Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911647C/3B1CDFBC851311EAAA0B0A7FC4F9AE02/974B4E9C18CE11EFBCD58454C4F9AE02.roa
File: 974B4E9C18CE11EFBCD58454C4F9AE02.roa (raw, json)
Hash identifier: N+50FRYDSA+48eIfEDRvaHk1HolZsL8lw+NUs+tzgbw=
Subject key identifier: 97:DB:39:59:38:9B:47:DB:DB:5E:69:F0:B9:A0:E8:D3:BC:27:61:98
Certificate issuer: /CN=A911647C/serialNumber=737E61DAA07BD83342B60C5EBAD4B1BB19BE4003
Certificate serial: 098A
Authority key identifier: 73:7E:61:DA:A0:7B:D8:33:42:B6:0C:5E:BA:D4:B1:BB:19:BE:40:03
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/c35h2qB72DNCtgxeutSxuxm-QAM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911647C/3B1CDFBC851311EAAA0B0A7FC4F9AE02/974B4E9C18CE11EFBCD58454C4F9AE02.roa
Signing time: Thu 12 Dec 2024 09:08:27 +0000
ROA not before: Thu 12 Dec 2024 09:08:27 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 9269
IP address blocks: 138.19.0.0/16 maxlen: 24
155.137.128.0/18 maxlen: 18
165.84.128.0/18 maxlen: 24
Validation: Failed, certificate revoked on Wed 18 Dec 2024 01:35:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2442 (0x98a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911647C
Validity
Not Before: Dec 12 09:08:27 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=675aa80b-3b2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:02:6a:5c:84:91:da:d4:eb:72:a5:42:ca:62:
6e:9a:d2:13:59:71:98:6a:94:1d:fa:c5:c9:75:e7:
71:79:ff:58:2f:c1:ed:0f:00:d2:25:27:39:84:3d:
46:b7:8b:00:62:cc:bc:2c:6f:eb:e7:44:a7:8b:5e:
e4:f5:08:c6:9b:58:20:37:da:95:f3:e9:98:bc:f0:
dc:97:6e:2b:35:ae:ae:d7:2c:aa:70:75:70:bf:4c:
52:9f:4a:00:e2:19:5c:0b:d2:fa:76:14:46:d3:d7:
1b:3b:02:ea:c5:d9:93:2a:78:bb:00:de:1b:db:4e:
be:da:9d:d5:3c:5c:18:f2:8a:fd:d5:b5:2d:a7:d1:
41:2f:68:85:3f:5b:e0:f9:66:46:68:9e:c1:31:76:
11:9c:5a:b8:af:e9:d8:51:54:40:95:cd:16:a4:78:
8e:c9:dc:3d:f9:c4:1b:ce:0a:ad:ed:c4:24:31:80:
38:4a:bd:40:05:2b:7e:84:58:bd:6f:5b:e6:8c:65:
f9:77:9e:17:d8:be:7c:0d:e5:b2:ee:ff:17:7d:3d:
59:b9:bc:d3:55:43:06:b4:85:d9:74:ca:86:99:52:
ee:9e:a2:07:d4:4b:33:7a:6c:41:28:30:ad:12:1c:
53:f9:fc:dc:5a:a2:75:ff:de:42:93:c7:15:66:b6:
53:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:DB:39:59:38:9B:47:DB:DB:5E:69:F0:B9:A0:E8:D3:BC:27:61:98
X509v3 Authority Key Identifier:
keyid:73:7E:61:DA:A0:7B:D8:33:42:B6:0C:5E:BA:D4:B1:BB:19:BE:40:03
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911647C/3B1CDFBC851311EAAA0B0A7FC4F9AE02/c35h2qB72DNCtgxeutSxuxm-QAM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/c35h2qB72DNCtgxeutSxuxm-QAM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911647C/3B1CDFBC851311EAAA0B0A7FC4F9AE02/974B4E9C18CE11EFBCD58454C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
138.19.0.0/16
155.137.128.0/18
165.84.128.0/18
Signature Algorithm: sha256WithRSAEncryption
2c:c0:f6:7d:e9:65:56:2b:d4:e8:ee:d5:b1:b9:44:7d:68:8a:
6a:59:ff:a5:5b:6f:cd:95:24:b9:ce:74:96:6b:10:de:ec:1d:
c9:fe:ea:40:90:ce:da:b6:8f:98:54:7c:0a:1e:55:a9:d3:3e:
17:0d:2a:9d:be:1b:fa:c3:f7:0b:94:17:fe:27:5b:10:c4:2e:
db:5e:4f:78:b0:9c:74:d1:f3:63:86:48:ec:9a:12:56:d6:f4:
cd:12:eb:02:1a:bd:48:69:a2:dc:ce:f1:88:97:7b:89:44:a4:
31:0e:39:a6:f3:e3:e3:00:3e:72:c9:9d:4b:52:8f:39:ab:56:
a2:09:40:be:91:19:93:27:84:f7:90:98:d1:be:f6:6a:53:d8:
78:f4:a6:47:28:a6:1a:a1:7a:3a:cf:a7:df:02:1f:e5:c7:f8:
76:da:af:3e:c5:ed:8d:00:d4:c2:91:69:76:f9:31:16:59:b7:
4d:e8:fb:04:1a:39:ca:71:aa:ac:70:17:2e:35:1a:bb:61:c5:
4e:33:0d:bf:2b:a9:5a:4e:3d:3c:da:71:55:2f:cf:c9:69:c6:
fb:8d:ae:e6:2a:be:65:39:63:31:59:9a:b5:20:5d:3f:2e:5f:
b8:14:43:f9:ec:8b:17:bc:4b:0b:b1:0a:3b:7d:ef:0a:53:0f:
ad:4a:bf:1f
-----BEGIN CERTIFICATE-----
MIIFfDCCBGSgAwIBAgICCYowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTY0N0MxMTAvBgNVBAUTKDczN0U2MURBQTA3QkQ4MzM0MkI2MEM1RUJBRDRCMUJC
MTlCRTQwMDMwHhcNMjQxMjEyMDkwODI3WhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzVhYTgwYi0zYjJlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtwJqXISR2tTrcqVCymJumtITWXGYapQd+sXJdedxef9YL8HtDwDSJSc5hD1G
t4sAYsy8LG/r50Sni17k9QjGm1ggN9qV8+mYvPDcl24rNa6u1yyqcHVwv0xSn0oA
4hlcC9L6dhRG09cbOwLqxdmTKni7AN4b206+2p3VPFwY8or91bUtp9FBL2iFP1vg
+WZGaJ7BMXYRnFq4r+nYUVRAlc0WpHiOydw9+cQbzgqt7cQkMYA4Sr1ABSt+hFi9
b1vmjGX5d54X2L58DeWy7v8XfT1ZubzTVUMGtIXZdMqGmVLunqIH1EszemxBKDCt
EhxT+fzcWqJ1/95Ck8cVZrZTOwIDAQABo4ICoDCCApwwHQYDVR0OBBYEFJfbOVk4
m0fb215p8Lmg6NO8J2GYMB8GA1UdIwQYMBaAFHN+Ydqge9gzQrYMXrrUsbsZvkAD
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExNjQ3Qy8zQjFDREZCQzg1
MTMxMUVBQUEwQjBBN0ZDNEY5QUUwMi9jMzVoMnFCNzJETkN0Z3hldXRTeHV4bS1R
QU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL2MzNWgycUI3MkROQ3RneGV1dFN4dXhtLVFBTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTY0N0MvM0IxQ0RGQkM4NTEzMTFFQUFBMEIwQTdGQzRGOUFFMDIvOTc0QjRFOUMx
OENFMTFFRkJDRDU4NDU0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKgYIKwYBBQUHAQcBAf8E
GzAZMBcEAgABMBEDAwCKEwMEBpuJgAMEBqVUgDANBgkqhkiG9w0BAQsFAAOCAQEA
LMD2fellVivU6O7VsblEfWiKaln/pVtvzZUkuc50lmsQ3uwdyf7qQJDO2raPmFR8
Ch5VqdM+Fw0qnb4b+sP3C5QX/idbEMQu215PeLCcdNHzY4ZI7JoSVtb0zRLrAhq9
SGmi3M7xiJd7iUSkMQ45pvPj4wA+csmdS1KPOatWoglAvpEZkyeE95CY0b72alPY
ePSmRyimGqF6Os+n3wIf5cf4dtqvPsXtjQDUwpFpdvkxFlm3Tej7BBo5ynGqrHAX
LjUau2HFTjMNvyupWk49PNpxVS/PyWnG+42u5iq+ZTljMVmatSBdPy5fuBRD+eyL
F7xLC7EKO33vClMPrUq/Hw==
-----END CERTIFICATE-----
Generated at Mon Apr 7 00:47:40 2025 by rpki-client