Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9132B1E/8936CC04883211EA84861B70C4F9AE02/ED4952AAEA5F11EE914FC26AC4F9AE02.roa
File: ED4952AAEA5F11EE914FC26AC4F9AE02.roa (raw, json)
Hash identifier: MeIbIUw/2jlMhWfxDLyaSLt8wCeP1GJPfyd4A+Tq+a4=
Subject key identifier: FA:EE:5F:03:F7:65:10:20:44:F8:D2:DF:D6:6A:A9:E5:CF:63:2E:74
Certificate issuer: /CN=A9132B1E/serialNumber=ABD43548659CBB276EF8D35B8212F838E8CEB75F
Certificate serial: 0A83
Authority key identifier: AB:D4:35:48:65:9C:BB:27:6E:F8:D3:5B:82:12:F8:38:E8:CE:B7:5F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/q9Q1SGWcuydu-NNbghL4OOjOt18.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9132B1E/8936CC04883211EA84861B70C4F9AE02/ED4952AAEA5F11EE914FC26AC4F9AE02.roa
Signing time: Fri 02 May 2025 20:30:43 +0000
ROA not before: Fri 02 May 2025 20:30:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 24462
IP address blocks: 59.152.255.0/24 maxlen: 24
101.78.204.0/22 maxlen: 24
116.92.130.0/24 maxlen: 24
203.174.32.0/24 maxlen: 24
220.232.228.0/24 maxlen: 24
220.232.229.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 16 May 2025 09:32:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2691 (0xa83)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9132B1E, serialNumber=ABD43548659CBB276EF8D35B8212F838E8CEB75F
Validity
Not Before: May 2 20:30:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=68152b73-a353
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:82:ed:08:c5:26:b7:29:f8:86:d2:94:c5:3a:
d8:56:b1:da:43:06:9b:40:9b:9b:fc:57:42:32:15:
69:83:cf:31:d9:05:27:d5:ec:35:5d:30:ea:b9:0e:
de:99:e8:91:cb:26:23:e0:3d:67:71:8b:9c:e1:fe:
0d:6b:f9:92:92:63:2a:4a:9c:0c:78:bb:2e:12:db:
24:ba:2a:73:10:37:1b:15:26:49:bc:84:a6:00:e6:
14:ee:9a:28:0a:8b:80:81:3e:bb:54:43:82:2a:cb:
16:67:49:5d:42:9b:8f:e8:2a:13:a7:a7:35:c4:3d:
df:e5:10:c0:51:e9:70:7c:9d:32:8c:7b:ae:ce:a5:
7a:19:ba:9e:9d:c1:ab:84:10:c1:1b:26:60:10:c8:
8f:39:ab:be:7f:39:ac:b6:ae:b0:1a:12:df:dd:a2:
4f:95:84:e1:23:1e:f5:f0:a9:8c:99:b7:15:42:0f:
1d:b1:bf:16:b9:e5:54:9d:d8:48:57:80:e8:60:91:
1a:be:d6:59:48:e2:9b:25:b7:83:93:de:b2:cd:d9:
bf:23:9a:4e:7c:27:c8:b7:ba:bb:fb:c8:54:84:13:
1a:d7:0e:5c:0d:17:e7:bd:3d:60:18:73:5d:6c:41:
21:08:e0:24:03:80:9f:03:98:2a:ab:ec:4f:7f:5b:
f4:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:EE:5F:03:F7:65:10:20:44:F8:D2:DF:D6:6A:A9:E5:CF:63:2E:74
X509v3 Authority Key Identifier:
keyid:AB:D4:35:48:65:9C:BB:27:6E:F8:D3:5B:82:12:F8:38:E8:CE:B7:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9132B1E/8936CC04883211EA84861B70C4F9AE02/q9Q1SGWcuydu-NNbghL4OOjOt18.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/q9Q1SGWcuydu-NNbghL4OOjOt18.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9132B1E/8936CC04883211EA84861B70C4F9AE02/ED4952AAEA5F11EE914FC26AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
59.152.255.0/24
101.78.204.0/22
116.92.130.0/24
203.174.32.0/24
220.232.228.0/23
Signature Algorithm: sha256WithRSAEncryption
8a:de:d5:c2:5a:4f:b9:41:9c:88:51:5e:0e:46:0e:b6:5f:8a:
91:af:98:f8:13:83:9d:8b:23:ae:8d:fa:1c:7b:c2:5a:9a:f7:
8a:dd:71:f0:3e:ea:b7:fd:2a:90:14:7f:64:bf:e7:b5:fc:9f:
4e:65:27:45:27:75:79:e0:2d:d4:58:9d:be:19:d2:ce:55:ea:
4c:0b:fd:52:69:83:cc:37:ff:0f:ff:6b:d6:56:31:6d:58:9b:
d7:78:67:3b:c9:66:b4:0f:75:95:d1:8e:b2:18:df:54:0a:85:
3b:60:5f:16:f1:58:f4:59:f8:ef:3f:e7:96:99:9b:76:8b:16:
96:46:f3:cb:81:00:9b:ad:fe:41:f3:99:40:bc:2f:6d:77:06:
23:20:c8:c1:89:13:af:1d:4e:2c:97:41:6b:32:11:b1:2f:22:
1f:4c:c2:51:04:a5:19:57:25:a5:fc:09:1f:80:41:b7:e3:4b:
cc:ec:f3:61:1b:7a:0e:e9:8a:a2:fd:cb:46:71:32:66:9d:28:
87:f7:04:c8:19:a9:e0:e7:c7:80:e0:37:28:88:f2:16:8b:6b:
88:e4:9a:dd:0e:03:bd:19:b1:1e:43:49:83:dc:c1:83:47:cf:
ca:39:73:e1:73:29:ad:26:0e:5f:45:f2:58:78:17:10:55:52:
6c:7f:0e:f7
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgICCoMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzJCMUUxMTAvBgNVBAUTKEFCRDQzNTQ4NjU5Q0JCMjc2RUY4RDM1QjgyMTJGODM4
RThDRUI3NUYwHhcNMjUwNTAyMjAzMDQzWhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODE1MmI3My1hMzUzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAo4LtCMUmtyn4htKUxTrYVrHaQwabQJub/FdCMhVpg88x2QUn1ew1XTDquQ7e
meiRyyYj4D1ncYuc4f4Na/mSkmMqSpwMeLsuEtskuipzEDcbFSZJvISmAOYU7poo
CouAgT67VEOCKssWZ0ldQpuP6CoTp6c1xD3f5RDAUelwfJ0yjHuuzqV6GbqencGr
hBDBGyZgEMiPOau+fzmstq6wGhLf3aJPlYThIx718KmMmbcVQg8dsb8WueVUndhI
V4DoYJEavtZZSOKbJbeDk96yzdm/I5pOfCfIt7q7+8hUhBMa1w5cDRfnvT1gGHNd
bEEhCOAkA4CfA5gqq+xPf1v07QIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFPruXwP3
ZRAgRPjS39ZqqeXPYy50MB8GA1UdIwQYMBaAFKvUNUhlnLsnbvjTW4IS+Djozrdf
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzMkIxRS84OTM2Q0MwNDg4
MzIxMUVBODQ4NjFCNzBDNEY5QUUwMi9xOVExU0dXY3V5ZHUtTk5iZ2hMNE9Pak90
MTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3E5UTFTR1djdXlkdS1OTmJnaEw0T09qT3QxOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzJCMUUvODkzNkNDMDQ4ODMyMTFFQTg0ODYxQjcwQzRGOUFFMDIvRUQ0OTUyQUFF
QTVGMTFFRTkxNEZDMjZBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNwYIKwYBBQUHAQcBAf8E
KDAmMCQEAgABMB4DBAA7mP8DBAJlTswDBAB0XIIDBADLriADBAHc6OQwDQYJKoZI
hvcNAQELBQADggEBAIre1cJaT7lBnIhRXg5GDrZfipGvmPgTg52LI66N+hx7wlqa
94rdcfA+6rf9KpAUf2S/57X8n05lJ0UndXngLdRYnb4Z0s5V6kwL/VJpg8w3/w//
a9ZWMW1Ym9d4ZzvJZrQPdZXRjrIY31QKhTtgXxbxWPRZ+O8/55aZm3aLFpZG88uB
AJut/kHzmUC8L213BiMgyMGJE68dTiyXQWsyEbEvIh9MwlEEpRlXJaX8CR+AQbfj
S8zs82Ebeg7piqL9y0ZxMmadKIf3BMgZqeDnx4DgNyiI8haLa4jkmt0OA70ZsR5D
SYPcwYNHz8o5c+FzKa0mDl9F8lh4FxBVUmx/Dvc=
-----END CERTIFICATE-----
Generated at Mon Jun 2 07:11:33 2025 by rpki-client