Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9192C18/9A5EEA8C3DF411ED8041F930C4F9AE02/DB0B3F7AD78C11EFBF630D3AC4F9AE02.roa
File: DB0B3F7AD78C11EFBF630D3AC4F9AE02.roa (raw, json)
Hash identifier: 2LBC86Jyqv4EE3tkPCaQeIBDjPju9ToqxElHKC9OIAk=
Subject key identifier: 1B:D2:96:25:F1:EB:56:59:1E:6C:FE:0A:8F:B6:EF:66:87:28:20:4E
Certificate issuer: /CN=A9192C18/serialNumber=F1FE0C327E79E5AF43E15B0E6F8CD66C0329D138
Certificate serial: 028C
Authority key identifier: F1:FE:0C:32:7E:79:E5:AF:43:E1:5B:0E:6F:8C:D6:6C:03:29:D1:38
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8f4MMn555a9D4VsOb4zWbAMp0Tg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9192C18/9A5EEA8C3DF411ED8041F930C4F9AE02/DB0B3F7AD78C11EFBF630D3AC4F9AE02.roa
Signing time: Thu 20 Feb 2025 15:30:48 +0000
ROA not before: Thu 20 Feb 2025 15:30:48 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 212238
IP address blocks: 218.33.80.0/22 maxlen: 22
218.33.84.0/22 maxlen: 22
218.33.88.0/22 maxlen: 22
218.33.92.0/22 maxlen: 22
218.33.100.0/22 maxlen: 22
218.33.104.0/22 maxlen: 22
Validation: Failed, certificate revoked on Fri 21 Feb 2025 00:23:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 652 (0x28c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9192C18, serialNumber=F1FE0C327E79E5AF43E15B0E6F8CD66C0329D138
Validity
Not Before: Feb 20 15:30:48 2025 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=67b74aa7-6b9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:69:21:72:40:92:77:06:d9:d2:30:4d:63:d0:
8a:38:7d:e5:24:9e:08:20:a2:3a:89:6c:0a:ee:d6:
4e:67:7d:70:72:17:ad:84:8e:8f:6c:9d:e8:e0:7e:
d0:ad:cb:91:41:a4:fa:1a:0e:b4:4a:1c:0b:d9:30:
82:f8:a3:c0:27:d8:49:5f:38:7b:0e:16:a5:78:0c:
28:3f:22:1d:fb:eb:9b:de:5a:ef:c1:78:cd:ce:6b:
d9:7d:2b:52:cb:5e:61:6a:21:83:85:b8:c2:0e:ae:
fb:cd:89:7a:3f:f5:82:06:95:0d:9c:79:66:36:9d:
0e:03:b2:e2:24:d6:e7:b8:e8:1c:56:93:1a:2e:f7:
10:b7:f5:1e:3d:bc:27:fe:5e:c9:eb:5c:21:4f:f5:
8e:49:c5:8e:5e:43:ac:2f:4f:ec:f4:51:93:ce:3f:
d5:e9:93:b6:25:5d:13:60:62:d8:a1:f6:81:ff:fd:
38:75:d7:90:74:98:59:d1:7d:a5:a3:3a:08:19:0c:
55:79:fb:30:08:3b:23:39:4b:45:a1:8a:ad:ea:a7:
e2:55:ae:d2:ac:6c:0b:dd:a1:a2:63:99:d9:e1:68:
39:2d:c0:5a:41:73:0e:67:40:ee:80:c2:5b:01:99:
1d:4e:ff:ec:03:6a:9d:ac:7e:64:45:8f:6a:d6:dc:
76:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:D2:96:25:F1:EB:56:59:1E:6C:FE:0A:8F:B6:EF:66:87:28:20:4E
X509v3 Authority Key Identifier:
keyid:F1:FE:0C:32:7E:79:E5:AF:43:E1:5B:0E:6F:8C:D6:6C:03:29:D1:38
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9192C18/9A5EEA8C3DF411ED8041F930C4F9AE02/8f4MMn555a9D4VsOb4zWbAMp0Tg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8f4MMn555a9D4VsOb4zWbAMp0Tg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9192C18/9A5EEA8C3DF411ED8041F930C4F9AE02/DB0B3F7AD78C11EFBF630D3AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
218.33.80.0/20
218.33.100.0-218.33.107.255
Signature Algorithm: sha256WithRSAEncryption
2e:89:fc:d9:ee:31:3f:0e:32:1e:f2:76:c5:b7:ca:ff:0a:b6:
03:a6:ec:5e:7c:f5:22:90:8a:ce:93:69:e6:5a:fe:a0:70:ac:
bc:39:f6:c9:89:74:ee:17:46:08:3b:75:c1:d5:ac:d7:39:e1:
c4:ed:7d:40:fe:fe:fe:c4:e0:7b:dc:77:b2:da:27:d8:5c:38:
66:97:cc:5d:9e:7c:d6:da:b2:99:87:2f:24:71:37:61:85:8c:
f3:8c:27:2c:39:2d:dc:4a:30:ca:79:72:c1:76:fe:a9:42:c3:
06:38:5b:18:67:6a:d9:07:60:93:63:a3:b8:54:41:28:4b:98:
82:45:a3:f7:a8:57:55:a1:8e:bb:90:68:d3:a2:e2:dd:f0:f4:
c6:b5:0d:56:2f:74:9d:7c:ef:1b:13:a2:d1:ff:77:b5:d7:6b:
70:14:3d:8c:6c:ac:2d:e0:82:cb:e2:83:5d:68:d7:db:c8:ff:
f4:ab:6a:23:fd:94:10:6c:9b:92:5e:ec:0d:39:26:a9:0a:1f:
67:ff:ff:d9:fa:6a:86:8d:15:44:30:64:d5:5c:4d:67:4f:31:
1f:3f:fb:91:67:a3:ca:9d:14:b4:f3:8f:5d:74:69:00:f4:8a:
76:37:68:cf:96:fb:12:b1:50:d2:52:31:f6:b2:f8:86:70:e1:
62:f9:59:dd
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgICAowwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTJDMTgxMTAvBgNVBAUTKEYxRkUwQzMyN0U3OUU1QUY0M0UxNUIwRTZGOENENjZD
MDMyOUQxMzgwHhcNMjUwMjIwMTUzMDQ4WhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2I3NGFhNy02YjllMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAr2khckCSdwbZ0jBNY9CKOH3lJJ4IIKI6iWwK7tZOZ31wchethI6PbJ3o4H7Q
rcuRQaT6Gg60ShwL2TCC+KPAJ9hJXzh7DhaleAwoPyId++ub3lrvwXjNzmvZfStS
y15haiGDhbjCDq77zYl6P/WCBpUNnHlmNp0OA7LiJNbnuOgcVpMaLvcQt/UePbwn
/l7J61whT/WOScWOXkOsL0/s9FGTzj/V6ZO2JV0TYGLYofaB//04ddeQdJhZ0X2l
ozoIGQxVefswCDsjOUtFoYqt6qfiVa7SrGwL3aGiY5nZ4Wg5LcBaQXMOZ0DugMJb
AZkdTv/sA2qdrH5kRY9q1tx2yQIDAQABo4ICozCCAp8wHQYDVR0OBBYEFBvSliXx
61ZZHmz+Co+272aHKCBOMB8GA1UdIwQYMBaAFPH+DDJ+eeWvQ+FbDm+M1mwDKdE4
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5MkMxOC85QTVFRUE4QzNE
RjQxMUVEODA0MUY5MzBDNEY5QUUwMi84ZjRNTW41NTVhOUQ0VnNPYjR6V2JBTXAw
VGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzhmNE1NbjU1NWE5RDRWc09iNHpXYkFNcDBUZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTJDMTgvOUE1RUVBOEMzREY0MTFFRDgwNDFGOTMwQzRGOUFFMDIvREIwQjNGN0FE
NzhDMTFFRkJGNjMwRDNBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLQYIKwYBBQUHAQcBAf8E
HjAcMBoEAgABMBQDBATaIVAwDAMEAtohZAMEAtohaDANBgkqhkiG9w0BAQsFAAOC
AQEALon82e4xPw4yHvJ2xbfK/wq2A6bsXnz1IpCKzpNp5lr+oHCsvDn2yYl07hdG
CDt1wdWs1znhxO19QP7+/sTge9x3ston2Fw4ZpfMXZ581tqymYcvJHE3YYWM84wn
LDkt3EowynlywXb+qULDBjhbGGdq2Qdgk2OjuFRBKEuYgkWj96hXVaGOu5Bo06Li
3fD0xrUNVi90nXzvGxOi0f93tddrcBQ9jGysLeCCy+KDXWjX28j/9KtqI/2UEGyb
kl7sDTkmqQofZ///2fpqho0VRDBk1VxNZ08xHz/7kWejyp0UtPOPXXRpAPSKdjdo
z5b7ErFQ0lIx9rL4hnDhYvlZ3Q==
-----END CERTIFICATE-----
Generated at Fri Apr 18 19:17:37 2025 by rpki-client