Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919A9EE/A08B6A5CD36A11EB88B1EB33C4F9AE02/7EF60228061811F09D85F55CC4F9AE02.roa
File: 7EF60228061811F09D85F55CC4F9AE02.roa (raw, json)
Hash identifier: J7h2yGi3Vv6vc+sDU9VoSTulyKKlUq9hSiQG+8sHdhk=
Subject key identifier: 58:98:4A:74:EE:99:3C:3A:A5:12:74:A1:F9:1F:92:C0:E5:E9:30:23
Certificate issuer: /CN=A919A9EE/serialNumber=C0B16039C46CDF0C88D9A74A82D9E459A3A8CAE6
Certificate serial: 0582
Authority key identifier: C0:B1:60:39:C4:6C:DF:0C:88:D9:A7:4A:82:D9:E4:59:A3:A8:CA:E6
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wLFgOcRs3wyI2adKgtnkWaOoyuY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919A9EE/A08B6A5CD36A11EB88B1EB33C4F9AE02/7EF60228061811F09D85F55CC4F9AE02.roa
Signing time: Fri 21 Mar 2025 05:51:13 +0000
ROA not before: Fri 21 Mar 2025 05:51:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 4820
IP address blocks: 203.3.176.0/20 maxlen: 20
Validation: Failed, certificate revoked on Fri 21 Mar 2025 07:02:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1410 (0x582)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919A9EE, serialNumber=C0B16039C46CDF0C88D9A74A82D9E459A3A8CAE6
Validity
Not Before: Mar 21 05:51:13 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67dcfe51-f681
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:e7:cb:74:b3:5b:1b:2a:d0:2e:3b:57:06:68:
64:61:30:83:bf:90:ba:da:10:ce:8e:6c:38:06:31:
7f:e0:ba:c1:6d:87:71:70:50:c4:d8:25:ee:96:2e:
85:26:96:82:ea:c7:42:59:c2:25:f8:b2:bc:28:ec:
0c:ac:33:b2:0d:b6:59:6d:6a:33:dd:75:43:09:c5:
e0:9d:a3:43:ee:de:f0:ec:38:30:60:fc:ec:2d:5b:
63:d0:d6:ff:b3:9a:f3:e7:aa:c5:32:22:52:83:63:
1e:64:89:aa:e8:23:e3:87:cf:e6:e6:ae:61:9a:cd:
0f:04:25:37:3b:d5:1d:7a:24:ff:65:ea:1b:0d:0f:
15:17:c8:2e:09:44:ea:f4:a8:c3:a9:cb:94:b4:b6:
2f:42:48:a8:fb:93:2a:af:57:89:d5:7b:9c:c8:90:
9f:87:a7:01:cf:72:41:57:91:84:2b:4d:75:6e:1a:
4b:3b:56:d6:7f:f1:dd:e2:f1:4d:ce:3d:ce:6c:74:
4d:2c:f3:69:60:04:8a:d2:a8:4e:b2:b4:d9:e4:39:
18:97:94:f5:cb:0c:89:3e:ef:52:3e:78:ff:26:cc:
82:38:c1:3a:34:29:76:0e:4f:53:8e:1b:c5:eb:62:
a7:e0:ab:b3:dd:36:99:a9:7a:03:31:18:58:44:43:
98:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:98:4A:74:EE:99:3C:3A:A5:12:74:A1:F9:1F:92:C0:E5:E9:30:23
X509v3 Authority Key Identifier:
keyid:C0:B1:60:39:C4:6C:DF:0C:88:D9:A7:4A:82:D9:E4:59:A3:A8:CA:E6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919A9EE/A08B6A5CD36A11EB88B1EB33C4F9AE02/wLFgOcRs3wyI2adKgtnkWaOoyuY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wLFgOcRs3wyI2adKgtnkWaOoyuY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919A9EE/A08B6A5CD36A11EB88B1EB33C4F9AE02/7EF60228061811F09D85F55CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.3.176.0/20
Signature Algorithm: sha256WithRSAEncryption
8f:90:12:c6:92:0a:c7:92:53:e9:4b:f4:ef:18:0b:cc:15:74:
da:b1:5a:83:aa:99:a0:70:ea:a0:59:9f:a5:ac:88:87:bf:99:
bf:3c:d9:3c:ad:55:b3:3f:34:38:4d:7f:51:d8:db:bd:9f:36:
63:df:39:57:5c:70:a2:73:68:01:cf:d4:99:1a:37:f0:f2:7b:
8f:e1:b5:0c:b3:d9:d6:bc:08:4b:6e:d9:74:d3:01:85:f1:65:
fa:7a:44:2c:56:1a:13:be:d7:90:0b:e9:78:b8:fc:1f:b3:24:
a6:df:1f:bb:f6:d0:c7:4e:37:91:0c:5f:05:b4:c7:52:25:e0:
3f:f5:25:d5:66:a6:77:6d:96:a9:c0:24:e3:ea:c6:ec:a1:0e:
10:c7:23:cb:64:64:d5:59:ff:17:31:46:8c:a2:05:cc:62:d4:
e9:b4:d8:ab:ec:8c:2e:0e:e3:6b:e0:d7:fb:0c:76:81:9d:3d:
e3:3c:cc:ef:e7:6f:56:96:ee:4c:81:1d:ca:d2:90:37:8d:15:
38:30:1e:0a:27:93:af:9f:64:8f:60:21:6f:07:45:12:56:10:
a6:81:bb:ac:80:1e:df:84:4b:2d:35:3c:59:f6:ab:23:71:b5:
39:ad:70:84:71:05:4b:d9:66:56:63:80:c2:a5:44:6e:72:c1:
a6:be:d8:b8
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBYIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OUE5RUUxMTAvBgNVBAUTKEMwQjE2MDM5QzQ2Q0RGMEM4OEQ5QTc0QTgyRDlFNDU5
QTNBOENBRTYwHhcNMjUwMzIxMDU1MTEzWhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2RjZmU1MS1mNjgxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAy+fLdLNbGyrQLjtXBmhkYTCDv5C62hDOjmw4BjF/4LrBbYdxcFDE2CXuli6F
JpaC6sdCWcIl+LK8KOwMrDOyDbZZbWoz3XVDCcXgnaND7t7w7DgwYPzsLVtj0Nb/
s5rz56rFMiJSg2MeZImq6CPjh8/m5q5hms0PBCU3O9UdeiT/ZeobDQ8VF8guCUTq
9KjDqcuUtLYvQkio+5Mqr1eJ1XucyJCfh6cBz3JBV5GEK011bhpLO1bWf/Hd4vFN
zj3ObHRNLPNpYASK0qhOsrTZ5DkYl5T1ywyJPu9SPnj/JsyCOME6NCl2Dk9TjhvF
62Kn4Kuz3TaZqXoDMRhYREOY0QIDAQABo4IClTCCApEwHQYDVR0OBBYEFFiYSnTu
mTw6pRJ0ofkfksDl6TAjMB8GA1UdIwQYMBaAFMCxYDnEbN8MiNmnSoLZ5FmjqMrm
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5QTlFRS9BMDhCNkE1Q0Qz
NkExMUVCODhCMUVCMzNDNEY5QUUwMi93TEZnT2NSczN3eUkyYWRLZ3Rua1dhT295
dVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3dMRmdPY1JzM3d5STJhZEtndG5rV2FPb3l1WS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OUE5RUUvQTA4QjZBNUNEMzZBMTFFQjg4QjFFQjMzQzRGOUFFMDIvN0VGNjAyMjgw
NjE4MTFGMDlEODVGNTVDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBATLA7AwDQYJKoZIhvcNAQELBQADggEBAI+QEsaSCseSU+lL
9O8YC8wVdNqxWoOqmaBw6qBZn6WsiIe/mb882TytVbM/NDhNf1HY272fNmPfOVdc
cKJzaAHP1JkaN/Dye4/htQyz2da8CEtu2XTTAYXxZfp6RCxWGhO+15AL6Xi4/B+z
JKbfH7v20MdON5EMXwW0x1Il4D/1JdVmpndtlqnAJOPqxuyhDhDHI8tkZNVZ/xcx
RoyiBcxi1Om02KvsjC4O42vg1/sMdoGdPeM8zO/nb1aW7kyBHcrSkDeNFTgwHgon
k6+fZI9gIW8HRRJWEKaBu6yAHt+ESy01PFn2qyNxtTmtcIRxBUvZZlZjgMKlRG5y
waa+2Lg=
-----END CERTIFICATE-----
Generated at Tue Apr 22 12:25:07 2025 by rpki-client