Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A5560/4C3D6BC0216F11EFAF45EA2DC4F9AE02/407CD21836FE11EFBD645E84C4F9AE02.roa
File: 407CD21836FE11EFBD645E84C4F9AE02.roa (raw, json)
Hash identifier: 5BQLq0jHSrfh3db+xzbCZejduGt++wm7n/840cmh070=
Subject key identifier: F6:C7:05:D9:59:D3:1A:68:51:FB:6A:98:D8:B5:87:63:EE:60:E8:65
Certificate issuer: /CN=A91A5560/serialNumber=E38EB3F5A5107E30F0CA71DDEA75B170D0B03256
Certificate serial: 52
Authority key identifier: E3:8E:B3:F5:A5:10:7E:30:F0:CA:71:DD:EA:75:B1:70:D0:B0:32:56
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/446z9aUQfjDwynHd6nWxcNCwMlY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A5560/4C3D6BC0216F11EFAF45EA2DC4F9AE02/407CD21836FE11EFBD645E84C4F9AE02.roa
Signing time: Fri 25 Oct 2024 06:21:28 +0000
ROA not before: Fri 25 Oct 2024 06:21:28 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 834
IP address blocks: 103.108.174.0/24 maxlen: 24
103.108.175.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 31 Oct 2024 09:57:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 82 (0x52)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A5560, serialNumber=E38EB3F5A5107E30F0CA71DDEA75B170D0B03256
Validity
Not Before: Oct 25 06:21:28 2024 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=671b38e8-1120
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:2a:62:1a:a0:8b:47:4a:d0:72:8f:23:c5:66:
94:af:10:dd:d7:54:9a:6a:5f:47:46:06:6b:f9:d4:
7b:be:2f:f8:36:27:c7:bf:01:e7:af:ae:4b:c6:f7:
2d:7b:f0:09:7c:6a:95:5e:c2:0c:28:63:3e:b3:d6:
c1:26:fa:18:5c:f3:d5:75:8d:3d:4e:e0:81:8d:fc:
8b:1c:93:a9:41:fd:77:e3:ac:d2:d6:78:30:be:a7:
14:d3:a7:a9:6e:9e:c2:aa:83:7a:e0:64:ff:10:4b:
ae:25:54:61:67:39:74:ca:ff:e4:58:9a:4b:93:5b:
8a:fe:e6:91:15:f0:72:df:81:8e:3e:5e:75:5a:9d:
23:53:2d:8a:a9:3e:c5:01:23:3e:8a:de:e5:c2:30:
6e:9c:94:5e:8e:76:16:88:57:de:eb:6b:0e:07:75:
ce:d0:81:ac:f2:78:98:d4:e6:8f:b1:65:b1:55:25:
1f:d0:13:28:29:53:d5:cf:dc:d2:78:15:44:6f:36:
0a:81:e6:f5:90:94:c4:2a:24:64:a3:17:07:43:44:
aa:c1:f8:ec:ab:b6:d5:86:a1:e4:54:0e:6e:6b:fe:
1d:e4:30:77:6c:b1:49:fb:03:9d:0f:05:83:2d:98:
1c:c0:c9:65:5e:98:f1:ea:06:43:73:84:ac:4e:bf:
df:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:C7:05:D9:59:D3:1A:68:51:FB:6A:98:D8:B5:87:63:EE:60:E8:65
X509v3 Authority Key Identifier:
keyid:E3:8E:B3:F5:A5:10:7E:30:F0:CA:71:DD:EA:75:B1:70:D0:B0:32:56
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A5560/4C3D6BC0216F11EFAF45EA2DC4F9AE02/446z9aUQfjDwynHd6nWxcNCwMlY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/446z9aUQfjDwynHd6nWxcNCwMlY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A5560/4C3D6BC0216F11EFAF45EA2DC4F9AE02/407CD21836FE11EFBD645E84C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.108.174.0/23
Signature Algorithm: sha256WithRSAEncryption
ba:d1:bc:c4:7b:fe:7f:33:11:15:78:2f:f5:d0:69:f1:33:17:
39:ea:3a:0d:7d:38:30:ab:4e:99:f2:64:45:37:e7:db:e7:d7:
e5:6b:9f:53:6d:33:55:91:24:01:60:1c:7b:22:91:71:17:b1:
29:2c:2e:13:d2:55:e1:fe:35:5b:13:ca:a3:f3:3a:8a:d0:80:
19:3e:f7:23:25:28:18:4c:a1:e9:8c:6f:0a:f7:e7:b3:4c:86:
91:4c:37:67:30:96:c0:cd:62:27:ef:7a:e6:51:ca:79:f1:32:
51:20:f1:04:a6:cc:e7:04:f1:01:f5:b6:59:58:bf:1d:fc:d0:
36:87:23:f0:a3:86:bb:50:f8:00:e2:05:18:4e:e1:d9:8d:00:
f8:0f:1d:30:72:83:4a:ae:ed:db:b4:ff:59:f0:93:1b:97:a2:
89:e1:e4:8d:3a:cf:ae:6c:c5:11:07:d4:98:12:3e:92:58:46:
d6:0e:1e:1c:7c:44:84:18:61:18:fe:09:76:c3:b0:4a:e8:c9:
11:f6:28:f4:b3:78:99:cb:e1:6b:83:cd:df:08:fb:41:a6:d7:
c8:0e:63:46:73:5a:d0:ac:77:99:77:1e:d1:e8:58:d9:f7:1e:
46:98:0c:af:30:ca:8e:98:1f:c7:f5:af:6d:8b:8a:75:6b:0d:
2b:45:74:de
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBUjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB
NTU2MDExMC8GA1UEBRMoRTM4RUIzRjVBNTEwN0UzMEYwQ0E3MURERUE3NUIxNzBE
MEIwMzI1NjAeFw0yNDEwMjUwNjIxMjhaFw0yNTEyMDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3MWIzOGU4LTExMjAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDfKmIaoItHStByjyPFZpSvEN3XVJpqX0dGBmv51Hu+L/g2J8e/AeevrkvG9y17
8Al8apVewgwoYz6z1sEm+hhc89V1jT1O4IGN/Isck6lB/XfjrNLWeDC+pxTTp6lu
nsKqg3rgZP8QS64lVGFnOXTK/+RYmkuTW4r+5pEV8HLfgY4+XnVanSNTLYqpPsUB
Iz6K3uXCMG6clF6OdhaIV97raw4Hdc7QgazyeJjU5o+xZbFVJR/QEygpU9XP3NJ4
FURvNgqB5vWQlMQqJGSjFwdDRKrB+OyrttWGoeRUDm5r/h3kMHdssUn7A50PBYMt
mBzAyWVemPHqBkNzhKxOv99JAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQU9scF2VnT
GmhR+2qY2LWHY+5g6GUwHwYDVR0jBBgwFoAU446z9aUQfjDwynHd6nWxcNCwMlYw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUE1NTYwLzRDM0Q2QkMwMjE2
RjExRUZBRjQ1RUEyREM0RjlBRTAyLzQ0Nno5YVVRZmpEd3luSGQ2bld4Y05Dd01s
WS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvNDQ2ejlhVVFmakR3eW5IZDZuV3hjTkN3TWxZLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB
NTU2MC80QzNENkJDMDIxNkYxMUVGQUY0NUVBMkRDNEY5QUUwMi80MDdDRDIxODM2
RkUxMUVGQkQ2NDVFODRDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAWdsrjANBgkqhkiG9w0BAQsFAAOCAQEAutG8xHv+fzMRFXgv
9dBp8TMXOeo6DX04MKtOmfJkRTfn2+fX5WufU20zVZEkAWAceyKRcRexKSwuE9JV
4f41WxPKo/M6itCAGT73IyUoGEyh6YxvCvfns0yGkUw3ZzCWwM1iJ+965lHKefEy
USDxBKbM5wTxAfW2WVi/HfzQNocj8KOGu1D4AOIFGE7h2Y0A+A8dMHKDSq7t27T/
WfCTG5eiieHkjTrPrmzFEQfUmBI+klhG1g4eHHxEhBhhGP4JdsOwSujJEfYo9LN4
mcvha4PN3wj7QabXyA5jRnNa0Kx3mXce0ehY2fceRpgMrzDKjpgfx/WvbYuKdWsN
K0V03g==
-----END CERTIFICATE-----
Generated at Tue May 13 05:52:17 2025 by rpki-client