Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C326F/7866F5305FC711EB8A69202EC4F9AE02/B76C776472E411ED833AE326C4F9AE02.roa
File: B76C776472E411ED833AE326C4F9AE02.roa (raw, json)
Hash identifier: G40zS/jPmT/MABYrNCr8KjGZKmGs9oISV/lw5AZ1PqY=
Subject key identifier: 5F:38:2F:52:2D:9A:43:F3:32:79:0C:77:1B:2E:56:44:69:D8:08:20
Certificate issuer: /CN=A91C326F/serialNumber=392F36E0A450053C3DC66D2E3894E10CA733DDA6
Certificate serial: 0659
Authority key identifier: 39:2F:36:E0:A4:50:05:3C:3D:C6:6D:2E:38:94:E1:0C:A7:33:DD:A6
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OS824KRQBTw9xm0uOJThDKcz3aY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C326F/7866F5305FC711EB8A69202EC4F9AE02/B76C776472E411ED833AE326C4F9AE02.roa
Signing time: Sat 31 Aug 2024 00:02:07 +0000
ROA not before: Sat 31 Aug 2024 00:02:07 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 400619
IP address blocks: 103.68.192.0/24 maxlen: 24
103.68.193.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 30 Apr 2025 04:56:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1625 (0x659)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C326F, serialNumber=392F36E0A450053C3DC66D2E3894E10CA733DDA6
Validity
Not Before: Aug 31 00:02:07 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=66d25d7f-6143
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:7d:4b:7d:0e:3e:54:51:a7:82:33:19:1e:fe:
cc:e8:8e:2e:e3:6f:7a:6b:dc:fa:76:41:26:df:f8:
bc:c1:f9:57:c6:79:f1:66:ed:c6:c5:8f:19:59:cd:
96:d2:6a:58:44:ef:93:b5:50:a0:8a:1a:63:d8:f5:
49:91:18:ce:16:e8:8a:5d:17:46:34:f0:ec:33:a3:
36:82:8b:be:e6:58:c6:07:a2:ae:34:78:43:bb:52:
07:7a:d2:55:96:0e:3d:ac:9b:53:e0:51:c7:75:c2:
2d:b9:93:9f:db:a1:4e:88:8c:b1:dc:0b:64:fc:b4:
6a:88:79:bb:9a:96:e3:5b:3f:9b:0d:91:7d:f7:55:
f0:a2:9f:99:49:ef:b1:ac:78:67:d4:a0:76:79:a0:
23:4c:01:df:84:c6:08:9f:18:da:13:f3:e7:43:db:
fc:1e:87:5f:eb:a9:5c:20:67:66:fd:93:b0:cc:d7:
ce:7e:5a:a8:5c:1f:69:d0:86:9a:4b:ef:65:8e:e4:
76:59:23:98:3f:81:26:36:a5:60:18:70:00:09:ac:
64:6e:f1:aa:b6:db:41:ba:20:f8:e4:3f:e4:03:8b:
78:c5:3a:e2:bf:82:f2:63:9d:1c:9c:a1:1f:48:9a:
7b:4f:5b:45:be:8b:8b:79:ad:e4:47:97:0b:6a:4a:
dd:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:38:2F:52:2D:9A:43:F3:32:79:0C:77:1B:2E:56:44:69:D8:08:20
X509v3 Authority Key Identifier:
keyid:39:2F:36:E0:A4:50:05:3C:3D:C6:6D:2E:38:94:E1:0C:A7:33:DD:A6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C326F/7866F5305FC711EB8A69202EC4F9AE02/OS824KRQBTw9xm0uOJThDKcz3aY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OS824KRQBTw9xm0uOJThDKcz3aY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C326F/7866F5305FC711EB8A69202EC4F9AE02/B76C776472E411ED833AE326C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.68.192.0/23
Signature Algorithm: sha256WithRSAEncryption
17:97:24:7a:29:45:1e:d1:58:5c:9f:85:fd:59:58:95:fa:12:
6d:5c:51:f2:8c:fa:0b:ef:f2:20:50:12:5e:9e:3a:59:85:73:
67:ee:f1:b7:4b:59:0e:77:8c:06:af:02:fb:a6:c4:e8:65:9d:
c8:4b:75:19:ce:63:3c:e0:bc:65:55:30:fd:5e:30:12:d0:09:
56:46:cc:da:c6:42:92:32:b4:14:d5:b2:0c:f8:02:94:f3:b1:
5a:c5:67:f6:67:db:17:c2:25:36:eb:4b:3c:09:dd:6a:94:10:
31:6b:af:01:49:73:b3:c2:64:6f:b4:e8:6c:57:37:af:b7:ef:
24:1c:0f:86:e1:a3:96:aa:fe:9c:82:9f:5b:3e:11:75:dc:33:
8a:67:42:59:4d:ec:36:35:9f:cd:3f:93:9f:57:ef:1c:1d:9a:
d3:fd:06:d0:36:85:84:7a:90:69:81:6f:ea:43:93:98:a8:6a:
96:82:7f:de:f0:15:4a:03:d1:72:e7:26:83:98:3d:d5:e0:f5:
43:11:4d:c4:74:51:80:23:df:74:6d:63:48:b8:a1:0e:72:08:
40:9a:fe:de:89:ca:eb:02:cc:39:19:63:d9:58:0e:09:ee:2a:
1f:c7:c6:3a:6f:f7:42:84:f2:eb:6a:4c:7f:40:0d:fa:e6:3e:
25:e5:7a:7e
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBlkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzMyNkYxMTAvBgNVBAUTKDM5MkYzNkUwQTQ1MDA1M0MzREM2NkQyRTM4OTRFMTBD
QTczM0REQTYwHhcNMjQwODMxMDAwMjA3WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmQyNWQ3Zi02MTQzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAkH1LfQ4+VFGngjMZHv7M6I4u4296a9z6dkEm3/i8wflXxnnxZu3GxY8ZWc2W
0mpYRO+TtVCgihpj2PVJkRjOFuiKXRdGNPDsM6M2gou+5ljGB6KuNHhDu1IHetJV
lg49rJtT4FHHdcItuZOf26FOiIyx3Atk/LRqiHm7mpbjWz+bDZF991Xwop+ZSe+x
rHhn1KB2eaAjTAHfhMYInxjaE/PnQ9v8Hodf66lcIGdm/ZOwzNfOflqoXB9p0Iaa
S+9ljuR2WSOYP4EmNqVgGHAACaxkbvGqtttBuiD45D/kA4t4xTriv4LyY50cnKEf
SJp7T1tFvouLea3kR5cLakrdVQIDAQABo4IClTCCApEwHQYDVR0OBBYEFF84L1It
mkPzMnkMdxsuVkRp2AggMB8GA1UdIwQYMBaAFDkvNuCkUAU8PcZtLjiU4QynM92m
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMzI2Ri83ODY2RjUzMDVG
QzcxMUVCOEE2OTIwMkVDNEY5QUUwMi9PUzgyNEtSUUJUdzl4bTB1T0pUaERLY3oz
YVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09TODI0S1JRQlR3OXhtMHVPSlRoREtjejNhWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzMyNkYvNzg2NkY1MzA1RkM3MTFFQjhBNjkyMDJFQzRGOUFFMDIvQjc2Qzc3NjQ3
MkU0MTFFRDgzM0FFMzI2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnRMAwDQYJKoZIhvcNAQELBQADggEBABeXJHopRR7RWFyf
hf1ZWJX6Em1cUfKM+gvv8iBQEl6eOlmFc2fu8bdLWQ53jAavAvumxOhlnchLdRnO
YzzgvGVVMP1eMBLQCVZGzNrGQpIytBTVsgz4ApTzsVrFZ/Zn2xfCJTbrSzwJ3WqU
EDFrrwFJc7PCZG+06GxXN6+37yQcD4bho5aq/pyCn1s+EXXcM4pnQllN7DY1n80/
k59X7xwdmtP9BtA2hYR6kGmBb+pDk5ioapaCf97wFUoD0XLnJoOYPdXg9UMRTcR0
UYAj33RtY0i4oQ5yCECa/t6JyusCzDkZY9lYDgnuKh/Hxjpv90KE8utqTH9ADfrm
PiXlen4=
-----END CERTIFICATE-----
Generated at Sat Jul 5 19:12:49 2025 by rpki-client