Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9192C18/9A5EEA8C3DF411ED8041F930C4F9AE02/09E1CF74EFEA11EF9ACA8C14C4F9AE02.roa
File: 09E1CF74EFEA11EF9ACA8C14C4F9AE02.roa (raw, json)
Hash identifier: d2S1mV5r5uFfq5L2MCuVJiPJDZndFNOex4itaC4O9co=
Subject key identifier: F7:4D:18:45:D5:D3:67:22:62:D5:8E:68:4A:3C:F4:63:C3:34:E3:64
Certificate issuer: /CN=A9192C18/serialNumber=F1FE0C327E79E5AF43E15B0E6F8CD66C0329D138
Certificate serial: 028F
Authority key identifier: F1:FE:0C:32:7E:79:E5:AF:43:E1:5B:0E:6F:8C:D6:6C:03:29:D1:38
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8f4MMn555a9D4VsOb4zWbAMp0Tg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9192C18/9A5EEA8C3DF411ED8041F930C4F9AE02/09E1CF74EFEA11EF9ACA8C14C4F9AE02.roa
Signing time: Fri 21 Feb 2025 00:23:14 +0000
ROA not before: Fri 21 Feb 2025 00:23:14 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 212238
IP address blocks: 218.33.80.0/22 maxlen: 22
218.33.84.0/22 maxlen: 22
218.33.92.0/22 maxlen: 22
218.33.100.0/22 maxlen: 22
218.33.104.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 25 Feb 2025 00:02:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 655 (0x28f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9192C18, serialNumber=F1FE0C327E79E5AF43E15B0E6F8CD66C0329D138
Validity
Not Before: Feb 21 00:23:14 2025 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=67b7c772-d9ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:93:82:0f:e0:90:8c:12:ea:82:35:81:7f:a4:
09:e1:d0:58:e0:d5:c1:c5:e6:e4:a4:7b:69:a6:bd:
aa:1a:92:a7:67:96:c8:5f:20:f6:c5:6a:84:14:0b:
ec:c7:59:a2:7d:c7:01:a1:12:ff:a0:ac:f5:df:7a:
32:77:83:b9:4c:c0:c1:0b:7e:40:a8:05:f0:68:2a:
3e:53:2b:72:f8:e5:92:43:e2:ac:1c:6b:b8:21:a8:
a0:6e:f1:0e:e0:52:3b:6b:87:51:f6:be:f4:bb:c8:
e1:b1:03:fd:cb:fa:fa:32:c0:3f:4d:6f:c3:71:5f:
b5:0c:82:31:89:69:ba:2c:6a:a1:b2:01:36:9e:9d:
ae:4c:4b:e6:ad:4d:75:27:3a:e2:43:67:79:49:00:
6a:b6:fb:9f:da:99:3e:af:41:c7:08:08:ac:00:78:
6c:a9:bd:a1:ff:eb:45:89:7d:35:bb:54:b1:b2:36:
a0:a1:5a:7e:54:c3:79:e9:10:86:37:64:5d:8f:2c:
5e:8e:78:d1:4a:21:e8:ba:a5:a3:2a:da:5f:e5:ff:
90:fe:9d:47:92:7b:dd:df:f2:05:fd:ad:9c:c3:c7:
a7:c0:84:66:4c:59:23:31:01:7f:d4:18:4f:f2:bb:
7d:19:79:4f:bd:ba:b8:81:bf:25:de:cd:81:54:e1:
3f:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:4D:18:45:D5:D3:67:22:62:D5:8E:68:4A:3C:F4:63:C3:34:E3:64
X509v3 Authority Key Identifier:
keyid:F1:FE:0C:32:7E:79:E5:AF:43:E1:5B:0E:6F:8C:D6:6C:03:29:D1:38
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9192C18/9A5EEA8C3DF411ED8041F930C4F9AE02/8f4MMn555a9D4VsOb4zWbAMp0Tg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8f4MMn555a9D4VsOb4zWbAMp0Tg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9192C18/9A5EEA8C3DF411ED8041F930C4F9AE02/09E1CF74EFEA11EF9ACA8C14C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
218.33.80.0/21
218.33.92.0/22
218.33.100.0-218.33.107.255
Signature Algorithm: sha256WithRSAEncryption
78:3c:1d:c4:1d:a3:3c:fc:70:36:9c:66:cc:41:8b:3c:5d:1b:
52:1d:e4:43:a9:97:3c:c0:1f:05:82:1f:e2:92:7e:0f:43:8d:
a2:6b:03:44:77:18:e9:da:c5:8c:ec:0d:9d:62:85:70:78:ab:
33:76:38:14:ee:c1:22:e6:c2:a5:22:2b:60:a3:30:1a:8f:9f:
92:84:26:2e:e7:5b:b9:f2:b7:76:36:79:b7:00:d7:ed:9f:2d:
d3:d7:76:45:43:6a:92:7d:5d:5d:c8:be:9b:df:45:32:98:65:
c0:24:6a:78:ae:53:bd:68:b2:00:49:83:96:e6:17:20:06:0b:
ea:66:4b:2b:c4:d3:01:68:3d:48:c8:2e:8d:9c:80:5d:a0:73:
9d:46:a4:c4:25:de:cf:e9:cf:ad:55:eb:47:f7:01:f9:1c:4d:
71:26:8e:89:06:e1:c2:e4:7d:36:31:d4:7c:4c:9d:d3:9d:9a:
b2:b4:16:52:92:15:9f:0d:db:63:ac:74:c4:4c:8f:0d:42:2e:
c4:d4:13:df:17:0c:2a:db:63:c9:03:0d:3b:9b:be:46:76:04:
e4:b5:88:fb:4f:00:bd:3b:56:76:ef:f4:37:bf:b2:ca:3c:47:
65:e5:49:ed:0b:54:43:d9:23:ad:a4:fb:45:e2:bb:7d:e1:20:
4e:7c:e2:b3
-----BEGIN CERTIFICATE-----
MIIFhTCCBG2gAwIBAgICAo8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTJDMTgxMTAvBgNVBAUTKEYxRkUwQzMyN0U3OUU1QUY0M0UxNUIwRTZGOENENjZD
MDMyOUQxMzgwHhcNMjUwMjIxMDAyMzE0WhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2I3Yzc3Mi1kOWVjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA8pOCD+CQjBLqgjWBf6QJ4dBY4NXBxebkpHtppr2qGpKnZ5bIXyD2xWqEFAvs
x1mifccBoRL/oKz133oyd4O5TMDBC35AqAXwaCo+Uyty+OWSQ+KsHGu4IaigbvEO
4FI7a4dR9r70u8jhsQP9y/r6MsA/TW/DcV+1DIIxiWm6LGqhsgE2np2uTEvmrU11
JzriQ2d5SQBqtvuf2pk+r0HHCAisAHhsqb2h/+tFiX01u1SxsjagoVp+VMN56RCG
N2RdjyxejnjRSiHouqWjKtpf5f+Q/p1Hknvd3/IF/a2cw8enwIRmTFkjMQF/1BhP
8rt9GXlPvbq4gb8l3s2BVOE/lQIDAQABo4ICqTCCAqUwHQYDVR0OBBYEFPdNGEXV
02ciYtWOaEo89GPDNONkMB8GA1UdIwQYMBaAFPH+DDJ+eeWvQ+FbDm+M1mwDKdE4
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5MkMxOC85QTVFRUE4QzNE
RjQxMUVEODA0MUY5MzBDNEY5QUUwMi84ZjRNTW41NTVhOUQ0VnNPYjR6V2JBTXAw
VGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzhmNE1NbjU1NWE5RDRWc09iNHpXYkFNcDBUZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTJDMTgvOUE1RUVBOEMzREY0MTFFRDgwNDFGOTMwQzRGOUFFMDIvMDlFMUNGNzRF
RkVBMTFFRjlBQ0E4QzE0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMwYIKwYBBQUHAQcBAf8E
JDAiMCAEAgABMBoDBAPaIVADBALaIVwwDAMEAtohZAMEAtohaDANBgkqhkiG9w0B
AQsFAAOCAQEAeDwdxB2jPPxwNpxmzEGLPF0bUh3kQ6mXPMAfBYIf4pJ+D0ONomsD
RHcY6drFjOwNnWKFcHirM3Y4FO7BIubCpSIrYKMwGo+fkoQmLudbufK3djZ5twDX
7Z8t09d2RUNqkn1dXci+m99FMphlwCRqeK5TvWiyAEmDluYXIAYL6mZLK8TTAWg9
SMgujZyAXaBznUakxCXez+nPrVXrR/cB+RxNcSaOiQbhwuR9NjHUfEyd052asrQW
UpIVnw3bY6x0xEyPDUIuxNQT3xcMKttjyQMNO5u+RnYE5LWI+08AvTtWdu/0N7+y
yjxHZeVJ7QtUQ9kjraT7ReK7feEgTnzisw==
-----END CERTIFICATE-----
Generated at Fri Apr 18 19:17:37 2025 by rpki-client