Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912A294/992F1D0E4AD611EE97B53F72C4F9AE02/C2FE12E8FA7511EF9DB15132C4F9AE02.roa
File: C2FE12E8FA7511EF9DB15132C4F9AE02.roa (raw, json)
Hash identifier: PyuhzO94RZfoYLZEM/Ljs6lxDb5sUk57wZm676ulW8Q=
Subject key identifier: 42:B8:9C:FC:D5:8D:60:2E:B7:63:7D:9A:5A:20:E0:A1:58:E0:E2:E1
Certificate issuer: /CN=A912A294/serialNumber=87B5D853F6425215ADA7822F02A57483EE267C04
Certificate serial: 014A
Authority key identifier: 87:B5:D8:53:F6:42:52:15:AD:A7:82:2F:02:A5:74:83:EE:26:7C:04
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h7XYU_ZCUhWtp4IvAqV0g-4mfAQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912A294/992F1D0E4AD611EE97B53F72C4F9AE02/C2FE12E8FA7511EF9DB15132C4F9AE02.roa
Signing time: Thu 06 Mar 2025 10:28:36 +0000
ROA not before: Thu 06 Mar 2025 10:28:36 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 138077
IP address blocks: 101.1.4.0/24 maxlen: 24
101.1.5.0/24 maxlen: 24
2401:44c0:3::/48 maxlen: 48
2401:44c0:4::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 20 Mar 2025 01:19:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 330 (0x14a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912A294
Validity
Not Before: Mar 6 10:28:36 2025 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=67c978d4-de17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:af:d4:c9:a4:ad:8e:a5:62:c0:67:6c:24:fa:
ca:0a:4f:a9:c0:78:40:0f:34:dc:9d:93:66:49:6e:
3f:a7:4b:f6:52:fc:6e:fa:73:8f:9c:81:4a:4c:79:
8d:7c:69:9d:3e:7b:20:28:c4:eb:39:b4:cb:05:c9:
2a:f7:f6:fe:d5:0b:4a:95:38:93:10:ce:93:08:19:
c4:33:cb:d9:ae:d2:64:59:99:56:12:2b:2c:67:8f:
2f:8e:43:4e:47:f4:fd:7f:52:2b:1a:6c:af:5f:7a:
87:3d:64:57:17:48:cc:ae:ab:17:21:45:4b:6d:b4:
b6:b6:1a:79:d8:1d:78:ed:da:63:bd:a7:c5:35:04:
9d:7a:a7:90:78:b0:93:37:99:c6:cf:46:4f:69:31:
64:45:6e:66:85:4c:0c:e4:1f:8d:ca:ad:14:46:10:
f1:64:41:09:4e:9e:35:58:92:0d:27:58:6d:02:74:
05:5f:e2:d3:d6:ed:35:c8:28:3a:f8:da:9b:a1:4a:
34:c7:74:65:09:22:6a:89:1f:d1:34:35:85:cb:c3:
61:ba:9c:27:ad:8f:66:17:d1:cf:ba:4c:af:66:ea:
08:f2:5d:cf:0e:d6:88:8c:e3:50:52:ff:b1:81:65:
23:de:a0:16:d5:a9:d4:09:0a:1e:9b:a8:20:2e:02:
3e:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:B8:9C:FC:D5:8D:60:2E:B7:63:7D:9A:5A:20:E0:A1:58:E0:E2:E1
X509v3 Authority Key Identifier:
keyid:87:B5:D8:53:F6:42:52:15:AD:A7:82:2F:02:A5:74:83:EE:26:7C:04
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912A294/992F1D0E4AD611EE97B53F72C4F9AE02/h7XYU_ZCUhWtp4IvAqV0g-4mfAQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h7XYU_ZCUhWtp4IvAqV0g-4mfAQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912A294/992F1D0E4AD611EE97B53F72C4F9AE02/C2FE12E8FA7511EF9DB15132C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
101.1.4.0/23
IPv6:
2401:44c0:3::-2401:44c0:4:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
2d:7f:f4:dd:b6:c4:ca:8b:6b:b8:2b:95:bf:d3:98:91:15:a5:
87:17:80:d5:69:85:8f:b5:8d:f1:f7:d4:18:77:de:d8:79:0f:
f2:7c:e9:f0:c4:10:f1:4e:b1:20:d7:74:fe:c2:c6:ab:67:e2:
41:de:fd:b8:9f:75:28:76:57:97:30:0a:9e:e5:a5:0d:fe:d3:
6d:ec:6a:22:5e:c8:68:66:02:3c:4a:78:50:79:c9:18:b4:b0:
f5:49:bd:96:f7:0c:12:0f:cd:a5:cd:48:dd:89:04:34:15:b2:
83:f8:5e:8b:a2:4b:ec:21:3b:c4:be:49:ff:1e:75:fd:da:ba:
1f:ca:01:9b:70:b9:b3:39:4b:5e:46:e1:f9:99:88:c5:8e:66:
09:89:ed:97:95:45:a9:32:ff:84:27:9c:c5:d1:ee:30:6c:cd:
6f:ca:5c:ad:0c:6d:e6:61:41:1f:39:31:fb:49:a5:35:a5:94:
09:1a:7b:a6:5f:70:44:5b:7f:fb:42:00:ec:f4:38:66:40:3d:
cf:9e:3e:5d:ac:f4:7e:d8:12:52:85:e0:8c:0d:56:ef:5e:c7:
3f:b2:f5:f9:c8:03:e0:1f:dc:9b:fe:59:1e:93:9d:55:cc:d9:
17:2a:ef:c8:7e:61:17:a2:fa:c3:51:ef:6d:e8:e0:04:94:a4:
07:7e:c1:2c
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgICAUowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MkEyOTQxMTAvBgNVBAUTKDg3QjVEODUzRjY0MjUyMTVBREE3ODIyRjAyQTU3NDgz
RUUyNjdDMDQwHhcNMjUwMzA2MTAyODM2WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2M5NzhkNC1kZTE3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqK/UyaStjqViwGdsJPrKCk+pwHhADzTcnZNmSW4/p0v2Uvxu+nOPnIFKTHmN
fGmdPnsgKMTrObTLBckq9/b+1QtKlTiTEM6TCBnEM8vZrtJkWZlWEissZ48vjkNO
R/T9f1IrGmyvX3qHPWRXF0jMrqsXIUVLbbS2thp52B147dpjvafFNQSdeqeQeLCT
N5nGz0ZPaTFkRW5mhUwM5B+Nyq0URhDxZEEJTp41WJINJ1htAnQFX+LT1u01yCg6
+NqboUo0x3RlCSJqiR/RNDWFy8NhupwnrY9mF9HPukyvZuoI8l3PDtaIjONQUv+x
gWUj3qAW1anUCQoem6ggLgI+hwIDAQABo4ICsTCCAq0wHQYDVR0OBBYEFEK4nPzV
jWAut2N9mlog4KFY4OLhMB8GA1UdIwQYMBaAFIe12FP2QlIVraeCLwKldIPuJnwE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyQTI5NC85OTJGMUQwRTRB
RDYxMUVFOTdCNTNGNzJDNEY5QUUwMi9oN1hZVV9aQ1VoV3RwNEl2QXFWMGctNG1m
QVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2g3WFlVX1pDVWhXdHA0SXZBcVYwZy00bWZBUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MkEyOTQvOTkyRjFEMEU0QUQ2MTFFRTk3QjUzRjcyQzRGOUFFMDIvQzJGRTEyRThG
QTc1MTFFRjlEQjE1MTMyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOwYIKwYBBQUHAQcBAf8E
LDAqMAwEAgABMAYDBAFlAQQwGgQCAAIwFDASAwcAJAFEwAADAwcAJAFEwAAEMA0G
CSqGSIb3DQEBCwUAA4IBAQAtf/TdtsTKi2u4K5W/05iRFaWHF4DVaYWPtY3x99QY
d97YeQ/yfOnwxBDxTrEg13T+wsarZ+JB3v24n3UodleXMAqe5aUN/tNt7GoiXsho
ZgI8SnhQeckYtLD1Sb2W9wwSD82lzUjdiQQ0FbKD+F6LokvsITvEvkn/HnX92rof
ygGbcLmzOUteRuH5mYjFjmYJie2XlUWpMv+EJ5zF0e4wbM1vylytDG3mYUEfOTH7
SaU1pZQJGnumX3BEW3/7QgDs9DhmQD3Pnj5drPR+2BJSheCMDVbvXsc/svX5yAPg
H9yb/lkek51VzNkXKu/IfmEXovrDUe9t6OAElKQHfsEs
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:25:10 2025 by rpki-client