Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914EAE4/764A0660257511E7AC0D172AC4F9AE02/1DEB4D94B2E911EFAE499637C4F9AE02.roa
File: 1DEB4D94B2E911EFAE499637C4F9AE02.roa (raw, json)
Hash identifier: 0MdlU6Rk0TObC3e8lOpTRARkR+hLBq+5W8oeOZEdlSI=
Subject key identifier: 67:4C:8C:FF:8A:82:58:C7:32:B4:02:BB:57:B6:08:19:19:F8:A5:39
Certificate issuer: /CN=A914EAE4/serialNumber=E826D9420BCF45A1087D3013BB4E4A84960D61C7
Certificate serial: 1AAF
Authority key identifier: E8:26:D9:42:0B:CF:45:A1:08:7D:30:13:BB:4E:4A:84:96:0D:61:C7
Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/6CbZQgvPRaEIfTATu05KhJYNYcc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914EAE4/764A0660257511E7AC0D172AC4F9AE02/1DEB4D94B2E911EFAE499637C4F9AE02.roa
Signing time: Thu 05 Dec 2024 09:12:57 +0000
ROA not before: Thu 05 Dec 2024 09:12:57 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 151397
IP address blocks: 193.119.0.0/19 maxlen: 24
Validation: Failed, certificate revoked on Mon 09 Dec 2024 08:58:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6831 (0x1aaf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914EAE4, serialNumber=E826D9420BCF45A1087D3013BB4E4A84960D61C7
Validity
Not Before: Dec 5 09:12:57 2024 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=67516e99-0a50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:58:86:91:c1:8b:12:40:62:96:41:af:ea:f4:
a8:e1:7f:84:73:4b:ce:53:b5:96:76:a8:a1:b3:bc:
e9:33:aa:4c:71:c0:b3:3e:df:95:d4:ba:4a:d2:5a:
1f:29:15:54:fd:d1:aa:f1:f7:c4:33:d6:9d:cb:3b:
09:c3:e5:cf:24:a0:9e:18:c6:4d:06:cc:f8:a2:ee:
2a:51:68:7d:12:59:fb:bb:b7:c1:da:64:a0:03:57:
f6:c9:06:fb:16:fe:0b:d5:ea:de:61:4a:1f:63:84:
7d:44:c0:8a:05:bb:d7:26:26:23:64:dd:c3:bd:65:
70:d3:a2:8e:2b:0a:70:7e:db:d6:b2:be:8f:32:7e:
30:aa:e9:d4:81:59:80:64:cf:59:c0:92:1d:bf:7a:
bd:94:b3:50:3d:a2:4f:d6:41:77:b5:ae:24:40:e5:
ae:16:7f:9b:2d:39:9c:ce:73:88:c1:e5:24:5d:28:
32:6a:68:2b:d0:57:57:aa:6e:60:27:c0:a2:2d:d6:
7f:bb:c2:7e:53:79:a4:83:28:c0:e0:54:6a:c6:91:
ee:ec:44:89:aa:35:31:9f:86:73:04:8d:4c:c1:df:
76:00:2c:1f:51:84:39:a7:4e:ec:85:1f:0e:47:68:
cd:e3:d4:28:08:9d:eb:79:6a:7f:3b:85:c0:8b:e2:
1d:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:4C:8C:FF:8A:82:58:C7:32:B4:02:BB:57:B6:08:19:19:F8:A5:39
X509v3 Authority Key Identifier:
keyid:E8:26:D9:42:0B:CF:45:A1:08:7D:30:13:BB:4E:4A:84:96:0D:61:C7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914EAE4/764A0660257511E7AC0D172AC4F9AE02/6CbZQgvPRaEIfTATu05KhJYNYcc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/6CbZQgvPRaEIfTATu05KhJYNYcc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914EAE4/764A0660257511E7AC0D172AC4F9AE02/1DEB4D94B2E911EFAE499637C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
193.119.0.0/19
Signature Algorithm: sha256WithRSAEncryption
43:10:cc:8e:d0:fb:23:bb:bd:fb:52:07:a7:8f:0b:f5:8a:76:
16:5e:f2:96:dd:e5:93:d3:ff:94:d2:bc:32:ba:0c:de:4a:23:
be:f1:ba:6e:9f:f4:f2:8b:74:35:07:a6:94:c4:59:9a:44:5d:
03:f2:fe:5b:db:95:94:a3:9f:2e:a7:4a:ab:dd:bc:72:0b:cd:
0c:86:1a:c3:af:89:21:7d:a4:75:20:2d:c8:ca:72:16:c9:22:
ad:fb:4a:11:29:ae:a4:16:e2:11:94:19:78:a5:e8:17:8e:b1:
a8:f6:8a:7b:ba:d3:3f:ed:f0:99:40:50:a2:bf:ec:07:0e:d3:
d2:18:58:ab:2e:5f:49:a3:fa:59:63:d6:d8:c2:47:74:21:92:
f2:fa:d7:bc:0c:27:e3:f8:4a:ad:50:0b:7e:f3:96:f5:23:34:
a0:51:c2:be:40:48:f6:8a:6b:58:aa:e5:1a:0f:c3:12:f1:05:
3c:1c:f5:04:82:b5:c4:9a:76:99:42:7c:8d:2d:12:b8:50:5d:
1e:ac:2d:4b:25:17:b8:43:1e:9e:36:7f:2e:77:e0:5b:1a:66:
25:e0:04:a5:e6:6c:52:b1:4b:45:9a:4c:be:de:aa:38:c9:80:
cf:4b:21:76:58:41:8b:b7:d4:22:0f:75:31:35:80:1a:33:a1:
5b:3c:f8:b8
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICGq8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NEVBRTQxMTAvBgNVBAUTKEU4MjZEOTQyMEJDRjQ1QTEwODdEMzAxM0JCNEU0QTg0
OTYwRDYxQzcwHhcNMjQxMjA1MDkxMjU3WhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzUxNmU5OS0wYTUwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAx1iGkcGLEkBilkGv6vSo4X+Ec0vOU7WWdqihs7zpM6pMccCzPt+V1LpK0lof
KRVU/dGq8ffEM9adyzsJw+XPJKCeGMZNBsz4ou4qUWh9Eln7u7fB2mSgA1f2yQb7
Fv4L1ereYUofY4R9RMCKBbvXJiYjZN3DvWVw06KOKwpwftvWsr6PMn4wqunUgVmA
ZM9ZwJIdv3q9lLNQPaJP1kF3ta4kQOWuFn+bLTmcznOIweUkXSgyamgr0FdXqm5g
J8CiLdZ/u8J+U3mkgyjA4FRqxpHu7ESJqjUxn4ZzBI1Mwd92ACwfUYQ5p07shR8O
R2jN49QoCJ3reWp/O4XAi+IdxQIDAQABo4IClTCCApEwHQYDVR0OBBYEFGdMjP+K
gljHMrQCu1e2CBkZ+KU5MB8GA1UdIwQYMBaAFOgm2UILz0WhCH0wE7tOSoSWDWHH
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RUFFNC83NjRBMDY2MDI1
NzUxMUU3QUMwRDE3MkFDNEY5QUUwMi82Q2JaUWd2UFJhRUlmVEFUdTA1S2hKWU5Z
Y2MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy
RkQxRkYyLzZDYlpRZ3ZQUmFFSWZUQVR1MDVLaEpZTlljYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NEVBRTQvNzY0QTA2NjAyNTc1MTFFN0FDMEQxNzJBQzRGOUFFMDIvMURFQjREOTRC
MkU5MTFFRkFFNDk5NjM3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAXBdwAwDQYJKoZIhvcNAQELBQADggEBAEMQzI7Q+yO7vftS
B6ePC/WKdhZe8pbd5ZPT/5TSvDK6DN5KI77xum6f9PKLdDUHppTEWZpEXQPy/lvb
lZSjny6nSqvdvHILzQyGGsOviSF9pHUgLcjKchbJIq37ShEprqQW4hGUGXil6BeO
saj2inu60z/t8JlAUKK/7AcO09IYWKsuX0mj+llj1tjCR3QhkvL617wMJ+P4Sq1Q
C37zlvUjNKBRwr5ASPaKa1iq5RoPwxLxBTwc9QSCtcSadplCfI0tErhQXR6sLUsl
F7hDHp42fy534FsaZiXgBKXmbFKxS0WaTL7eqjjJgM9LIXZYQYu31CIPdTE1gBoz
oVs8+Lg=
-----END CERTIFICATE-----
Generated at Tue Apr 22 16:38:45 2025 by rpki-client