Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F33A5/1C0E706AD4D811ECA4245F10C4F9AE02/0E4668CCE8DD11EF85A2C00BC4F9AE02.roa
File: 0E4668CCE8DD11EF85A2C00BC4F9AE02.roa (raw, json)
Hash identifier: Ir6xv2NdBu3gKaFrVCcwqPj6dHKeEsSlLNKitC5LtHM=
Subject key identifier: 92:08:6A:54:D5:7F:D8:78:40:E7:B0:12:6A:3C:15:CD:24:31:81:68
Certificate issuer: /CN=A91F33A5/serialNumber=C4F638C09E372046C01DF4604C281164F6AC1622
Certificate serial: 02F6
Authority key identifier: C4:F6:38:C0:9E:37:20:46:C0:1D:F4:60:4C:28:11:64:F6:AC:16:22
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xPY4wJ43IEbAHfRgTCgRZPasFiI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F33A5/1C0E706AD4D811ECA4245F10C4F9AE02/0E4668CCE8DD11EF85A2C00BC4F9AE02.roa
Signing time: Wed 12 Feb 2025 01:02:40 +0000
ROA not before: Wed 12 Feb 2025 01:02:40 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 8075
IP address blocks: 202.9.0.0/21 maxlen: 24
Validation: Failed, certificate revoked on Mon 17 Feb 2025 05:09:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 758 (0x2f6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F33A5
Validity
Not Before: Feb 12 01:02:40 2025 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=67abf32f-e1d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:8f:26:6a:5c:5b:71:e5:da:12:47:a6:ab:d6:
43:14:33:74:d7:68:dc:20:f5:db:ff:e9:86:e5:4d:
12:bd:1f:c3:f7:f3:30:d7:50:99:4e:b9:cb:80:ec:
69:e7:bd:c7:2e:b7:f0:fc:05:dd:c5:d3:8e:bb:7b:
81:dc:9d:31:08:4c:51:18:90:27:53:9e:21:0e:cb:
7a:80:02:de:c9:20:ee:48:be:40:b8:7c:45:af:2f:
22:61:dd:90:ae:8c:bd:1a:62:8c:15:44:28:5e:93:
47:74:fc:15:c6:4b:74:8e:fc:99:52:8e:b6:fd:6d:
b6:78:40:dc:1f:df:b7:ec:34:48:9c:44:2c:41:7b:
73:3e:c2:03:71:d1:ec:b5:b2:98:c0:81:fb:2f:f0:
4d:3f:4d:79:61:1e:2e:9e:93:a1:83:a0:f3:34:68:
74:83:2b:50:7f:20:f0:5e:90:e2:40:6c:b8:01:b1:
2c:6b:4d:26:12:5c:b7:72:46:75:a3:21:bb:86:19:
88:0a:4b:74:06:bc:e2:ed:4f:19:91:3a:a5:e1:31:
8a:1c:cd:97:a5:e7:47:35:49:3b:b3:be:9c:bb:30:
bf:6a:cc:66:bf:29:b8:90:eb:1d:8b:0c:cc:71:47:
f1:16:64:31:8d:60:57:01:02:3b:bd:3c:78:d1:70:
90:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:08:6A:54:D5:7F:D8:78:40:E7:B0:12:6A:3C:15:CD:24:31:81:68
X509v3 Authority Key Identifier:
keyid:C4:F6:38:C0:9E:37:20:46:C0:1D:F4:60:4C:28:11:64:F6:AC:16:22
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F33A5/1C0E706AD4D811ECA4245F10C4F9AE02/xPY4wJ43IEbAHfRgTCgRZPasFiI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xPY4wJ43IEbAHfRgTCgRZPasFiI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F33A5/1C0E706AD4D811ECA4245F10C4F9AE02/0E4668CCE8DD11EF85A2C00BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.9.0.0/21
Signature Algorithm: sha256WithRSAEncryption
b1:ec:5e:bf:f0:06:d7:fb:51:95:fe:83:3a:21:a9:51:d8:e0:
34:70:1c:94:45:38:56:02:28:18:eb:b6:4b:86:09:d8:55:9f:
0d:b2:54:45:bd:08:a0:01:bc:81:98:ec:58:2f:72:e8:82:8c:
5f:d7:e5:24:29:93:5a:d1:1a:f1:3f:40:a9:90:06:cd:67:c9:
9c:a0:cb:e0:16:d4:d8:8b:f5:15:dc:a5:83:cf:55:2f:8a:a3:
1d:69:78:33:f8:18:5d:63:2d:d8:07:5d:66:8c:6a:24:b8:47:
12:b7:78:a3:53:dc:2b:eb:7f:f8:f7:d0:f0:e8:0e:c5:b4:61:
15:93:3f:d6:1b:3b:22:b1:25:22:41:51:d0:73:d8:f2:3b:67:
db:56:df:a4:6f:2d:1a:d5:8c:fb:f9:20:f4:f1:8a:b3:ac:3f:
fd:65:7c:d9:38:bb:ec:b1:45:76:22:38:07:7d:ff:1d:a8:31:
42:13:5d:5a:8a:61:31:cd:0e:1e:3f:d3:a5:de:9e:86:70:9b:
f4:b0:38:c4:44:b5:2c:89:f8:6e:d5:a8:5e:97:04:32:79:2d:
e3:92:51:20:12:99:5c:c5:f3:a9:9f:a6:92:1b:2e:14:9e:34:
76:42:d7:66:85:aa:4a:54:80:d4:0c:b4:72:56:91:b4:3a:c2:
af:19:6c:b8
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAvYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjMzQTUxMTAvBgNVBAUTKEM0RjYzOEMwOUUzNzIwNDZDMDFERjQ2MDRDMjgxMTY0
RjZBQzE2MjIwHhcNMjUwMjEyMDEwMjQwWhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2FiZjMyZi1lMWQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1o8malxbceXaEkemq9ZDFDN012jcIPXb/+mG5U0SvR/D9/Mw11CZTrnLgOxp
573HLrfw/AXdxdOOu3uB3J0xCExRGJAnU54hDst6gALeySDuSL5AuHxFry8iYd2Q
roy9GmKMFUQoXpNHdPwVxkt0jvyZUo62/W22eEDcH9+37DRInEQsQXtzPsIDcdHs
tbKYwIH7L/BNP015YR4unpOhg6DzNGh0gytQfyDwXpDiQGy4AbEsa00mEly3ckZ1
oyG7hhmICkt0Brzi7U8ZkTql4TGKHM2XpedHNUk7s76cuzC/asxmvym4kOsdiwzM
cUfxFmQxjWBXAQI7vTx40XCQYwIDAQABo4IClTCCApEwHQYDVR0OBBYEFJIIalTV
f9h4QOewEmo8Fc0kMYFoMB8GA1UdIwQYMBaAFMT2OMCeNyBGwB30YEwoEWT2rBYi
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMzNBNS8xQzBFNzA2QUQ0
RDgxMUVDQTQyNDVGMTBDNEY5QUUwMi94UFk0d0o0M0lFYkFIZlJnVENnUlpQYXNG
aUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3hQWTR3SjQzSUViQUhmUmdUQ2dSWlBhc0ZpSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RjMzQTUvMUMwRTcwNkFENEQ4MTFFQ0E0MjQ1RjEwQzRGOUFFMDIvMEU0NjY4Q0NF
OEREMTFFRjg1QTJDMDBCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAPKCQAwDQYJKoZIhvcNAQELBQADggEBALHsXr/wBtf7UZX+
gzohqVHY4DRwHJRFOFYCKBjrtkuGCdhVnw2yVEW9CKABvIGY7FgvcuiCjF/X5SQp
k1rRGvE/QKmQBs1nyZygy+AW1NiL9RXcpYPPVS+Kox1peDP4GF1jLdgHXWaMaiS4
RxK3eKNT3Cvrf/j30PDoDsW0YRWTP9YbOyKxJSJBUdBz2PI7Z9tW36RvLRrVjPv5
IPTxirOsP/1lfNk4u+yxRXYiOAd9/x2oMUITXVqKYTHNDh4/06XenoZwm/SwOMRE
tSyJ+G7VqF6XBDJ5LeOSUSASmVzF86mfppIbLhSeNHZC12aFqkpUgNQMtHJWkbQ6
wq8ZbLg=
-----END CERTIFICATE-----
Generated at Sun Apr 6 16:35:48 2025 by rpki-client