Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/C3313A96BAD411EF9CCFB21AC4F9AE02.roa
File: C3313A96BAD411EF9CCFB21AC4F9AE02.roa (raw, json)
Hash identifier: XAirON1mrEIlBmChxPF/WavQ8dKSGTCdZU+wu/cewoI=
Subject key identifier: 02:8F:86:F7:FA:89:AF:64:DD:B0:E8:A6:BF:B4:B5:B2:40:5A:43:7D
Certificate issuer: /CN=A918FC75/serialNumber=482E5A6E0896A266A91A4066C06F4B4ED984649D
Certificate serial: 03FF
Authority key identifier: 48:2E:5A:6E:08:96:A2:66:A9:1A:40:66:C0:6F:4B:4E:D9:84:64:9D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SC5abgiWomapGkBmwG9LTtmEZJ0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/C3313A96BAD411EF9CCFB21AC4F9AE02.roa
Signing time: Sun 15 Dec 2024 11:07:24 +0000
ROA not before: Sun 15 Dec 2024 11:07:24 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 264628
IP address blocks: 203.32.25.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 27 Jan 2025 22:34:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1023 (0x3ff)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918FC75
Validity
Not Before: Dec 15 11:07:24 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=675eb86c-fdb1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:04:2a:7c:71:4c:61:3a:e2:e6:fa:3a:00:bb:
21:fe:0d:28:d3:10:21:ab:39:18:14:51:36:6b:e4:
e5:14:e0:06:0d:24:4e:e0:c6:55:7b:ca:5a:86:24:
05:27:25:af:fc:e4:6d:7f:83:58:fd:d4:50:51:5b:
6c:b6:21:88:4e:60:d4:a1:bd:85:d6:8e:b0:dd:af:
30:d0:bf:31:e9:99:2b:d0:d7:1c:4a:4d:37:25:a3:
70:2d:51:ed:5c:67:58:58:79:c8:fe:f9:3d:90:b6:
a9:84:10:f9:fc:d6:55:1a:3d:6b:a5:9f:ee:65:7e:
ec:10:60:63:66:d5:f7:a7:4b:ee:3d:58:45:d2:7a:
b4:75:f0:58:05:0c:67:e7:71:e9:6c:76:62:04:9c:
30:02:08:f5:76:23:5c:cc:a5:c5:94:1c:1c:1c:b9:
0d:ec:12:b8:c8:52:f3:eb:29:35:27:b5:6b:e9:d3:
34:a4:52:f4:27:1b:92:2d:5b:1d:bb:4b:db:3b:e4:
2d:24:42:8d:41:35:9b:28:b7:c1:24:ec:14:f3:fb:
dd:b0:38:f8:90:b4:f7:26:66:5c:8b:3e:d4:d9:2d:
81:aa:da:8d:e1:7e:6b:9e:5c:9a:e1:c9:84:5e:6f:
13:b9:aa:78:f9:62:a8:c5:69:d6:2c:59:3c:b9:70:
f7:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:8F:86:F7:FA:89:AF:64:DD:B0:E8:A6:BF:B4:B5:B2:40:5A:43:7D
X509v3 Authority Key Identifier:
keyid:48:2E:5A:6E:08:96:A2:66:A9:1A:40:66:C0:6F:4B:4E:D9:84:64:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/SC5abgiWomapGkBmwG9LTtmEZJ0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SC5abgiWomapGkBmwG9LTtmEZJ0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/C3313A96BAD411EF9CCFB21AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.32.25.0/24
Signature Algorithm: sha256WithRSAEncryption
34:1d:b2:a3:a9:26:7b:66:c9:90:ee:96:06:44:f0:de:49:6d:
9b:20:88:59:a2:86:0d:d0:72:53:0c:8d:d4:e7:9f:4e:c4:5c:
fd:cf:36:02:34:7f:ba:b3:65:0c:79:9c:cd:6b:ed:8f:06:ec:
e2:7a:47:0d:54:1a:23:27:87:32:d6:cb:8a:65:31:33:2a:ac:
8c:9b:6b:ce:26:7e:37:f3:31:47:c9:79:ff:71:d5:a5:94:ae:
b4:d6:e0:98:50:1e:6a:1f:4b:6b:8d:c0:43:53:d9:d0:c9:7b:
e4:68:23:b8:c5:99:e1:18:fd:b8:96:f3:b5:a5:5e:f7:b8:77:
a1:a7:b0:f3:bc:7a:dc:1d:bc:ec:20:97:fb:40:b4:4d:bb:f1:
0f:78:af:0c:4d:6e:d9:6b:a0:2d:a3:87:ca:ee:6e:1c:9b:1a:
2f:38:2d:1b:07:3b:95:4f:aa:8c:63:27:17:53:a2:55:7f:6c:
b3:57:a2:6e:4b:f3:f6:7f:51:b4:6d:8d:0f:64:89:37:69:b4:
e1:e1:5f:61:11:dc:8e:39:76:5e:44:d1:e8:75:aa:4e:2a:43:
c8:ad:95:3e:89:a3:88:3e:c0:48:43:10:f3:f3:9d:98:c1:b8:
1e:c0:28:af:b6:28:80:17:fa:69:10:0a:9e:91:a9:25:2f:74:
5c:d8:e4:b3
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICA/8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEZDNzUxMTAvBgNVBAUTKDQ4MkU1QTZFMDg5NkEyNjZBOTFBNDA2NkMwNkY0QjRF
RDk4NDY0OUQwHhcNMjQxMjE1MTEwNzI0WhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzVlYjg2Yy1mZGIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArAQqfHFMYTri5vo6ALsh/g0o0xAhqzkYFFE2a+TlFOAGDSRO4MZVe8pahiQF
JyWv/ORtf4NY/dRQUVtstiGITmDUob2F1o6w3a8w0L8x6Zkr0NccSk03JaNwLVHt
XGdYWHnI/vk9kLaphBD5/NZVGj1rpZ/uZX7sEGBjZtX3p0vuPVhF0nq0dfBYBQxn
53HpbHZiBJwwAgj1diNczKXFlBwcHLkN7BK4yFLz6yk1J7Vr6dM0pFL0JxuSLVsd
u0vbO+QtJEKNQTWbKLfBJOwU8/vdsDj4kLT3JmZciz7U2S2BqtqN4X5rnlya4cmE
Xm8Tuap4+WKoxWnWLFk8uXD3VQIDAQABo4IClTCCApEwHQYDVR0OBBYEFAKPhvf6
ia9k3bDopr+0tbJAWkN9MB8GA1UdIwQYMBaAFEguWm4IlqJmqRpAZsBvS07ZhGSd
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RkM3NS8zQUE1REVFMERE
NTgxMUVDODcwRkMyMERDNEY5QUUwMi9TQzVhYmdpV29tYXBHa0Jtd0c5TFR0bUVa
SjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1NDNWFiZ2lXb21hcEdrQm13RzlMVHRtRVpKMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEZDNzUvM0FBNURFRTBERDU4MTFFQzg3MEZDMjBEQzRGOUFFMDIvQzMzMTNBOTZC
QUQ0MTFFRjlDQ0ZCMjFBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADLIBkwDQYJKoZIhvcNAQELBQADggEBADQdsqOpJntmyZDu
lgZE8N5JbZsgiFmihg3QclMMjdTnn07EXP3PNgI0f7qzZQx5nM1r7Y8G7OJ6Rw1U
GiMnhzLWy4plMTMqrIyba84mfjfzMUfJef9x1aWUrrTW4JhQHmofS2uNwENT2dDJ
e+RoI7jFmeEY/biW87WlXve4d6GnsPO8etwdvOwgl/tAtE278Q94rwxNbtlroC2j
h8rubhybGi84LRsHO5VPqoxjJxdTolV/bLNXom5L8/Z/UbRtjQ9kiTdptOHhX2ER
3I45dl5E0eh1qk4qQ8itlT6Jo4g+wEhDEPPznZjBuB7AKK+2KIAX+mkQCp6RqSUv
dFzY5LM=
-----END CERTIFICATE-----
Generated at Wed Feb 5 12:44:29 2025 by rpki-client