Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A913DC07/4EB9EDD6336211ECA7AC5131C4F9AE02/1A90B40CDB0411EF916F7512C4F9AE02.roa
File: 1A90B40CDB0411EF916F7512C4F9AE02.roa (raw, json)
Hash identifier: rumcCHSgpbWp/z4Th3sFoaKPb7wyGf11PcSzAPpqUnQ=
Subject key identifier: D7:13:04:C8:ED:98:1A:07:49:C8:DC:43:3B:2F:28:8C:16:56:85:63
Certificate issuer: /CN=A913DC07/serialNumber=ECAA3D15FA8B14DAAAFE2059A4019B20F527F83D
Certificate serial: 046F
Authority key identifier: EC:AA:3D:15:FA:8B:14:DA:AA:FE:20:59:A4:01:9B:20:F5:27:F8:3D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7Ko9FfqLFNqq_iBZpAGbIPUn-D0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A913DC07/4EB9EDD6336211ECA7AC5131C4F9AE02/1A90B40CDB0411EF916F7512C4F9AE02.roa
Signing time: Sat 25 Jan 2025 10:06:55 +0000
ROA not before: Sat 25 Jan 2025 10:06:55 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 134734
IP address blocks: 103.167.17.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 25 Jan 2025 10:27:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1135 (0x46f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A913DC07, serialNumber=ECAA3D15FA8B14DAAAFE2059A4019B20F527F83D
Validity
Not Before: Jan 25 10:06:55 2025 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=6794b7be-1283
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:10:e0:f6:07:18:0f:fa:ff:d8:ad:80:f1:c9:
07:c5:78:50:ac:7e:a6:f8:b8:38:18:ea:b4:2a:48:
06:aa:aa:eb:1f:4c:a4:5b:4b:e6:c0:92:dc:52:24:
45:f2:b6:9b:40:3b:1b:e4:75:05:e7:20:ea:a3:71:
34:d1:19:7e:ae:ff:f1:dd:06:b4:45:bb:5e:74:d8:
0d:51:11:35:3f:89:f3:44:e3:4d:73:60:0c:e2:bd:
fe:1e:5b:84:00:55:c6:ea:aa:f8:47:42:9d:70:5d:
48:c3:a9:2a:a8:a9:1b:96:32:eb:ca:28:69:40:2c:
be:d7:de:16:56:b1:9b:c8:da:61:34:25:72:05:bc:
5d:3a:ce:6c:38:f1:ef:47:a5:0e:c8:65:2e:8a:52:
04:2d:38:d8:1b:cb:a5:b5:f2:61:b6:95:de:e5:cf:
cd:9e:a1:67:67:b1:2f:f8:0f:fc:b7:c2:57:06:38:
c7:01:07:65:2e:cb:2a:fe:65:f4:f2:1b:a2:5a:cc:
8c:93:41:6f:4c:e6:3c:85:40:aa:ba:75:79:27:0e:
f6:0c:13:2b:75:49:c0:20:66:81:9a:f4:bb:de:46:
69:0a:c5:04:77:eb:dc:b9:9b:0a:e0:c1:b2:5d:7a:
73:d4:52:44:67:4e:e4:8d:95:18:56:6d:f7:6f:7b:
4d:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:13:04:C8:ED:98:1A:07:49:C8:DC:43:3B:2F:28:8C:16:56:85:63
X509v3 Authority Key Identifier:
keyid:EC:AA:3D:15:FA:8B:14:DA:AA:FE:20:59:A4:01:9B:20:F5:27:F8:3D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A913DC07/4EB9EDD6336211ECA7AC5131C4F9AE02/7Ko9FfqLFNqq_iBZpAGbIPUn-D0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7Ko9FfqLFNqq_iBZpAGbIPUn-D0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913DC07/4EB9EDD6336211ECA7AC5131C4F9AE02/1A90B40CDB0411EF916F7512C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.167.17.0/24
Signature Algorithm: sha256WithRSAEncryption
70:fd:46:7f:ce:94:ee:ec:c1:f3:5b:11:67:48:e7:cb:b5:26:
3d:9c:ff:f0:48:73:2f:48:a4:5f:c6:09:4c:eb:ba:22:46:94:
08:f6:e1:c5:c5:6d:aa:7f:63:da:81:22:e8:23:7e:0a:eb:c1:
bc:be:a9:fb:31:17:41:f5:b5:00:05:44:71:1f:62:15:ec:3c:
cb:32:9b:a6:e0:e6:40:91:d5:35:e6:06:2e:d3:7a:61:ee:22:
41:9f:85:0e:ae:61:a2:e1:36:85:51:c3:cd:dd:b2:03:f6:de:
49:58:0e:98:2b:c8:b3:b6:bf:49:28:9a:da:71:38:49:3b:39:
ac:bb:8f:2c:34:0c:1e:0e:a5:4a:53:4b:27:40:52:f1:69:2b:
a6:54:a1:80:ff:0d:39:0a:4f:27:d8:ad:6a:57:dc:24:40:18:
25:16:4c:c7:3c:ab:78:6b:40:de:9e:35:35:4c:a8:78:77:64:
ba:30:0c:87:97:5f:86:37:4b:2b:b7:43:32:5f:7c:ef:b2:7f:
c4:ce:1f:4d:91:6d:12:df:38:39:3b:99:b8:cc:0c:54:50:35:
fb:b2:81:48:3d:08:bd:4a:ab:1c:2a:4c:5d:a4:45:3e:24:63:
8b:fe:8a:0c:49:c8:f7:80:70:c6:dc:bb:9d:d0:63:22:42:78:
b1:0c:1f:a5
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBG8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
M0RDMDcxMTAvBgNVBAUTKEVDQUEzRDE1RkE4QjE0REFBQUZFMjA1OUE0MDE5QjIw
RjUyN0Y4M0QwHhcNMjUwMTI1MTAwNjU1WhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzk0YjdiZS0xMjgzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqBDg9gcYD/r/2K2A8ckHxXhQrH6m+Lg4GOq0KkgGqqrrH0ykW0vmwJLcUiRF
8rabQDsb5HUF5yDqo3E00Rl+rv/x3Qa0RbtedNgNURE1P4nzRONNc2AM4r3+HluE
AFXG6qr4R0KdcF1Iw6kqqKkbljLryihpQCy+194WVrGbyNphNCVyBbxdOs5sOPHv
R6UOyGUuilIELTjYG8ultfJhtpXe5c/NnqFnZ7Ev+A/8t8JXBjjHAQdlLssq/mX0
8huiWsyMk0FvTOY8hUCqunV5Jw72DBMrdUnAIGaBmvS73kZpCsUEd+vcuZsK4MGy
XXpz1FJEZ07kjZUYVm33b3tNnQIDAQABo4IClTCCApEwHQYDVR0OBBYEFNcTBMjt
mBoHScjcQzsvKIwWVoVjMB8GA1UdIwQYMBaAFOyqPRX6ixTaqv4gWaQBmyD1J/g9
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzREMwNy80RUI5RURENjMz
NjIxMUVDQTdBQzUxMzFDNEY5QUUwMi83S285RmZxTEZOcXFfaUJacEFHYklQVW4t
RDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzdLbzlGZnFMRk5xcV9pQlpwQUdiSVBVbi1EMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
M0RDMDcvNEVCOUVERDYzMzYyMTFFQ0E3QUM1MTMxQzRGOUFFMDIvMUE5MEI0MENE
QjA0MTFFRjkxNkY3NTEyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnpxEwDQYJKoZIhvcNAQELBQADggEBAHD9Rn/OlO7swfNb
EWdI58u1Jj2c//BIcy9IpF/GCUzruiJGlAj24cXFbap/Y9qBIugjfgrrwby+qfsx
F0H1tQAFRHEfYhXsPMsym6bg5kCR1TXmBi7TemHuIkGfhQ6uYaLhNoVRw83dsgP2
3klYDpgryLO2v0komtpxOEk7Oay7jyw0DB4OpUpTSydAUvFpK6ZUoYD/DTkKTyfY
rWpX3CRAGCUWTMc8q3hrQN6eNTVMqHh3ZLowDIeXX4Y3Syu3QzJffO+yf8TOH02R
bRLfODk7mbjMDFRQNfuygUg9CL1KqxwqTF2kRT4kY4v+igxJyPeAcMbcu53QYyJC
eLEMH6U=
-----END CERTIFICATE-----
Generated at Thu May 15 03:49:42 2025 by rpki-client