Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915DA5A/44E770B203EE11EABCA1A16EC4F9AE02/17C08032367511F09F456847C4F9AE02.roa
File: 17C08032367511F09F456847C4F9AE02.roa (raw, json)
Hash identifier: fbke1WODa4iDAXLkfQ7NKjhSldlGyIrH4JlrdlwUDMA=
Subject key identifier: 22:15:61:AE:FE:90:0F:D4:26:70:58:7D:BB:AF:01:3A:C0:31:4E:D3
Certificate issuer: /CN=A915DA5A/serialNumber=B1177B2B4C2DF8B306D14A643007286F89D69CC0
Certificate serial: 0C60
Authority key identifier: B1:17:7B:2B:4C:2D:F8:B3:06:D1:4A:64:30:07:28:6F:89:D6:9C:C0
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sRd7K0wt-LMG0UpkMAcob4nWnMA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915DA5A/44E770B203EE11EABCA1A16EC4F9AE02/17C08032367511F09F456847C4F9AE02.roa
Signing time: Wed 21 May 2025 18:54:58 +0000
ROA not before: Wed 21 May 2025 18:54:58 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 139735
IP address blocks: 103.143.254.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 21 May 2025 19:27:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3168 (0xc60)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915DA5A, serialNumber=B1177B2B4C2DF8B306D14A643007286F89D69CC0
Validity
Not Before: May 21 18:54:58 2025 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=682e2182-78da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:86:21:57:02:59:60:71:7e:fa:60:22:f1:67:
8c:b8:a5:8a:fb:ee:71:ef:61:93:1f:de:72:3e:b0:
1f:ae:73:0c:0c:b2:99:eb:6d:be:88:2a:59:c7:2a:
b6:09:a6:9c:f8:bd:82:67:8e:e5:1b:51:1c:e8:b6:
b1:5b:07:cb:d0:4b:f6:0c:01:19:35:ae:e5:ac:cf:
4e:71:36:1f:1e:a9:cf:f2:62:74:a2:e3:84:ca:6c:
70:9d:ae:a8:18:a0:63:31:fd:d9:da:6f:56:29:cc:
45:d9:45:f3:96:7a:c0:90:35:ed:5d:b1:75:5d:b6:
ce:a0:a7:c6:d4:5b:4f:5f:50:bf:07:d1:ad:b5:cf:
72:73:7d:54:63:9a:ef:c1:09:bc:36:9a:d0:d4:60:
02:56:04:cc:64:1f:42:3e:d3:e4:7c:1d:a6:27:13:
07:a6:22:64:0b:0b:13:8c:d0:8f:e8:47:f1:fc:19:
96:53:ec:bd:3d:33:e4:bd:3d:41:57:94:a5:b8:35:
7b:6d:29:1d:a9:06:49:fb:f2:d3:b0:30:31:f9:a6:
6e:4c:52:13:a0:04:1d:73:33:68:9a:41:bb:71:7a:
ef:07:b6:28:5a:ea:59:6d:a4:18:43:df:41:57:16:
4b:0f:7f:81:cb:d8:4c:df:89:f0:29:c6:44:4b:96:
55:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:15:61:AE:FE:90:0F:D4:26:70:58:7D:BB:AF:01:3A:C0:31:4E:D3
X509v3 Authority Key Identifier:
keyid:B1:17:7B:2B:4C:2D:F8:B3:06:D1:4A:64:30:07:28:6F:89:D6:9C:C0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915DA5A/44E770B203EE11EABCA1A16EC4F9AE02/sRd7K0wt-LMG0UpkMAcob4nWnMA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sRd7K0wt-LMG0UpkMAcob4nWnMA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915DA5A/44E770B203EE11EABCA1A16EC4F9AE02/17C08032367511F09F456847C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.143.254.0/24
Signature Algorithm: sha256WithRSAEncryption
54:16:72:ac:16:9f:0b:79:51:65:c6:38:2c:85:e9:23:64:4a:
69:8c:96:88:75:09:47:22:27:d6:6d:3a:eb:fb:2a:b1:95:c4:
60:32:6c:8e:55:81:d0:ef:1a:0a:8c:35:d1:5f:06:b3:ad:3a:
c5:b2:4e:e0:e9:35:fd:28:e8:d6:66:9c:34:22:a1:f7:4b:94:
53:2a:45:7b:cb:ed:05:be:35:f6:ca:ce:60:e9:cf:ad:24:9f:
0e:33:43:f7:48:2d:c2:6b:53:e6:a9:bc:1c:29:fb:36:9f:ea:
d8:f4:aa:16:83:08:5c:cd:24:00:34:c6:59:7a:aa:19:9c:a8:
79:b8:58:d2:51:00:c9:6c:61:65:fc:84:8d:90:c8:4f:88:48:
ea:78:13:af:db:9e:ed:39:a0:5d:06:d7:7c:c8:42:31:9d:1b:
f7:ac:ff:92:d3:a5:9e:03:02:81:ac:53:cc:77:8f:b1:55:f5:
43:47:03:52:53:5f:2d:46:f4:d9:b6:67:8e:fa:03:a6:cc:b1:
e0:18:e8:0b:94:03:9b:ea:fa:18:39:f8:2c:66:98:94:16:57:
ab:55:78:1b:86:92:9b:7c:29:b7:07:da:d4:be:f9:6a:a4:b9:
23:df:c1:ce:cd:aa:c3:17:72:40:cf:f9:76:09:23:ac:c4:cb:
d8:54:98:ba
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICDGAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NURBNUExMTAvBgNVBAUTKEIxMTc3QjJCNEMyREY4QjMwNkQxNEE2NDMwMDcyODZG
ODlENjlDQzAwHhcNMjUwNTIxMTg1NDU4WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODJlMjE4Mi03OGRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAr4YhVwJZYHF++mAi8WeMuKWK++5x72GTH95yPrAfrnMMDLKZ622+iCpZxyq2
Caac+L2CZ47lG1Ec6LaxWwfL0Ev2DAEZNa7lrM9OcTYfHqnP8mJ0ouOEymxwna6o
GKBjMf3Z2m9WKcxF2UXzlnrAkDXtXbF1XbbOoKfG1FtPX1C/B9Gttc9yc31UY5rv
wQm8NprQ1GACVgTMZB9CPtPkfB2mJxMHpiJkCwsTjNCP6Efx/BmWU+y9PTPkvT1B
V5SluDV7bSkdqQZJ+/LTsDAx+aZuTFIToAQdczNomkG7cXrvB7YoWupZbaQYQ99B
VxZLD3+By9hM34nwKcZES5ZVfQIDAQABo4IClTCCApEwHQYDVR0OBBYEFCIVYa7+
kA/UJnBYfbuvATrAMU7TMB8GA1UdIwQYMBaAFLEXeytMLfizBtFKZDAHKG+J1pzA
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1REE1QS80NEU3NzBCMjAz
RUUxMUVBQkNBMUExNkVDNEY5QUUwMi9zUmQ3SzB3dC1MTUcwVXBrTUFjb2I0bldu
TUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3NSZDdLMHd0LUxNRzBVcGtNQWNvYjRuV25NQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NURBNUEvNDRFNzcwQjIwM0VFMTFFQUJDQTFBMTZFQzRGOUFFMDIvMTdDMDgwMzIz
Njc1MTFGMDlGNDU2ODQ3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnj/4wDQYJKoZIhvcNAQELBQADggEBAFQWcqwWnwt5UWXG
OCyF6SNkSmmMloh1CUciJ9ZtOuv7KrGVxGAybI5VgdDvGgqMNdFfBrOtOsWyTuDp
Nf0o6NZmnDQiofdLlFMqRXvL7QW+NfbKzmDpz60knw4zQ/dILcJrU+apvBwp+zaf
6tj0qhaDCFzNJAA0xll6qhmcqHm4WNJRAMlsYWX8hI2QyE+ISOp4E6/bnu05oF0G
13zIQjGdG/es/5LTpZ4DAoGsU8x3j7FV9UNHA1JTXy1G9Nm2Z476A6bMseAY6AuU
A5vq+hg5+CxmmJQWV6tVeBuGkpt8KbcH2tS++WqkuSPfwc7NqsMXckDP+XYJI6zE
y9hUmLo=
-----END CERTIFICATE-----
Generated at Mon Jun 2 06:35:09 2025 by rpki-client