Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9110D07/D3E889D48E7F11EE8E97B484C4F9AE02/5D4994A6E05611EF94B15084C4F9AE02.roa
File: 5D4994A6E05611EF94B15084C4F9AE02.roa (raw, json)
Hash identifier: RN7BQ2T5pAxUGfVOy+Crt8ytq0UbWn2x0JpLnb+CZ/U=
Subject key identifier: 54:A4:08:E1:44:97:AF:38:61:3B:71:47:FF:09:18:E9:67:AC:B3:4C
Certificate issuer: /CN=A9110D07/serialNumber=4AC95C8A975E4CF310842C95564051753DEB0289
Certificate serial: 0126
Authority key identifier: 4A:C9:5C:8A:97:5E:4C:F3:10:84:2C:95:56:40:51:75:3D:EB:02:89
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SslcipdeTPMQhCyVVkBRdT3rAok.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9110D07/D3E889D48E7F11EE8E97B484C4F9AE02/5D4994A6E05611EF94B15084C4F9AE02.roa
Signing time: Wed 05 Feb 2025 04:08:38 +0000
ROA not before: Wed 05 Feb 2025 04:08:38 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 152300
IP address blocks: 36.50.18.0/23 maxlen: 31
2001:df3:51c0::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 06 Feb 2025 11:28:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 294 (0x126)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9110D07, serialNumber=4AC95C8A975E4CF310842C95564051753DEB0289
Validity
Not Before: Feb 5 04:08:38 2025 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=67a2e446-9bcc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fe:ca:c3:e6:a4:58:59:7a:ec:85:ca:b9:8a:d7:
fd:d1:53:0a:28:e0:8d:d1:b9:b7:47:9b:dc:c6:f8:
70:c0:1f:08:2d:f7:c2:f9:92:ed:c5:6e:b5:44:55:
1e:e5:c7:0f:c6:d0:75:ac:47:dd:64:25:7a:43:8d:
d3:d9:8e:30:70:4d:14:72:93:fe:4b:3d:83:9d:8c:
fd:02:27:f1:84:05:a1:97:38:1e:5d:7e:e1:a2:3e:
87:9a:7b:64:e5:a1:11:d4:77:74:3f:23:c7:5e:6c:
2d:c6:33:38:c9:6b:07:77:93:70:43:54:8a:fe:82:
e6:c9:de:30:d3:23:a8:78:a5:d2:27:42:f1:12:6a:
88:a6:32:a7:98:ce:5b:33:c1:90:a4:45:61:24:5c:
4c:07:55:39:89:5a:6e:2d:c1:c3:9a:5c:c5:00:31:
83:85:9d:15:b4:ed:7c:bf:4e:f4:fa:8f:c2:a1:43:
f2:dc:ae:c9:92:a9:f9:bf:3e:f5:d3:22:44:2a:7e:
03:6d:7e:5e:25:f5:03:68:a3:6d:36:21:9f:57:bc:
32:f3:54:b2:69:66:f1:59:ab:c6:a6:bb:d5:7f:f7:
9a:e2:08:38:6a:c1:c5:17:f9:76:60:66:db:38:8a:
9d:bf:92:26:0d:24:3e:fb:ee:35:04:eb:13:ea:7f:
00:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:A4:08:E1:44:97:AF:38:61:3B:71:47:FF:09:18:E9:67:AC:B3:4C
X509v3 Authority Key Identifier:
keyid:4A:C9:5C:8A:97:5E:4C:F3:10:84:2C:95:56:40:51:75:3D:EB:02:89
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9110D07/D3E889D48E7F11EE8E97B484C4F9AE02/SslcipdeTPMQhCyVVkBRdT3rAok.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SslcipdeTPMQhCyVVkBRdT3rAok.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9110D07/D3E889D48E7F11EE8E97B484C4F9AE02/5D4994A6E05611EF94B15084C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
36.50.18.0/23
IPv6:
2001:df3:51c0::/48
Signature Algorithm: sha256WithRSAEncryption
13:bf:cc:cb:64:11:81:39:67:f2:b9:8e:22:97:d9:c0:c0:c0:
a5:1a:d2:f9:5d:da:8d:b2:13:31:14:8a:8c:fe:d4:f4:7f:12:
2b:35:17:0e:72:a0:ed:14:37:0a:f5:24:fc:16:dc:93:d8:03:
dc:29:fb:e7:9e:bb:e8:01:42:52:d3:53:a8:91:00:93:36:66:
9e:6f:01:b7:1d:65:ba:f9:e7:07:cb:a5:01:32:e3:df:bf:4d:
bb:f3:39:c2:1d:3c:e7:2c:87:7c:68:a1:31:c6:ea:11:0a:44:
d3:4a:84:5c:86:27:8e:ac:97:80:f8:22:18:db:05:26:ab:2c:
59:e0:f7:2c:0a:a4:78:09:64:2d:9a:0b:ec:dc:99:9b:95:f0:
bf:6e:dc:09:f7:8f:cb:e6:06:ca:be:2f:c1:d7:98:57:c4:73:
b2:c3:11:e9:46:59:b8:08:93:9a:67:89:9f:f2:cb:23:93:b4:
df:d1:01:cc:e2:fb:a5:21:bb:68:64:a2:ab:36:e0:2d:ab:d8:
ed:7d:0a:ef:36:5b:64:33:72:2a:35:09:01:e1:63:17:18:a8:
96:81:a5:f3:4f:05:76:41:41:e9:d2:63:45:b4:f1:df:07:64:
6c:7a:3c:2f:0a:11:c4:a1:aa:f6:2d:59:67:62:d3:2c:c9:45:
5b:36:9b:f0
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICASYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTBEMDcxMTAvBgNVBAUTKDRBQzk1QzhBOTc1RTRDRjMxMDg0MkM5NTU2NDA1MTc1
M0RFQjAyODkwHhcNMjUwMjA1MDQwODM4WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2EyZTQ0Ni05YmNjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA/srD5qRYWXrshcq5itf90VMKKOCN0bm3R5vcxvhwwB8ILffC+ZLtxW61RFUe
5ccPxtB1rEfdZCV6Q43T2Y4wcE0UcpP+Sz2DnYz9AifxhAWhlzgeXX7hoj6Hmntk
5aER1Hd0PyPHXmwtxjM4yWsHd5NwQ1SK/oLmyd4w0yOoeKXSJ0LxEmqIpjKnmM5b
M8GQpEVhJFxMB1U5iVpuLcHDmlzFADGDhZ0VtO18v070+o/CoUPy3K7Jkqn5vz71
0yJEKn4DbX5eJfUDaKNtNiGfV7wy81SyaWbxWavGprvVf/ea4gg4asHFF/l2YGbb
OIqdv5ImDSQ+++41BOsT6n8AgQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFFSkCOFE
l684YTtxR/8JGOlnrLNMMB8GA1UdIwQYMBaAFErJXIqXXkzzEIQslVZAUXU96wKJ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExMEQwNy9EM0U4ODlENDhF
N0YxMUVFOEU5N0I0ODRDNEY5QUUwMi9Tc2xjaXBkZVRQTVFoQ3lWVmtCUmRUM3JB
b2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1NzbGNpcGRlVFBNUWhDeVZWa0JSZFQzckFvay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTBEMDcvRDNFODg5RDQ4RTdGMTFFRThFOTdCNDg0QzRGOUFFMDIvNUQ0OTk0QTZF
MDU2MTFFRjk0QjE1MDg0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAEkMhIwDwQCAAIwCQMHACABDfNRwDANBgkqhkiG9w0BAQsF
AAOCAQEAE7/My2QRgTln8rmOIpfZwMDApRrS+V3ajbITMRSKjP7U9H8SKzUXDnKg
7RQ3CvUk/Bbck9gD3Cn755676AFCUtNTqJEAkzZmnm8Btx1luvnnB8ulATLj379N
u/M5wh085yyHfGihMcbqEQpE00qEXIYnjqyXgPgiGNsFJqssWeD3LAqkeAlkLZoL
7NyZm5Xwv27cCfePy+YGyr4vwdeYV8RzssMR6UZZuAiTmmeJn/LLI5O039EBzOL7
pSG7aGSiqzbgLavY7X0K7zZbZDNyKjUJAeFjFxioloGl808FdkFB6dJjRbTx3wdk
bHo8LwoRxKGq9i1ZZ2LTLMlFWzab8A==
-----END CERTIFICATE-----
Generated at Sun Apr 13 18:55:06 2025 by rpki-client