Route Origin Authorization
$ rpki-client -vvf rpki.rand.apnic.net/repo/A91872ED0001/0/3230332e3134372e3130382e302f32332d3233203d3e203435313633.roa
File: 3230332e3134372e3130382e302f32332d3233203d3e203435313633.roa (raw, json)
Hash identifier: ByzypsVQgLQkRKZ/I6KhA/a9iiJ5fQWhO+kZk0l0dD8=
Subject key identifier: 7F:14:5F:39:D2:BA:EE:27:03:B9:A9:BB:DA:4E:42:32:D5:9A:DF:B3
Certificate issuer: /CN=A91872ED0001/serialNumber=C0906A19A7DE349BFA2B32B3C3EB4C2D17760CE1
Certificate serial: 7634866552B0EA564A3B720D3558208B7B89B080
Authority key identifier: C0:90:6A:19:A7:DE:34:9B:FA:2B:32:B3:C3:EB:4C:2D:17:76:0C:E1
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wJBqGafeNJv6KzKzw-tMLRd2DOE.cer
Subject info access: rsync://rpki.rand.apnic.net/repo/A91872ED0001/0/3230332e3134372e3130382e302f32332d3233203d3e203435313633.roa
Signing time: Sat 10 May 2025 12:00:01 +0000
ROA not before: Sat 10 May 2025 11:55:01 +0000
ROA not after: Sat 09 May 2026 12:00:01 +0000
asID: 45163
IP address blocks: 203.147.108.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 12 May 2025 00:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:34:86:65:52:b0:ea:56:4a:3b:72:0d:35:58:20:8b:7b:89:b0:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91872ED0001, serialNumber=C0906A19A7DE349BFA2B32B3C3EB4C2D17760CE1
Validity
Not Before: May 10 11:55:01 2025 GMT
Not After : May 9 12:00:01 2026 GMT
Subject: CN=7F145F39D2BAEE2703B9A9BBDA4E4232D59ADFB3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:68:45:9f:7a:eb:51:1b:38:55:55:1b:a7:70:
2e:09:88:20:08:16:72:d9:6e:8b:e5:32:46:d9:ea:
77:28:5f:b2:99:23:a3:da:89:7d:5b:0a:55:79:16:
27:da:b1:96:a7:de:1a:f1:ac:b0:b9:fe:59:c7:6b:
e1:62:17:d0:d5:2a:fd:c2:fe:bf:fe:4e:fe:76:b5:
9a:d2:30:9a:31:88:76:95:92:06:e1:0d:17:4d:2e:
46:a1:61:48:4e:ed:e5:35:58:c9:ef:dd:19:fd:d0:
9f:f6:2f:b7:81:62:98:65:ef:50:fb:7e:f5:e8:aa:
11:c1:6c:eb:36:81:7e:6e:74:14:2d:f1:05:25:26:
c0:a7:68:f7:9c:8c:d4:56:3e:3b:3a:89:ed:25:4e:
12:d0:96:e9:2e:b5:1c:9b:db:eb:f3:3f:32:ec:4e:
e0:cb:81:dd:7b:37:65:90:44:ec:64:6c:97:62:76:
0d:92:ec:87:9b:a7:56:da:c2:c4:b6:64:3b:24:19:
06:5f:67:88:28:a2:d1:37:c4:b6:fa:5b:3b:66:08:
69:bf:29:38:0b:f5:d8:f6:ef:71:86:0d:d7:d9:fd:
0a:70:99:c4:1b:0b:24:0f:45:0e:58:3e:b4:77:ef:
ec:ca:5b:d0:e4:b8:39:0d:6a:9a:f8:09:bc:16:74:
17:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:14:5F:39:D2:BA:EE:27:03:B9:A9:BB:DA:4E:42:32:D5:9A:DF:B3
X509v3 Authority Key Identifier:
keyid:C0:90:6A:19:A7:DE:34:9B:FA:2B:32:B3:C3:EB:4C:2D:17:76:0C:E1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.rand.apnic.net/repo/A91872ED0001/0/C0906A19A7DE349BFA2B32B3C3EB4C2D17760CE1.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wJBqGafeNJv6KzKzw-tMLRd2DOE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.rand.apnic.net/repo/A91872ED0001/0/3230332e3134372e3130382e302f32332d3233203d3e203435313633.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
203.147.108.0/23
Signature Algorithm: sha256WithRSAEncryption
af:86:8d:d8:f2:1b:20:b3:b8:d1:e4:5a:e2:27:0d:f1:1b:af:
19:29:57:d0:45:e5:d8:11:71:a3:93:94:41:a9:f5:36:a6:3b:
5a:5d:88:02:9e:69:ba:6d:08:7d:ed:5d:4a:a9:ae:ca:7d:8d:
45:c7:17:64:f7:aa:54:33:62:82:63:0c:8f:11:97:53:9c:b8:
af:59:35:3d:1c:19:3a:76:1e:99:56:ff:c4:59:12:2b:38:23:
e0:43:e5:40:36:d4:9c:5d:a1:77:08:c1:33:88:2b:00:a7:9b:
12:8e:4f:29:be:5b:31:36:eb:9f:ae:a0:e9:e5:f6:1d:05:e0:
1c:26:e2:67:df:74:4f:01:a9:7a:e5:3b:52:81:68:b7:d8:68:
1d:db:e8:b4:5c:38:fd:16:3d:8f:53:8f:f6:2b:d2:c7:33:ff:
50:44:fe:62:72:81:9a:6d:9e:69:26:bc:31:57:97:e9:42:a8:
0c:bf:a7:05:84:b1:81:e6:e8:8a:60:29:26:d0:73:b2:07:63:
9d:d8:f7:6a:8e:26:96:26:04:b7:9b:b4:fc:bc:fd:4a:d9:52:
8c:56:b5:bb:7e:a5:ac:dc:f1:8a:19:6e:f6:db:1b:64:c6:2a:
23:98:d9:94:f1:77:92:07:fa:59:1b:72:bf:49:bf:ae:20:87:
f0:4a:31:d1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIUdjSGZVKw6lZKO3INNVggi3uJsIAwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODcyRUQwMDAxMTEwLwYDVQQFEyhDMDkwNkExOUE3
REUzNDlCRkEyQjMyQjNDM0VCNEMyRDE3NzYwQ0UxMB4XDTI1MDUxMDExNTUwMVoX
DTI2MDUwOTEyMDAwMVowMzExMC8GA1UEAxMoN0YxNDVGMzlEMkJBRUUyNzAzQjlB
OUJCREE0RTQyMzJENTlBREZCMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL1oRZ9661EbOFVVG6dwLgmIIAgWctlui+UyRtnqdyhfspkjo9qJfVsKVXkW
J9qxlqfeGvGssLn+Wcdr4WIX0NUq/cL+v/5O/na1mtIwmjGIdpWSBuENF00uRqFh
SE7t5TVYye/dGf3Qn/Yvt4FimGXvUPt+9eiqEcFs6zaBfm50FC3xBSUmwKdo95yM
1FY+OzqJ7SVOEtCW6S61HJvb6/M/MuxO4MuB3Xs3ZZBE7GRsl2J2DZLsh5unVtrC
xLZkOyQZBl9niCii0TfEtvpbO2YIab8pOAv12PbvcYYN19n9CnCZxBsLJA9FDlg+
tHfv7Mpb0OS4OQ1qmvgJvBZ0F9kCAwEAAaOCAgkwggIFMB0GA1UdDgQWBBR/FF85
0rruJwO5qbvaTkIy1ZrfszAfBgNVHSMEGDAWgBTAkGoZp940m/orMrPD60wtF3YM
4TAOBgNVHQ8BAf8EBAMCB4AwbQYDVR0fBGYwZDBioGCgXoZccnN5bmM6Ly9ycGtp
LnJhbmQuYXBuaWMubmV0L3JlcG8vQTkxODcyRUQwMDAxLzAvQzA5MDZBMTlBN0RF
MzQ5QkZBMkIzMkIzQzNFQjRDMkQxNzc2MENFMS5jcmwwfgYIKwYBBQUHAQEEcjBw
MG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkv
QjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJGRDFGRjIvd0pCcUdhZmVOSnY2S3pL
enctdE1MUmQyRE9FLmNlcjCBiAYIKwYBBQUHAQsEfDB6MHgGCCsGAQUFBzALhmxy
c3luYzovL3Jwa2kucmFuZC5hcG5pYy5uZXQvcmVwby9BOTE4NzJFRDAwMDEvMC8z
MjMwMzMyZTMxMzQzNzJlMzEzMDM4MmUzMDJmMzIzMzJkMzIzMzIwM2QzZTIwMzQz
NTMxMzYzMy5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcB
BwEB/wQQMA4wDAQCAAEwBgMEAcuTbDANBgkqhkiG9w0BAQsFAAOCAQEAr4aN2PIb
ILO40eRa4icN8RuvGSlX0EXl2BFxo5OUQan1NqY7Wl2IAp5pum0Ife1dSqmuyn2N
RccXZPeqVDNigmMMjxGXU5y4r1k1PRwZOnYemVb/xFkSKzgj4EPlQDbUnF2hdwjB
M4grAKebEo5PKb5bMTbrn66g6eX2HQXgHCbiZ990TwGpeuU7UoFot9hoHdvotFw4
/RY9j1OP9ivSxzP/UET+YnKBmm2eaSa8MVeX6UKoDL+nBYSxgeboimApJtBzsgdj
ndj3ao4mliYEt5u0/Lz9StlSjFa1u36lrNzxihlu9tsbZMYqI5jZlPF3kgf6WRty
v0m/riCH8Eox0Q==
-----END CERTIFICATE-----
Generated at Tue May 13 04:55:16 2025 by rpki-client