Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9125475/C13116F228D311ED8FBD6D6CC4F9AE02/8852B26A90E211EDB4035D5EC4F9AE02.roa
File: 8852B26A90E211EDB4035D5EC4F9AE02.roa (raw, json)
Hash identifier: hSCUgPXOO+nGLRhd+50IFh51lRpZj39+NIjL5WTUW8Q=
Subject key identifier: C1:3D:86:0C:63:08:DC:C4:1A:A4:B8:8F:15:FF:45:A7:D1:35:74:EA
Certificate issuer: /CN=A9125475/serialNumber=52FE2B6B7F497F94F1D492D1917B486478BF59D6
Certificate serial: 01E9
Authority key identifier: 52:FE:2B:6B:7F:49:7F:94:F1:D4:92:D1:91:7B:48:64:78:BF:59:D6
Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/Uv4ra39Jf5Tx1JLRkXtIZHi_WdY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9125475/C13116F228D311ED8FBD6D6CC4F9AE02/8852B26A90E211EDB4035D5EC4F9AE02.roa
Signing time: Mon 02 Dec 2024 14:30:51 +0000
ROA not before: Mon 02 Dec 2024 14:30:51 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 131090
IP address blocks: 2.57.124.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 20 Feb 2025 07:44:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 489 (0x1e9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9125475
Validity
Not Before: Dec 2 14:30:51 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=674dc49a-18e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:5b:3c:99:8f:96:44:e2:cc:6b:7f:0e:5a:6d:
f9:92:8c:ff:9b:24:0b:88:47:0c:db:33:54:96:19:
5a:11:74:d4:af:37:97:8f:94:2e:3b:e9:b3:bf:e0:
9f:d0:d7:f5:d2:02:22:ad:01:51:d6:10:bc:d3:56:
f2:38:30:96:d3:6e:1f:41:de:d9:c7:4a:b0:75:d8:
fa:d5:dd:07:dc:71:ab:ff:05:14:a2:36:c4:97:17:
94:26:8f:df:42:c5:dc:b8:6d:b4:e0:69:c5:e1:0c:
ba:ff:7b:d1:3a:86:48:03:e7:7d:3b:80:05:da:c7:
a9:b1:d1:5b:f7:9d:d8:04:6d:71:bf:b8:58:1f:94:
e5:0f:0a:f4:b2:1d:51:ac:17:8d:81:04:25:85:b1:
8c:f9:f8:23:49:66:38:5d:4c:a6:59:4a:fa:44:ea:
27:fc:a8:5b:e8:4d:9f:77:60:15:a7:5d:ad:05:a9:
8a:c4:1b:e5:83:33:ce:d3:65:b6:ca:fe:ef:75:3f:
85:0a:3f:85:91:5a:88:9f:35:8d:57:10:b7:5c:fd:
bb:17:03:f5:c6:f8:f2:3c:78:53:cd:95:b0:22:a8:
70:7f:14:01:3f:3f:37:08:08:c8:f9:ba:b8:27:87:
98:11:d7:73:b9:51:7d:ad:8e:1b:64:1d:79:43:54:
10:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:3D:86:0C:63:08:DC:C4:1A:A4:B8:8F:15:FF:45:A7:D1:35:74:EA
X509v3 Authority Key Identifier:
keyid:52:FE:2B:6B:7F:49:7F:94:F1:D4:92:D1:91:7B:48:64:78:BF:59:D6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9125475/C13116F228D311ED8FBD6D6CC4F9AE02/Uv4ra39Jf5Tx1JLRkXtIZHi_WdY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/Uv4ra39Jf5Tx1JLRkXtIZHi_WdY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9125475/C13116F228D311ED8FBD6D6CC4F9AE02/8852B26A90E211EDB4035D5EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
2.57.124.0/22
Signature Algorithm: sha256WithRSAEncryption
71:3b:4d:3b:91:97:15:15:87:97:d9:6f:4e:24:71:19:fc:3b:
c2:a6:65:69:ea:a0:55:c1:24:98:1a:8f:12:f8:46:f7:37:ea:
0d:b1:87:ad:f9:e6:f1:24:91:39:60:7e:14:66:a9:6b:60:14:
47:bd:36:09:6d:0c:4d:e6:4c:ba:37:de:c9:bb:9a:d8:09:0d:
b1:25:f7:30:8e:f2:6e:19:0a:28:8b:44:99:83:b1:6b:fe:61:
91:be:6d:38:10:9f:44:da:02:71:42:da:f6:05:0c:06:69:64:
39:c9:e4:18:ba:dd:b0:a5:60:63:9b:13:a5:b6:0d:70:75:23:
b5:ec:be:7b:ab:1d:fe:fd:b8:a4:33:24:98:4f:58:7a:84:53:
a2:7e:bf:9f:08:10:b4:dd:2d:3c:61:aa:07:9d:3e:7f:ad:4d:
00:a5:23:1e:02:26:e6:5c:9f:02:6d:69:4d:ef:69:07:87:dd:
f1:2b:93:94:25:7f:84:0c:d3:6d:ab:e0:c5:db:99:50:83:94:
55:ab:8d:27:1d:94:21:65:c4:bf:cd:4e:08:e3:1b:41:6c:b2:
f6:e3:e9:b5:7c:f5:31:46:0d:db:29:6f:f7:dc:e4:b7:8e:5c:
b9:a4:34:03:fc:15:20:a2:45:58:71:21:4d:ef:b1:e7:d8:9c:
df:6b:17:b1
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAekwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MjU0NzUxMTAvBgNVBAUTKDUyRkUyQjZCN0Y0OTdGOTRGMUQ0OTJEMTkxN0I0ODY0
NzhCRjU5RDYwHhcNMjQxMjAyMTQzMDUxWhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzRkYzQ5YS0xOGUzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA01s8mY+WROLMa38OWm35koz/myQLiEcM2zNUlhlaEXTUrzeXj5QuO+mzv+Cf
0Nf10gIirQFR1hC801byODCW024fQd7Zx0qwddj61d0H3HGr/wUUojbElxeUJo/f
QsXcuG204GnF4Qy6/3vROoZIA+d9O4AF2sepsdFb953YBG1xv7hYH5TlDwr0sh1R
rBeNgQQlhbGM+fgjSWY4XUymWUr6ROon/Khb6E2fd2AVp12tBamKxBvlgzPO02W2
yv7vdT+FCj+FkVqInzWNVxC3XP27FwP1xvjyPHhTzZWwIqhwfxQBPz83CAjI+bq4
J4eYEddzuVF9rY4bZB15Q1QQkQIDAQABo4IClTCCApEwHQYDVR0OBBYEFME9hgxj
CNzEGqS4jxX/RafRNXTqMB8GA1UdIwQYMBaAFFL+K2t/SX+U8dSS0ZF7SGR4v1nW
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNTQ3NS9DMTMxMTZGMjI4
RDMxMUVEOEZCRDZENkNDNEY5QUUwMi9VdjRyYTM5SmY1VHgxSkxSa1h0SVpIaV9X
ZFkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy
RkQxRkYyL1V2NHJhMzlKZjVUeDFKTFJrWHRJWkhpX1dkWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MjU0NzUvQzEzMTE2RjIyOEQzMTFFRDhGQkQ2RDZDQzRGOUFFMDIvODg1MkIyNkE5
MEUyMTFFREI0MDM1RDVFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAICOXwwDQYJKoZIhvcNAQELBQADggEBAHE7TTuRlxUVh5fZ
b04kcRn8O8KmZWnqoFXBJJgajxL4Rvc36g2xh6355vEkkTlgfhRmqWtgFEe9Nglt
DE3mTLo33sm7mtgJDbEl9zCO8m4ZCiiLRJmDsWv+YZG+bTgQn0TaAnFC2vYFDAZp
ZDnJ5Bi63bClYGObE6W2DXB1I7XsvnurHf79uKQzJJhPWHqEU6J+v58IELTdLTxh
qgedPn+tTQClIx4CJuZcnwJtaU3vaQeH3fErk5Qlf4QM022r4MXbmVCDlFWrjScd
lCFlxL/NTgjjG0Fssvbj6bV89TFGDdspb/fc5LeOXLmkNAP8FSCiRVhxIU3vsefY
nN9rF7E=
-----END CERTIFICATE-----
Generated at Fri Apr 11 21:31:47 2025 by rpki-client