Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918C287/307CFF1EB37711EFB9184D7AC4F9AE02/4F149B422C8C11F081F45F47C4F9AE02.roa
File: 4F149B422C8C11F081F45F47C4F9AE02.roa (raw, json)
Hash identifier: svrXucTwdG4m95TLLKyOQfmk7bTRnAh51/V3QZQawYw=
Subject key identifier: 9D:71:67:3F:0B:50:31:72:57:5B:D5:C1:88:87:FC:79:6D:1A:94:FC
Certificate issuer: /CN=A918C287/serialNumber=D8B1E2389BA591FD79B9A504AF5A44DAE0A6E828
Certificate serial: A5
Authority key identifier: D8:B1:E2:38:9B:A5:91:FD:79:B9:A5:04:AF:5A:44:DA:E0:A6:E8:28
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2LHiOJulkf15uaUEr1pE2uCm6Cg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918C287/307CFF1EB37711EFB9184D7AC4F9AE02/4F149B422C8C11F081F45F47C4F9AE02.roa
Signing time: Fri 09 May 2025 04:15:58 +0000
ROA not before: Fri 09 May 2025 04:15:58 +0000
ROA not after: Sat 01 May 2038 00:00:00 +0000
asID: 45192
IP address blocks: 203.176.189.0/24 maxlen: 25
Validation: Failed, certificate revoked on Thu 22 May 2025 05:58:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 165 (0xa5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918C287, serialNumber=D8B1E2389BA591FD79B9A504AF5A44DAE0A6E828
Validity
Not Before: May 9 04:15:58 2025 GMT
Not After : May 1 00:00:00 2038 GMT
Subject: CN=681d817e-7146
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:70:e1:ab:01:20:1a:e5:6f:1d:fe:ee:a4:f9:
d3:4c:d6:24:75:7a:40:ab:75:cb:99:86:d3:00:67:
86:9f:73:c7:20:ac:86:1c:4f:e7:db:27:a5:1d:2b:
a0:05:d5:9e:1c:3b:f2:da:ea:b2:d4:d1:0f:a9:76:
18:7c:b1:7c:ea:62:36:28:0c:6c:90:a2:77:dc:44:
1c:0a:f3:53:85:e1:a2:e3:c5:d9:2a:50:8f:2b:61:
2b:ae:13:4a:d9:88:25:6f:b2:f7:dc:47:98:ab:0c:
db:2d:9b:67:76:c6:04:ce:86:12:7d:a7:20:ec:b2:
a9:fc:c6:95:f5:b4:8c:f1:a0:3b:e3:cb:ac:b2:3b:
b3:67:fb:dd:2c:2c:2e:35:a8:14:4a:94:b7:fa:bf:
d1:d2:4a:3b:f2:b7:7a:f2:d1:f9:d6:d6:94:6a:6e:
02:0b:d5:2f:6e:20:db:92:39:e5:38:7e:ba:da:d5:
bb:6a:92:cb:ff:26:ce:11:c0:50:7a:e0:b2:e0:f7:
e0:20:08:f8:55:77:81:48:c1:4e:44:ee:f9:15:4a:
80:a0:73:85:a3:8c:c3:4f:4d:05:b6:c1:77:eb:58:
b7:a4:bc:f0:fb:e3:2c:77:34:20:e0:46:d3:24:a9:
0a:0a:ee:2f:5c:97:4e:3b:08:9e:ff:1a:df:db:2a:
5f:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:71:67:3F:0B:50:31:72:57:5B:D5:C1:88:87:FC:79:6D:1A:94:FC
X509v3 Authority Key Identifier:
keyid:D8:B1:E2:38:9B:A5:91:FD:79:B9:A5:04:AF:5A:44:DA:E0:A6:E8:28
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918C287/307CFF1EB37711EFB9184D7AC4F9AE02/2LHiOJulkf15uaUEr1pE2uCm6Cg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2LHiOJulkf15uaUEr1pE2uCm6Cg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918C287/307CFF1EB37711EFB9184D7AC4F9AE02/4F149B422C8C11F081F45F47C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.176.189.0/24
Signature Algorithm: sha256WithRSAEncryption
a4:e6:5a:65:40:ee:fe:49:35:04:33:6a:7a:ca:fd:d4:c5:99:
de:a7:b0:5d:b9:01:de:96:4f:57:9e:80:c4:ea:10:70:a7:27:
a9:82:d9:78:c4:fd:4b:04:dc:6b:e8:e7:48:7a:95:ac:4a:11:
ba:08:b9:a9:d6:4a:f2:2d:10:10:d7:85:ae:2e:15:95:80:8c:
ab:37:63:46:3f:50:e2:ec:db:07:d1:23:0d:73:34:d7:ae:17:
39:df:de:3f:b2:53:a2:3f:61:4b:f6:aa:0a:45:56:0f:0b:6e:
93:c0:05:bb:32:70:f7:69:17:43:e5:8f:52:64:44:44:a5:41:
97:cc:00:9a:70:68:f3:37:be:b4:a8:33:b9:e9:df:6b:aa:dd:
76:c5:c5:b9:21:80:e7:8d:ec:31:76:29:c4:e1:d3:31:ea:77:
3a:9e:be:50:fa:6d:de:81:7c:75:47:41:fe:64:25:ef:08:80:
d7:84:68:78:8d:25:6c:f4:da:a1:fc:6d:19:b8:62:15:01:c2:
05:6b:01:d2:d2:07:bf:fb:0a:bd:67:90:d7:b5:ad:61:10:a7:
ff:be:15:0f:01:e4:2c:3a:fa:57:24:25:1e:af:78:5b:da:6b:
d2:13:b6:08:b2:d4:00:b2:07:ea:ca:aa:50:c4:37:6b:3c:f6:
99:8a:9d:61
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAKUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEMyODcxMTAvBgNVBAUTKEQ4QjFFMjM4OUJBNTkxRkQ3OUI5QTUwNEFGNUE0NERB
RTBBNkU4MjgwHhcNMjUwNTA5MDQxNTU4WhcNMzgwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODFkODE3ZS03MTQ2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAu3DhqwEgGuVvHf7upPnTTNYkdXpAq3XLmYbTAGeGn3PHIKyGHE/n2yelHSug
BdWeHDvy2uqy1NEPqXYYfLF86mI2KAxskKJ33EQcCvNTheGi48XZKlCPK2ErrhNK
2Yglb7L33EeYqwzbLZtndsYEzoYSfacg7LKp/MaV9bSM8aA748ussjuzZ/vdLCwu
NagUSpS3+r/R0ko78rd68tH51taUam4CC9UvbiDbkjnlOH662tW7apLL/ybOEcBQ
euCy4PfgIAj4VXeBSMFORO75FUqAoHOFo4zDT00FtsF361i3pLzw++MsdzQg4EbT
JKkKCu4vXJdOOwie/xrf2ypflwIDAQABo4IClTCCApEwHQYDVR0OBBYEFJ1xZz8L
UDFyV1vVwYiH/HltGpT8MB8GA1UdIwQYMBaAFNix4jibpZH9ebmlBK9aRNrgpugo
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4QzI4Ny8zMDdDRkYxRUIz
NzcxMUVGQjkxODREN0FDNEY5QUUwMi8yTEhpT0p1bGtmMTV1YVVFcjFwRTJ1Q202
Q2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzJMSGlPSnVsa2YxNXVhVUVyMXBFMnVDbTZDZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEMyODcvMzA3Q0ZGMUVCMzc3MTFFRkI5MTg0RDdBQzRGOUFFMDIvNEYxNDlCNDIy
QzhDMTFGMDgxRjQ1RjQ3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADLsL0wDQYJKoZIhvcNAQELBQADggEBAKTmWmVA7v5JNQQz
anrK/dTFmd6nsF25Ad6WT1eegMTqEHCnJ6mC2XjE/UsE3Gvo50h6laxKEboIuanW
SvItEBDXha4uFZWAjKs3Y0Y/UOLs2wfRIw1zNNeuFznf3j+yU6I/YUv2qgpFVg8L
bpPABbsycPdpF0Plj1JkRESlQZfMAJpwaPM3vrSoM7np32uq3XbFxbkhgOeN7DF2
KcTh0zHqdzqevlD6bd6BfHVHQf5kJe8IgNeEaHiNJWz02qH8bRm4YhUBwgVrAdLS
B7/7Cr1nkNe1rWEQp/++FQ8B5Cw6+lckJR6veFvaa9ITtgiy1ACyB+rKqlDEN2s8
9pmKnWE=
-----END CERTIFICATE-----
Generated at Mon Jun 9 01:43:25 2025 by rpki-client