Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9191E08/9EC631ECC60911ECB460EC57C4F9AE02/B88E1B86D56911EFAE921235C4F9AE02.roa
File: B88E1B86D56911EFAE921235C4F9AE02.roa (raw, json)
Hash identifier: DBbg5vnEcrzMLmeRVW7TTpQGFbhU1RZ5RAXjcyBmf6c=
Subject key identifier: EB:6E:88:20:BE:04:55:95:C1:A1:6C:25:9C:52:46:E5:50:C1:A6:3F
Certificate issuer: /CN=A9191E08/serialNumber=33B6953295801038F017FA65D470781A5CC772C0
Certificate serial: 02F1
Authority key identifier: 33:B6:95:32:95:80:10:38:F0:17:FA:65:D4:70:78:1A:5C:C7:72:C0
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/M7aVMpWAEDjwF_pl1HB4GlzHcsA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9191E08/9EC631ECC60911ECB460EC57C4F9AE02/B88E1B86D56911EFAE921235C4F9AE02.roa
Signing time: Sat 18 Jan 2025 06:59:12 +0000
ROA not before: Sat 18 Jan 2025 06:59:12 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 153494
IP address blocks: 45.122.136.0/22 maxlen: 24
103.63.4.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 27 Feb 2025 07:20:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 753 (0x2f1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9191E08, serialNumber=33B6953295801038F017FA65D470781A5CC772C0
Validity
Not Before: Jan 18 06:59:12 2025 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=678b513f-d1c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:98:06:33:0d:5f:17:2c:20:27:87:20:ff:29:
6c:7a:cf:00:e5:20:1a:e2:be:1c:8c:9f:0c:9d:84:
91:35:de:89:5e:a2:1f:37:c1:cc:5a:dd:51:94:e7:
29:b7:b2:f8:df:e6:c8:b9:63:93:ca:ba:68:2c:fb:
11:7e:72:7d:c2:09:1d:de:3e:7b:57:52:06:f8:8b:
39:58:e1:e8:76:0c:1d:9b:94:42:0b:cb:a2:87:26:
0a:51:76:36:e2:a2:b5:a2:e3:7f:8c:a0:b8:d7:ad:
48:a9:7d:01:5b:74:23:a6:bc:a3:7d:22:09:ca:72:
d4:22:21:f6:17:23:27:ca:7d:9d:6b:83:fd:95:49:
4c:df:c8:93:54:d8:99:77:93:0a:79:c7:d4:f1:50:
1e:ab:47:88:05:51:50:57:4c:bd:66:69:c1:82:11:
57:01:04:d7:70:79:b9:92:1c:a2:24:5d:d7:54:dc:
4a:2c:dd:c4:6d:5d:4b:f2:cc:54:9c:39:ac:ed:d9:
af:c9:0d:0e:c7:b4:11:3c:d2:a2:fe:d1:05:b0:c6:
bc:09:85:a7:f2:dc:34:7f:80:d8:92:db:b8:4f:a9:
80:6f:20:1d:9b:85:01:6e:d0:81:0d:0f:13:32:0f:
aa:b9:b4:49:9d:c9:73:49:cc:27:9b:be:fc:26:13:
81:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:6E:88:20:BE:04:55:95:C1:A1:6C:25:9C:52:46:E5:50:C1:A6:3F
X509v3 Authority Key Identifier:
keyid:33:B6:95:32:95:80:10:38:F0:17:FA:65:D4:70:78:1A:5C:C7:72:C0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9191E08/9EC631ECC60911ECB460EC57C4F9AE02/M7aVMpWAEDjwF_pl1HB4GlzHcsA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/M7aVMpWAEDjwF_pl1HB4GlzHcsA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9191E08/9EC631ECC60911ECB460EC57C4F9AE02/B88E1B86D56911EFAE921235C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.122.136.0/22
103.63.4.0/22
Signature Algorithm: sha256WithRSAEncryption
11:be:f5:42:82:89:2e:a4:eb:fa:7a:79:95:b9:88:da:d6:fe:
7b:82:1d:be:12:e2:1a:5f:be:fa:05:ee:d7:a9:e9:cf:91:66:
b6:df:23:39:e3:a2:f1:47:e5:29:f0:9d:1c:a0:42:14:55:7a:
15:f8:50:c3:30:e3:eb:07:f2:4f:16:02:c9:dc:5e:91:93:d7:
68:0f:df:77:3c:93:d0:40:33:81:26:b1:79:56:37:17:4b:2f:
ee:cf:5a:69:d6:be:15:0a:bb:1d:ef:f8:88:d7:a2:db:d5:77:
4c:5b:79:2a:34:81:08:07:f7:cd:d1:65:7b:51:63:5d:88:ab:
2d:fd:3e:5e:02:8e:cf:0e:99:96:c9:19:a8:b4:23:ac:1f:08:
0b:31:8b:fc:35:b2:95:98:67:ff:0d:1a:21:51:d7:28:67:7b:
13:84:54:d3:08:e9:7d:9f:73:c8:cf:ab:41:33:0e:a9:8d:87:
28:e1:b2:26:d2:92:b2:ad:f2:29:17:a8:eb:73:9f:95:8a:c4:
eb:67:f6:b5:c9:f7:f2:ca:08:82:36:0b:20:5a:22:d8:84:64:
53:4c:38:46:8d:f2:fe:e6:95:ac:a0:1d:76:19:5b:54:c2:57:
ea:c1:be:0d:77:73:78:e8:ff:74:c6:ae:1a:64:d4:67:58:64:
fd:8b:df:b5
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICAvEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTFFMDgxMTAvBgNVBAUTKDMzQjY5NTMyOTU4MDEwMzhGMDE3RkE2NUQ0NzA3ODFB
NUNDNzcyQzAwHhcNMjUwMTE4MDY1OTEyWhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzhiNTEzZi1kMWM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAy5gGMw1fFywgJ4cg/ylses8A5SAa4r4cjJ8MnYSRNd6JXqIfN8HMWt1RlOcp
t7L43+bIuWOTyrpoLPsRfnJ9wgkd3j57V1IG+Is5WOHodgwdm5RCC8uihyYKUXY2
4qK1ouN/jKC4161IqX0BW3QjpryjfSIJynLUIiH2FyMnyn2da4P9lUlM38iTVNiZ
d5MKecfU8VAeq0eIBVFQV0y9ZmnBghFXAQTXcHm5khyiJF3XVNxKLN3EbV1L8sxU
nDms7dmvyQ0Ox7QRPNKi/tEFsMa8CYWn8tw0f4DYktu4T6mAbyAdm4UBbtCBDQ8T
Mg+qubRJnclzScwnm778JhOBkQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFOtuiCC+
BFWVwaFsJZxSRuVQwaY/MB8GA1UdIwQYMBaAFDO2lTKVgBA48Bf6ZdRweBpcx3LA
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5MUUwOC85RUM2MzFFQ0M2
MDkxMUVDQjQ2MEVDNTdDNEY5QUUwMi9NN2FWTXBXQUVEandGX3BsMUhCNEdsekhj
c0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL003YVZNcFdBRURqd0ZfcGwxSEI0R2x6SGNzQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTFFMDgvOUVDNjMxRUNDNjA5MTFFQ0I0NjBFQzU3QzRGOUFFMDIvQjg4RTFCODZE
NTY5MTFFRkFFOTIxMjM1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAIteogDBAJnPwQwDQYJKoZIhvcNAQELBQADggEBABG+9UKC
iS6k6/p6eZW5iNrW/nuCHb4S4hpfvvoF7tep6c+RZrbfIznjovFH5SnwnRygQhRV
ehX4UMMw4+sH8k8WAsncXpGT12gP33c8k9BAM4EmsXlWNxdLL+7PWmnWvhUKux3v
+IjXotvVd0xbeSo0gQgH983RZXtRY12Iqy39Pl4Cjs8OmZbJGai0I6wfCAsxi/w1
spWYZ/8NGiFR1yhnexOEVNMI6X2fc8jPq0EzDqmNhyjhsibSkrKt8ikXqOtzn5WK
xOtn9rXJ9/LKCII2CyBaItiEZFNMOEaN8v7mlaygHXYZW1TCV+rBvg13c3jo/3TG
rhpk1GdYZP2L37U=
-----END CERTIFICATE-----
Generated at Mon Apr 14 03:52:56 2025 by rpki-client