Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912A294/992F1D0E4AD611EE97B53F72C4F9AE02/09081FFCCCBF11EF9779562BC4F9AE02.roa
File: 09081FFCCCBF11EF9779562BC4F9AE02.roa (raw, json)
Hash identifier: SNwDEqGxjcom/nldX3U6iMKEcWcqOiVJjOJvvjxDD1c=
Subject key identifier: 32:D8:82:29:F5:95:06:71:71:38:51:2A:0A:5A:ED:7A:36:3D:A6:32
Certificate issuer: /CN=A912A294/serialNumber=87B5D853F6425215ADA7822F02A57483EE267C04
Certificate serial: 0128
Authority key identifier: 87:B5:D8:53:F6:42:52:15:AD:A7:82:2F:02:A5:74:83:EE:26:7C:04
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h7XYU_ZCUhWtp4IvAqV0g-4mfAQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912A294/992F1D0E4AD611EE97B53F72C4F9AE02/09081FFCCCBF11EF9779562BC4F9AE02.roa
Signing time: Tue 07 Jan 2025 06:21:11 +0000
ROA not before: Tue 07 Jan 2025 06:21:11 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 151326
IP address blocks: 101.1.4.0/24 maxlen: 24
101.1.5.0/24 maxlen: 24
101.1.6.0/24 maxlen: 24
101.1.7.0/24 maxlen: 24
101.101.98.0/24 maxlen: 24
101.101.99.0/24 maxlen: 24
2401:44c0::/32 maxlen: 32
2401:44c0::/48 maxlen: 48
2401:44c0:1::/48 maxlen: 48
2401:44c0:2::/48 maxlen: 48
2401:44c0:3::/48 maxlen: 48
2401:44c0:4::/48 maxlen: 48
2401:44c0:5::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 06 Mar 2025 10:09:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 296 (0x128)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912A294
Validity
Not Before: Jan 7 06:21:11 2025 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=677cc7d7-d01a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:57:52:46:e7:46:c0:27:1d:b6:4d:4d:ca:20:
33:18:2d:6d:81:7a:cc:2a:7a:00:b5:1f:89:5f:e8:
d6:40:14:2c:51:01:ec:e5:58:99:1b:2f:a4:3a:f7:
df:93:d7:6d:74:6a:53:5b:cf:d9:93:12:41:51:8d:
4f:c0:3f:6f:6f:6b:e5:ad:72:29:fb:c4:70:07:bc:
07:df:8a:b3:b3:1b:47:7c:05:3f:e4:e3:78:79:13:
ed:8b:a5:56:66:2a:b5:61:2b:64:7d:f2:d5:48:60:
c9:5e:a1:59:c3:66:02:e1:4a:f1:3d:e6:9e:f7:d5:
1b:95:75:e9:5d:f8:6b:97:de:32:75:10:0f:82:66:
21:8b:76:56:e9:4a:95:21:be:cf:3d:69:42:83:ad:
1b:7d:e1:5c:e6:a7:30:d3:c6:aa:c6:6f:52:12:31:
94:dd:4a:97:7d:c0:ea:ae:50:04:69:c0:8a:12:63:
2f:a7:de:69:87:c6:b4:3c:94:85:93:13:8c:da:df:
b3:77:a1:1c:ac:79:f2:6e:f5:83:3d:1a:7e:c6:24:
42:d8:e5:32:1c:76:4f:f5:fa:6a:cc:f9:59:1f:ff:
f8:9b:90:41:99:f3:5e:b0:3d:69:66:d7:f0:a0:8a:
76:5a:fc:80:fa:5a:7c:e7:c8:dc:e5:ac:6e:d1:09:
1a:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:D8:82:29:F5:95:06:71:71:38:51:2A:0A:5A:ED:7A:36:3D:A6:32
X509v3 Authority Key Identifier:
keyid:87:B5:D8:53:F6:42:52:15:AD:A7:82:2F:02:A5:74:83:EE:26:7C:04
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912A294/992F1D0E4AD611EE97B53F72C4F9AE02/h7XYU_ZCUhWtp4IvAqV0g-4mfAQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h7XYU_ZCUhWtp4IvAqV0g-4mfAQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912A294/992F1D0E4AD611EE97B53F72C4F9AE02/09081FFCCCBF11EF9779562BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
101.1.4.0/22
101.101.98.0/23
IPv6:
2401:44c0::/32
Signature Algorithm: sha256WithRSAEncryption
26:1a:a8:fd:c3:84:c7:31:db:68:66:38:7d:d2:80:e0:91:5b:
28:f1:9f:aa:d0:e8:2b:fb:b5:b9:af:ec:b9:e8:5c:52:e7:ef:
3f:e4:35:22:f0:57:1b:e4:ab:f7:1b:f8:f7:80:ad:d1:47:01:
bc:19:c4:71:0f:63:b0:8e:a4:13:56:19:de:ef:52:b1:0e:14:
4a:ca:26:be:6c:80:21:aa:a6:51:e9:f4:ac:d0:00:e4:26:2d:
ad:c0:1f:68:c3:e4:fe:0a:84:6f:2e:2a:2a:fc:f0:ff:03:ae:
2c:38:cf:58:7e:6e:b7:d5:49:61:2d:c7:11:84:d8:c2:34:fb:
74:84:a4:2a:d1:42:23:d1:61:32:a7:41:f4:df:63:82:d6:94:
2f:b5:91:f8:bc:ca:2f:d0:c1:3c:9e:c1:b3:ea:2d:28:74:40:
c2:76:a5:ac:aa:3f:41:e7:7f:cf:63:3a:9a:b7:d8:1f:3c:3c:
49:37:7c:cc:e6:6a:d9:39:b1:05:cd:a3:59:c0:62:7a:b6:64:
d8:45:1a:3f:23:c1:9b:02:89:6a:28:87:93:44:61:d6:09:3e:
13:f6:f3:ba:6b:be:60:f2:f9:58:12:4d:97:93:93:aa:59:62:
65:38:03:80:a4:32:02:a7:ee:01:c3:d4:90:41:9e:ab:51:41:
2c:e9:4b:72
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICASgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MkEyOTQxMTAvBgNVBAUTKDg3QjVEODUzRjY0MjUyMTVBREE3ODIyRjAyQTU3NDgz
RUUyNjdDMDQwHhcNMjUwMTA3MDYyMTExWhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzdjYzdkNy1kMDFhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAlVdSRudGwCcdtk1NyiAzGC1tgXrMKnoAtR+JX+jWQBQsUQHs5ViZGy+kOvff
k9dtdGpTW8/ZkxJBUY1PwD9vb2vlrXIp+8RwB7wH34qzsxtHfAU/5ON4eRPti6VW
Ziq1YStkffLVSGDJXqFZw2YC4UrxPeae99UblXXpXfhrl94ydRAPgmYhi3ZW6UqV
Ib7PPWlCg60bfeFc5qcw08aqxm9SEjGU3UqXfcDqrlAEacCKEmMvp95ph8a0PJSF
kxOM2t+zd6EcrHnybvWDPRp+xiRC2OUyHHZP9fpqzPlZH//4m5BBmfNesD1pZtfw
oIp2WvyA+lp858jc5axu0QkalQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFDLYgin1
lQZxcThRKgpa7Xo2PaYyMB8GA1UdIwQYMBaAFIe12FP2QlIVraeCLwKldIPuJnwE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyQTI5NC85OTJGMUQwRTRB
RDYxMUVFOTdCNTNGNzJDNEY5QUUwMi9oN1hZVV9aQ1VoV3RwNEl2QXFWMGctNG1m
QVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2g3WFlVX1pDVWhXdHA0SXZBcVYwZy00bWZBUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MkEyOTQvOTkyRjFEMEU0QUQ2MTFFRTk3QjUzRjcyQzRGOUFFMDIvMDkwODFGRkND
Q0JGMTFFRjk3Nzk1NjJCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAJlAQQDBAFlZWIwDQQCAAIwBwMFACQBRMAwDQYJKoZIhvcN
AQELBQADggEBACYaqP3DhMcx22hmOH3SgOCRWyjxn6rQ6Cv7tbmv7LnoXFLn7z/k
NSLwVxvkq/cb+PeArdFHAbwZxHEPY7COpBNWGd7vUrEOFErKJr5sgCGqplHp9KzQ
AOQmLa3AH2jD5P4KhG8uKir88P8Driw4z1h+brfVSWEtxxGE2MI0+3SEpCrRQiPR
YTKnQfTfY4LWlC+1kfi8yi/QwTyewbPqLSh0QMJ2payqP0Hnf89jOpq32B88PEk3
fMzmatk5sQXNo1nAYnq2ZNhFGj8jwZsCiWooh5NEYdYJPhP287prvmDy+VgSTZeT
k6pZYmU4A4CkMgKn7gHD1JBBnqtRQSzpS3I=
-----END CERTIFICATE-----
Generated at Sat Apr 5 05:59:49 2025 by rpki-client