Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916D687/76B43B649F4511EA9E523563C4F9AE02/3BA8735E9F4611EAB20AAA63C4F9AE02.roa
File: 3BA8735E9F4611EAB20AAA63C4F9AE02.roa (raw, json)
Hash identifier: 0PPHScb3oc8CrK+OelVB6Oi+KU3rmDH1w17NbdovoV4=
Subject key identifier: A8:95:C5:7F:84:BB:D8:FB:D4:B0:E9:B2:6A:36:32:CF:4B:0B:3A:16
Certificate issuer: /CN=A916D687/serialNumber=DABB169D9E9D77E6576C018101252CB0B4857F62
Certificate serial: 088B
Authority key identifier: DA:BB:16:9D:9E:9D:77:E6:57:6C:01:81:01:25:2C:B0:B4:85:7F:62
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2rsWnZ6dd-ZXbAGBASUssLSFf2I.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916D687/76B43B649F4511EA9E523563C4F9AE02/3BA8735E9F4611EAB20AAA63C4F9AE02.roa
Signing time: Thu 04 Jul 2024 21:18:42 +0000
ROA not before: Thu 04 Jul 2024 21:18:42 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 38084
IP address blocks: 45.113.36.0/22 maxlen: 24
103.9.60.0/22 maxlen: 24
2402:6c40::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 14 Aug 2024 14:12:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2187 (0x88b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916D687
Validity
Not Before: Jul 4 21:18:42 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=668711b2-ae96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:5d:e7:37:17:b6:5e:8c:95:5d:ba:30:00:1b:
3a:f7:e3:fe:a9:13:de:16:4a:a6:b2:54:44:13:1d:
7f:47:e5:29:45:e9:5d:7e:0d:2c:fd:71:3a:85:ca:
00:ae:fa:48:00:10:5e:5f:53:46:91:68:50:2b:d1:
1e:de:94:19:8b:c0:f1:b7:7b:45:23:d5:bf:fc:3f:
06:8c:9f:02:41:9e:6a:3c:c8:9f:b7:41:af:ae:ac:
6f:6b:57:f7:5c:70:3d:73:b8:54:59:4b:7e:d1:1d:
68:48:00:8b:c9:6b:6e:6c:01:c8:2f:5d:a5:d3:b9:
86:d3:6d:32:46:46:9f:c4:80:ba:6f:cb:cd:03:ba:
d9:8f:00:8a:21:3f:4e:ba:3e:c0:56:d2:2b:94:c4:
dc:91:64:49:b2:81:be:03:a0:bf:52:0a:b3:6c:ad:
ad:b9:7b:11:e8:c8:e0:88:3f:66:2c:f3:a6:67:99:
23:73:88:3c:35:40:12:67:3a:dc:8d:5f:8a:65:94:
72:ed:dc:77:4e:1c:8c:08:a4:54:54:dd:3f:97:e6:
9c:47:48:1c:51:1d:4b:21:e2:0e:7a:54:72:67:5e:
2d:fc:b3:49:75:7a:45:04:5f:66:8b:77:72:84:44:
3c:14:af:dc:01:cb:41:9f:7b:bb:27:cc:78:cc:67:
c1:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:95:C5:7F:84:BB:D8:FB:D4:B0:E9:B2:6A:36:32:CF:4B:0B:3A:16
X509v3 Authority Key Identifier:
keyid:DA:BB:16:9D:9E:9D:77:E6:57:6C:01:81:01:25:2C:B0:B4:85:7F:62
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916D687/76B43B649F4511EA9E523563C4F9AE02/2rsWnZ6dd-ZXbAGBASUssLSFf2I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2rsWnZ6dd-ZXbAGBASUssLSFf2I.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916D687/76B43B649F4511EA9E523563C4F9AE02/3BA8735E9F4611EAB20AAA63C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.113.36.0/22
103.9.60.0/22
IPv6:
2402:6c40::/32
Signature Algorithm: sha256WithRSAEncryption
52:a8:42:45:82:44:ed:08:e4:11:e3:23:25:31:58:7f:8d:45:
23:8d:96:25:89:ad:5c:ff:14:fd:4b:c1:57:3e:a3:14:0c:7f:
30:ff:e5:39:36:ff:2b:e0:46:00:d7:ad:42:37:bd:3d:bc:33:
8e:59:58:9c:d5:dc:4f:87:e7:2a:cd:a2:82:32:c4:de:d1:d9:
2b:88:b2:99:48:22:52:85:3e:54:d1:12:72:b2:b6:70:dd:27:
df:1e:f5:04:ad:38:c1:f2:33:68:56:ef:44:3f:f1:4e:37:5e:
00:26:1b:da:f0:49:1b:ef:2e:4e:a3:99:62:a0:7d:40:bc:14:
4f:73:fc:27:3b:ff:82:27:9b:2b:b1:23:a2:bb:14:04:65:ef:
dd:a8:14:b9:99:c4:0f:31:63:5f:31:4d:42:f9:f0:40:c8:26:
9d:35:fc:86:31:80:87:96:19:0b:d3:d4:5d:e4:bc:16:a1:ab:
7a:6e:90:c5:64:99:a4:e9:9a:d2:00:d0:a5:90:d4:7b:aa:42:
cd:a5:11:99:62:fc:a0:2d:7a:be:e7:42:f9:ef:18:40:c9:e0:
e1:81:db:d0:75:d4:63:dc:04:66:e0:14:b7:0b:17:59:05:9c:
dd:e6:97:2f:63:cd:35:5d:25:cc:b9:de:7f:89:d8:72:f4:53:
e3:af:89:d9
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICCIswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkQ2ODcxMTAvBgNVBAUTKERBQkIxNjlEOUU5RDc3RTY1NzZDMDE4MTAxMjUyQ0Iw
QjQ4NTdGNjIwHhcNMjQwNzA0MjExODQyWhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02Njg3MTFiMi1hZTk2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzV3nNxe2XoyVXbowABs69+P+qRPeFkqmslREEx1/R+UpReldfg0s/XE6hcoA
rvpIABBeX1NGkWhQK9Ee3pQZi8Dxt3tFI9W//D8GjJ8CQZ5qPMift0Gvrqxva1f3
XHA9c7hUWUt+0R1oSACLyWtubAHIL12l07mG020yRkafxIC6b8vNA7rZjwCKIT9O
uj7AVtIrlMTckWRJsoG+A6C/UgqzbK2tuXsR6MjgiD9mLPOmZ5kjc4g8NUASZzrc
jV+KZZRy7dx3ThyMCKRUVN0/l+acR0gcUR1LIeIOelRyZ14t/LNJdXpFBF9mi3dy
hEQ8FK/cActBn3u7J8x4zGfBHwIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFKiVxX+E
u9j71LDpsmo2Ms9LCzoWMB8GA1UdIwQYMBaAFNq7Fp2enXfmV2wBgQElLLC0hX9i
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2RDY4Ny83NkI0M0I2NDlG
NDUxMUVBOUU1MjM1NjNDNEY5QUUwMi8ycnNXblo2ZGQtWlhiQUdCQVNVc3NMU0Zm
MkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzJyc1duWjZkZC1aWGJBR0JBU1Vzc0xTRmYySS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkQ2ODcvNzZCNDNCNjQ5RjQ1MTFFQTlFNTIzNTYzQzRGOUFFMDIvM0JBODczNUU5
RjQ2MTFFQUIyMEFBQTYzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAItcSQDBAJnCTwwDQQCAAIwBwMFACQCbEAwDQYJKoZIhvcN
AQELBQADggEBAFKoQkWCRO0I5BHjIyUxWH+NRSONliWJrVz/FP1LwVc+oxQMfzD/
5Tk2/yvgRgDXrUI3vT28M45ZWJzV3E+H5yrNooIyxN7R2SuIsplIIlKFPlTREnKy
tnDdJ98e9QStOMHyM2hW70Q/8U43XgAmG9rwSRvvLk6jmWKgfUC8FE9z/Cc7/4In
myuxI6K7FARl792oFLmZxA8xY18xTUL58EDIJp01/IYxgIeWGQvT1F3kvBahq3pu
kMVkmaTpmtIA0KWQ1HuqQs2lEZli/KAter7nQvnvGEDJ4OGB29B11GPcBGbgFLcL
F1kFnN3mly9jzTVdJcy53n+J2HL0U+Ovidk=
-----END CERTIFICATE-----
Generated at Thu Mar 13 21:49:12 2025 by rpki-client