Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917E5DC/BBE2B502F8EB11EBBEF5AA37C4F9AE02/243C54088DAC11EEBFC67C56C4F9AE02.roa
File: 243C54088DAC11EEBFC67C56C4F9AE02.roa (raw, json)
Hash identifier: d+RqpuraWUD40ELZhs21dvZM9ou6Dv/SvxQ0Bu6TyaQ=
Subject key identifier: 92:6F:A0:5A:77:AF:CC:73:90:DC:AB:11:E2:DD:6A:B1:1B:35:71:9B
Certificate issuer: /CN=A917E5DC/serialNumber=452FABBDF09DDF7E55FD0F9DBDDD4278F44FB881
Certificate serial: 04FF
Authority key identifier: 45:2F:AB:BD:F0:9D:DF:7E:55:FD:0F:9D:BD:DD:42:78:F4:4F:B8:81
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RS-rvfCd335V_Q-dvd1CePRPuIE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917E5DC/BBE2B502F8EB11EBBEF5AA37C4F9AE02/243C54088DAC11EEBFC67C56C4F9AE02.roa
Signing time: Wed 06 Nov 2024 23:22:13 +0000
ROA not before: Wed 06 Nov 2024 23:22:13 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 56264
IP address blocks: 103.31.211.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 16 Dec 2024 14:25:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1279 (0x4ff)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917E5DC, serialNumber=452FABBDF09DDF7E55FD0F9DBDDD4278F44FB881
Validity
Not Before: Nov 6 23:22:13 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=672bfa25-65b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:82:7e:ae:93:7a:51:37:1f:4a:7b:56:29:4c:
f2:33:cb:61:6f:68:2d:36:08:f8:58:26:d7:7b:7e:
ff:46:dc:88:8f:b7:f2:20:e0:c4:42:c4:d4:bc:fb:
1b:00:43:d8:32:6d:45:77:4b:8d:39:38:ac:c5:d4:
48:62:ea:77:19:46:3a:17:b5:ca:35:29:48:56:3f:
23:21:85:62:42:e1:c6:b4:cd:8e:60:2f:47:91:29:
26:45:46:51:eb:a7:57:37:2b:3d:fc:1a:7f:2e:86:
24:6a:88:fd:ce:5a:b6:63:68:cd:5e:32:0c:c2:68:
3b:20:cd:a6:6b:ba:8f:4c:29:cd:8f:09:ca:32:d0:
56:cc:78:cb:cf:d8:5c:2e:67:35:54:d8:d3:09:72:
2a:fd:26:b8:32:c6:21:e4:82:e6:45:71:a8:2e:0f:
ed:ba:68:71:5a:0e:70:9f:01:79:d6:2b:8a:68:87:
11:88:88:8f:f7:11:d9:e5:f9:3b:b8:f6:a8:94:03:
7a:8f:8a:68:60:3e:f0:58:50:4c:e9:70:e8:77:2a:
6f:e4:30:a2:dd:f7:52:86:a0:06:2c:33:c2:65:36:
4f:9c:d6:91:3e:e3:b0:73:16:d9:73:0b:2a:d5:a0:
85:26:97:28:02:cc:aa:73:fe:2f:13:48:7e:8d:a6:
e6:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:6F:A0:5A:77:AF:CC:73:90:DC:AB:11:E2:DD:6A:B1:1B:35:71:9B
X509v3 Authority Key Identifier:
keyid:45:2F:AB:BD:F0:9D:DF:7E:55:FD:0F:9D:BD:DD:42:78:F4:4F:B8:81
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917E5DC/BBE2B502F8EB11EBBEF5AA37C4F9AE02/RS-rvfCd335V_Q-dvd1CePRPuIE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/RS-rvfCd335V_Q-dvd1CePRPuIE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917E5DC/BBE2B502F8EB11EBBEF5AA37C4F9AE02/243C54088DAC11EEBFC67C56C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.31.211.0/24
Signature Algorithm: sha256WithRSAEncryption
80:be:58:92:d1:7c:61:a6:68:3a:17:9d:47:75:dd:58:a4:f6:
6f:7b:b7:4c:0d:85:ad:6f:57:93:9e:a6:79:d4:bc:3a:fe:a5:
07:a3:f0:2e:50:b3:29:ba:ab:d8:06:3a:52:00:e3:2f:34:af:
99:41:12:b5:a1:47:c8:42:a1:00:25:e4:2e:04:64:8b:91:67:
f6:b8:c5:ad:ad:55:7e:de:26:9b:99:db:b8:e9:90:f5:be:f1:
50:6c:28:21:38:d9:a6:09:af:22:83:6e:c6:28:5d:a5:29:82:
43:5d:2e:ac:e2:59:8e:78:1a:97:25:ea:02:ef:6b:44:8b:ff:
27:7d:61:43:33:be:5c:25:af:9a:2c:37:d1:ac:e5:c5:b4:01:
13:17:5c:52:08:f0:6c:84:90:04:0e:ad:f8:f5:57:e3:52:ff:
2e:48:3a:be:d0:d2:6c:aa:18:3b:6f:57:ee:58:cd:82:7e:e4:
24:99:a3:ee:96:01:63:fd:d5:5e:2a:35:fb:36:48:a0:8e:8b:
a7:68:e5:22:8f:e7:97:d1:1f:0e:c0:7a:95:ea:ba:89:d5:bc:
24:f1:eb:6c:26:95:22:27:50:e2:9e:61:cf:4a:98:9e:0a:82:
3f:39:45:a7:45:b1:eb:00:ae:20:be:29:6a:9e:f7:fb:5f:76:
7a:ef:57:14
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBP8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0U1REMxMTAvBgNVBAUTKDQ1MkZBQkJERjA5RERGN0U1NUZEMEY5REJEREQ0Mjc4
RjQ0RkI4ODEwHhcNMjQxMTA2MjMyMjEzWhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzJiZmEyNS02NWIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvYJ+rpN6UTcfSntWKUzyM8thb2gtNgj4WCbXe37/RtyIj7fyIODEQsTUvPsb
AEPYMm1Fd0uNOTisxdRIYup3GUY6F7XKNSlIVj8jIYViQuHGtM2OYC9HkSkmRUZR
66dXNys9/Bp/LoYkaoj9zlq2Y2jNXjIMwmg7IM2ma7qPTCnNjwnKMtBWzHjLz9hc
Lmc1VNjTCXIq/Sa4MsYh5ILmRXGoLg/tumhxWg5wnwF51iuKaIcRiIiP9xHZ5fk7
uPaolAN6j4poYD7wWFBM6XDodypv5DCi3fdShqAGLDPCZTZPnNaRPuOwcxbZcwsq
1aCFJpcoAsyqc/4vE0h+jabmbwIDAQABo4IClTCCApEwHQYDVR0OBBYEFJJvoFp3
r8xzkNyrEeLdarEbNXGbMB8GA1UdIwQYMBaAFEUvq73wnd9+Vf0Pnb3dQnj0T7iB
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RTVEQy9CQkUyQjUwMkY4
RUIxMUVCQkVGNUFBMzdDNEY5QUUwMi9SUy1ydmZDZDMzNVZfUS1kdmQxQ2VQUlB1
SUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1JTLXJ2ZkNkMzM1Vl9RLWR2ZDFDZVBSUHVJRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0U1REMvQkJFMkI1MDJGOEVCMTFFQkJFRjVBQTM3QzRGOUFFMDIvMjQzQzU0MDg4
REFDMTFFRUJGQzY3QzU2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnH9MwDQYJKoZIhvcNAQELBQADggEBAIC+WJLRfGGmaDoX
nUd13Vik9m97t0wNha1vV5OepnnUvDr+pQej8C5Qsym6q9gGOlIA4y80r5lBErWh
R8hCoQAl5C4EZIuRZ/a4xa2tVX7eJpuZ27jpkPW+8VBsKCE42aYJryKDbsYoXaUp
gkNdLqziWY54Gpcl6gLva0SL/yd9YUMzvlwlr5osN9Gs5cW0ARMXXFII8GyEkAQO
rfj1V+NS/y5IOr7Q0myqGDtvV+5YzYJ+5CSZo+6WAWP91V4qNfs2SKCOi6do5SKP
55fRHw7AepXquonVvCTx62wmlSInUOKeYc9KmJ4Kgj85RadFsesAriC+KWqe9/tf
dnrvVxQ=
-----END CERTIFICATE-----
Generated at Mon May 12 15:58:29 2025 by rpki-client