Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912FC73/0144CDF89F3411EC9CEBC670C4F9AE02/6FF9F40AE2DC11EF84A3E910C4F9AE02.roa
File: 6FF9F40AE2DC11EF84A3E910C4F9AE02.roa (raw, json)
Hash identifier: jRpkKVUlxmH6IIwLbiPA226GgpymJJ8pYzP2QAfg9c4=
Subject key identifier: B2:B7:8D:F1:FC:A8:FC:92:6F:4A:29:EB:DD:77:13:92:40:11:4E:45
Certificate issuer: /CN=A912FC73/serialNumber=CEE41601EEA9F51B3525DA55DD4AC95CEFAF5ABC
Certificate serial: 0438
Authority key identifier: CE:E4:16:01:EE:A9:F5:1B:35:25:DA:55:DD:4A:C9:5C:EF:AF:5A:BC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zuQWAe6p9Rs1JdpV3UrJXO-vWrw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912FC73/0144CDF89F3411EC9CEBC670C4F9AE02/6FF9F40AE2DC11EF84A3E910C4F9AE02.roa
Signing time: Tue 04 Feb 2025 09:43:07 +0000
ROA not before: Tue 04 Feb 2025 09:43:07 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 43260
IP address blocks: 113.20.40.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 04 Feb 2025 09:47:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1080 (0x438)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912FC73, serialNumber=CEE41601EEA9F51B3525DA55DD4AC95CEFAF5ABC
Validity
Not Before: Feb 4 09:43:07 2025 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=67a1e12b-a328
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:2e:fd:03:6b:4a:d5:da:7e:4e:78:21:2f:85:
97:ee:c5:29:ba:61:e1:d1:6c:44:3b:c9:0c:91:a0:
81:4c:7b:e4:80:5a:ed:f1:ad:24:90:d9:57:f8:a1:
3a:68:91:2c:c8:e2:e4:eb:6f:ac:4f:20:bf:9a:6e:
02:0d:41:59:10:f9:b4:9f:30:17:01:b7:13:f5:76:
82:07:b7:d2:1d:27:f6:a4:4c:47:97:3c:4f:fa:84:
e8:54:72:ac:b4:60:b8:52:7d:0a:2d:4b:5a:7b:cd:
87:6c:41:4a:94:e6:0c:0c:b1:2a:ca:b5:7b:13:73:
54:56:ea:4e:bb:d5:1a:19:ed:b0:8f:a7:e5:25:ff:
d0:bb:2d:73:af:b0:89:dd:98:36:e4:56:98:c4:e0:
22:d4:82:f6:ae:94:5e:49:31:92:18:2e:ec:d7:f7:
48:3c:7d:cd:34:ff:e3:e1:c1:1f:32:17:e7:9e:20:
7d:9a:7a:44:6f:27:fd:d1:74:2b:4f:92:5f:c6:a5:
bb:a1:a8:8c:ca:d2:a1:e1:4a:6e:25:15:7b:bc:06:
34:52:53:61:39:74:3e:50:dd:2c:75:51:2d:6c:fd:
4c:fa:ee:91:81:2d:ac:fd:e3:a4:28:2c:a7:d5:2c:
bc:99:86:5a:47:6e:f0:6f:9f:95:66:0b:98:f2:ab:
1a:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:B7:8D:F1:FC:A8:FC:92:6F:4A:29:EB:DD:77:13:92:40:11:4E:45
X509v3 Authority Key Identifier:
keyid:CE:E4:16:01:EE:A9:F5:1B:35:25:DA:55:DD:4A:C9:5C:EF:AF:5A:BC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912FC73/0144CDF89F3411EC9CEBC670C4F9AE02/zuQWAe6p9Rs1JdpV3UrJXO-vWrw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zuQWAe6p9Rs1JdpV3UrJXO-vWrw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912FC73/0144CDF89F3411EC9CEBC670C4F9AE02/6FF9F40AE2DC11EF84A3E910C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
113.20.40.0/22
Signature Algorithm: sha256WithRSAEncryption
aa:94:a8:06:cc:0c:aa:59:4f:e8:4a:65:bb:a3:43:9e:1a:ef:
a8:d1:74:49:cc:de:cc:0c:08:5f:9b:a6:95:eb:64:94:7c:ff:
e7:cf:f9:d2:0b:d9:64:8a:d2:99:2f:65:ba:40:81:5d:cc:b6:
4c:18:04:ae:f4:85:33:d4:46:74:f3:48:34:1d:76:ec:02:8c:
65:bf:eb:8e:77:c4:2c:b1:61:cf:2b:d3:05:a2:59:92:c8:1e:
e2:8e:7d:d1:0c:1d:80:f3:59:73:a4:d6:0f:89:2a:08:96:75:
42:27:e0:e7:f9:a0:46:7e:46:15:40:20:0c:34:bf:16:15:79:
54:ee:a1:b9:c0:f2:21:db:4d:2f:bb:4d:42:8a:1e:f9:13:59:
3f:23:a5:a8:04:f7:ee:28:ee:cf:35:c0:26:9a:eb:34:b8:8a:
9f:5b:bb:53:86:e8:a7:31:45:ff:fc:ce:ba:88:25:3d:9a:75:
b3:1e:bf:f7:c5:af:79:ca:e5:39:f8:6b:9a:84:fa:ec:13:4b:
3e:72:3d:2d:e7:00:12:e2:32:39:2b:0b:b6:bb:19:ac:f7:35:
f5:de:ce:23:ca:75:1a:a0:d4:21:21:70:8b:99:04:a1:de:ee:
b2:53:1b:1e:20:ef:ec:d0:dc:cf:2e:d9:74:cd:0d:55:1d:2b:
42:eb:11:22
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBDgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MkZDNzMxMTAvBgNVBAUTKENFRTQxNjAxRUVBOUY1MUIzNTI1REE1NURENEFDOTVD
RUZBRjVBQkMwHhcNMjUwMjA0MDk0MzA3WhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2ExZTEyYi1hMzI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAky79A2tK1dp+TnghL4WX7sUpumHh0WxEO8kMkaCBTHvkgFrt8a0kkNlX+KE6
aJEsyOLk62+sTyC/mm4CDUFZEPm0nzAXAbcT9XaCB7fSHSf2pExHlzxP+oToVHKs
tGC4Un0KLUtae82HbEFKlOYMDLEqyrV7E3NUVupOu9UaGe2wj6flJf/Quy1zr7CJ
3Zg25FaYxOAi1IL2rpReSTGSGC7s1/dIPH3NNP/j4cEfMhfnniB9mnpEbyf90XQr
T5JfxqW7oaiMytKh4UpuJRV7vAY0UlNhOXQ+UN0sdVEtbP1M+u6RgS2s/eOkKCyn
1Sy8mYZaR27wb5+VZguY8qsaZQIDAQABo4IClTCCApEwHQYDVR0OBBYEFLK3jfH8
qPySb0op6913E5JAEU5FMB8GA1UdIwQYMBaAFM7kFgHuqfUbNSXaVd1KyVzvr1q8
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyRkM3My8wMTQ0Q0RGODlG
MzQxMUVDOUNFQkM2NzBDNEY5QUUwMi96dVFXQWU2cDlSczFKZHBWM1VySlhPLXZX
cncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3p1UVdBZTZwOVJzMUpkcFYzVXJKWE8tdldydy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MkZDNzMvMDE0NENERjg5RjM0MTFFQzlDRUJDNjcwQzRGOUFFMDIvNkZGOUY0MEFF
MkRDMTFFRjg0QTNFOTEwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAJxFCgwDQYJKoZIhvcNAQELBQADggEBAKqUqAbMDKpZT+hK
ZbujQ54a76jRdEnM3swMCF+bppXrZJR8/+fP+dIL2WSK0pkvZbpAgV3MtkwYBK70
hTPURnTzSDQdduwCjGW/6453xCyxYc8r0wWiWZLIHuKOfdEMHYDzWXOk1g+JKgiW
dUIn4Of5oEZ+RhVAIAw0vxYVeVTuobnA8iHbTS+7TUKKHvkTWT8jpagE9+4o7s81
wCaa6zS4ip9bu1OG6KcxRf/8zrqIJT2adbMev/fFr3nK5Tn4a5qE+uwTSz5yPS3n
ABLiMjkrC7a7Gaz3NfXeziPKdRqg1CEhcIuZBKHe7rJTGx4g7+zQ3M8u2XTNDVUd
K0LrESI=
-----END CERTIFICATE-----
Generated at Sat Apr 26 13:00:39 2025 by rpki-client