Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9134172/597612649E4D11EA9C23AF1FC4F9AE02/6F3FCE00E2C211EFB3C3D368C4F9AE02.roa
File: 6F3FCE00E2C211EFB3C3D368C4F9AE02.roa (raw, json)
Hash identifier: fP66uDlYiIRKaikuq5ahj233yUbDu5gRPXHcZvN0AUQ=
Subject key identifier: 9C:60:B4:92:F5:C4:98:4A:5D:93:CD:EF:D4:C1:58:15:A3:0C:49:95
Certificate issuer: /CN=A9134172/serialNumber=F45C0F4F467CE1576E5EE9E41E5576F0348C46A7
Certificate serial: 09DD
Authority key identifier: F4:5C:0F:4F:46:7C:E1:57:6E:5E:E9:E4:1E:55:76:F0:34:8C:46:A7
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9FwPT0Z84VduXunkHlV28DSMRqc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9134172/597612649E4D11EA9C23AF1FC4F9AE02/6F3FCE00E2C211EFB3C3D368C4F9AE02.roa
Signing time: Tue 04 Feb 2025 06:36:59 +0000
ROA not before: Tue 04 Feb 2025 06:36:59 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 4775
IP address blocks: 203.168.208.0/21 maxlen: 24
Validation: Failed, certificate revoked on Thu 06 Mar 2025 03:01:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2525 (0x9dd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9134172
Validity
Not Before: Feb 4 06:36:59 2025 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=67a1b58b-1b22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:b7:48:1c:c9:b5:16:cd:7c:88:e8:65:9e:49:
81:ea:bf:a3:d3:aa:f9:de:67:f1:92:8f:44:c5:75:
ce:f2:6e:89:0b:0f:55:b4:84:7a:70:aa:1f:00:1d:
fe:f0:3f:43:d2:9f:16:b8:92:b3:e4:71:15:2b:a2:
4c:76:d7:48:bc:d3:94:e5:49:40:c6:0c:fc:52:f1:
92:72:80:30:31:d7:6f:48:80:96:77:b2:1a:fc:f3:
11:da:bb:f0:b2:e2:ab:93:5d:81:e7:c4:d8:23:81:
18:12:85:b8:77:78:9b:b4:f0:9e:43:8e:72:42:64:
33:23:49:c2:63:52:4c:db:6a:09:31:72:8a:f5:6c:
bb:d3:92:95:ff:0a:ca:95:6e:e0:f9:62:61:3f:42:
a0:0c:52:8a:50:38:36:61:7d:20:a1:b9:0c:8b:8c:
eb:0d:0b:c4:d1:d4:7d:1b:c5:4e:b8:e5:3e:22:68:
01:ba:e3:c4:68:67:49:5a:35:2d:36:d5:aa:ae:2d:
45:ac:f8:ab:81:a7:f1:7b:7c:da:cd:a9:87:cd:80:
31:80:01:ad:58:ff:f2:3e:00:61:14:e8:a7:b9:26:
f8:54:3c:a7:dd:4e:27:7d:88:de:69:94:0d:4f:87:
bd:0a:ff:bb:e5:76:72:75:c9:e9:dd:6b:c7:c3:c5:
ce:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:60:B4:92:F5:C4:98:4A:5D:93:CD:EF:D4:C1:58:15:A3:0C:49:95
X509v3 Authority Key Identifier:
keyid:F4:5C:0F:4F:46:7C:E1:57:6E:5E:E9:E4:1E:55:76:F0:34:8C:46:A7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9134172/597612649E4D11EA9C23AF1FC4F9AE02/9FwPT0Z84VduXunkHlV28DSMRqc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9FwPT0Z84VduXunkHlV28DSMRqc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9134172/597612649E4D11EA9C23AF1FC4F9AE02/6F3FCE00E2C211EFB3C3D368C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.168.208.0/21
Signature Algorithm: sha256WithRSAEncryption
7d:52:ba:d8:8d:17:78:d8:34:97:bd:12:00:cf:67:1b:ac:1e:
ec:d2:cd:21:21:2e:b1:e4:42:5d:98:da:d3:b5:82:c6:a6:c4:
2f:d8:d0:9f:38:70:77:ad:7c:8d:ef:d9:80:cf:90:4f:e9:01:
3e:29:33:b1:86:2b:5b:9e:57:bc:a4:0f:89:b9:b0:89:b8:4f:
57:8e:a2:cf:95:52:95:28:6a:98:4d:16:3b:94:da:df:0d:eb:
d7:d9:8b:74:ba:26:bc:44:57:6e:f6:6b:6f:64:69:63:48:b8:
d4:d0:7b:56:b1:34:f1:7b:39:f4:a6:36:66:2f:8e:2f:18:97:
ed:00:f7:32:f9:81:79:97:f0:6d:40:74:74:41:06:a9:06:2d:
18:90:f3:8e:b1:7c:97:4d:2d:d9:9e:99:b6:60:a7:28:37:d6:
40:9d:0e:c1:09:37:4f:8c:23:3b:cd:7d:48:8e:d8:7d:a6:de:
dd:9f:9e:13:88:49:4a:ec:75:97:3e:86:3a:60:8b:37:57:8d:
4b:2d:68:ef:12:64:66:41:68:b7:c1:19:a5:a0:ad:f4:47:96:
17:cf:3b:40:79:76:20:03:f6:ad:7c:18:00:35:1f:cc:ef:b4:
5f:46:c9:6c:1e:8d:a3:e4:13:b6:a4:83:f2:5a:7f:15:45:12:
35:c1:e6:ec
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCd0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzQxNzIxMTAvBgNVBAUTKEY0NUMwRjRGNDY3Q0UxNTc2RTVFRTlFNDFFNTU3NkYw
MzQ4QzQ2QTcwHhcNMjUwMjA0MDYzNjU5WhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02N2ExYjU4Yi0xYjIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyrdIHMm1Fs18iOhlnkmB6r+j06r53mfxko9ExXXO8m6JCw9VtIR6cKofAB3+
8D9D0p8WuJKz5HEVK6JMdtdIvNOU5UlAxgz8UvGScoAwMddvSICWd7Ia/PMR2rvw
suKrk12B58TYI4EYEoW4d3ibtPCeQ45yQmQzI0nCY1JM22oJMXKK9Wy705KV/wrK
lW7g+WJhP0KgDFKKUDg2YX0gobkMi4zrDQvE0dR9G8VOuOU+ImgBuuPEaGdJWjUt
NtWqri1FrPirgafxe3zazamHzYAxgAGtWP/yPgBhFOinuSb4VDyn3U4nfYjeaZQN
T4e9Cv+75XZydcnp3WvHw8XOmwIDAQABo4IClTCCApEwHQYDVR0OBBYEFJxgtJL1
xJhKXZPN79TBWBWjDEmVMB8GA1UdIwQYMBaAFPRcD09GfOFXbl7p5B5VdvA0jEan
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzNDE3Mi81OTc2MTI2NDlF
NEQxMUVBOUMyM0FGMUZDNEY5QUUwMi85RndQVDBaODRWZHVYdW5rSGxWMjhEU01S
cWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzlGd1BUMFo4NFZkdVh1bmtIbFYyOERTTVJxYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzQxNzIvNTk3NjEyNjQ5RTREMTFFQTlDMjNBRjFGQzRGOUFFMDIvNkYzRkNFMDBF
MkMyMTFFRkIzQzNEMzY4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAPLqNAwDQYJKoZIhvcNAQELBQADggEBAH1SutiNF3jYNJe9
EgDPZxusHuzSzSEhLrHkQl2Y2tO1gsamxC/Y0J84cHetfI3v2YDPkE/pAT4pM7GG
K1ueV7ykD4m5sIm4T1eOos+VUpUoaphNFjuU2t8N69fZi3S6JrxEV272a29kaWNI
uNTQe1axNPF7OfSmNmYvji8Yl+0A9zL5gXmX8G1AdHRBBqkGLRiQ846xfJdNLdme
mbZgpyg31kCdDsEJN0+MIzvNfUiO2H2m3t2fnhOISUrsdZc+hjpgizdXjUstaO8S
ZGZBaLfBGaWgrfRHlhfPO0B5diAD9q18GAA1H8zvtF9GyWwejaPkE7akg/JafxVF
EjXB5uw=
-----END CERTIFICATE-----
Generated at Sat Apr 5 21:08:42 2025 by rpki-client