
UZIPy0U=
-----END CERTIFICATE-----
Generated at Mon Apr 7 05:03:09 2025 by rpki-client