Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DC9C4/1A70DC864E9311EDA730ED32C4F9AE02/B8B2C3BC4E9511EDA5AF6A34C4F9AE02.roa
File: B8B2C3BC4E9511EDA5AF6A34C4F9AE02.roa (raw, json)
Hash identifier: 6C07SnczQrxUqRjTLvDOEAgf1A9IHKpinwyHhMBEGq8=
Subject key identifier: 80:4B:DA:BF:B3:39:27:5C:BD:75:64:4C:68:F4:10:F8:1D:1B:73:D5
Certificate issuer: /CN=A91DC9C4/serialNumber=8483FD5457D11E0513552111F5BA2F3712E985F7
Certificate serial: 0156
Authority key identifier: 84:83:FD:54:57:D1:1E:05:13:55:21:11:F5:BA:2F:37:12:E9:85:F7
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hIP9VFfRHgUTVSER9bovNxLphfc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DC9C4/1A70DC864E9311EDA730ED32C4F9AE02/B8B2C3BC4E9511EDA5AF6A34C4F9AE02.roa
Signing time: Fri 09 Aug 2024 03:34:57 +0000
ROA not before: Fri 09 Aug 2024 03:34:57 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 55636
IP address blocks: 27.116.60.0/22 maxlen: 24
103.73.164.0/22 maxlen: 24
202.172.22.0/23 maxlen: 24
Validation: Failed, certificate revoked on Thu 30 Jan 2025 10:25:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 342 (0x156)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DC9C4
Validity
Not Before: Aug 9 03:34:57 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=66b58e61-0660
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:af:e3:4c:55:74:3a:99:25:9b:a4:d7:35:80:
cd:80:80:9f:6b:c3:86:ed:fc:95:d3:a2:60:be:79:
46:75:2c:fb:55:40:b0:97:16:a7:b7:3a:5a:bd:f3:
1b:98:5e:bf:6c:db:ad:03:28:b8:ac:57:a5:8b:d8:
bf:d6:16:15:76:16:94:97:a8:da:0c:6b:b1:f6:d9:
4b:9f:69:49:29:c7:af:37:34:41:87:ab:22:f1:b5:
37:db:c1:36:4e:46:83:24:ea:b4:f6:db:73:60:c6:
37:d7:99:5a:c3:7d:28:88:cd:36:74:6b:92:0c:f9:
9a:66:5a:02:0a:2d:30:d4:9e:00:0e:c9:b3:74:f2:
b9:43:20:f4:81:2f:1e:bf:17:3a:f0:e7:92:21:5f:
a1:a4:5f:78:b5:7a:70:81:18:c6:e3:05:07:3c:c9:
1e:79:d9:fe:55:62:d2:6f:14:eb:b3:f5:43:c7:cf:
f7:ce:5b:c7:f7:51:71:5d:c1:90:d1:ff:e8:16:9d:
b1:72:47:e2:81:11:85:2f:fd:dd:31:e2:d2:a5:be:
e5:2f:1d:4a:90:bb:40:91:10:9e:d5:ea:c9:7e:31:
29:24:c4:92:05:bc:b3:e4:94:19:47:20:cb:07:43:
69:a4:45:c3:b0:f4:a6:5b:de:99:22:55:3f:ca:b0:
c5:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:4B:DA:BF:B3:39:27:5C:BD:75:64:4C:68:F4:10:F8:1D:1B:73:D5
X509v3 Authority Key Identifier:
keyid:84:83:FD:54:57:D1:1E:05:13:55:21:11:F5:BA:2F:37:12:E9:85:F7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DC9C4/1A70DC864E9311EDA730ED32C4F9AE02/hIP9VFfRHgUTVSER9bovNxLphfc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hIP9VFfRHgUTVSER9bovNxLphfc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DC9C4/1A70DC864E9311EDA730ED32C4F9AE02/B8B2C3BC4E9511EDA5AF6A34C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.116.60.0/22
103.73.164.0/22
202.172.22.0/23
Signature Algorithm: sha256WithRSAEncryption
55:e0:ee:5c:56:d1:db:35:0f:1b:11:78:3a:d0:a8:9b:55:69:
cf:55:e9:2c:e4:86:e4:c3:13:4f:21:57:6e:1a:ac:7f:7e:d6:
bc:d0:97:79:fe:ab:ee:41:d5:a9:f4:ca:37:b0:04:96:8e:6f:
69:92:2a:38:f7:bb:29:54:08:5c:88:13:bc:9f:f9:e7:d5:ec:
23:e1:6e:f1:26:13:01:69:f1:92:4b:b6:a2:4a:79:b9:5f:06:
fc:dc:e6:ec:82:8c:d0:c2:35:05:f3:00:79:f0:23:1e:5b:9c:
aa:7e:c7:79:88:ca:99:ca:b9:7b:c8:25:7e:e2:8c:4f:0b:82:
28:a7:2c:30:5c:6c:17:ba:46:8c:34:ca:25:21:6c:c8:65:e9:
25:ce:de:3e:a6:61:df:42:39:a6:fa:64:09:b9:36:6b:9b:04:
cd:f6:80:d5:1e:32:a3:2a:7e:41:08:33:2a:9b:98:0e:5d:52:
f9:a4:58:49:1b:3b:3a:48:42:b3:6a:11:75:5c:21:ae:9e:80:
79:46:3d:4a:a4:14:62:c7:a1:bf:9a:45:97:b3:0f:8e:55:22:
90:24:33:cf:ef:ed:29:cc:04:51:8c:cc:70:fc:54:62:21:68:
9a:18:41:55:4b:38:f5:40:ac:cb:cd:07:11:29:16:52:f2:2a:
05:c5:cd:ac
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICAVYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
REM5QzQxMTAvBgNVBAUTKDg0ODNGRDU0NTdEMTFFMDUxMzU1MjExMUY1QkEyRjM3
MTJFOTg1RjcwHhcNMjQwODA5MDMzNDU3WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmI1OGU2MS0wNjYwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxK/jTFV0Opklm6TXNYDNgICfa8OG7fyV06JgvnlGdSz7VUCwlxantzpavfMb
mF6/bNutAyi4rFeli9i/1hYVdhaUl6jaDGux9tlLn2lJKcevNzRBh6si8bU328E2
TkaDJOq09ttzYMY315law30oiM02dGuSDPmaZloCCi0w1J4ADsmzdPK5QyD0gS8e
vxc68OeSIV+hpF94tXpwgRjG4wUHPMkeedn+VWLSbxTrs/VDx8/3zlvH91FxXcGQ
0f/oFp2xckfigRGFL/3dMeLSpb7lLx1KkLtAkRCe1erJfjEpJMSSBbyz5JQZRyDL
B0NppEXDsPSmW96ZIlU/yrDF0QIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFIBL2r+z
OSdcvXVkTGj0EPgdG3PVMB8GA1UdIwQYMBaAFISD/VRX0R4FE1UhEfW6LzcS6YX3
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQzlDNC8xQTcwREM4NjRF
OTMxMUVEQTczMEVEMzJDNEY5QUUwMi9oSVA5VkZmUkhnVVRWU0VSOWJvdk54THBo
ZmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2hJUDlWRmZSSGdVVFZTRVI5Ym92TnhMcGhmYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
REM5QzQvMUE3MERDODY0RTkzMTFFREE3MzBFRDMyQzRGOUFFMDIvQjhCMkMzQkM0
RTk1MTFFREE1QUY2QTM0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAIbdDwDBAJnSaQDBAHKrBYwDQYJKoZIhvcNAQELBQADggEB
AFXg7lxW0ds1DxsReDrQqJtVac9V6SzkhuTDE08hV24arH9+1rzQl3n+q+5B1an0
yjewBJaOb2mSKjj3uylUCFyIE7yf+efV7CPhbvEmEwFp8ZJLtqJKeblfBvzc5uyC
jNDCNQXzAHnwIx5bnKp+x3mIypnKuXvIJX7ijE8LgiinLDBcbBe6Row0yiUhbMhl
6SXO3j6mYd9COab6ZAm5NmubBM32gNUeMqMqfkEIMyqbmA5dUvmkWEkbOzpIQrNq
EXVcIa6egHlGPUqkFGLHob+aRZezD45VIpAkM8/v7SnMBFGMzHD8VGIhaJoYQVVL
OPVArMvNBxEpFlLyKgXFzaw=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:26:50 2025 by rpki-client