Route Origin Authorization
$ rpki-client -vvf rpki.rand.apnic.net/repo/A91872ED0001/0/3230332e3134372e3130382e302f32332d3233203d3e203234303231.roa
File: 3230332e3134372e3130382e302f32332d3233203d3e203234303231.roa (raw, json)
Hash identifier: 4157GyMJnsaunz02jf2Odr4J1YmPS2VLJA3iWEqOSmc=
Subject key identifier: E2:6D:00:B0:D7:29:24:2B:BB:41:DE:79:37:6D:E6:C2:F6:9E:82:52
Certificate issuer: /CN=A91872ED0001/serialNumber=C0906A19A7DE349BFA2B32B3C3EB4C2D17760CE1
Certificate serial: 74BD817FE56FBBE231607FAAEFE404DB5E3B7B79
Authority key identifier: C0:90:6A:19:A7:DE:34:9B:FA:2B:32:B3:C3:EB:4C:2D:17:76:0C:E1
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wJBqGafeNJv6KzKzw-tMLRd2DOE.cer
Subject info access: rsync://rpki.rand.apnic.net/repo/A91872ED0001/0/3230332e3134372e3130382e302f32332d3233203d3e203234303231.roa
Signing time: Mon 12 May 2025 00:00:01 +0000
ROA not before: Sun 11 May 2025 23:55:01 +0000
ROA not after: Mon 11 May 2026 00:00:01 +0000
asID: 24021
IP address blocks: 203.147.108.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 13 May 2025 12:00:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:bd:81:7f:e5:6f:bb:e2:31:60:7f:aa:ef:e4:04:db:5e:3b:7b:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91872ED0001, serialNumber=C0906A19A7DE349BFA2B32B3C3EB4C2D17760CE1
Validity
Not Before: May 11 23:55:01 2025 GMT
Not After : May 11 00:00:01 2026 GMT
Subject: CN=E26D00B0D729242BBB41DE79376DE6C2F69E8252
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:a4:45:59:55:1b:7b:f1:42:ad:5f:fb:7e:91:
95:83:32:ff:86:71:fe:bf:af:d3:61:20:57:ff:43:
8d:7d:2f:d5:e1:9b:8e:fb:09:54:08:91:1b:67:e7:
a2:df:cc:4e:a7:52:65:6a:df:d2:5f:9b:98:1d:d8:
39:3c:c3:d8:98:ad:0d:aa:07:c3:eb:25:ef:91:bc:
c0:28:ab:7d:64:c4:02:2a:e4:71:b9:c8:a9:45:de:
6c:5d:22:e0:a0:94:2f:25:63:fc:ee:23:cd:17:c6:
7b:8b:7d:8b:0c:b1:59:df:bf:ee:ba:96:40:7a:7d:
42:6a:9b:bd:6e:27:73:04:4f:f4:c2:a4:6a:99:b4:
6e:b5:4e:28:84:3e:8b:98:09:b0:21:f8:45:87:ef:
bc:dd:dc:ef:eb:42:f2:cd:97:ae:e2:c2:62:a9:bf:
00:ad:1e:4a:ad:a6:2b:4e:2d:40:b7:69:c1:b6:dd:
a9:0c:dc:bf:44:b4:8d:19:29:09:05:d6:99:5f:87:
da:62:fd:66:07:50:fe:78:73:e3:7d:6e:e2:0d:58:
72:f7:e7:77:df:7f:7c:f8:1a:2a:fb:c0:46:d9:36:
27:9c:b3:57:a9:1b:d6:fb:04:4f:85:e9:55:9a:98:
14:2f:d9:5d:f4:b3:cd:45:ba:5e:d1:44:5f:c8:3b:
6c:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:6D:00:B0:D7:29:24:2B:BB:41:DE:79:37:6D:E6:C2:F6:9E:82:52
X509v3 Authority Key Identifier:
keyid:C0:90:6A:19:A7:DE:34:9B:FA:2B:32:B3:C3:EB:4C:2D:17:76:0C:E1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.rand.apnic.net/repo/A91872ED0001/0/C0906A19A7DE349BFA2B32B3C3EB4C2D17760CE1.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wJBqGafeNJv6KzKzw-tMLRd2DOE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.rand.apnic.net/repo/A91872ED0001/0/3230332e3134372e3130382e302f32332d3233203d3e203234303231.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
203.147.108.0/23
Signature Algorithm: sha256WithRSAEncryption
18:d5:74:91:6d:1d:b1:d7:e8:27:92:f9:30:1d:a9:f0:91:ec:
44:79:04:2c:61:a6:35:19:81:9e:4e:cb:d6:58:c0:7b:71:6e:
40:79:97:ec:bb:e0:6b:13:7d:de:6b:c0:1f:b4:da:38:6e:33:
9e:bc:da:bb:95:bb:aa:03:c8:b9:7f:78:21:bf:ae:98:c6:bb:
60:60:60:d6:7c:78:04:03:77:88:e9:03:c9:e1:aa:25:d2:0f:
df:d5:87:ae:73:dd:e8:d6:b0:47:c4:75:ae:7f:f7:d4:05:91:
dd:e5:f5:13:0e:9f:4b:15:ca:f8:d8:86:7d:ba:0f:a0:a8:cb:
b0:2d:7e:83:66:b3:0e:f3:24:e3:47:35:fa:7b:f8:94:39:6e:
c9:dc:3a:0c:78:09:ca:c6:87:83:d3:79:e8:66:ca:a6:21:98:
fc:32:8c:2f:e4:44:aa:40:f6:6e:cb:e7:42:50:2c:a1:4f:37:
a3:00:27:93:4e:c5:ec:3a:c8:3f:f1:7b:d3:c8:92:53:25:4f:
d5:d8:9b:20:b9:b7:9a:18:7d:b2:9d:36:23:b6:30:08:34:40:
86:bc:2b:c8:d4:57:60:da:0d:ab:7f:cd:1c:28:66:45:ab:13:
e4:4d:fe:d5:df:4b:71:83:55:aa:03:51:12:75:06:b3:c3:4a:
31:05:5b:f6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIUdL2Bf+Vvu+IxYH+q7+QE2147e3kwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODcyRUQwMDAxMTEwLwYDVQQFEyhDMDkwNkExOUE3
REUzNDlCRkEyQjMyQjNDM0VCNEMyRDE3NzYwQ0UxMB4XDTI1MDUxMTIzNTUwMVoX
DTI2MDUxMTAwMDAwMVowMzExMC8GA1UEAxMoRTI2RDAwQjBENzI5MjQyQkJCNDFE
RTc5Mzc2REU2QzJGNjlFODI1MjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALqkRVlVG3vxQq1f+36RlYMy/4Zx/r+v02EgV/9DjX0v1eGbjvsJVAiRG2fn
ot/MTqdSZWrf0l+bmB3YOTzD2JitDaoHw+sl75G8wCirfWTEAirkcbnIqUXebF0i
4KCULyVj/O4jzRfGe4t9iwyxWd+/7rqWQHp9QmqbvW4ncwRP9MKkapm0brVOKIQ+
i5gJsCH4RYfvvN3c7+tC8s2XruLCYqm/AK0eSq2mK04tQLdpwbbdqQzcv0S0jRkp
CQXWmV+H2mL9ZgdQ/nhz431u4g1Ycvfnd99/fPgaKvvARtk2J5yzV6kb1vsET4Xp
VZqYFC/ZXfSzzUW6XtFEX8g7bIMCAwEAAaOCAgkwggIFMB0GA1UdDgQWBBTibQCw
1ykkK7tB3nk3bebC9p6CUjAfBgNVHSMEGDAWgBTAkGoZp940m/orMrPD60wtF3YM
4TAOBgNVHQ8BAf8EBAMCB4AwbQYDVR0fBGYwZDBioGCgXoZccnN5bmM6Ly9ycGtp
LnJhbmQuYXBuaWMubmV0L3JlcG8vQTkxODcyRUQwMDAxLzAvQzA5MDZBMTlBN0RF
MzQ5QkZBMkIzMkIzQzNFQjRDMkQxNzc2MENFMS5jcmwwfgYIKwYBBQUHAQEEcjBw
MG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkv
QjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvd0pCcUdhZmVOSnY2S3pL
enctdE1MUmQyRE9FLmNlcjCBiAYIKwYBBQUHAQsEfDB6MHgGCCsGAQUFBzALhmxy
c3luYzovL3Jwa2kucmFuZC5hcG5pYy5uZXQvcmVwby9BOTE4NzJFRDAwMDEvMC8z
MjMwMzMyZTMxMzQzNzJlMzEzMDM4MmUzMDJmMzIzMzJkMzIzMzIwM2QzZTIwMzIz
NDMwMzIzMS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcB
BwEB/wQQMA4wDAQCAAEwBgMEAcuTbDANBgkqhkiG9w0BAQsFAAOCAQEAGNV0kW0d
sdfoJ5L5MB2p8JHsRHkELGGmNRmBnk7L1ljAe3FuQHmX7LvgaxN93mvAH7TaOG4z
nrzau5W7qgPIuX94Ib+umMa7YGBg1nx4BAN3iOkDyeGqJdIP39WHrnPd6NawR8R1
rn/31AWR3eX1Ew6fSxXK+NiGfboPoKjLsC1+g2azDvMk40c1+nv4lDluydw6DHgJ
ysaHg9N56GbKpiGY/DKML+REqkD2bsvnQlAsoU83owAnk07F7DrIP/F708iSUyVP
1dibILm3mhh9sp02I7YwCDRAhrwryNRXYNoNq3/NHChmRasT5E3+1d9LcYNVqgNR
EnUGs8NKMQVb9g==
-----END CERTIFICATE-----
Generated at Wed May 14 20:43:51 2025 by rpki-client