Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/D77EFA4075C011EB817F290BC4F9AE02.roa
File: D77EFA4075C011EB817F290BC4F9AE02.roa (raw, json)
Hash identifier: l0cOKn+JSNcQCnHRgc7Uk/Xv96K8SI8tg0Yxp8nT1AQ=
Subject key identifier: 69:F5:72:87:C6:FD:DE:68:B0:38:DC:9E:38:43:DB:A1:0E:84:D7:56
Certificate issuer: /CN=A918EDB2/serialNumber=A7AE474416B0E8AD3A89E86774A640FEBE6973F9
Certificate serial: 19E3
Authority key identifier: A7:AE:47:44:16:B0:E8:AD:3A:89:E8:67:74:A6:40:FE:BE:69:73:F9
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/p65HRBaw6K06iehndKZA_r5pc_k.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/D77EFA4075C011EB817F290BC4F9AE02.roa
Signing time: Thu 30 May 2024 15:52:24 +0000
ROA not before: Thu 30 May 2024 15:52:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 135247
IP address blocks: 67.158.52.0/24 maxlen: 24
162.216.140.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 11 Mar 2025 09:38:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6627 (0x19e3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: May 30 15:52:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6658a0b8-746f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:2c:4c:05:d7:dc:7d:1f:f2:2e:a4:27:98:f5:
ce:5a:c5:31:2c:ac:cd:ba:ff:c3:5b:08:4c:95:3e:
2d:d1:86:69:91:6a:49:4c:36:b3:ce:d1:34:85:aa:
6f:38:3e:85:07:ba:1e:90:51:fe:a5:2a:a3:93:05:
1b:a0:c2:00:31:47:18:bd:84:a7:8f:49:7b:d3:51:
3b:a1:4d:6d:5b:49:d8:36:51:80:f2:00:81:22:2e:
6a:b7:1e:b6:ad:a1:e6:c1:e6:d2:03:d6:50:57:ec:
a6:85:b5:14:29:4f:c5:61:90:dd:43:9e:6c:eb:dc:
78:17:04:4e:b5:6c:8a:02:f0:74:28:bb:ca:ef:d3:
3e:88:3e:39:87:6f:37:29:3c:12:24:34:08:ab:3a:
e5:ac:3e:3f:ad:06:d0:d3:f8:9f:72:01:d4:22:85:
e7:2e:6a:81:3a:a2:b9:ce:1d:55:a8:8b:b7:61:1f:
b8:36:88:6f:9c:d0:96:d4:f6:2b:09:ea:8d:e3:d9:
2b:cc:fe:24:66:42:63:98:2d:5a:37:ce:04:d0:ae:
02:ba:1e:1b:03:dc:83:b7:d8:f5:a7:7f:11:3e:17:
3b:d4:33:29:f7:34:f7:2b:b9:ff:95:f9:af:31:24:
ea:fd:97:60:cc:bd:20:b2:7b:f3:8a:0f:0e:12:34:
8c:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:F5:72:87:C6:FD:DE:68:B0:38:DC:9E:38:43:DB:A1:0E:84:D7:56
X509v3 Authority Key Identifier:
keyid:A7:AE:47:44:16:B0:E8:AD:3A:89:E8:67:74:A6:40:FE:BE:69:73:F9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/p65HRBaw6K06iehndKZA_r5pc_k.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/p65HRBaw6K06iehndKZA_r5pc_k.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/1C57CEAC70E911E2B36D4B6B2979BB20/D77EFA4075C011EB817F290BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
67.158.52.0/24
162.216.140.0/22
Signature Algorithm: sha256WithRSAEncryption
b8:ad:b7:60:25:1c:19:df:f4:01:8b:f1:a7:51:c1:02:89:87:
67:af:31:e6:d4:4e:53:ec:8b:b1:3c:0a:dc:81:83:c8:46:b0:
99:aa:bc:da:f7:8c:70:d4:8e:5d:1c:0e:ce:fd:6b:50:c8:66:
10:c5:12:da:50:b2:a5:4a:66:4f:e2:0d:2d:52:e5:37:ce:97:
a9:6d:bb:61:cd:51:c5:f1:d1:27:1e:9f:96:09:4f:d1:0c:46:
7a:b3:f8:fa:e9:fc:d3:af:80:72:83:25:01:c4:75:21:e0:74:
33:c3:ca:1d:60:ab:14:bd:b4:aa:ec:d6:53:a6:39:11:fe:8a:
9b:ad:60:e7:79:89:30:00:62:a0:89:bf:d4:b9:05:cd:e8:6b:
8e:f7:b5:87:1e:9e:23:38:28:3d:8f:b5:72:6d:86:34:b9:a5:
49:72:b4:a3:c2:47:20:76:dd:bd:97:fc:8c:19:e8:5e:e7:29:
f6:94:78:ac:91:8e:75:93:62:e1:91:21:f2:c4:6b:72:ae:a2:
4a:c0:70:53:0f:55:7a:28:14:63:8f:9a:39:22:9e:20:93:2c:
3d:18:a0:f4:09:a9:fb:f6:e3:d4:da:ae:6d:ff:a3:b5:62:46:
03:fd:57:8b:46:5e:dd:ed:1e:9b:a7:6a:f9:ec:71:70:1d:67:
e8:02:ec:ec
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICGeMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKEE3QUU0NzQ0MTZCMEU4QUQzQTg5RTg2Nzc0QTY0MEZF
QkU2OTczRjkwHhcNMjQwNTMwMTU1MjI0WhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjU4YTBiOC03NDZmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAmyxMBdfcfR/yLqQnmPXOWsUxLKzNuv/DWwhMlT4t0YZpkWpJTDazztE0hapv
OD6FB7oekFH+pSqjkwUboMIAMUcYvYSnj0l701E7oU1tW0nYNlGA8gCBIi5qtx62
raHmwebSA9ZQV+ymhbUUKU/FYZDdQ55s69x4FwROtWyKAvB0KLvK79M+iD45h283
KTwSJDQIqzrlrD4/rQbQ0/ifcgHUIoXnLmqBOqK5zh1VqIu3YR+4NohvnNCW1PYr
CeqN49krzP4kZkJjmC1aN84E0K4Cuh4bA9yDt9j1p38RPhc71DMp9zT3K7n/lfmv
MSTq/ZdgzL0gsnvzig8OEjSMEQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFGn1cofG
/d5osDjcnjhD26EOhNdWMB8GA1UdIwQYMBaAFKeuR0QWsOitOonoZ3SmQP6+aXP5
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8xQzU3Q0VBQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9wNjVIUkJhdzZLMDZpZWhuZEtaQV9yNXBj
X2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL3A2NUhSQmF3NkswNmllaG5kS1pBX3I1cGNfay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMUM1N0NFQUM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvRDc3RUZBNDA3
NUMwMTFFQjgxN0YyOTBCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBABDnjQDBAKi2IwwDQYJKoZIhvcNAQELBQADggEBALitt2Al
HBnf9AGL8adRwQKJh2evMebUTlPsi7E8CtyBg8hGsJmqvNr3jHDUjl0cDs79a1DI
ZhDFEtpQsqVKZk/iDS1S5TfOl6ltu2HNUcXx0Scen5YJT9EMRnqz+Prp/NOvgHKD
JQHEdSHgdDPDyh1gqxS9tKrs1lOmORH+iputYOd5iTAAYqCJv9S5Bc3oa473tYce
niM4KD2PtXJthjS5pUlytKPCRyB23b2X/IwZ6F7nKfaUeKyRjnWTYuGRIfLEa3Ku
okrAcFMPVXooFGOPmjkiniCTLD0YoPQJqfv249Tarm3/o7ViRgP9V4tGXt3tHpun
avnscXAdZ+gC7Ow=
-----END CERTIFICATE-----
Generated at Sun Apr 6 00:22:58 2025 by rpki-client