Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B0F3F/09373AD678C211EABD772359C4F9AE02/962E9EE41B9111F08903B047C4F9AE02.roa
File: 962E9EE41B9111F08903B047C4F9AE02.roa (raw, json)
Hash identifier: Q/1Kir9RxBJlmR9T0nof4NipQuk/FnbTN4nx9gbWgaw=
Subject key identifier: 0D:82:CB:52:FC:EF:41:E5:D1:62:FD:F8:3C:83:F2:99:38:6D:77:08
Certificate issuer: /CN=A91B0F3F/serialNumber=F818FC988EC7032C3E2C6A48A55498AB7CD565FD
Certificate serial: 09FE
Authority key identifier: F8:18:FC:98:8E:C7:03:2C:3E:2C:6A:48:A5:54:98:AB:7C:D5:65:FD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-Bj8mI7HAyw-LGpIpVSYq3zVZf0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B0F3F/09373AD678C211EABD772359C4F9AE02/962E9EE41B9111F08903B047C4F9AE02.roa
Signing time: Thu 17 Apr 2025 13:43:32 +0000
ROA not before: Thu 17 Apr 2025 13:43:32 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 139790
IP address blocks: 45.249.185.0/24 maxlen: 24
45.249.187.0/24 maxlen: 24
103.218.189.0/24 maxlen: 24
103.218.190.0/24 maxlen: 24
103.218.191.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 17 Apr 2025 15:20:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2558 (0x9fe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B0F3F, serialNumber=F818FC988EC7032C3E2C6A48A55498AB7CD565FD
Validity
Not Before: Apr 17 13:43:32 2025 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=68010584-c135
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:14:60:65:00:f3:2a:41:02:4b:de:93:78:ef:
d8:66:02:f8:36:8e:2f:5c:ce:37:8b:7c:0c:e4:1f:
51:84:53:b8:d0:d1:22:4f:89:67:bb:64:41:1d:35:
fa:9a:2a:7f:d5:aa:fb:5c:e3:a0:19:02:58:5a:19:
b3:6b:3a:98:43:88:34:6c:fe:1a:f5:80:ff:bf:95:
a5:db:ad:0d:67:b8:b9:a4:19:18:d8:83:70:5b:e3:
1f:aa:99:68:da:00:65:41:e9:88:c0:d3:84:f1:54:
4c:14:be:10:54:aa:66:af:07:19:6a:04:43:7a:17:
4d:f3:c3:74:38:61:e1:09:04:f7:af:67:cc:8f:50:
52:31:0a:8a:41:9f:03:ac:e1:e0:5e:40:79:b9:52:
58:80:83:6e:4b:d8:ba:5e:ff:93:c0:82:94:89:89:
0f:52:ac:a5:f4:9f:0b:51:36:5f:29:16:03:a7:af:
92:4a:36:28:0e:51:a0:95:da:26:4e:68:90:46:80:
a9:51:7b:44:e4:6c:46:9e:6a:dc:a5:fb:e7:c1:f2:
89:0d:99:ec:1a:fa:9f:4c:81:86:c8:4c:14:83:fc:
dd:b2:82:53:97:a8:80:92:93:c0:68:f6:0c:f9:b3:
d7:96:11:f4:b0:67:4c:43:5d:94:dc:2c:1d:6c:df:
6d:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:82:CB:52:FC:EF:41:E5:D1:62:FD:F8:3C:83:F2:99:38:6D:77:08
X509v3 Authority Key Identifier:
keyid:F8:18:FC:98:8E:C7:03:2C:3E:2C:6A:48:A5:54:98:AB:7C:D5:65:FD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B0F3F/09373AD678C211EABD772359C4F9AE02/-Bj8mI7HAyw-LGpIpVSYq3zVZf0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-Bj8mI7HAyw-LGpIpVSYq3zVZf0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B0F3F/09373AD678C211EABD772359C4F9AE02/962E9EE41B9111F08903B047C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.249.185.0/24
45.249.187.0/24
103.218.189.0-103.218.191.255
Signature Algorithm: sha256WithRSAEncryption
7d:5a:9f:3b:1a:c7:b4:c0:77:74:11:96:50:5e:ba:16:dd:6f:
b5:92:79:fa:e0:4c:e8:ad:22:76:53:8b:80:b9:d8:83:ec:ee:
99:a1:36:82:9e:a6:8c:ab:a8:c4:e7:1d:39:cb:e6:a8:29:42:
83:43:8b:19:ba:a6:aa:94:21:89:24:30:fc:f6:ff:0c:39:bb:
df:ab:e5:dd:1e:3a:ab:67:bb:80:f1:1b:25:44:54:7b:33:12:
46:cb:df:4f:b2:08:2c:f3:98:aa:2a:ec:d2:de:62:5b:b6:30:
85:64:cb:2b:7f:06:d6:1f:28:3b:c3:38:fa:98:ab:83:d1:a1:
e3:6d:a0:66:6a:24:48:ac:48:75:f2:68:f9:76:75:91:88:eb:
76:86:51:d0:8a:17:22:7c:14:41:fc:73:c7:36:f1:3a:bb:65:
75:7a:5a:ab:b6:b3:b7:03:70:8e:1a:46:5d:53:7d:05:65:e9:
37:6d:36:0c:3a:81:e1:aa:17:0c:ab:ac:92:c3:4f:b7:0a:d1:
93:19:13:8d:d9:2e:c8:e5:d8:b4:49:89:4a:75:c4:e5:12:e7:
d3:61:25:e4:6f:8f:f9:f3:1b:76:8d:28:5a:db:29:8e:1f:56:
70:63:8b:83:c7:25:fc:7a:41:b9:d3:32:5c:8a:58:a1:9e:65:
0d:fb:89:ab
-----BEGIN CERTIFICATE-----
MIIFhTCCBG2gAwIBAgICCf4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjBGM0YxMTAvBgNVBAUTKEY4MThGQzk4OEVDNzAzMkMzRTJDNkE0OEE1NTQ5OEFC
N0NENTY1RkQwHhcNMjUwNDE3MTM0MzMyWhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODAxMDU4NC1jMTM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0xRgZQDzKkECS96TeO/YZgL4No4vXM43i3wM5B9RhFO40NEiT4lnu2RBHTX6
mip/1ar7XOOgGQJYWhmzazqYQ4g0bP4a9YD/v5Wl260NZ7i5pBkY2INwW+Mfqplo
2gBlQemIwNOE8VRMFL4QVKpmrwcZagRDehdN88N0OGHhCQT3r2fMj1BSMQqKQZ8D
rOHgXkB5uVJYgINuS9i6Xv+TwIKUiYkPUqyl9J8LUTZfKRYDp6+SSjYoDlGgldom
TmiQRoCpUXtE5GxGnmrcpfvnwfKJDZnsGvqfTIGGyEwUg/zdsoJTl6iAkpPAaPYM
+bPXlhH0sGdMQ12U3CwdbN9tswIDAQABo4ICqTCCAqUwHQYDVR0OBBYEFA2Cy1L8
70Hl0WL9+DyD8pk4bXcIMB8GA1UdIwQYMBaAFPgY/JiOxwMsPixqSKVUmKt81WX9
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMEYzRi8wOTM3M0FENjc4
QzIxMUVBQkQ3NzIzNTlDNEY5QUUwMi8tQmo4bUk3SEF5dy1MR3BJcFZTWXEzelZa
ZjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLy1CajhtSTdIQXl3LUxHcElwVlNZcTN6VlpmMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjBGM0YvMDkzNzNBRDY3OEMyMTFFQUJENzcyMzU5QzRGOUFFMDIvOTYyRTlFRTQx
QjkxMTFGMDg5MDNCMDQ3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMwYIKwYBBQUHAQcBAf8E
JDAiMCAEAgABMBoDBAAt+bkDBAAt+bswDAMEAGfavQMEBmfagDANBgkqhkiG9w0B
AQsFAAOCAQEAfVqfOxrHtMB3dBGWUF66Ft1vtZJ5+uBM6K0idlOLgLnYg+zumaE2
gp6mjKuoxOcdOcvmqClCg0OLGbqmqpQhiSQw/Pb/DDm736vl3R46q2e7gPEbJURU
ezMSRsvfT7IILPOYqirs0t5iW7YwhWTLK38G1h8oO8M4+pirg9Gh422gZmokSKxI
dfJo+XZ1kYjrdoZR0IoXInwUQfxzxzbxOrtldXpaq7aztwNwjhpGXVN9BWXpN202
DDqB4aoXDKusksNPtwrRkxkTjdkuyOXYtEmJSnXE5RLn02El5G+P+fMbdo0oWtsp
jh9WcGOLg8cl/HpBudMyXIpYoZ5lDfuJqw==
-----END CERTIFICATE-----
Generated at Fri May 16 03:17:55 2025 by rpki-client