Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B0770/C33683B61D8E11E28A9B57ED08B02CD2/37E32C34DE0A11EFBAA0FC20C4F9AE02.roa
File: 37E32C34DE0A11EFBAA0FC20C4F9AE02.roa (raw, json)
Hash identifier: 3GPebIheOkU+9ZA2gOJa4umMqDy6/jLjjn9U+nIE6JY=
Subject key identifier: BA:9C:87:10:65:10:3E:D7:DC:6D:22:34:96:69:4D:C1:86:FD:6F:BD
Certificate issuer: /CN=A91B0770/serialNumber=1D6225AD943ECA389FA4B66C1974351E34C428FB
Certificate serial: 34D7
Authority key identifier: 1D:62:25:AD:94:3E:CA:38:9F:A4:B6:6C:19:74:35:1E:34:C4:28:FB
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HWIlrZQ-yjifpLZsGXQ1HjTEKPs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B0770/C33683B61D8E11E28A9B57ED08B02CD2/37E32C34DE0A11EFBAA0FC20C4F9AE02.roa
Signing time: Wed 29 Jan 2025 06:28:14 +0000
ROA not before: Wed 29 Jan 2025 06:28:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 38174
IP address blocks: 120.29.234.0/23 maxlen: 24
120.29.239.0/24 maxlen: 24
123.242.244.0/22 maxlen: 24
123.242.252.0/23 maxlen: 24
123.242.254.0/23 maxlen: 23
202.60.60.0/23 maxlen: 23
202.60.60.0/24 maxlen: 24
202.60.61.0/24 maxlen: 24
202.60.62.0/23 maxlen: 24
202.61.10.0/23 maxlen: 23
202.61.10.0/24 maxlen: 24
202.61.11.0/24 maxlen: 24
203.189.180.0/22 maxlen: 22
203.189.180.0/24 maxlen: 24
203.189.181.0/24 maxlen: 24
203.189.182.0/24 maxlen: 24
203.189.183.0/24 maxlen: 24
203.191.34.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Feb 2025 04:18:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13527 (0x34d7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B0770
Validity
Not Before: Jan 29 06:28:14 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6799ca7e-6a26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:5b:55:fd:9b:d3:9a:f0:87:cf:17:ec:c9:6a:
48:ec:af:a1:17:13:19:00:73:26:fe:fa:e3:89:c5:
dd:32:a0:e7:90:51:bb:9b:21:e6:1d:76:c5:27:f6:
b5:3d:13:38:a3:48:66:b2:df:a9:5b:b3:ac:51:a5:
9d:a3:08:9c:73:1a:c2:61:9c:74:d0:d9:38:80:d0:
79:4a:28:53:7e:bf:e4:3f:58:e0:fd:e7:26:eb:f8:
e5:d2:f5:97:dd:d8:f2:84:bc:52:d7:c7:6b:9c:b7:
df:72:76:80:b3:a4:8b:dd:3b:78:fa:26:b9:ad:0a:
5f:74:13:c4:21:e1:18:bb:3f:61:3a:27:cd:4f:55:
84:c9:17:11:e4:93:7c:ae:4f:03:be:c5:16:a9:1c:
e4:3b:fa:9a:60:fe:c8:45:bf:2c:c0:39:74:4c:dc:
7f:51:d1:e0:4e:1c:b9:0d:12:59:af:17:97:2a:21:
5c:8a:fc:ac:32:1b:28:11:5a:a5:eb:33:be:b2:c9:
6e:96:06:ba:63:2e:49:37:f9:1f:19:7d:9b:de:4b:
14:d5:bd:dc:65:78:b8:8a:8a:d3:cc:00:98:77:ae:
27:a0:26:63:98:a3:75:4e:48:fb:e3:a7:1c:28:e6:
bb:d0:04:9b:0b:a4:a8:32:84:d6:1c:29:94:c8:0f:
a6:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:9C:87:10:65:10:3E:D7:DC:6D:22:34:96:69:4D:C1:86:FD:6F:BD
X509v3 Authority Key Identifier:
keyid:1D:62:25:AD:94:3E:CA:38:9F:A4:B6:6C:19:74:35:1E:34:C4:28:FB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B0770/C33683B61D8E11E28A9B57ED08B02CD2/HWIlrZQ-yjifpLZsGXQ1HjTEKPs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HWIlrZQ-yjifpLZsGXQ1HjTEKPs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B0770/C33683B61D8E11E28A9B57ED08B02CD2/37E32C34DE0A11EFBAA0FC20C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
120.29.234.0/23
120.29.239.0/24
123.242.244.0/22
123.242.252.0/22
202.60.60.0/22
202.61.10.0/23
203.189.180.0/22
203.191.34.0/23
Signature Algorithm: sha256WithRSAEncryption
93:ed:39:3f:af:79:31:11:77:37:28:be:7a:d6:12:c9:20:52:
6c:95:7c:11:b2:e2:c7:e0:58:0f:d1:92:ee:d5:66:29:34:02:
f7:cc:31:4c:63:01:ee:d5:ef:46:e7:7a:f3:ef:1f:f4:18:00:
ed:69:a1:66:db:b6:98:f2:de:61:ae:f6:e0:51:b5:da:7f:89:
db:a2:c0:5a:21:e3:fd:3e:50:fc:1d:6f:03:d3:7e:d2:5f:56:
1a:5f:22:63:97:cc:6d:d0:bf:81:1b:5d:07:35:9b:e2:86:d9:
56:94:cf:84:c0:bf:55:7c:13:9b:07:90:ba:d7:64:04:10:d2:
55:d2:5a:82:6b:84:90:5f:68:3b:70:90:6b:5a:ef:6b:52:75:
0a:e8:21:cc:a8:9d:46:56:97:24:6a:86:0b:53:00:97:39:8a:
75:92:3f:7c:71:b9:55:9c:5b:78:94:99:59:bb:af:a2:98:ff:
d8:04:21:4c:27:d1:38:f4:f4:72:54:2c:a4:79:c1:58:1e:dd:
e6:c6:8c:5d:54:82:14:8a:38:c3:c1:0f:42:55:fd:65:31:c2:
0a:2b:fa:df:ea:fc:dc:83:84:99:97:4d:6d:ad:81:8b:22:a5:
b4:5c:89:fc:f9:27:2e:5b:ef:3e:57:ad:ee:ad:f9:4d:98:1f:
da:cf:3e:fc
-----BEGIN CERTIFICATE-----
MIIFmzCCBIOgAwIBAgICNNcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjA3NzAxMTAvBgNVBAUTKDFENjIyNUFEOTQzRUNBMzg5RkE0QjY2QzE5NzQzNTFF
MzRDNDI4RkIwHhcNMjUwMTI5MDYyODE0WhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzk5Y2E3ZS02YTI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqFtV/ZvTmvCHzxfsyWpI7K+hFxMZAHMm/vrjicXdMqDnkFG7myHmHXbFJ/a1
PRM4o0hmst+pW7OsUaWdowiccxrCYZx00Nk4gNB5SihTfr/kP1jg/ecm6/jl0vWX
3djyhLxS18drnLffcnaAs6SL3Tt4+ia5rQpfdBPEIeEYuz9hOifNT1WEyRcR5JN8
rk8DvsUWqRzkO/qaYP7IRb8swDl0TNx/UdHgThy5DRJZrxeXKiFcivysMhsoEVql
6zO+sslulga6Yy5JN/kfGX2b3ksU1b3cZXi4iorTzACYd64noCZjmKN1Tkj746cc
KOa70ASbC6SoMoTWHCmUyA+m9QIDAQABo4ICvzCCArswHQYDVR0OBBYEFLqchxBl
ED7X3G0iNJZpTcGG/W+9MB8GA1UdIwQYMBaAFB1iJa2UPso4n6S2bBl0NR40xCj7
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMDc3MC9DMzM2ODNCNjFE
OEUxMUUyOEE5QjU3RUQwOEIwMkNEMi9IV0lsclpRLXlqaWZwTFpzR1hRMUhqVEVL
UHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0hXSWxyWlEteWppZnBMWnNHWFExSGpURUtQcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjA3NzAvQzMzNjgzQjYxRDhFMTFFMjhBOUI1N0VEMDhCMDJDRDIvMzdFMzJDMzRE
RTBBMTFFRkJBQTBGQzIwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwSQYIKwYBBQUHAQcBAf8E
OjA4MDYEAgABMDADBAF4HeoDBAB4He8DBAJ78vQDBAJ78vwDBALKPDwDBAHKPQoD
BALLvbQDBAHLvyIwDQYJKoZIhvcNAQELBQADggEBAJPtOT+veTERdzcovnrWEskg
UmyVfBGy4sfgWA/Rku7VZik0AvfMMUxjAe7V70bnevPvH/QYAO1poWbbtpjy3mGu
9uBRtdp/iduiwFoh4/0+UPwdbwPTftJfVhpfImOXzG3Qv4EbXQc1m+KG2VaUz4TA
v1V8E5sHkLrXZAQQ0lXSWoJrhJBfaDtwkGta72tSdQroIcyonUZWlyRqhgtTAJc5
inWSP3xxuVWcW3iUmVm7r6KY/9gEIUwn0Tj09HJULKR5wVge3ebGjF1UghSKOMPB
D0JV/WUxwgor+t/q/NyDhJmXTW2tgYsipbRcifz5Jy5b7z5Xre6t+U2YH9rPPvw=
-----END CERTIFICATE-----
Generated at Sat Apr 12 10:45:14 2025 by rpki-client