Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916C61B/51EFFA30826911ECAD2E9524C4F9AE02/F3D3C706ACDB11EF9EB5881EC4F9AE02.roa
File: F3D3C706ACDB11EF9EB5881EC4F9AE02.roa (raw, json)
Hash identifier: EdW72iIJ/89GmuBeAw+UpejOQK+5Fd9j6ugEQbmP3do=
Subject key identifier: 7F:B7:78:C2:16:15:85:C4:82:0E:B3:DF:4F:CD:61:3A:AC:F2:4E:33
Certificate issuer: /CN=A916C61B/serialNumber=F539291919CDE144B034EF288B0A634783E82C7F
Certificate serial: 03F3
Authority key identifier: F5:39:29:19:19:CD:E1:44:B0:34:EF:28:8B:0A:63:47:83:E8:2C:7F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9TkpGRnN4USwNO8oiwpjR4PoLH8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916C61B/51EFFA30826911ECAD2E9524C4F9AE02/F3D3C706ACDB11EF9EB5881EC4F9AE02.roa
Signing time: Wed 27 Nov 2024 16:23:36 +0000
ROA not before: Wed 27 Nov 2024 16:23:36 +0000
ROA not after: Thu 01 May 2025 00:00:00 +0000
asID: 136272
IP address blocks: 116.204.140.0/22 maxlen: 22
116.204.143.0/24 maxlen: 24
2400:c7c0::/32 maxlen: 32
2400:c7c0::/34 maxlen: 34
2400:c7c0::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 05 Feb 2025 06:30:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1011 (0x3f3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916C61B
Validity
Not Before: Nov 27 16:23:36 2024 GMT
Not After : May 1 00:00:00 2025 GMT
Subject: CN=67474788-cd2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:45:4d:7a:16:c6:15:e9:5a:80:53:20:6f:48:
62:ee:bd:18:cd:9d:9d:65:f3:be:02:18:92:dc:c2:
46:ec:b6:8b:f0:70:25:e7:8b:9e:62:65:68:95:f6:
00:b1:7f:f2:f2:78:81:90:cf:79:85:ed:14:43:d3:
aa:b6:a5:ce:f6:69:e7:ec:b0:c4:12:7e:38:b1:87:
92:bb:ae:7b:0f:9b:1d:cf:39:3e:d7:b5:19:5f:11:
f5:42:0b:f5:84:52:31:15:41:c0:f7:0a:6d:9a:26:
92:3b:3d:ed:e7:c1:64:5c:84:94:a3:28:6d:74:1f:
74:d6:59:c0:e1:ec:01:21:8b:7a:6b:26:f8:dc:ad:
2d:80:fb:07:6b:17:41:27:a6:8c:32:a3:25:db:7d:
6f:02:09:4f:ec:00:37:2e:c1:1e:7d:77:7b:db:fa:
4c:51:d6:0b:6a:f7:84:31:ef:12:4b:9f:82:85:7b:
10:74:b6:07:d3:9a:45:f9:4d:f4:45:ad:60:ad:5d:
36:b4:d7:cb:a4:b4:cd:84:5e:34:49:a6:b7:20:c1:
23:e5:98:c2:a9:7f:49:3d:88:15:6b:85:37:be:b7:
7f:d0:82:2c:bd:60:72:d2:76:c1:9a:fc:97:ed:17:
b2:0a:4c:cd:79:7f:a3:22:de:c1:24:6e:09:66:31:
48:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:B7:78:C2:16:15:85:C4:82:0E:B3:DF:4F:CD:61:3A:AC:F2:4E:33
X509v3 Authority Key Identifier:
keyid:F5:39:29:19:19:CD:E1:44:B0:34:EF:28:8B:0A:63:47:83:E8:2C:7F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916C61B/51EFFA30826911ECAD2E9524C4F9AE02/9TkpGRnN4USwNO8oiwpjR4PoLH8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9TkpGRnN4USwNO8oiwpjR4PoLH8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916C61B/51EFFA30826911ECAD2E9524C4F9AE02/F3D3C706ACDB11EF9EB5881EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
116.204.140.0/22
IPv6:
2400:c7c0::/32
Signature Algorithm: sha256WithRSAEncryption
01:14:82:a6:e7:e5:ee:5e:78:62:ca:a4:8f:b3:fa:5d:93:71:
a4:9d:49:ab:32:ff:2c:14:5a:c9:3d:f4:8f:02:93:47:08:ac:
13:3e:ff:ca:06:0c:fd:6f:f9:e4:5e:2a:97:77:b3:93:92:fa:
27:aa:f5:55:a6:cc:72:be:53:b8:ee:fd:7e:30:4f:ec:5d:4e:
65:22:aa:45:72:3b:7c:b0:bd:92:46:25:75:a2:15:1a:4c:2b:
8a:63:4b:55:3f:c3:91:de:51:10:c9:79:dc:1c:38:85:aa:26:
4a:f7:d9:8b:90:7e:ac:0b:2a:83:3a:6e:7e:cd:31:cc:4b:4a:
eb:d6:36:6f:55:fd:86:ec:40:03:42:28:1f:03:ff:24:1f:cc:
f2:71:30:77:d9:0d:bd:fe:b9:d8:93:aa:d3:c7:3a:97:31:44:
75:fd:41:9c:9c:93:82:7d:1a:4e:ad:d2:3d:20:20:27:c2:f0:
61:50:51:50:46:65:7b:19:ba:79:bd:37:4e:d3:d3:60:26:24:
8a:9e:05:5f:05:f4:cb:ff:a2:46:4f:09:c7:3e:da:6c:22:9b:
16:3b:ea:a9:dc:f7:6b:2d:7c:82:b1:a9:c4:a1:26:60:68:20:
b3:c0:92:5f:7f:4c:bc:0e:af:80:50:cb:08:cd:df:ad:a8:7b:
bf:15:f4:c5
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICA/MwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkM2MUIxMTAvBgNVBAUTKEY1MzkyOTE5MTlDREUxNDRCMDM0RUYyODhCMEE2MzQ3
ODNFODJDN0YwHhcNMjQxMTI3MTYyMzM2WhcNMjUwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzQ3NDc4OC1jZDJkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA+EVNehbGFelagFMgb0hi7r0YzZ2dZfO+AhiS3MJG7LaL8HAl54ueYmVolfYA
sX/y8niBkM95he0UQ9OqtqXO9mnn7LDEEn44sYeSu657D5sdzzk+17UZXxH1Qgv1
hFIxFUHA9wptmiaSOz3t58FkXISUoyhtdB901lnA4ewBIYt6ayb43K0tgPsHaxdB
J6aMMqMl231vAglP7AA3LsEefXd72/pMUdYLaveEMe8SS5+ChXsQdLYH05pF+U30
Ra1grV02tNfLpLTNhF40Saa3IMEj5ZjCqX9JPYgVa4U3vrd/0IIsvWBy0nbBmvyX
7ReyCkzNeX+jIt7BJG4JZjFIaQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFH+3eMIW
FYXEgg6z30/NYTqs8k4zMB8GA1UdIwQYMBaAFPU5KRkZzeFEsDTvKIsKY0eD6Cx/
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2QzYxQi81MUVGRkEzMDgy
NjkxMUVDQUQyRTk1MjRDNEY5QUUwMi85VGtwR1JuTjRVU3dOTzhvaXdwalI0UG9M
SDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzlUa3BHUm5ONFVTd05POG9pd3BqUjRQb0xIOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkM2MUIvNTFFRkZBMzA4MjY5MTFFQ0FEMkU5NTI0QzRGOUFFMDIvRjNEM0M3MDZB
Q0RCMTFFRjlFQjU4ODFFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAJ0zIwwDQQCAAIwBwMFACQAx8AwDQYJKoZIhvcNAQELBQAD
ggEBAAEUgqbn5e5eeGLKpI+z+l2TcaSdSasy/ywUWsk99I8Ck0cIrBM+/8oGDP1v
+eReKpd3s5OS+ieq9VWmzHK+U7ju/X4wT+xdTmUiqkVyO3ywvZJGJXWiFRpMK4pj
S1U/w5HeURDJedwcOIWqJkr32YuQfqwLKoM6bn7NMcxLSuvWNm9V/YbsQANCKB8D
/yQfzPJxMHfZDb3+udiTqtPHOpcxRHX9QZyck4J9Gk6t0j0gICfC8GFQUVBGZXsZ
unm9N07T02AmJIqeBV8F9Mv/okZPCcc+2mwimxY76qnc92stfIKxqcShJmBoILPA
kl9/TLwOr4BQywjN362oe78V9MU=
-----END CERTIFICATE-----
Generated at Sun Apr 6 08:40:02 2025 by rpki-client