Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/16BF6942E73D11EE8DEA7557C4F9AE02.roa
File: 16BF6942E73D11EE8DEA7557C4F9AE02.roa (raw, json)
Hash identifier: IJUkoyKq6F6dwcgwQnnfA3U1Ii0VDMRhYlZnBweQndE=
Subject key identifier: 70:8C:18:50:89:9C:4A:67:64:57:6E:EB:2F:F1:E1:03:4B:F7:49:55
Certificate issuer: /CN=A918FC75/serialNumber=482E5A6E0896A266A91A4066C06F4B4ED984649D
Certificate serial: 0382
Authority key identifier: 48:2E:5A:6E:08:96:A2:66:A9:1A:40:66:C0:6F:4B:4E:D9:84:64:9D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SC5abgiWomapGkBmwG9LTtmEZJ0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/16BF6942E73D11EE8DEA7557C4F9AE02.roa
Signing time: Sat 15 Jun 2024 05:11:07 +0000
ROA not before: Sat 15 Jun 2024 05:11:07 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 200239
IP address blocks: 203.32.26.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 20 Feb 2025 20:41:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 898 (0x382)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918FC75, serialNumber=482E5A6E0896A266A91A4066C06F4B4ED984649D
Validity
Not Before: Jun 15 05:11:07 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=666d226a-2522
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:48:79:a0:f9:50:9f:e9:f2:73:42:4a:bd:4a:
c8:c3:94:ec:5d:03:16:f0:62:37:f9:a3:d3:c9:57:
e3:5e:3e:4f:50:e3:b2:e5:69:6d:43:bb:d3:5a:5d:
d2:32:ca:b0:bb:25:dd:53:ab:85:44:d2:70:f8:a9:
84:f7:b0:5e:6d:53:fe:0e:f4:b7:85:ec:d6:c3:a8:
86:3d:b3:a4:eb:02:fa:5e:0d:0d:cd:2d:21:8a:b2:
f1:0e:7f:9b:1b:f7:4e:7c:d1:71:e4:b5:bf:96:b4:
8a:cf:bc:14:6d:9b:f9:f9:90:bf:c2:eb:5b:20:af:
7f:51:90:c8:50:6d:53:01:53:11:d9:f1:16:d6:6b:
18:dd:24:e0:ea:a0:28:45:54:c1:c5:c1:76:3f:32:
5a:d8:da:ed:98:e3:20:99:2e:45:bc:07:ab:21:fc:
4b:85:50:85:23:29:8c:d1:5e:4a:18:60:95:cd:78:
95:58:d3:e5:15:bd:31:86:58:8b:12:48:6e:ff:ca:
ee:50:3b:9d:04:f4:b5:64:ec:65:11:7e:fc:3d:ff:
db:29:28:18:b8:e8:f6:22:bc:32:ba:fe:21:14:b6:
b4:6b:a1:70:3b:09:b5:36:06:93:d9:6b:b4:28:2c:
d9:41:87:43:89:35:e9:84:b6:27:82:76:88:85:a8:
2b:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:8C:18:50:89:9C:4A:67:64:57:6E:EB:2F:F1:E1:03:4B:F7:49:55
X509v3 Authority Key Identifier:
keyid:48:2E:5A:6E:08:96:A2:66:A9:1A:40:66:C0:6F:4B:4E:D9:84:64:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/SC5abgiWomapGkBmwG9LTtmEZJ0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SC5abgiWomapGkBmwG9LTtmEZJ0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/16BF6942E73D11EE8DEA7557C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.32.26.0/24
Signature Algorithm: sha256WithRSAEncryption
22:12:8a:38:39:f8:e5:26:83:16:fd:7f:36:8d:61:87:4c:62:
dc:8e:d1:d1:43:9b:63:61:b0:25:d9:fc:4e:64:d0:f0:53:16:
aa:4e:f8:5e:2d:b4:e2:38:96:78:c8:2e:b2:bf:8e:0e:e6:56:
86:ad:ad:76:46:a6:a5:5c:de:fb:5e:c9:37:6d:30:29:44:57:
66:67:c6:73:be:7f:e0:11:9d:82:b6:b9:ea:30:7d:3c:27:aa:
0c:29:f6:d3:37:6a:29:c1:4d:4c:08:6d:46:e0:4f:e5:81:83:
e0:10:2b:a3:42:46:f9:e4:e5:29:63:a7:1d:41:db:22:dc:15:
ed:87:ce:64:53:f1:53:28:c4:9c:a4:5d:a2:0c:54:e7:fa:c8:
da:a9:79:af:92:63:a6:f2:bb:59:8e:1e:d4:aa:b2:3d:fc:9c:
9b:51:33:77:7f:c6:ad:59:ad:9f:85:5d:36:77:76:8e:92:c9:
4f:c8:f7:b9:b9:43:0a:b8:af:e2:91:ef:c1:45:b3:a1:6b:d1:
7f:93:e2:2b:8a:4b:bd:71:c8:fb:f4:d0:a1:b5:0c:37:b0:82:
c6:77:6e:e9:87:eb:99:b8:59:e2:9b:e9:e5:8b:a2:81:15:5f:
5f:aa:5a:1b:33:5a:cc:da:60:f9:c2:e7:58:68:fa:55:5d:7a:
16:11:ab:77
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICA4IwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEZDNzUxMTAvBgNVBAUTKDQ4MkU1QTZFMDg5NkEyNjZBOTFBNDA2NkMwNkY0QjRF
RDk4NDY0OUQwHhcNMjQwNjE1MDUxMTA3WhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjZkMjI2YS0yNTIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvEh5oPlQn+nyc0JKvUrIw5TsXQMW8GI3+aPTyVfjXj5PUOOy5WltQ7vTWl3S
MsqwuyXdU6uFRNJw+KmE97BebVP+DvS3hezWw6iGPbOk6wL6Xg0NzS0hirLxDn+b
G/dOfNFx5LW/lrSKz7wUbZv5+ZC/wutbIK9/UZDIUG1TAVMR2fEW1msY3STg6qAo
RVTBxcF2PzJa2NrtmOMgmS5FvAerIfxLhVCFIymM0V5KGGCVzXiVWNPlFb0xhliL
Ekhu/8ruUDudBPS1ZOxlEX78Pf/bKSgYuOj2Irwyuv4hFLa0a6FwOwm1NgaT2Wu0
KCzZQYdDiTXphLYngnaIhagrMwIDAQABo4IClTCCApEwHQYDVR0OBBYEFHCMGFCJ
nEpnZFdu6y/x4QNL90lVMB8GA1UdIwQYMBaAFEguWm4IlqJmqRpAZsBvS07ZhGSd
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RkM3NS8zQUE1REVFMERE
NTgxMUVDODcwRkMyMERDNEY5QUUwMi9TQzVhYmdpV29tYXBHa0Jtd0c5TFR0bUVa
SjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1NDNWFiZ2lXb21hcEdrQm13RzlMVHRtRVpKMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEZDNzUvM0FBNURFRTBERDU4MTFFQzg3MEZDMjBEQzRGOUFFMDIvMTZCRjY5NDJF
NzNEMTFFRThERUE3NTU3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADLIBowDQYJKoZIhvcNAQELBQADggEBACISijg5+OUmgxb9
fzaNYYdMYtyO0dFDm2NhsCXZ/E5k0PBTFqpO+F4ttOI4lnjILrK/jg7mVoatrXZG
pqVc3vteyTdtMClEV2ZnxnO+f+ARnYK2ueowfTwnqgwp9tM3ainBTUwIbUbgT+WB
g+AQK6NCRvnk5Sljpx1B2yLcFe2HzmRT8VMoxJykXaIMVOf6yNqpea+SY6byu1mO
HtSqsj38nJtRM3d/xq1ZrZ+FXTZ3do6SyU/I97m5Qwq4r+KR78FFs6Fr0X+T4iuK
S71xyPv00KG1DDewgsZ3bumH65m4WeKb6eWLooEVX1+qWhszWszaYPnC51ho+lVd
ehYRq3c=
-----END CERTIFICATE-----
Generated at Sun Apr 13 05:57:51 2025 by rpki-client