Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911EEF8/9799E6D0BBC411EFB985BE3FC4F9AE02/51412D6EBBC511EFBF86AE41C4F9AE02.roa
File: 51412D6EBBC511EFBF86AE41C4F9AE02.roa (raw, json)
Hash identifier: zrkvWsvpMsWnTbhCemtX/p+EvC+vOB4mURG56Y6N8s0=
Subject key identifier: B0:A0:8B:7D:C1:7A:62:A0:AE:14:D2:40:DE:F3:9D:2E:54:00:0C:40
Certificate issuer: /CN=A911EEF8/serialNumber=56C69305B5EBA542555D8C78C561AB7A6CD1AA2C
Certificate serial: 02
Authority key identifier: 56:C6:93:05:B5:EB:A5:42:55:5D:8C:78:C5:61:AB:7A:6C:D1:AA:2C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VsaTBbXrpUJVXYx4xWGremzRqiw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911EEF8/9799E6D0BBC411EFB985BE3FC4F9AE02/51412D6EBBC511EFBF86AE41C4F9AE02.roa
Signing time: Mon 16 Dec 2024 15:49:22 +0000
ROA not before: Mon 16 Dec 2024 15:49:22 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 18383
IP address blocks: 202.10.96.0/20 maxlen: 20
Validation: Failed, certificate revoked on Tue 31 Dec 2024 01:08:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911EEF8, serialNumber=56C69305B5EBA542555D8C78C561AB7A6CD1AA2C
Validity
Not Before: Dec 16 15:49:22 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=67604c02-5c18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:6c:cb:4c:f0:59:91:81:53:75:3d:cd:fc:ae:
99:87:d5:7c:47:44:f5:63:eb:51:f1:1b:fc:ea:6e:
47:b2:87:15:91:09:63:4a:8f:f2:d9:24:e2:14:eb:
1c:16:fe:60:68:fd:87:e6:18:03:58:4e:2f:af:5c:
78:7e:d3:cb:64:00:de:3e:5b:5a:dc:17:0a:1a:78:
87:52:79:1a:e4:64:29:c5:f5:45:c1:3e:00:2b:38:
b4:38:f5:2f:ca:0a:e5:f6:e9:19:47:d0:dc:1d:04:
d6:84:2d:7c:08:8f:1c:7e:ec:73:33:32:54:0a:b7:
0d:d0:5c:90:4e:77:80:d2:98:ec:92:9d:ce:bc:34:
fb:82:9f:c4:8a:21:34:22:3e:42:bf:9b:10:86:4a:
e6:90:f6:a7:82:3d:ab:56:8a:60:52:fd:1b:82:e5:
ea:8e:b0:f4:24:f8:ac:e3:3a:18:46:a5:2d:c7:4d:
1e:4f:51:5a:cf:45:45:86:b4:27:87:b2:dd:5f:5b:
89:aa:0b:b4:e1:b9:78:d2:1f:ef:5a:63:df:64:4e:
7f:a0:4a:d4:93:5a:d6:29:8c:75:ec:f0:c9:79:8b:
2e:71:97:7f:e2:32:0d:3b:81:0f:53:24:7f:7c:dd:
54:ea:69:0d:ea:17:92:f6:40:58:4a:66:e4:e8:63:
1a:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:A0:8B:7D:C1:7A:62:A0:AE:14:D2:40:DE:F3:9D:2E:54:00:0C:40
X509v3 Authority Key Identifier:
keyid:56:C6:93:05:B5:EB:A5:42:55:5D:8C:78:C5:61:AB:7A:6C:D1:AA:2C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911EEF8/9799E6D0BBC411EFB985BE3FC4F9AE02/VsaTBbXrpUJVXYx4xWGremzRqiw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VsaTBbXrpUJVXYx4xWGremzRqiw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911EEF8/9799E6D0BBC411EFB985BE3FC4F9AE02/51412D6EBBC511EFBF86AE41C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.10.96.0/20
Signature Algorithm: sha256WithRSAEncryption
0d:a5:17:d5:c3:13:90:45:7d:85:6e:e1:cb:90:29:43:95:d5:
05:e4:d4:9b:03:1e:22:b6:f8:40:61:d9:6c:eb:52:f1:55:21:
27:87:76:46:9e:49:05:58:ed:43:29:55:1a:41:4d:0d:34:e9:
f4:9a:1e:4f:ec:74:73:89:dc:35:e3:f0:1a:6f:23:9e:b2:68:
7e:79:c1:89:49:66:fb:68:89:5c:ef:bb:09:46:0a:87:75:63:
93:c9:d6:4e:20:9d:4f:08:f9:63:ca:7f:fd:29:4a:4b:3b:e8:
fc:59:e6:3a:06:ef:a8:90:4b:09:70:4e:68:fc:d5:dc:74:f7:
4b:50:3b:7c:3d:f1:d3:f9:f7:56:00:dc:4f:7a:f7:59:22:1b:
c8:fd:90:68:b8:e8:b9:39:87:55:ff:9f:94:74:4c:33:1c:84:
9e:7f:b8:57:12:7f:85:e6:fa:dc:9e:7c:6d:39:2b:55:3d:97:
54:78:7d:17:05:70:e5:be:f2:c5:42:17:09:de:2f:ea:77:95:
61:2f:e1:5e:3b:43:48:41:ca:b8:d4:0d:cf:d0:ae:90:53:1b:
78:ed:23:75:1a:b6:b7:62:55:d6:d6:3e:55:98:17:a3:1c:90:
de:2c:24:8a:97:67:e5:8d:c3:68:4e:b6:9e:9c:ac:37:0b:95:
79:91:95:85
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEx
RUVGODExMC8GA1UEBRMoNTZDNjkzMDVCNUVCQTU0MjU1NUQ4Qzc4QzU2MUFCN0E2
Q0QxQUEyQzAeFw0yNDEyMTYxNTQ5MjJaFw0yNTA4MzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3NjA0YzAyLTVjMTgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDBbMtM8FmRgVN1Pc38rpmH1XxHRPVj61HxG/zqbkeyhxWRCWNKj/LZJOIU6xwW
/mBo/YfmGANYTi+vXHh+08tkAN4+W1rcFwoaeIdSeRrkZCnF9UXBPgArOLQ49S/K
CuX26RlH0NwdBNaELXwIjxx+7HMzMlQKtw3QXJBOd4DSmOySnc68NPuCn8SKITQi
PkK/mxCGSuaQ9qeCPatWimBS/RuC5eqOsPQk+KzjOhhGpS3HTR5PUVrPRUWGtCeH
st1fW4mqC7ThuXjSH+9aY99kTn+gStSTWtYpjHXs8Ml5iy5xl3/iMg07gQ9TJH98
3VTqaQ3qF5L2QFhKZuToYxqjAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUsKCLfcF6
YqCuFNJA3vOdLlQADEAwHwYDVR0jBBgwFoAUVsaTBbXrpUJVXYx4xWGremzRqiww
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTFFRUY4Lzk3OTlFNkQwQkJD
NDExRUZCOTg1QkUzRkM0RjlBRTAyL1ZzYVRCYlhycFVKVlhZeDR4V0dyZW16UnFp
dy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvVnNhVEJiWHJwVUpWWFl4NHhXR3JlbXpScWl3LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx
RUVGOC85Nzk5RTZEMEJCQzQxMUVGQjk4NUJFM0ZDNEY5QUUwMi81MTQxMkQ2RUJC
QzUxMUVGQkY4NkFFNDFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEBMoKYDANBgkqhkiG9w0BAQsFAAOCAQEADaUX1cMTkEV9hW7h
y5ApQ5XVBeTUmwMeIrb4QGHZbOtS8VUhJ4d2Rp5JBVjtQylVGkFNDTTp9JoeT+x0
c4ncNePwGm8jnrJofnnBiUlm+2iJXO+7CUYKh3Vjk8nWTiCdTwj5Y8p//SlKSzvo
/FnmOgbvqJBLCXBOaPzV3HT3S1A7fD3x0/n3VgDcT3r3WSIbyP2QaLjouTmHVf+f
lHRMMxyEnn+4VxJ/heb63J58bTkrVT2XVHh9FwVw5b7yxUIXCd4v6neVYS/hXjtD
SEHKuNQNz9CukFMbeO0jdRq2t2JV1tY+VZgXoxyQ3iwkipdn5Y3DaE62npysNwuV
eZGVhQ==
-----END CERTIFICATE-----
Generated at Sat Apr 26 07:44:42 2025 by rpki-client