Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/E1238468F00511EE8BFD5F6FC4F9AE02.roa
File: E1238468F00511EE8BFD5F6FC4F9AE02.roa (raw, json)
Hash identifier: iVPIpW3G16isdMnbxiXOf/xT0cX8Uicxj0Suc6gFaP4=
Subject key identifier: 1E:E5:E0:D8:1F:93:A3:FE:66:CF:62:F3:88:FB:C1:FA:1A:24:9C:81
Certificate issuer: /CN=A911B412/serialNumber=873D595AF5569C20239F53DD80EB1177D80B0934
Certificate serial: 0710
Authority key identifier: 87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/E1238468F00511EE8BFD5F6FC4F9AE02.roa
Signing time: Sat 08 Feb 2025 06:34:08 +0000
ROA not before: Sat 08 Feb 2025 06:34:08 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 136173
IP address blocks: 36.255.192.0/24 maxlen: 24
36.255.194.0/24 maxlen: 24
43.229.155.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 11 Feb 2025 04:04:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1808 (0x710)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911B412
Validity
Not Before: Feb 8 06:34:08 2025 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=67a6fae0-1581
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:bf:e5:0f:e2:09:7f:fb:8c:29:17:cf:88:14:
81:38:d9:27:f3:d9:5a:32:36:b2:16:6d:a3:50:a6:
0f:b9:d9:0c:45:7f:8b:36:fe:b6:bc:f0:b5:99:be:
45:d7:12:69:69:0b:e5:83:7b:d6:04:b2:02:87:bc:
6d:8c:57:4d:a7:33:30:50:37:e2:48:e2:d7:10:ff:
47:77:f4:6a:b2:48:20:f7:83:a0:2a:d8:31:82:92:
73:1d:9b:2b:39:ac:8e:79:3a:86:f1:5a:75:be:fa:
bb:00:d1:5d:e6:d6:a3:32:18:14:8a:7e:f8:01:2a:
20:b9:6f:bc:43:8a:7c:20:5b:00:12:6b:6a:20:4a:
b0:47:98:35:c3:0e:3c:d8:50:cf:01:89:15:ca:74:
be:30:af:2e:e0:80:83:fe:d2:f4:bd:93:60:d8:f1:
36:5e:7f:14:5a:75:8e:36:7e:e7:cf:cf:72:79:e3:
95:99:6c:d4:36:1a:1a:a2:c6:94:0b:11:26:42:ef:
ce:44:5f:63:f7:cd:16:ab:94:32:4f:4d:fb:bc:9b:
b3:b8:aa:7a:0b:60:f7:c1:cd:8c:41:a2:2f:92:3b:
d3:34:45:ff:e0:4e:e0:87:4c:67:b4:fd:cb:4f:0c:
99:97:51:2c:3d:26:64:94:a5:b6:5f:fb:34:8d:74:
ab:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:E5:E0:D8:1F:93:A3:FE:66:CF:62:F3:88:FB:C1:FA:1A:24:9C:81
X509v3 Authority Key Identifier:
keyid:87:3D:59:5A:F5:56:9C:20:23:9F:53:DD:80:EB:11:77:D8:0B:09:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hz1ZWvVWnCAjn1PdgOsRd9gLCTQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911B412/C1EA033CD2EA11EBA206B178C4F9AE02/E1238468F00511EE8BFD5F6FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
36.255.192.0/24
36.255.194.0/24
43.229.155.0/24
Signature Algorithm: sha256WithRSAEncryption
07:63:79:96:f6:56:59:dc:0f:96:b8:1e:69:95:71:ec:dd:a3:
e8:4a:19:93:91:40:5b:1b:42:44:3b:6a:35:90:aa:82:77:82:
45:79:88:8f:43:d1:9d:6a:e6:6b:5c:92:2c:bd:65:6c:5e:57:
4a:3b:ce:7b:a6:de:31:96:50:67:22:a0:82:62:49:b6:53:3c:
d6:b3:09:d3:e7:a6:f5:b9:d0:54:4b:b0:d2:fd:57:84:09:b6:
36:97:6e:e9:22:08:8f:7d:34:8f:88:89:09:29:a3:2c:37:96:
db:a4:ca:d7:a4:cf:fa:cc:ed:76:d8:64:8d:ab:5c:e7:01:8e:
1d:18:af:20:9e:49:a8:fd:a1:9c:e6:dc:4a:ff:c6:2b:07:09:
c1:74:1a:3e:ef:9f:90:45:19:f7:92:16:e0:d7:36:81:ae:93:
f8:e4:8e:3d:1c:11:e9:13:f3:bb:b0:b7:78:08:e2:19:64:41:
ca:4d:51:7e:12:95:fd:54:44:7a:ee:65:cf:3a:83:8c:bf:ac:
e4:05:0c:d3:b0:eb:b9:12:8c:f3:f0:45:b8:f2:0d:63:a9:6a:
6b:bf:64:10:98:5c:0c:3d:53:1a:c3:7c:6b:47:1e:f5:ff:06:
58:5b:8b:db:72:c1:58:e3:33:43:a5:2b:b0:08:ff:c2:70:72:
9d:01:7e:31
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICBxAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUI0MTIxMTAvBgNVBAUTKDg3M0Q1OTVBRjU1NjlDMjAyMzlGNTNERDgwRUIxMTc3
RDgwQjA5MzQwHhcNMjUwMjA4MDYzNDA4WhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2E2ZmFlMC0xNTgxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwb/lD+IJf/uMKRfPiBSBONkn89laMjayFm2jUKYPudkMRX+LNv62vPC1mb5F
1xJpaQvlg3vWBLICh7xtjFdNpzMwUDfiSOLXEP9Hd/Rqskgg94OgKtgxgpJzHZsr
OayOeTqG8Vp1vvq7ANFd5tajMhgUin74ASoguW+8Q4p8IFsAEmtqIEqwR5g1ww48
2FDPAYkVynS+MK8u4ICD/tL0vZNg2PE2Xn8UWnWONn7nz89yeeOVmWzUNhoaosaU
CxEmQu/ORF9j980Wq5QyT037vJuzuKp6C2D3wc2MQaIvkjvTNEX/4E7gh0xntP3L
TwyZl1EsPSZklKW2X/s0jXSr3wIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFB7l4Ngf
k6P+Zs9i84j7wfoaJJyBMB8GA1UdIwQYMBaAFIc9WVr1VpwgI59T3YDrEXfYCwk0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQjQxMi9DMUVBMDMzQ0Qy
RUExMUVCQTIwNkIxNzhDNEY5QUUwMi9oejFaV3ZWV25DQWpuMVBkZ09zUmQ5Z0xD
VFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2h6MVpXdlZXbkNBam4xUGRnT3NSZDlnTENUUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUI0MTIvQzFFQTAzM0NEMkVBMTFFQkEyMDZCMTc4QzRGOUFFMDIvRTEyMzg0NjhG
MDA1MTFFRThCRkQ1RjZGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAAk/8ADBAAk/8IDBAAr5ZswDQYJKoZIhvcNAQELBQADggEB
AAdjeZb2VlncD5a4HmmVcezdo+hKGZORQFsbQkQ7ajWQqoJ3gkV5iI9D0Z1q5mtc
kiy9ZWxeV0o7znum3jGWUGcioIJiSbZTPNazCdPnpvW50FRLsNL9V4QJtjaXbuki
CI99NI+IiQkpoyw3ltukytekz/rM7XbYZI2rXOcBjh0YryCeSaj9oZzm3Er/xisH
CcF0Gj7vn5BFGfeSFuDXNoGuk/jkjj0cEekT87uwt3gI4hlkQcpNUX4Slf1URHru
Zc86g4y/rOQFDNOw67kSjPPwRbjyDWOpamu/ZBCYXAw9UxrDfGtHHvX/Blhbi9ty
wVjjM0OlK7AI/8Jwcp0BfjE=
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:15:51 2025 by rpki-client