Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C09C5/74B16C76959911EEBA3CB275C4F9AE02/1CFF4196D25D11EE8265DF1BC4F9AE02.roa
File: 1CFF4196D25D11EE8265DF1BC4F9AE02.roa (raw, json)
Hash identifier: seNd3OAiAeZ9JBytXRStouGgZPJUQ4ee1z7JMMEeEDY=
Subject key identifier: F4:F5:AB:D2:B7:42:CB:9C:A5:62:99:51:12:BF:7C:3C:84:3D:BE:5A
Certificate issuer: /CN=A91C09C5/serialNumber=66761CCD1B4C88384E6A404028CD9A9F809DE276
Certificate serial: CA
Authority key identifier: 66:76:1C:CD:1B:4C:88:38:4E:6A:40:40:28:CD:9A:9F:80:9D:E2:76
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZnYczRtMiDhOakBAKM2an4Cd4nY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C09C5/74B16C76959911EEBA3CB275C4F9AE02/1CFF4196D25D11EE8265DF1BC4F9AE02.roa
Signing time: Tue 31 Dec 2024 04:18:24 +0000
ROA not before: Tue 31 Dec 2024 04:18:24 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 152147
IP address blocks: 113.192.42.0/23 maxlen: 23
113.192.42.0/24 maxlen: 24
113.192.43.0/24 maxlen: 24
2001:df3:4240::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 22 Feb 2025 18:10:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 202 (0xca)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C09C5
Validity
Not Before: Dec 31 04:18:24 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=67737090-940e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:c2:93:0d:e3:9b:3c:c6:6b:67:31:71:02:23:
fa:77:d5:54:05:ac:51:b2:a9:ae:a0:6e:09:24:d0:
ad:b1:7b:4e:c7:6e:fc:ee:75:ff:d9:09:30:dd:04:
67:84:74:4b:65:bc:aa:87:a0:75:05:73:27:ac:a5:
9a:4f:3e:ea:12:5b:c1:92:3a:74:c3:91:74:2a:06:
c6:ca:73:fc:b6:09:5c:f6:52:d6:4f:83:d2:d3:72:
97:a9:70:7b:36:b1:3d:e6:b2:1b:a2:71:91:d9:d4:
05:38:9e:6e:8e:44:7a:fd:00:87:10:49:38:06:d0:
fd:1c:de:de:fe:f5:fe:3d:93:99:b2:55:72:1a:59:
a7:90:6a:47:a6:8e:50:dd:13:17:3e:62:e6:7c:c9:
70:0d:36:00:fd:49:e7:e4:b7:70:83:97:24:0d:64:
91:28:b0:49:c7:33:ca:2a:37:99:ff:7f:b8:4c:b8:
89:db:37:13:ca:80:9c:7c:91:9b:da:bd:26:f6:c5:
8a:e3:4e:ef:fc:5e:40:84:96:12:a7:b4:a0:e1:a9:
b3:4b:a3:7a:5e:2c:90:5d:41:37:6a:14:9f:4f:3a:
aa:f7:25:0d:95:a2:93:73:2f:32:22:14:ef:cd:11:
a3:2b:10:2d:06:33:9f:db:f8:0f:be:9f:17:3c:3a:
09:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:F5:AB:D2:B7:42:CB:9C:A5:62:99:51:12:BF:7C:3C:84:3D:BE:5A
X509v3 Authority Key Identifier:
keyid:66:76:1C:CD:1B:4C:88:38:4E:6A:40:40:28:CD:9A:9F:80:9D:E2:76
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C09C5/74B16C76959911EEBA3CB275C4F9AE02/ZnYczRtMiDhOakBAKM2an4Cd4nY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZnYczRtMiDhOakBAKM2an4Cd4nY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C09C5/74B16C76959911EEBA3CB275C4F9AE02/1CFF4196D25D11EE8265DF1BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
113.192.42.0/23
IPv6:
2001:df3:4240::/48
Signature Algorithm: sha256WithRSAEncryption
2a:40:d5:04:5f:76:f6:2d:36:6a:01:9e:e7:5f:22:58:a8:8a:
bc:e5:44:f9:1d:6a:ad:f8:19:60:aa:04:ed:08:1a:fc:00:9b:
0d:5a:33:e2:a6:9f:96:1d:a7:53:2c:7d:eb:68:c2:cf:e4:42:
9a:6f:77:47:c3:14:b4:19:07:33:54:7a:34:6f:30:0b:96:27:
ff:6c:c1:c6:be:d4:82:c4:90:ec:86:6e:4e:5b:e2:f2:c3:e6:
ed:5c:84:bd:14:d5:c6:57:07:6d:d3:cf:06:58:39:76:58:2e:
bd:75:65:21:ab:0a:4f:41:91:6d:91:5d:3b:a9:69:b1:7f:5b:
92:66:1f:b2:ef:2a:90:d2:b2:2f:f1:3d:ea:61:ac:2d:bd:18:
47:03:58:91:d6:d5:90:1f:5c:85:8a:f7:78:b1:3a:03:d6:9a:
d6:5c:bb:7f:53:61:44:d0:62:95:af:fb:a9:3c:db:c4:c8:1c:
f4:ec:58:52:5f:1c:1d:1e:de:54:94:a2:78:a3:46:23:df:d7:
74:6c:f1:65:54:5c:42:17:39:b4:87:08:fe:47:66:05:70:a6:
00:e8:5d:92:13:c6:dd:aa:fe:2c:68:01:24:0e:b9:c9:7e:6a:
25:71:3b:d8:28:1a:b8:0b:59:3a:89:fd:23:e4:69:8a:e5:d6:
90:f2:42:16
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICAMowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzA5QzUxMTAvBgNVBAUTKDY2NzYxQ0NEMUI0Qzg4Mzg0RTZBNDA0MDI4Q0Q5QTlG
ODA5REUyNzYwHhcNMjQxMjMxMDQxODI0WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzczNzA5MC05NDBlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAscKTDeObPMZrZzFxAiP6d9VUBaxRsqmuoG4JJNCtsXtOx2787nX/2Qkw3QRn
hHRLZbyqh6B1BXMnrKWaTz7qElvBkjp0w5F0KgbGynP8tglc9lLWT4PS03KXqXB7
NrE95rIbonGR2dQFOJ5ujkR6/QCHEEk4BtD9HN7e/vX+PZOZslVyGlmnkGpHpo5Q
3RMXPmLmfMlwDTYA/Unn5Ldwg5ckDWSRKLBJxzPKKjeZ/3+4TLiJ2zcTyoCcfJGb
2r0m9sWK407v/F5AhJYSp7Sg4amzS6N6XiyQXUE3ahSfTzqq9yUNlaKTcy8yIhTv
zRGjKxAtBjOf2/gPvp8XPDoJRQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFPT1q9K3
QsucpWKZURK/fDyEPb5aMB8GA1UdIwQYMBaAFGZ2HM0bTIg4TmpAQCjNmp+AneJ2
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMDlDNS83NEIxNkM3Njk1
OTkxMUVFQkEzQ0IyNzVDNEY5QUUwMi9ablljelJ0TWlEaE9ha0JBS00yYW40Q2Q0
blkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1puWWN6UnRNaURoT2FrQkFLTTJhbjRDZDRuWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzA5QzUvNzRCMTZDNzY5NTk5MTFFRUJBM0NCMjc1QzRGOUFFMDIvMUNGRjQxOTZE
MjVEMTFFRTgyNjVERjFCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFxwCowDwQCAAIwCQMHACABDfNCQDANBgkqhkiG9w0BAQsF
AAOCAQEAKkDVBF929i02agGe518iWKiKvOVE+R1qrfgZYKoE7Qga/ACbDVoz4qaf
lh2nUyx962jCz+RCmm93R8MUtBkHM1R6NG8wC5Yn/2zBxr7UgsSQ7IZuTlvi8sPm
7VyEvRTVxlcHbdPPBlg5dlguvXVlIasKT0GRbZFdO6lpsX9bkmYfsu8qkNKyL/E9
6mGsLb0YRwNYkdbVkB9chYr3eLE6A9aa1ly7f1NhRNBila/7qTzbxMgc9OxYUl8c
HR7eVJSieKNGI9/XdGzxZVRcQhc5tIcI/kdmBXCmAOhdkhPG3ar+LGgBJA65yX5q
JXE72CgauAtZOon9I+RpiuXWkPJCFg==
-----END CERTIFICATE-----
Generated at Sat Apr 5 01:45:06 2025 by rpki-client