Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9192C18/9A5EEA8C3DF411ED8041F930C4F9AE02/D977A1AAE85B11EF84235B15C4F9AE02.roa
File: D977A1AAE85B11EF84235B15C4F9AE02.roa (raw, json)
Hash identifier: qaAthcePgHqa0+18zCyrMrbChTGawFcq2LIkHhOZOn4=
Subject key identifier: 7C:5E:4C:B8:A6:B6:73:C2:63:A4:BE:9A:BB:93:C4:65:8E:CB:67:C2
Certificate issuer: /CN=A9192C18/serialNumber=F1FE0C327E79E5AF43E15B0E6F8CD66C0329D138
Certificate serial: 029D
Authority key identifier: F1:FE:0C:32:7E:79:E5:AF:43:E1:5B:0E:6F:8C:D6:6C:03:29:D1:38
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8f4MMn555a9D4VsOb4zWbAMp0Tg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9192C18/9A5EEA8C3DF411ED8041F930C4F9AE02/D977A1AAE85B11EF84235B15C4F9AE02.roa
Signing time: Thu 27 Feb 2025 05:23:56 +0000
ROA not before: Thu 27 Feb 2025 05:23:56 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 834
IP address blocks: 202.155.136.0/24 maxlen: 24
202.155.139.0/24 maxlen: 24
218.33.80.0/22 maxlen: 24
218.33.84.0/22 maxlen: 24
218.33.104.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 03 Mar 2025 23:06:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 669 (0x29d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9192C18, serialNumber=F1FE0C327E79E5AF43E15B0E6F8CD66C0329D138
Validity
Not Before: Feb 27 05:23:56 2025 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=67bff6ec-45eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:fe:80:69:10:e9:6b:18:27:e6:f0:46:3e:31:
f4:b7:f5:d7:11:7c:c4:94:83:47:61:b4:ec:e0:74:
cd:d8:c3:63:43:74:37:b6:79:43:27:27:95:3a:d6:
75:87:da:81:64:99:72:88:4d:3c:83:6b:72:78:6b:
ad:f1:b7:bf:70:f8:86:e2:10:29:3d:2e:45:f3:d7:
c1:bd:6d:46:71:ea:0e:2e:ac:94:3b:0f:9d:12:f1:
35:f8:99:32:13:a1:48:63:50:7a:79:03:b6:27:08:
50:06:94:f3:ae:a8:7d:50:74:97:42:f5:e2:7f:cf:
7c:2e:9b:96:e3:e6:b6:1a:ce:12:79:62:fe:d2:9d:
f4:f9:da:ba:e2:ec:a4:5d:d5:db:08:f5:d7:df:13:
18:2d:1d:b4:fc:5a:85:6b:45:ba:1d:89:98:d5:64:
9a:f4:5c:c5:d0:3c:0d:52:e3:eb:e3:4f:b4:b1:58:
8e:9d:13:28:5d:3d:31:b2:43:95:59:8e:72:fe:4d:
99:5c:91:25:5a:e6:ea:3d:f5:df:c5:e3:8e:a9:63:
45:db:18:44:37:e2:40:6e:36:5c:c4:5e:f7:3c:09:
bb:70:68:8c:ea:39:0a:a7:97:44:28:3a:51:47:af:
4e:0e:b4:e0:4f:76:73:57:40:50:b2:45:aa:d6:1b:
3d:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:5E:4C:B8:A6:B6:73:C2:63:A4:BE:9A:BB:93:C4:65:8E:CB:67:C2
X509v3 Authority Key Identifier:
keyid:F1:FE:0C:32:7E:79:E5:AF:43:E1:5B:0E:6F:8C:D6:6C:03:29:D1:38
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9192C18/9A5EEA8C3DF411ED8041F930C4F9AE02/8f4MMn555a9D4VsOb4zWbAMp0Tg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8f4MMn555a9D4VsOb4zWbAMp0Tg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9192C18/9A5EEA8C3DF411ED8041F930C4F9AE02/D977A1AAE85B11EF84235B15C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.155.136.0/24
202.155.139.0/24
218.33.80.0/21
218.33.104.0/22
Signature Algorithm: sha256WithRSAEncryption
9b:72:75:07:a5:19:c8:5a:6b:e5:7e:e2:09:9e:f8:cd:54:60:
ae:e7:a6:63:66:d3:4c:f0:9b:ef:8d:c3:69:9e:22:1e:18:7c:
2b:d8:37:15:f3:22:64:14:bb:cb:e4:69:dd:49:53:80:0e:62:
9a:a2:4e:4f:51:ef:bd:05:4a:d3:5b:d3:f4:22:94:a1:3f:74:
76:91:ad:39:e1:9e:1b:4b:18:44:2d:7c:49:b9:1d:d6:5c:5b:
b3:af:b9:bb:ba:b4:29:74:be:b5:57:1a:1a:46:b7:19:1d:d9:
7d:7e:47:45:d6:60:ca:4f:77:8e:4f:7c:c2:86:cd:fc:08:12:
f4:6a:63:54:21:64:8e:d7:be:d0:71:38:a9:4e:da:81:ed:52:
f8:fa:56:18:61:ae:2f:b3:e7:43:53:4d:48:2b:93:6a:f0:28:
0d:66:65:28:6b:fa:e2:49:c2:8d:73:70:68:0e:86:84:6c:9c:
4e:ee:95:71:f5:cb:6c:42:4a:33:fe:b5:f5:39:f6:6c:e0:7a:
6d:8b:f9:75:ca:bf:3f:6e:45:80:3f:4b:4f:dd:06:b1:96:76:
b7:e6:fd:f6:af:ce:27:74:14:ba:4c:91:2f:06:27:29:1d:a1:
c2:b0:56:1d:00:98:cb:ce:44:83:40:4f:59:06:a0:7a:24:c3:
87:4d:0f:5b
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAp0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTJDMTgxMTAvBgNVBAUTKEYxRkUwQzMyN0U3OUU1QUY0M0UxNUIwRTZGOENENjZD
MDMyOUQxMzgwHhcNMjUwMjI3MDUyMzU2WhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2JmZjZlYy00NWViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAv/6AaRDpaxgn5vBGPjH0t/XXEXzElINHYbTs4HTN2MNjQ3Q3tnlDJyeVOtZ1
h9qBZJlyiE08g2tyeGut8be/cPiG4hApPS5F89fBvW1GceoOLqyUOw+dEvE1+Jky
E6FIY1B6eQO2JwhQBpTzrqh9UHSXQvXif898LpuW4+a2Gs4SeWL+0p30+dq64uyk
XdXbCPXX3xMYLR20/FqFa0W6HYmY1WSa9FzF0DwNUuPr40+0sViOnRMoXT0xskOV
WY5y/k2ZXJElWubqPfXfxeOOqWNF2xhEN+JAbjZcxF73PAm7cGiM6jkKp5dEKDpR
R69ODrTgT3ZzV0BQskWq1hs9CQIDAQABo4ICpzCCAqMwHQYDVR0OBBYEFHxeTLim
tnPCY6S+mruTxGWOy2fCMB8GA1UdIwQYMBaAFPH+DDJ+eeWvQ+FbDm+M1mwDKdE4
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5MkMxOC85QTVFRUE4QzNE
RjQxMUVEODA0MUY5MzBDNEY5QUUwMi84ZjRNTW41NTVhOUQ0VnNPYjR6V2JBTXAw
VGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzhmNE1NbjU1NWE5RDRWc09iNHpXYkFNcDBUZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTJDMTgvOUE1RUVBOEMzREY0MTFFRDgwNDFGOTMwQzRGOUFFMDIvRDk3N0ExQUFF
ODVCMTFFRjg0MjM1QjE1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMQYIKwYBBQUHAQcBAf8E
IjAgMB4EAgABMBgDBADKm4gDBADKm4sDBAPaIVADBALaIWgwDQYJKoZIhvcNAQEL
BQADggEBAJtydQelGchaa+V+4gme+M1UYK7npmNm00zwm++Nw2meIh4YfCvYNxXz
ImQUu8vkad1JU4AOYpqiTk9R770FStNb0/QilKE/dHaRrTnhnhtLGEQtfEm5HdZc
W7Ovubu6tCl0vrVXGhpGtxkd2X1+R0XWYMpPd45PfMKGzfwIEvRqY1QhZI7XvtBx
OKlO2oHtUvj6Vhhhri+z50NTTUgrk2rwKA1mZShr+uJJwo1zcGgOhoRsnE7ulXH1
y2xCSjP+tfU59mzgem2L+XXKvz9uRYA/S0/dBrGWdrfm/favzid0FLpMkS8GJykd
ocKwVh0AmMvORINAT1kGoHokw4dND1s=
-----END CERTIFICATE-----
Generated at Sun Apr 20 20:51:05 2025 by rpki-client