Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917F051/5AAD9D7ED8DD11ECA5DD0C50C4F9AE02/B63C35ACA85F11EFBE1EC745C4F9AE02.roa
File: B63C35ACA85F11EFBE1EC745C4F9AE02.roa (raw, json)
Hash identifier: YewDsclncDE0sePhXP5P3qQ2h7VPxn5mCys6Flkr8YM=
Subject key identifier: 06:38:6B:B9:E0:BB:10:E6:9C:6F:6D:EE:61:54:8C:7E:50:1B:E4:9E
Certificate issuer: /CN=A917F051/serialNumber=84DA8927CDEF503396F52720194EB931209D3F3A
Certificate serial: 02A4
Authority key identifier: 84:DA:89:27:CD:EF:50:33:96:F5:27:20:19:4E:B9:31:20:9D:3F:3A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hNqJJ83vUDOW9ScgGU65MSCdPzo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917F051/5AAD9D7ED8DD11ECA5DD0C50C4F9AE02/B63C35ACA85F11EFBE1EC745C4F9AE02.roa
Signing time: Thu 21 Nov 2024 23:24:11 +0000
ROA not before: Thu 21 Nov 2024 23:24:11 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 20119
IP address blocks: 202.5.128.0/24 maxlen: 24
202.5.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 22 Nov 2024 00:37:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 676 (0x2a4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917F051, serialNumber=84DA8927CDEF503396F52720194EB931209D3F3A
Validity
Not Before: Nov 21 23:24:11 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=673fc11a-3a10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:50:68:da:c7:db:30:7d:cd:16:91:34:88:b6:
1b:aa:37:fb:12:06:d0:f8:22:0d:1c:af:36:f3:fe:
23:6a:c1:6a:17:61:71:21:fd:f4:2b:fe:83:bc:1b:
b5:16:38:85:52:6c:2c:21:f4:e4:bd:54:3a:ba:bc:
19:04:93:b8:f6:e6:e7:6f:d0:86:b4:bd:df:7b:94:
8f:8f:fe:84:1a:d5:a2:10:84:d5:8b:d0:33:d2:fb:
c7:ea:4c:da:fb:75:e6:d1:d2:b8:b3:42:3d:fc:ea:
77:1b:74:f8:2b:68:4e:93:64:98:74:93:53:66:d5:
76:1f:d5:e9:82:8c:ca:95:2f:de:3d:42:62:35:ae:
dc:26:bf:73:8f:63:30:17:c7:9c:6e:79:df:18:90:
f2:67:0f:d5:f2:c9:a2:ad:c4:48:34:ee:75:70:f1:
a6:cf:16:2a:ac:c2:ba:0d:2c:e6:a7:46:0f:7f:61:
70:3b:ef:be:f4:c1:0b:e7:ea:af:87:6c:17:05:bd:
6f:f7:dd:29:32:7c:f1:25:f2:ea:fa:4d:2f:b5:eb:
26:0b:cd:87:7d:28:36:de:ab:23:3d:59:a7:6a:22:
7d:7f:a4:6f:ff:6c:80:41:bf:ef:73:b0:c4:01:2e:
27:61:62:d0:0a:6f:74:92:34:46:a7:50:0c:41:ca:
15:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:38:6B:B9:E0:BB:10:E6:9C:6F:6D:EE:61:54:8C:7E:50:1B:E4:9E
X509v3 Authority Key Identifier:
keyid:84:DA:89:27:CD:EF:50:33:96:F5:27:20:19:4E:B9:31:20:9D:3F:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917F051/5AAD9D7ED8DD11ECA5DD0C50C4F9AE02/hNqJJ83vUDOW9ScgGU65MSCdPzo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hNqJJ83vUDOW9ScgGU65MSCdPzo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917F051/5AAD9D7ED8DD11ECA5DD0C50C4F9AE02/B63C35ACA85F11EFBE1EC745C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.5.128.0/23
Signature Algorithm: sha256WithRSAEncryption
7c:ae:c3:b6:9e:9e:d2:e5:6d:60:8f:cd:fb:40:26:de:d0:d9:
af:03:2c:47:9a:0c:80:89:ea:6b:10:46:a8:d4:7b:56:cd:4b:
2c:7d:f2:c7:62:ee:e4:62:39:f7:02:c2:2a:b6:47:5a:85:b0:
5f:53:9c:a3:8e:4d:f1:fc:85:c6:24:52:4b:00:a3:09:d3:41:
3f:1a:6b:04:90:3d:ed:48:f6:1d:32:54:b3:b2:38:fe:4b:36:
56:b4:44:91:2a:ad:1b:08:60:36:6a:87:bb:06:68:56:84:df:
6b:b9:ed:94:ea:e9:64:94:c0:ae:d2:da:30:b6:aa:ec:e4:21:
0b:42:dd:3c:7d:ff:e3:14:63:31:8d:18:f8:cf:fc:ff:0a:9b:
89:f8:a5:89:4d:fa:87:eb:9d:8c:72:d9:64:d0:cb:29:a9:e1:
8a:82:c8:2a:27:df:08:d0:58:a7:36:9a:2c:5d:7c:60:08:91:
b3:47:72:6e:78:65:1e:1c:9a:c7:24:1c:34:a4:70:a8:43:6e:
61:63:53:79:51:41:fa:da:93:8b:19:cf:30:e8:83:5b:1c:e3:
a9:54:ff:42:83:c8:92:33:2c:e8:6a:86:aa:e5:84:d3:10:ab:
8e:fe:17:13:f0:72:8d:bf:c7:19:72:0c:10:1d:33:1c:3e:38:
eb:58:8f:7e
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAqQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0YwNTExMTAvBgNVBAUTKDg0REE4OTI3Q0RFRjUwMzM5NkY1MjcyMDE5NEVCOTMx
MjA5RDNGM0EwHhcNMjQxMTIxMjMyNDExWhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02NzNmYzExYS0zYTEwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwlBo2sfbMH3NFpE0iLYbqjf7EgbQ+CINHK828/4jasFqF2FxIf30K/6DvBu1
FjiFUmwsIfTkvVQ6urwZBJO49ubnb9CGtL3fe5SPj/6EGtWiEITVi9Az0vvH6kza
+3Xm0dK4s0I9/Op3G3T4K2hOk2SYdJNTZtV2H9XpgozKlS/ePUJiNa7cJr9zj2Mw
F8ecbnnfGJDyZw/V8smircRINO51cPGmzxYqrMK6DSzmp0YPf2FwO+++9MEL5+qv
h2wXBb1v990pMnzxJfLq+k0vtesmC82HfSg23qsjPVmnaiJ9f6Rv/2yAQb/vc7DE
AS4nYWLQCm90kjRGp1AMQcoVCwIDAQABo4IClTCCApEwHQYDVR0OBBYEFAY4a7ng
uxDmnG9t7mFUjH5QG+SeMB8GA1UdIwQYMBaAFITaiSfN71AzlvUnIBlOuTEgnT86
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RjA1MS81QUFEOUQ3RUQ4
REQxMUVDQTVERDBDNTBDNEY5QUUwMi9oTnFKSjgzdlVET1c5U2NnR1U2NU1TQ2RQ
em8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2hOcUpKODN2VURPVzlTY2dHVTY1TVNDZFB6by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0YwNTEvNUFBRDlEN0VEOEREMTFFQ0E1REQwQzUwQzRGOUFFMDIvQjYzQzM1QUNB
ODVGMTFFRkJFMUVDNzQ1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAHKBYAwDQYJKoZIhvcNAQELBQADggEBAHyuw7aentLlbWCP
zftAJt7Q2a8DLEeaDICJ6msQRqjUe1bNSyx98sdi7uRiOfcCwiq2R1qFsF9TnKOO
TfH8hcYkUksAownTQT8aawSQPe1I9h0yVLOyOP5LNla0RJEqrRsIYDZqh7sGaFaE
32u57ZTq6WSUwK7S2jC2quzkIQtC3Tx9/+MUYzGNGPjP/P8Km4n4pYlN+ofrnYxy
2WTQyymp4YqCyCon3wjQWKc2mixdfGAIkbNHcm54ZR4cmsckHDSkcKhDbmFjU3lR
Qfrak4sZzzDog1sc46lU/0KDyJIzLOhqhqrlhNMQq47+FxPwco2/xxlyDBAdMxw+
OOtYj34=
-----END CERTIFICATE-----
Generated at Tue Apr 22 19:51:56 2025 by rpki-client