Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/5D65041A1BD711EEB9597921C4F9AE02.roa
File: 5D65041A1BD711EEB9597921C4F9AE02.roa (raw, json)
Hash identifier: Qk77EegMmGrttBdLbdS6/LzS5NJj5gyQCfUqfRG3U0M=
Subject key identifier: E0:CA:0E:D9:02:13:20:E0:34:2F:F6:76:2B:AF:DB:59:07:C6:4C:00
Certificate issuer: /CN=A911B412/serialNumber=873D595AF5569C20239F53DD80EB1177D80B0934
Certificate serial: 06E9
Authority key identifier: 87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/5D65041A1BD711EEB9597921C4F9AE02.roa
Signing time: Tue 24 Dec 2024 04:09:41 +0000
ROA not before: Tue 24 Dec 2024 04:09:41 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 146952
IP address blocks: 36.255.194.0/24 maxlen: 24
103.48.168.0/24 maxlen: 24
163.53.16.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 08 Feb 2025 06:33:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1769 (0x6e9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911B412
Validity
Not Before: Dec 24 04:09:41 2024 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=676a3405-0d9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:2f:60:a5:e8:0d:07:6a:0a:c6:eb:fe:ea:a6:
58:1c:58:5c:72:01:f6:29:84:b8:da:17:0b:7e:e9:
e8:06:18:1f:55:97:54:ed:b1:63:cc:75:a5:29:b5:
26:33:0e:a6:8d:b3:b5:16:74:f2:a2:bb:70:cc:56:
61:b0:f7:24:eb:bc:01:34:78:c6:6c:32:7d:db:cd:
79:9b:7f:47:fb:be:19:1b:2b:07:fb:82:11:e4:9b:
a1:d9:eb:24:2f:fd:fd:81:74:07:ea:ee:a2:79:2c:
bc:73:50:47:b1:3b:0d:62:08:10:ca:06:a0:1c:2c:
38:7a:c6:cd:1e:fb:f5:9d:58:b5:2d:28:fb:2e:28:
28:42:53:40:63:5d:78:3e:c6:fe:67:01:61:f7:e2:
6f:9f:a2:bf:64:68:7a:67:ac:1e:d8:50:63:76:b5:
61:7c:6b:a8:9d:eb:19:82:e0:5d:69:0d:a6:c7:c1:
63:a7:7d:ae:63:c7:27:ed:3f:a7:00:50:98:e6:4a:
a2:f0:e7:4f:5c:f9:14:88:73:32:c0:12:f8:7a:fd:
6b:21:e3:9d:ef:bb:f1:30:bc:34:b0:e7:dc:4c:44:
63:80:63:3d:55:0c:a6:cd:fb:66:7e:c7:84:aa:d6:
fe:59:8e:99:1d:2b:b9:ba:fb:a3:10:a3:df:37:a3:
09:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:CA:0E:D9:02:13:20:E0:34:2F:F6:76:2B:AF:DB:59:07:C6:4C:00
X509v3 Authority Key Identifier:
keyid:87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/5D65041A1BD711EEB9597921C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
36.255.194.0/24
103.48.168.0/24
163.53.16.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:9c:a9:d6:74:57:9f:fa:b8:0b:89:0a:37:dd:d8:1f:16:ab:
85:f7:83:e2:58:4e:ae:0e:f9:61:82:ba:1e:56:51:cb:45:45:
90:2f:30:82:19:7d:ef:b4:d2:b4:22:1e:f9:04:a9:90:ac:99:
59:59:ef:ab:31:34:98:77:16:1a:0e:16:a6:59:a6:90:bd:bc:
ec:7a:a6:03:98:52:de:eb:17:99:2f:a2:56:7c:9b:d8:ef:89:
19:94:38:47:2f:22:5f:3c:3c:55:5d:f9:6b:78:63:71:f7:78:
ea:13:df:27:e6:e8:fe:e6:d4:9a:43:59:0a:76:94:e4:04:15:
e1:9d:78:6b:07:15:87:9b:6a:f0:98:ec:73:60:29:e2:3e:0b:
dd:c3:d7:8b:bb:c4:c1:14:de:ae:1c:c0:92:77:8a:e0:cf:f5:
ea:ab:e0:52:8f:da:c7:25:b3:48:d0:ef:91:3f:96:7a:ea:6b:
78:a0:77:89:61:e6:7f:00:e6:90:89:47:f1:8a:cc:19:f2:cf:
26:3f:97:b5:7f:c4:d0:ea:19:60:a9:85:e0:1d:33:11:1a:f5:
bd:2b:45:cd:76:87:80:ce:ef:3a:cd:c7:32:44:9b:6f:ca:10:
b2:98:6e:3c:63:a5:17:48:9d:0e:a0:82:55:18:a6:1a:b3:dc:
00:e0:68:a3
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICBukwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUI0MTIxMTAvBgNVBAUTKDg3M0Q1OTVBRjU1NjlDMjAyMzlGNTNERDgwRUIxMTc3
RDgwQjA5MzQwHhcNMjQxMjI0MDQwOTQxWhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzZhMzQwNS0wZDlmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvy9gpegNB2oKxuv+6qZYHFhccgH2KYS42hcLfunoBhgfVZdU7bFjzHWlKbUm
Mw6mjbO1FnTyortwzFZhsPck67wBNHjGbDJ92815m39H+74ZGysH+4IR5Juh2esk
L/39gXQH6u6ieSy8c1BHsTsNYggQygagHCw4esbNHvv1nVi1LSj7LigoQlNAY114
Psb+ZwFh9+Jvn6K/ZGh6Z6we2FBjdrVhfGuonesZguBdaQ2mx8Fjp32uY8cn7T+n
AFCY5kqi8OdPXPkUiHMywBL4ev1rIeOd77vxMLw0sOfcTERjgGM9VQymzftmfseE
qtb+WY6ZHSu5uvujEKPfN6MJtwIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFODKDtkC
EyDgNC/2diuv21kHxkwAMB8GA1UdIwQYMBaAFIc9WVr1VpwgI59T3YDrEXfYCwk0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQjQxMi9DMUVBMDMzQ0Qy
RUExMUVCQTIwNkIxNzhDNEY5QUUwMi9oejFaV3ZWV25DQWpuMVBkZ09zUmQ5Z0xD
VFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2h6MVpXdlZXbkNBam4xUGRnT3NSZDlnTENUUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUI0MTIvQzFFQTAzM0NEMkVBMTFFQkEyMDZCMTc4QzRGOUFFMDIvNUQ2NTA0MUEx
QkQ3MTFFRUI5NTk3OTIxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAAk/8IDBABnMKgDBACjNRAwDQYJKoZIhvcNAQELBQADggEB
AB2cqdZ0V5/6uAuJCjfd2B8Wq4X3g+JYTq4O+WGCuh5WUctFRZAvMIIZfe+00rQi
HvkEqZCsmVlZ76sxNJh3FhoOFqZZppC9vOx6pgOYUt7rF5kvolZ8m9jviRmUOEcv
Il88PFVd+Wt4Y3H3eOoT3yfm6P7m1JpDWQp2lOQEFeGdeGsHFYebavCY7HNgKeI+
C93D14u7xMEU3q4cwJJ3iuDP9eqr4FKP2scls0jQ75E/lnrqa3igd4lh5n8A5pCJ
R/GKzBnyzyY/l7V/xNDqGWCpheAdMxEa9b0rRc12h4DO7zrNxzJEm2/KELKYbjxj
pRdInQ6gglUYphqz3ADgaKM=
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:13:16 2025 by rpki-client