Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9165588/694531F2FA8711EF83EDEC2DC4F9AE02/D9B7EA1EFA8811EFAE997233C4F9AE02.roa
File: D9B7EA1EFA8811EFAE997233C4F9AE02.roa (raw, json)
Hash identifier: LTq6TBf/2YCpbqxcbGiSQZoMbZlgJwaqV0SJyQ0uiO0=
Subject key identifier: 0F:9F:86:D4:77:0B:80:AB:46:66:04:B1:93:EC:3F:5B:77:76:E1:BD
Certificate issuer: /CN=A9165588/serialNumber=EF9F97CEB2927651D64FAA02E39DBE0DA3B71F95
Certificate serial: 07
Authority key identifier: EF:9F:97:CE:B2:92:76:51:D6:4F:AA:02:E3:9D:BE:0D:A3:B7:1F:95
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/75-XzrKSdlHWT6oC452-DaO3H5U.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9165588/694531F2FA8711EF83EDEC2DC4F9AE02/D9B7EA1EFA8811EFAE997233C4F9AE02.roa
Signing time: Fri 07 Mar 2025 09:14:45 +0000
ROA not before: Fri 07 Mar 2025 09:14:45 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 0
IP address blocks: 203.13.144.0/24 maxlen: 24
203.13.146.0/23 maxlen: 23
203.13.148.0/22 maxlen: 22
203.13.152.0/22 maxlen: 22
203.13.157.0/24 maxlen: 24
203.13.158.0/23 maxlen: 23
Validation: Failed, certificate revoked on Fri 07 Mar 2025 10:58:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7 (0x7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9165588
Validity
Not Before: Mar 7 09:14:45 2025 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=67cab905-ee44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:9a:cf:ad:e6:e6:2d:0a:06:68:73:85:42:30:
9e:90:8e:4e:0c:9e:9d:c1:8a:2c:88:9f:1f:91:c4:
eb:04:26:fa:e8:ce:f9:38:f4:fe:eb:59:df:44:3a:
9f:22:cd:c4:a9:30:82:37:70:86:53:13:3a:4d:1f:
4d:6a:82:31:dc:fc:1a:f4:61:94:e6:ab:f9:ef:d4:
ae:d8:5b:d3:7d:2f:99:5b:42:7d:5e:04:73:e6:89:
59:bb:dd:56:c3:11:49:97:21:88:4d:5c:f5:6d:00:
7f:db:b4:34:e9:b9:cf:c3:99:b4:80:15:fa:bd:4b:
16:ab:c7:bd:1b:cd:24:ae:89:93:d5:26:b7:c5:6a:
bc:7f:02:bc:82:9c:91:e6:47:77:80:3f:ef:c4:15:
0b:5e:15:ac:67:9c:fe:5c:2f:d8:33:43:71:1c:a3:
87:da:21:e4:ad:7a:a1:b7:3b:f1:21:ff:9d:1c:8f:
65:67:08:c9:b2:aa:34:3b:d4:d6:9e:af:f5:34:45:
1d:ba:2a:a1:4b:57:81:97:a0:08:0d:ea:1e:b7:ad:
d1:b4:aa:ec:3c:97:17:08:63:6b:bc:49:66:12:ad:
4d:c9:37:32:df:9a:a9:d3:db:6b:02:45:70:33:68:
b3:09:0a:5f:8f:6e:17:4d:05:f6:16:2b:9f:96:78:
42:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:9F:86:D4:77:0B:80:AB:46:66:04:B1:93:EC:3F:5B:77:76:E1:BD
X509v3 Authority Key Identifier:
keyid:EF:9F:97:CE:B2:92:76:51:D6:4F:AA:02:E3:9D:BE:0D:A3:B7:1F:95
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9165588/694531F2FA8711EF83EDEC2DC4F9AE02/75-XzrKSdlHWT6oC452-DaO3H5U.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/75-XzrKSdlHWT6oC452-DaO3H5U.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9165588/694531F2FA8711EF83EDEC2DC4F9AE02/D9B7EA1EFA8811EFAE997233C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.13.144.0/24
203.13.146.0-203.13.155.255
203.13.157.0-203.13.159.255
Signature Algorithm: sha256WithRSAEncryption
64:64:59:72:da:0b:50:93:69:aa:4f:73:68:31:ee:11:b5:9d:
cb:f2:71:07:26:66:70:70:5e:66:94:eb:b6:21:a3:0a:b5:49:
23:e4:ec:86:24:f6:40:f7:99:f7:04:d8:81:0e:55:50:1e:02:
ca:dd:7b:4a:e2:b1:7a:df:02:ec:50:db:83:e3:8c:09:fd:37:
2e:8f:34:e2:08:a2:c5:f2:05:f1:13:11:fe:8b:0b:69:1b:17:
bd:54:f1:9d:30:30:97:1b:dc:37:a2:9c:a7:fd:e0:b0:28:3d:
05:fa:82:e5:48:82:48:c3:b9:13:cd:7c:4d:30:fb:20:77:26:
10:0e:56:d1:78:d9:7f:9c:e4:e8:a8:9e:7b:a2:de:d2:f6:f0:
ef:71:c2:0b:fa:89:9e:49:e9:27:55:30:8e:10:dd:a7:f6:f8:
8a:23:60:44:08:3b:1f:3c:79:c3:ef:1d:55:09:57:8c:04:d3:
1a:35:e6:d4:af:5e:6a:97:00:de:f4:e3:af:96:b0:af:7a:e6:
fa:87:f2:de:77:01:a3:40:b6:c8:23:94:89:ab:9b:15:70:d7:
3c:8f:02:f2:28:66:f8:18:0f:ca:00:a4:b4:ab:9d:44:a2:4b:
cd:cd:f1:53:c8:55:37:ec:02:24:58:32:ff:2f:f2:69:67:4e:
9e:6b:26:2f
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgIBBzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE2
NTU4ODExMC8GA1UEBRMoRUY5Rjk3Q0VCMjkyNzY1MUQ2NEZBQTAyRTM5REJFMERB
M0I3MUY5NTAeFw0yNTAzMDcwOTE0NDVaFw0yNTEyMzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3Y2FiOTA1LWVlNDQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDKms+t5uYtCgZoc4VCMJ6Qjk4Mnp3BiiyInx+RxOsEJvrozvk49P7rWd9EOp8i
zcSpMII3cIZTEzpNH01qgjHc/Br0YZTmq/nv1K7YW9N9L5lbQn1eBHPmiVm73VbD
EUmXIYhNXPVtAH/btDTpuc/DmbSAFfq9Sxarx70bzSSuiZPVJrfFarx/AryCnJHm
R3eAP+/EFQteFaxnnP5cL9gzQ3Eco4faIeSteqG3O/Eh/50cj2VnCMmyqjQ71Nae
r/U0RR26KqFLV4GXoAgN6h63rdG0quw8lxcIY2u8SWYSrU3JNzLfmqnT22sCRXAz
aLMJCl+PbhdNBfYWK5+WeEJrAgMBAAGjggKxMIICrTAdBgNVHQ4EFgQUD5+G1HcL
gKtGZgSxk+w/W3d24b0wHwYDVR0jBBgwFoAU75+XzrKSdlHWT6oC452+DaO3H5Uw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTY1NTg4LzY5NDUzMUYyRkE4
NzExRUY4M0VERUMyREM0RjlBRTAyLzc1LVh6cktTZGxIV1Q2b0M0NTItRGFPM0g1
VS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvNzUtWHpyS1NkbEhXVDZvQzQ1Mi1EYU8zSDVVLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2
NTU4OC82OTQ1MzFGMkZBODcxMUVGODNFREVDMkRDNEY5QUUwMi9EOUI3RUExRUZB
ODgxMUVGQUU5OTcyMzNDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDA7BggrBgEFBQcBBwEB/wQs
MCowKAQCAAEwIgMEAMsNkDAMAwQByw2SAwQCyw2YMAwDBADLDZ0DBAXLDYAwDQYJ
KoZIhvcNAQELBQADggEBAGRkWXLaC1CTaapPc2gx7hG1ncvycQcmZnBwXmaU67Yh
owq1SSPk7IYk9kD3mfcE2IEOVVAeAsrde0risXrfAuxQ24PjjAn9Ny6PNOIIosXy
BfETEf6LC2kbF71U8Z0wMJcb3DeinKf94LAoPQX6guVIgkjDuRPNfE0w+yB3JhAO
VtF42X+c5Oionnui3tL28O9xwgv6iZ5J6SdVMI4Q3af2+IojYEQIOx88ecPvHVUJ
V4wE0xo15tSvXmqXAN7046+WsK965vqH8t53AaNAtsgjlImrmxVw1zyPAvIoZvgY
D8oApLSrnUSiS83N8VPIVTfsAiRYMv8v8mlnTp5rJi8=
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:13:15 2025 by rpki-client