Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DD4A6/6A5969A87E9511EC82EE520AC4F9AE02/0D9F5398F5BC11EFBAC15C37C4F9AE02.roa
File: 0D9F5398F5BC11EFBAC15C37C4F9AE02.roa (raw, json)
Hash identifier: O3bzfF4OFv/ZMImyiqgoUlbfFWkJTmzpCAAUfvbAzzA=
Subject key identifier: EB:9E:D5:36:D8:3F:4F:47:08:15:10:77:6D:FB:FD:72:EE:3B:83:30
Certificate issuer: /CN=A91DD4A6/serialNumber=17004AA33105B0A0E6D3EB4E47C513063D92CEC2
Certificate serial: 03E3
Authority key identifier: 17:00:4A:A3:31:05:B0:A0:E6:D3:EB:4E:47:C5:13:06:3D:92:CE:C2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FwBKozEFsKDm0-tOR8UTBj2SzsI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DD4A6/6A5969A87E9511EC82EE520AC4F9AE02/0D9F5398F5BC11EFBAC15C37C4F9AE02.roa
Signing time: Fri 28 Feb 2025 10:09:10 +0000
ROA not before: Fri 28 Feb 2025 10:09:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56209
IP address blocks: 150.129.172.0/23 maxlen: 23
150.129.172.0/24 maxlen: 24
150.129.173.0/24 maxlen: 24
202.47.112.0/21 maxlen: 21
202.47.112.0/24 maxlen: 24
202.47.113.0/24 maxlen: 24
202.47.114.0/24 maxlen: 24
202.47.115.0/24 maxlen: 24
202.47.116.0/24 maxlen: 24
202.47.117.0/24 maxlen: 24
202.47.118.0/24 maxlen: 24
202.47.119.0/24 maxlen: 24
202.71.0.0/23 maxlen: 23
202.71.0.0/24 maxlen: 24
202.71.1.0/24 maxlen: 24
202.71.2.0/23 maxlen: 23
202.71.2.0/24 maxlen: 24
202.71.3.0/24 maxlen: 24
202.71.24.0/24 maxlen: 24
202.71.25.0/24 maxlen: 24
202.71.26.0/24 maxlen: 24
202.71.27.0/24 maxlen: 24
202.71.28.0/24 maxlen: 24
202.71.29.0/24 maxlen: 24
202.71.30.0/23 maxlen: 23
202.71.30.0/24 maxlen: 24
202.71.31.0/24 maxlen: 24
2406:2100::/32 maxlen: 32
2406:2100::/48 maxlen: 48
2406:2100:1::/48 maxlen: 48
2406:2100:2::/48 maxlen: 48
2406:2100:3::/48 maxlen: 48
2406:2100:4::/48 maxlen: 48
2406:2100:5::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 04 Apr 2025 09:39:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 995 (0x3e3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DD4A6
Validity
Not Before: Feb 28 10:09:10 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67c18b46-4c27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:43:d8:bd:8d:74:85:a7:4d:e3:2d:99:a3:5d:
a3:a0:10:ae:09:01:0a:cf:da:a3:73:0b:6c:be:36:
7f:9f:0d:b1:2e:36:8f:e0:84:52:c5:11:94:15:25:
eb:5e:67:9b:4e:96:67:b9:27:3a:99:46:29:a7:06:
71:05:4e:94:67:9e:23:d9:61:3c:df:89:73:9e:c2:
ec:dd:26:aa:49:fb:6c:70:05:01:80:e2:4a:c4:03:
d2:77:34:bf:ed:da:88:f1:97:2a:f3:e1:af:31:86:
bb:d3:01:aa:33:70:c0:09:cf:ae:dc:d3:8e:0a:5e:
0c:18:78:08:00:53:8d:75:f1:1e:4d:cc:00:b9:5c:
c7:5c:25:50:41:da:e5:ab:50:90:21:08:db:a5:a4:
7c:a1:65:e8:38:35:43:5a:b0:7d:3f:d8:ae:aa:81:
7c:c8:cd:ca:ff:d0:92:2e:30:ef:5b:c3:a4:75:a1:
c5:33:6f:7c:89:ca:49:9d:da:d2:54:ec:28:a1:28:
08:68:20:2f:cb:f6:8f:3d:ce:dc:9b:6e:1d:23:05:
39:75:e4:54:8e:bc:19:fc:12:c5:01:4e:01:29:a9:
32:58:c1:ee:6b:22:c3:42:43:f7:55:1a:0d:9a:97:
a2:2c:57:15:e6:a7:6c:27:88:14:46:6c:14:30:3c:
26:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:9E:D5:36:D8:3F:4F:47:08:15:10:77:6D:FB:FD:72:EE:3B:83:30
X509v3 Authority Key Identifier:
keyid:17:00:4A:A3:31:05:B0:A0:E6:D3:EB:4E:47:C5:13:06:3D:92:CE:C2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DD4A6/6A5969A87E9511EC82EE520AC4F9AE02/FwBKozEFsKDm0-tOR8UTBj2SzsI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FwBKozEFsKDm0-tOR8UTBj2SzsI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DD4A6/6A5969A87E9511EC82EE520AC4F9AE02/0D9F5398F5BC11EFBAC15C37C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
150.129.172.0/23
202.47.112.0/21
202.71.0.0/22
202.71.24.0/21
IPv6:
2406:2100::/32
Signature Algorithm: sha256WithRSAEncryption
8e:71:84:26:2f:5b:9a:0f:07:66:70:91:51:1f:2c:58:f2:91:
94:f2:01:bc:bd:85:bd:69:33:f5:ad:0d:70:8a:85:f5:cd:54:
8b:40:ba:27:85:12:a6:9f:f0:fc:71:49:8c:0a:47:41:9a:12:
91:c6:f8:db:10:69:21:33:00:32:53:fa:06:e8:a2:e7:af:29:
d9:19:7a:16:93:66:2e:53:0e:67:2d:9d:19:ff:f8:4f:ca:e1:
df:94:04:a5:e0:d0:b0:89:10:ba:37:4e:48:b2:b2:2c:22:18:
3b:0a:b4:b4:87:e8:6f:02:42:07:6f:0a:6f:22:af:9a:26:be:
2e:0a:21:5c:22:6d:e3:ef:4e:91:54:0a:d5:9f:ea:94:31:80:
9a:89:84:2e:fb:76:ab:3b:dd:f4:50:3e:00:06:e7:93:da:d4:
64:e0:31:d8:6f:88:23:8f:6b:a9:78:c8:83:88:bc:b5:4b:bd:
4a:6e:af:91:0a:1e:c9:9e:2c:6c:47:c3:01:35:f9:9c:45:5f:
11:60:4a:cb:1a:d6:a6:31:a6:8e:40:1d:ed:1d:0a:e3:62:9f:
a8:86:77:22:c1:91:56:19:6b:48:1c:eb:a5:b1:85:30:aa:21:
67:ac:e5:fa:ea:9f:be:5e:be:e0:0e:78:07:09:3c:27:da:67:
b4:67:a4:3f
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICA+MwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
REQ0QTYxMTAvBgNVBAUTKDE3MDA0QUEzMzEwNUIwQTBFNkQzRUI0RTQ3QzUxMzA2
M0Q5MkNFQzIwHhcNMjUwMjI4MTAwOTEwWhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2MxOGI0Ni00YzI3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApEPYvY10hadN4y2Zo12joBCuCQEKz9qjcwtsvjZ/nw2xLjaP4IRSxRGUFSXr
XmebTpZnuSc6mUYppwZxBU6UZ54j2WE834lznsLs3SaqSftscAUBgOJKxAPSdzS/
7dqI8Zcq8+GvMYa70wGqM3DACc+u3NOOCl4MGHgIAFONdfEeTcwAuVzHXCVQQdrl
q1CQIQjbpaR8oWXoODVDWrB9P9iuqoF8yM3K/9CSLjDvW8OkdaHFM298icpJndrS
VOwooSgIaCAvy/aPPc7cm24dIwU5deRUjrwZ/BLFAU4BKakyWMHuayLDQkP3VRoN
mpeiLFcV5qdsJ4gURmwUMDwmoQIDAQABo4ICtjCCArIwHQYDVR0OBBYEFOue1TbY
P09HCBUQd237/XLuO4MwMB8GA1UdIwQYMBaAFBcASqMxBbCg5tPrTkfFEwY9ks7C
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFERDRBNi82QTU5NjlBODdF
OTUxMUVDODJFRTUyMEFDNEY5QUUwMi9Gd0JLb3pFRnNLRG0wLXRPUjhVVEJqMlN6
c0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0Z3QktvekVGc0tEbTAtdE9SOFVUQmoyU3pzSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
REQ0QTYvNkE1OTY5QTg3RTk1MTFFQzgyRUU1MjBBQzRGOUFFMDIvMEQ5RjUzOThG
NUJDMTFFRkJBQzE1QzM3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQAYIKwYBBQUHAQcBAf8E
MTAvMB4EAgABMBgDBAGWgawDBAPKL3ADBALKRwADBAPKRxgwDQQCAAIwBwMFACQG
IQAwDQYJKoZIhvcNAQELBQADggEBAI5xhCYvW5oPB2ZwkVEfLFjykZTyAby9hb1p
M/WtDXCKhfXNVItAuieFEqaf8PxxSYwKR0GaEpHG+NsQaSEzADJT+gboouevKdkZ
ehaTZi5TDmctnRn/+E/K4d+UBKXg0LCJELo3TkiysiwiGDsKtLSH6G8CQgdvCm8i
r5omvi4KIVwibePvTpFUCtWf6pQxgJqJhC77dqs73fRQPgAG55Pa1GTgMdhviCOP
a6l4yIOIvLVLvUpur5EKHsmeLGxHwwE1+ZxFXxFgSssa1qYxpo5AHe0dCuNin6iG
dyLBkVYZa0gc66WxhTCqIWes5frqn75evuAOeAcJPCfaZ7RnpD8=
-----END CERTIFICATE-----
Generated at Sun Apr 6 06:39:38 2025 by rpki-client