Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/76662AAAB8F011E9AA0DAA66C4F9AE02.roa
File: 76662AAAB8F011E9AA0DAA66C4F9AE02.roa (raw, json)
Hash identifier: FJpYiNHpwih0KDaiYEckcUqGb211WHtwTiWqnoqf3AI=
Subject key identifier: 01:6E:F4:0B:DB:37:07:F6:75:20:EE:4D:19:EA:9C:C2:DE:2D:86:6D
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 909A
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/76662AAAB8F011E9AA0DAA66C4F9AE02.roa
Signing time: Thu 30 May 2024 16:28:38 +0000
ROA not before: Thu 30 May 2024 16:28:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 17453
IP address blocks: 202.46.192.0/22 maxlen: 22
202.46.196.0/22 maxlen: 22
202.46.196.0/24 maxlen: 24
202.46.197.0/24 maxlen: 24
202.46.200.0/22 maxlen: 22
202.46.204.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 07 Nov 2024 06:40:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 37018 (0x909a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2
Validity
Not Before: May 30 16:28:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6658a936-e291
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:cb:a2:9f:03:c6:85:1f:53:1a:b9:62:e9:1e:
40:bd:75:4d:8c:d2:05:11:af:00:58:ce:9e:5d:ba:
6d:9b:da:62:7e:f0:3b:e4:86:fa:8d:df:1f:7f:93:
2f:72:0e:71:08:43:53:f3:73:66:dd:ea:db:82:fd:
6b:85:ac:01:83:e2:e2:01:41:9f:a1:97:7a:80:ab:
d5:2e:64:6c:e6:e6:a0:6c:79:56:b4:9f:e9:d4:84:
33:21:0f:ee:f7:94:97:31:11:5b:40:e0:63:59:9d:
73:66:a4:ab:15:98:37:da:a0:9a:b8:0a:c6:71:e9:
e4:03:f5:19:ea:8a:34:95:57:cf:f6:10:4c:fd:45:
ae:bc:3c:95:8a:d5:88:f9:be:c2:9b:eb:d8:71:f5:
0d:f9:43:39:f8:a2:57:d0:98:5b:8a:65:66:0d:0e:
2f:c7:31:65:9d:b6:83:f3:5a:60:3e:31:db:48:58:
ef:21:9f:8c:2b:ba:f7:f0:43:5f:ad:a1:0e:d0:d3:
e4:1a:3a:ce:cb:e0:54:24:9e:07:b6:33:13:20:8a:
86:98:ba:1f:8a:d0:bd:28:a7:f0:e8:02:18:57:77:
0e:0b:31:7d:19:a1:e9:b6:e9:6f:fd:7a:6a:e0:62:
6e:51:2d:20:da:a3:e1:4a:ad:de:04:07:2b:70:33:
e7:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:6E:F4:0B:DB:37:07:F6:75:20:EE:4D:19:EA:9C:C2:DE:2D:86:6D
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/76662AAAB8F011E9AA0DAA66C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.46.192.0/20
Signature Algorithm: sha256WithRSAEncryption
51:9c:0c:b6:28:e1:37:18:78:f6:10:20:be:d1:54:19:2b:9e:
20:b1:0b:e9:95:85:b5:5b:d2:85:a8:b4:fe:ad:64:cd:ff:41:
08:98:83:ae:35:8c:3b:d9:58:cb:97:71:e3:46:38:06:2e:5e:
53:12:77:63:77:4b:4a:ca:24:9b:47:a4:14:b4:2d:4d:39:d0:
01:c8:8a:35:3d:29:ca:0e:b9:ff:f0:a9:56:c7:d6:8a:3c:33:
8f:4a:c8:70:5f:d8:de:6a:ce:18:fa:3b:39:33:fd:82:14:18:
8f:70:e5:2f:cd:98:2c:0d:47:1d:6b:0b:7f:76:88:1c:05:cd:
22:4b:56:c9:ae:7d:85:95:d1:00:d1:56:e7:0c:b8:20:f6:32:
17:2a:50:b2:d6:5c:a6:6d:9e:28:ad:09:ec:36:84:cd:57:91:
0b:a6:3e:b0:93:88:77:a1:fd:70:e8:99:2a:08:06:05:49:44:
1f:3e:20:31:9d:ed:f1:31:68:ff:86:4e:b8:4c:e7:16:93:9b:
d8:3c:02:fc:16:bd:80:e6:38:fc:2a:ff:cf:f1:8f:d5:f6:3f:
b4:63:a2:67:53:fe:31:9f:9a:a5:6c:9f:85:f4:fa:2d:c9:c1:
f0:c1:fc:fc:84:79:09:e2:7e:34:1e:38:c4:c0:72:a2:a7:0f:
e6:8e:38:9b
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgIDAJCaMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MDUzMDE2MjgzOFoXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjY1OGE5MzYtZTI5MTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMzLop8DxoUfUxq5YukeQL11TYzSBRGvAFjOnl26bZvaYn7wO+SG+o3fH3+T
L3IOcQhDU/NzZt3q24L9a4WsAYPi4gFBn6GXeoCr1S5kbObmoGx5VrSf6dSEMyEP
7veUlzERW0DgY1mdc2akqxWYN9qgmrgKxnHp5AP1GeqKNJVXz/YQTP1Frrw8lYrV
iPm+wpvr2HH1DflDOfiiV9CYW4plZg0OL8cxZZ22g/NaYD4x20hY7yGfjCu69/BD
X62hDtDT5Bo6zsvgVCSeB7YzEyCKhpi6H4rQvSin8OgCGFd3DgsxfRmh6bbpb/16
auBiblEtINqj4Uqt3gQHK3Az5xsCAwEAAaOCApUwggKRMB0GA1UdDgQWBBQBbvQL
2zcH9nUg7k0Z6pzC3i2GbTAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzc2NjYyQUFB
QjhGMDExRTlBQTBEQUE2NkM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMB8GCCsGAQUFBwEHAQH/
BBAwDjAMBAIAATAGAwQEyi7AMA0GCSqGSIb3DQEBCwUAA4IBAQBRnAy2KOE3GHj2
ECC+0VQZK54gsQvplYW1W9KFqLT+rWTN/0EImIOuNYw72VjLl3HjRjgGLl5TEndj
d0tKyiSbR6QUtC1NOdAByIo1PSnKDrn/8KlWx9aKPDOPSshwX9jeas4Y+js5M/2C
FBiPcOUvzZgsDUcdawt/dogcBc0iS1bJrn2FldEA0VbnDLgg9jIXKlCy1lymbZ4o
rQnsNoTNV5ELpj6wk4h3of1w6JkqCAYFSUQfPiAxne3xMWj/hk64TOcWk5vYPAL8
Fr2A5jj8Kv/P8Y/V9j+0Y6JnU/4xn5qlbJ+F9PotycHwwfz8hHkJ4n40HjjEwHKi
pw/mjjib
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:09:17 2025 by rpki-client