Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/1D3DA236C13811EF99C8C14FC4F9AE02.roa
File: 1D3DA236C13811EF99C8C14FC4F9AE02.roa (raw, json)
Hash identifier: mF4/AdIV8TdOpDiDHE2FYf2UeT014gVVG73vfsqzLJQ=
Subject key identifier: E9:F6:9F:F9:B8:3E:B6:C1:F7:C0:D8:2A:32:50:67:29:B7:5E:E9:C4
Certificate issuer: /CN=A911B412/serialNumber=873D595AF5569C20239F53DD80EB1177D80B0934
Certificate serial: 06E6
Authority key identifier: 87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/1D3DA236C13811EF99C8C14FC4F9AE02.roa
Signing time: Mon 23 Dec 2024 14:13:43 +0000
ROA not before: Mon 23 Dec 2024 14:13:43 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 135110
IP address blocks: 36.255.194.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 24 Dec 2024 04:09:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1766 (0x6e6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911B412
Validity
Not Before: Dec 23 14:13:43 2024 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=67697016-2eb0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:66:90:79:a7:89:74:75:2f:0f:22:b3:1a:1e:
2e:26:23:d5:60:36:8b:40:c8:a6:8f:76:a4:b9:a0:
8d:e9:82:75:ce:1b:99:25:99:3a:ae:fa:ff:35:88:
76:88:86:83:67:af:66:99:a9:56:b3:c5:cc:a8:04:
2b:a4:7c:6b:c0:fe:1d:5b:ff:0b:4e:ee:56:ce:25:
40:43:2b:4c:2d:46:1e:62:a0:6f:54:86:08:d9:e5:
c4:8f:d2:1a:a6:fc:a9:ca:fc:78:8c:a5:10:7c:94:
3b:7a:3c:56:5f:8d:ce:65:b7:5c:5c:e2:56:71:82:
06:d9:97:24:08:f8:35:78:1c:60:65:bf:fa:a0:d1:
a0:53:3d:9c:4a:c5:53:de:be:82:42:9f:19:22:8c:
a9:b0:e2:a7:3f:6b:cb:9b:f3:9f:5d:36:cb:81:09:
96:70:c2:e4:a4:8c:c6:25:c3:3e:7e:56:2d:fc:36:
6b:7a:82:a2:b9:b5:44:5b:8a:a2:97:fd:d2:02:a9:
05:c8:77:ee:51:b7:20:2b:c0:1e:b4:fd:b2:3d:dc:
4b:86:1d:14:1f:d0:01:d0:68:dd:6a:64:3f:5a:ec:
d2:6e:34:dd:d7:56:c0:5b:1c:86:0e:81:a8:01:fc:
17:0b:d5:5d:ba:0b:36:da:5b:df:11:f9:ce:e6:d4:
50:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:F6:9F:F9:B8:3E:B6:C1:F7:C0:D8:2A:32:50:67:29:B7:5E:E9:C4
X509v3 Authority Key Identifier:
keyid:87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/1D3DA236C13811EF99C8C14FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
36.255.194.0/24
Signature Algorithm: sha256WithRSAEncryption
13:90:ab:65:87:c2:30:77:2d:81:6a:d2:60:7a:32:3a:04:7e:
9d:82:26:3c:9b:3d:b6:1f:15:73:7d:9b:2b:a0:87:55:e0:01:
10:a0:0b:d8:7a:8d:d6:fb:02:bf:f0:67:f5:32:87:26:9b:62:
98:b8:d1:d1:7c:04:c9:a1:8b:e2:91:9b:f7:b5:e2:e1:f8:37:
6e:47:e1:e4:78:32:b0:37:f5:83:1a:00:de:51:c7:74:10:07:
eb:6b:be:f6:f5:db:13:a2:f4:7f:c1:14:b5:7c:63:4f:d5:9f:
82:73:c4:16:db:6c:84:80:36:d7:16:f2:89:92:5b:46:ae:cc:
9b:48:de:95:85:12:09:6d:12:d0:a2:ef:e2:1f:a2:65:cb:b2:
8e:f4:5f:19:8c:1a:99:9c:c2:f2:f6:cb:df:cc:85:2a:0d:b4:
8a:fa:f2:48:3b:6a:88:86:d7:a7:a2:f3:ec:38:c0:37:0c:be:
79:8a:c5:a5:84:0a:d9:c2:25:ed:28:29:d1:6d:f6:de:cc:7d:
59:60:b0:1b:ea:eb:c7:3a:e7:00:71:9b:4b:cf:7f:28:cc:2e:
ba:6c:db:c0:35:1a:9b:9b:34:44:23:02:54:08:9a:66:50:5c:
21:b3:41:91:6f:1a:42:ce:01:f2:39:5e:0a:b2:44:7f:a0:c3:
49:7f:37:25
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBuYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUI0MTIxMTAvBgNVBAUTKDg3M0Q1OTVBRjU1NjlDMjAyMzlGNTNERDgwRUIxMTc3
RDgwQjA5MzQwHhcNMjQxMjIzMTQxMzQzWhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzY5NzAxNi0yZWIwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtmaQeaeJdHUvDyKzGh4uJiPVYDaLQMimj3akuaCN6YJ1zhuZJZk6rvr/NYh2
iIaDZ69mmalWs8XMqAQrpHxrwP4dW/8LTu5WziVAQytMLUYeYqBvVIYI2eXEj9Ia
pvypyvx4jKUQfJQ7ejxWX43OZbdcXOJWcYIG2ZckCPg1eBxgZb/6oNGgUz2cSsVT
3r6CQp8ZIoypsOKnP2vLm/OfXTbLgQmWcMLkpIzGJcM+flYt/DZreoKiubVEW4qi
l/3SAqkFyHfuUbcgK8AetP2yPdxLhh0UH9AB0GjdamQ/WuzSbjTd11bAWxyGDoGo
AfwXC9Vdugs22lvfEfnO5tRQmwIDAQABo4IClTCCApEwHQYDVR0OBBYEFOn2n/m4
PrbB98DYKjJQZym3XunEMB8GA1UdIwQYMBaAFIc9WVr1VpwgI59T3YDrEXfYCwk0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQjQxMi9DMUVBMDMzQ0Qy
RUExMUVCQTIwNkIxNzhDNEY5QUUwMi9oejFaV3ZWV25DQWpuMVBkZ09zUmQ5Z0xD
VFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2h6MVpXdlZXbkNBam4xUGRnT3NSZDlnTENUUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUI0MTIvQzFFQTAzM0NEMkVBMTFFQkEyMDZCMTc4QzRGOUFFMDIvMUQzREEyMzZD
MTM4MTFFRjk5QzhDMTRGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAAk/8IwDQYJKoZIhvcNAQELBQADggEBABOQq2WHwjB3LYFq
0mB6MjoEfp2CJjybPbYfFXN9myugh1XgARCgC9h6jdb7Ar/wZ/UyhyabYpi40dF8
BMmhi+KRm/e14uH4N25H4eR4MrA39YMaAN5Rx3QQB+trvvb12xOi9H/BFLV8Y0/V
n4JzxBbbbISANtcW8omSW0auzJtI3pWFEgltEtCi7+IfomXLso70XxmMGpmcwvL2
y9/MhSoNtIr68kg7aoiG16ei8+w4wDcMvnmKxaWECtnCJe0oKdFt9t7MfVlgsBvq
68c65wBxm0vPfyjMLrps28A1GpubNEQjAlQImmZQXCGzQZFvGkLOAfI5XgqyRH+g
w0l/NyU=
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:02:50 2025 by rpki-client