Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F17AA/41F0F97E52B811EE8E43000DC4F9AE02/18AE9CC0764C11EFB4346E73C4F9AE02.roa
File: 18AE9CC0764C11EFB4346E73C4F9AE02.roa (raw, json)
Hash identifier: WtNK7x1fpi+f6NsDrFsZ9jPtOAmjd5SuohEBjapW1ik=
Subject key identifier: 2F:7A:92:9C:C8:6D:28:9C:51:2A:7B:4D:B3:2B:FB:67:78:50:3B:7C
Certificate issuer: /CN=A91F17AA/serialNumber=0947051EFA50429215750A48BC031ADA926EF66E
Certificate serial: 012F
Authority key identifier: 09:47:05:1E:FA:50:42:92:15:75:0A:48:BC:03:1A:DA:92:6E:F6:6E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CUcFHvpQQpIVdQpIvAMa2pJu9m4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F17AA/41F0F97E52B811EE8E43000DC4F9AE02/18AE9CC0764C11EFB4346E73C4F9AE02.roa
Signing time: Sat 21 Dec 2024 03:37:29 +0000
ROA not before: Sat 21 Dec 2024 03:37:29 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 13335
IP address blocks: 103.218.173.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 02 Apr 2025 05:54:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 303 (0x12f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F17AA
Validity
Not Before: Dec 21 03:37:29 2024 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=676637f9-3dbc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:19:53:21:b7:ac:58:a2:44:0f:d7:43:98:69:
12:fb:8d:8f:de:32:bc:23:0e:d9:ed:be:a4:84:55:
48:f8:d6:fb:ec:2c:28:e4:6c:bc:70:33:9d:1b:7d:
19:ef:d2:1e:03:e0:62:5d:b0:69:e4:42:1c:bd:49:
11:4c:85:39:28:85:94:ab:a5:a7:35:63:85:5d:ad:
55:54:9a:96:33:56:ca:e7:f1:57:1b:ee:0a:c5:7a:
8b:33:72:74:a3:92:d8:2e:00:b7:1c:5d:de:b0:99:
ba:7e:1e:c6:17:54:ac:89:e3:32:f9:3c:82:ff:77:
24:7f:70:dd:2b:a6:21:e4:8d:f0:70:74:33:86:e3:
fe:a0:d4:6c:9e:d2:cf:4c:8a:a0:98:49:5c:07:49:
cd:ab:6b:41:a0:4d:29:0b:0c:a6:37:87:43:8b:78:
3d:68:b0:1c:09:cb:f0:1a:57:82:cb:4c:75:ac:55:
93:c1:83:1e:49:37:53:40:d3:1d:29:06:88:0d:48:
d2:1c:fe:94:b7:88:29:b6:a2:5b:30:79:28:16:54:
3c:11:0f:99:59:43:3e:39:25:e8:b3:a7:5e:7b:00:
d4:2a:da:d3:50:49:5d:00:e4:5a:05:f5:7d:12:c4:
83:4d:ab:d5:e8:69:29:64:0c:a3:c7:d7:79:93:7c:
da:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:7A:92:9C:C8:6D:28:9C:51:2A:7B:4D:B3:2B:FB:67:78:50:3B:7C
X509v3 Authority Key Identifier:
keyid:09:47:05:1E:FA:50:42:92:15:75:0A:48:BC:03:1A:DA:92:6E:F6:6E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F17AA/41F0F97E52B811EE8E43000DC4F9AE02/CUcFHvpQQpIVdQpIvAMa2pJu9m4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CUcFHvpQQpIVdQpIvAMa2pJu9m4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F17AA/41F0F97E52B811EE8E43000DC4F9AE02/18AE9CC0764C11EFB4346E73C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.218.173.0/24
Signature Algorithm: sha256WithRSAEncryption
24:58:e1:72:f3:33:96:00:ae:40:20:b2:3e:91:5f:d2:05:c2:
80:bb:f2:c1:a1:19:0c:9e:2d:9a:37:36:d1:aa:83:7c:e1:64:
a2:62:0a:cd:87:f4:db:bb:44:ad:4f:80:7b:20:8a:f7:ec:d2:
43:c3:26:54:eb:6d:6a:f8:79:9d:32:89:5e:94:b3:29:aa:7f:
c4:09:24:87:a3:82:64:07:9f:cf:28:95:c0:1f:28:ee:6b:11:
5d:ea:34:5e:a7:3a:6a:e3:e9:62:ae:69:34:0f:54:29:69:a1:
ad:e3:ea:4c:8e:a7:8e:43:8e:4d:d3:96:f7:4d:f7:96:eb:2b:
f6:db:d0:64:84:b1:a1:7c:e4:a2:de:54:da:2b:63:f8:cf:f4:
7c:e1:58:b6:f2:ba:d5:cf:90:fe:41:89:4e:94:26:e2:68:64:
a8:b7:e5:9b:fe:da:01:d6:67:68:95:c3:b8:e4:d7:c1:77:b6:
e3:b4:a4:7e:c1:29:8e:59:a0:32:19:67:97:b8:52:11:54:6f:
25:cd:01:d9:1e:a5:0e:1d:be:7c:58:69:b9:f6:62:fa:cf:b3:
5f:57:c5:55:a6:14:d1:c1:f5:9c:46:7b:67:fc:f2:50:b7:54:
3f:26:91:d3:e0:d2:09:fb:15:75:ee:34:2d:55:73:1c:4e:22:
4f:b7:51:77
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAS8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjE3QUExMTAvBgNVBAUTKDA5NDcwNTFFRkE1MDQyOTIxNTc1MEE0OEJDMDMxQURB
OTI2RUY2NkUwHhcNMjQxMjIxMDMzNzI5WhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzY2MzdmOS0zZGJjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyhlTIbesWKJED9dDmGkS+42P3jK8Iw7Z7b6khFVI+Nb77Cwo5Gy8cDOdG30Z
79IeA+BiXbBp5EIcvUkRTIU5KIWUq6WnNWOFXa1VVJqWM1bK5/FXG+4KxXqLM3J0
o5LYLgC3HF3esJm6fh7GF1SsieMy+TyC/3ckf3DdK6Yh5I3wcHQzhuP+oNRsntLP
TIqgmElcB0nNq2tBoE0pCwymN4dDi3g9aLAcCcvwGleCy0x1rFWTwYMeSTdTQNMd
KQaIDUjSHP6Ut4gptqJbMHkoFlQ8EQ+ZWUM+OSXos6deewDUKtrTUEldAORaBfV9
EsSDTavV6GkpZAyjx9d5k3za1wIDAQABo4IClTCCApEwHQYDVR0OBBYEFC96kpzI
bSicUSp7TbMr+2d4UDt8MB8GA1UdIwQYMBaAFAlHBR76UEKSFXUKSLwDGtqSbvZu
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMTdBQS80MUYwRjk3RTUy
QjgxMUVFOEU0MzAwMERDNEY5QUUwMi9DVWNGSHZwUVFwSVZkUXBJdkFNYTJwSnU5
bTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0NVY0ZIdnBRUXBJVmRRcEl2QU1hMnBKdTltNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjE3QUEvNDFGMEY5N0U1MkI4MTFFRThFNDMwMDBEQzRGOUFFMDIvMThBRTlDQzA3
NjRDMTFFRkI0MzQ2RTczQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABn2q0wDQYJKoZIhvcNAQELBQADggEBACRY4XLzM5YArkAg
sj6RX9IFwoC78sGhGQyeLZo3NtGqg3zhZKJiCs2H9Nu7RK1PgHsgivfs0kPDJlTr
bWr4eZ0yiV6Usymqf8QJJIejgmQHn88olcAfKO5rEV3qNF6nOmrj6WKuaTQPVClp
oa3j6kyOp45Djk3TlvdN95brK/bb0GSEsaF85KLeVNorY/jP9HzhWLbyutXPkP5B
iU6UJuJoZKi35Zv+2gHWZ2iVw7jk18F3tuO0pH7BKY5ZoDIZZ5e4UhFUbyXNAdke
pQ4dvnxYabn2YvrPs19XxVWmFNHB9ZxGe2f88lC3VD8mkdPg0gn7FXXuNC1VcxxO
Ik+3UXc=
-----END CERTIFICATE-----
Generated at Fri Apr 11 17:03:00 2025 by rpki-client