Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B80C2/FE48ABF406B211EFBCE0345CC4F9AE02/758D7C140AC611EF805C3840C4F9AE02.roa
File: 758D7C140AC611EF805C3840C4F9AE02.roa (raw, json)
Hash identifier: 9W6zcUX83//8QsvGXnTe6kYeYx8TmZyoEappNK4B+jg=
Subject key identifier: E0:49:C5:42:63:F1:B9:EC:B4:73:7F:2E:54:B4:38:39:93:A6:A6:1D
Certificate issuer: /CN=A91B80C2/serialNumber=CEE07C8714F19278139D239605043ECC6BDBD322
Certificate serial: B8
Authority key identifier: CE:E0:7C:87:14:F1:92:78:13:9D:23:96:05:04:3E:CC:6B:DB:D3:22
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zuB8hxTxkngTnSOWBQQ-zGvb0yI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B80C2/FE48ABF406B211EFBCE0345CC4F9AE02/758D7C140AC611EF805C3840C4F9AE02.roa
Signing time: Sun 09 Mar 2025 05:22:45 +0000
ROA not before: Sun 09 Mar 2025 05:22:45 +0000
ROA not after: Thu 30 Jul 2026 00:00:00 +0000
asID: 152726
IP address blocks: 202.50.113.0/24 maxlen: 24
2001:df3:bec0::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 09 Mar 2025 20:08:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 184 (0xb8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B80C2, serialNumber=CEE07C8714F19278139D239605043ECC6BDBD322
Validity
Not Before: Mar 9 05:22:45 2025 GMT
Not After : Jul 30 00:00:00 2026 GMT
Subject: CN=67cd25a4-c83d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:3e:32:60:87:31:45:16:5c:75:d9:e5:86:b2:
70:17:08:4e:c0:e1:60:1b:a6:52:70:d2:17:12:8d:
a7:2a:b3:97:67:c6:b3:02:17:76:a4:e6:27:c2:9e:
b3:47:a3:e9:c4:8e:96:50:82:bd:57:fb:0b:ca:4f:
8f:bd:29:08:38:22:f8:8c:5f:fd:e4:93:d1:9d:b4:
82:73:4d:96:1f:9d:86:5a:f0:0e:0a:fa:b3:d0:6a:
22:4c:ab:5a:d3:6c:1b:43:fe:54:ec:9b:57:a5:e3:
0c:7e:aa:e5:d7:05:74:fb:14:5b:2f:03:8f:6b:d2:
75:1f:82:50:cb:a7:d5:b9:9a:8b:cb:ec:fe:0f:17:
60:83:11:41:bf:ea:e6:36:58:36:54:f9:f3:81:63:
59:20:14:a6:c0:e0:24:06:38:d5:b3:9f:8d:a3:da:
28:8a:31:a9:c3:23:bb:92:df:35:f5:aa:f0:9a:54:
08:d9:b6:a7:b8:9b:98:39:1c:f5:c0:4c:52:23:97:
ca:bd:4b:06:ee:7d:cd:c7:35:50:a2:f5:b7:f7:08:
86:13:c2:f6:91:71:e9:e1:45:ee:90:80:27:8c:8d:
1f:67:05:35:12:da:10:17:af:7c:a6:0d:75:72:63:
15:0a:80:a2:16:ca:be:e9:ea:6d:12:b8:1b:fd:c2:
cb:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:49:C5:42:63:F1:B9:EC:B4:73:7F:2E:54:B4:38:39:93:A6:A6:1D
X509v3 Authority Key Identifier:
keyid:CE:E0:7C:87:14:F1:92:78:13:9D:23:96:05:04:3E:CC:6B:DB:D3:22
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B80C2/FE48ABF406B211EFBCE0345CC4F9AE02/zuB8hxTxkngTnSOWBQQ-zGvb0yI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zuB8hxTxkngTnSOWBQQ-zGvb0yI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B80C2/FE48ABF406B211EFBCE0345CC4F9AE02/758D7C140AC611EF805C3840C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.50.113.0/24
IPv6:
2001:df3:bec0::/48
Signature Algorithm: sha256WithRSAEncryption
0b:15:36:39:6c:33:5a:49:ab:72:6f:51:0b:67:d0:3c:c7:19:
29:0b:42:12:c2:38:02:87:76:2d:7f:9a:dd:01:0d:a7:d6:24:
9b:62:77:dc:43:1b:13:f4:87:c7:a0:b5:c1:0b:a0:99:5f:c0:
8c:3e:c0:0f:7e:ea:8b:5d:fd:f9:5a:e0:9f:5a:b9:d4:86:ef:
3a:80:75:81:9b:6b:3d:3d:d1:8b:fc:2f:84:64:25:5b:95:99:
5f:62:c6:27:61:5e:bf:f1:ab:f9:74:6f:91:e5:9b:23:b1:94:
7c:2b:bc:77:77:d4:20:2d:21:5d:c0:0d:5d:62:e8:63:24:15:
89:82:fb:ce:88:42:fa:69:be:cd:5f:4b:b7:d3:b8:32:c9:b1:
71:c0:69:49:bb:c6:ae:4c:3e:97:e9:61:76:77:0f:c4:33:2a:
99:64:0a:e4:b3:b1:83:35:7c:32:d4:83:fa:29:0f:3d:9b:cb:
47:af:2b:bc:a5:ae:28:3a:d5:71:95:ff:bc:c1:74:c9:de:74:
9c:9b:ab:a7:80:a3:16:1e:af:1f:65:da:c1:86:e2:76:97:80:
dd:55:8f:87:b2:ff:65:c7:9c:dd:b1:70:fa:ad:df:f0:ab:13:
b4:ac:1a:4d:46:09:61:36:7b:a5:8a:65:ff:55:6f:b9:dc:ef:
65:72:03:26
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICALgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjgwQzIxMTAvBgNVBAUTKENFRTA3Qzg3MTRGMTkyNzgxMzlEMjM5NjA1MDQzRUND
NkJEQkQzMjIwHhcNMjUwMzA5MDUyMjQ1WhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2NkMjVhNC1jODNkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArj4yYIcxRRZcddnlhrJwFwhOwOFgG6ZScNIXEo2nKrOXZ8azAhd2pOYnwp6z
R6PpxI6WUIK9V/sLyk+PvSkIOCL4jF/95JPRnbSCc02WH52GWvAOCvqz0GoiTKta
02wbQ/5U7JtXpeMMfqrl1wV0+xRbLwOPa9J1H4JQy6fVuZqLy+z+DxdggxFBv+rm
Nlg2VPnzgWNZIBSmwOAkBjjVs5+No9ooijGpwyO7kt819arwmlQI2banuJuYORz1
wExSI5fKvUsG7n3NxzVQovW39wiGE8L2kXHp4UXukIAnjI0fZwU1EtoQF698pg11
cmMVCoCiFsq+6eptErgb/cLLgwIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFOBJxUJj
8bnstHN/LlS0ODmTpqYdMB8GA1UdIwQYMBaAFM7gfIcU8ZJ4E50jlgUEPsxr29Mi
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCODBDMi9GRTQ4QUJGNDA2
QjIxMUVGQkNFMDM0NUNDNEY5QUUwMi96dUI4aHhUeGtuZ1RuU09XQlFRLXpHdmIw
eUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3p1QjhoeFR4a25nVG5TT1dCUVEtekd2YjB5SS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjgwQzIvRkU0OEFCRjQwNkIyMTFFRkJDRTAzNDVDQzRGOUFFMDIvNzU4RDdDMTQw
QUM2MTFFRjgwNUMzODQwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBADKMnEwDwQCAAIwCQMHACABDfO+wDANBgkqhkiG9w0BAQsF
AAOCAQEACxU2OWwzWkmrcm9RC2fQPMcZKQtCEsI4Aod2LX+a3QENp9Ykm2J33EMb
E/SHx6C1wQugmV/AjD7AD37qi139+Vrgn1q51IbvOoB1gZtrPT3Ri/wvhGQlW5WZ
X2LGJ2Fev/Gr+XRvkeWbI7GUfCu8d3fUIC0hXcANXWLoYyQViYL7zohC+mm+zV9L
t9O4MsmxccBpSbvGrkw+l+lhdncPxDMqmWQK5LOxgzV8MtSD+ikPPZvLR68rvKWu
KDrVcZX/vMF0yd50nJurp4CjFh6vH2XawYbidpeA3VWPh7L/Zcec3bFw+q3f8KsT
tKwaTUYJYTZ7pYpl/1VvudzvZXIDJg==
-----END CERTIFICATE-----
Generated at Sat Apr 12 22:42:44 2025 by rpki-client