Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91406AA/8F5BB4F886C111EBBAB3184BC4F9AE02/E7CE7F16E7FD11EF80AC9B77C4F9AE02.roa
File: E7CE7F16E7FD11EF80AC9B77C4F9AE02.roa (raw, json)
Hash identifier: DSViqQltCRdRx534U4cPy6iZkYGjxSb4by5Oerkfph8=
Subject key identifier: 72:59:62:F4:7C:47:30:4C:DF:4C:50:5F:AA:29:37:37:CE:BA:0B:C0
Certificate issuer: /CN=A91406AA/serialNumber=315513E54AB0C99B8BCA84042E38358B60DB1B2C
Certificate serial: 0728
Authority key identifier: 31:55:13:E5:4A:B0:C9:9B:8B:CA:84:04:2E:38:35:8B:60:DB:1B:2C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MVUT5UqwyZuLyoQELjg1i2DbGyw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91406AA/8F5BB4F886C111EBBAB3184BC4F9AE02/E7CE7F16E7FD11EF80AC9B77C4F9AE02.roa
Signing time: Thu 13 Feb 2025 20:45:58 +0000
ROA not before: Thu 13 Feb 2025 20:45:58 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 132231
IP address blocks: 202.150.96.0/20 maxlen: 24
202.150.112.0/20 maxlen: 24
2403:c900::/33 maxlen: 33
2403:c900:8000::/33 maxlen: 33
Validation: Failed, certificate revoked on Mon 17 Feb 2025 03:03:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1832 (0x728)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91406AA, serialNumber=315513E54AB0C99B8BCA84042E38358B60DB1B2C
Validity
Not Before: Feb 13 20:45:58 2025 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=67ae5a06-f6df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:20:2e:5b:09:05:b6:fb:91:d8:8a:ae:f0:ec:
a4:84:48:f5:de:94:af:b0:16:9e:32:2a:fe:f3:7d:
7c:56:31:5f:5a:c9:a8:b3:f9:d9:6a:5c:27:60:bc:
6a:af:9b:12:b4:ae:d5:d0:4a:e4:6e:4a:8d:f4:5d:
d7:76:cd:04:39:99:b2:c8:c0:d0:28:17:60:25:9e:
11:aa:7c:0a:8a:0a:42:fe:54:52:fb:ea:67:35:10:
c0:0a:2d:60:ee:8d:c4:d5:3c:8e:da:6b:4b:ac:27:
81:b1:03:c3:b5:4f:f4:85:3c:55:0e:54:07:89:a3:
5a:ef:1f:7c:18:ff:b1:34:06:08:84:09:05:49:69:
f3:2e:3b:25:43:aa:ff:9e:8d:68:bd:fb:73:bc:e5:
ed:42:c1:c7:55:ae:1d:f2:58:72:6e:4c:13:00:8a:
c3:bf:b8:b6:84:5b:7c:3b:3e:b5:c5:86:2c:d2:80:
2b:6d:d0:41:38:cb:30:fe:af:c5:ba:75:05:db:0c:
62:af:d3:05:c6:00:0b:a9:20:f7:f3:ee:cb:4c:41:
e7:4b:0a:66:c7:bc:2a:42:6c:fa:20:1e:48:8b:e1:
ce:1d:2e:b3:75:c0:96:86:1b:b9:71:7e:20:e5:ea:
ee:53:d1:76:0f:bf:46:42:c2:9c:eb:57:39:d3:7f:
34:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:59:62:F4:7C:47:30:4C:DF:4C:50:5F:AA:29:37:37:CE:BA:0B:C0
X509v3 Authority Key Identifier:
keyid:31:55:13:E5:4A:B0:C9:9B:8B:CA:84:04:2E:38:35:8B:60:DB:1B:2C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91406AA/8F5BB4F886C111EBBAB3184BC4F9AE02/MVUT5UqwyZuLyoQELjg1i2DbGyw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MVUT5UqwyZuLyoQELjg1i2DbGyw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91406AA/8F5BB4F886C111EBBAB3184BC4F9AE02/E7CE7F16E7FD11EF80AC9B77C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.150.96.0/19
IPv6:
2403:c900::/32
Signature Algorithm: sha256WithRSAEncryption
98:77:c8:50:c6:e4:51:28:65:45:bd:94:d2:af:e1:b1:40:93:
3a:c8:18:cf:44:d9:3f:8e:7f:81:d4:4c:30:29:ad:8d:18:43:
9d:9e:dd:9a:24:f4:36:aa:38:51:98:22:7a:d1:f5:60:ef:94:
6f:47:8f:34:34:1e:d2:4c:f9:21:d2:34:3b:6a:15:7f:ce:2c:
b4:57:c8:a0:cf:ee:0a:2a:05:4e:54:b0:ac:06:6a:14:53:a6:
1b:7e:b4:54:2b:69:aa:71:b9:43:c1:f8:b9:78:c7:de:b7:50:
99:fe:af:d9:18:bf:bb:c6:9a:75:d3:e2:7b:0c:99:73:7b:08:
8e:4e:25:a9:13:4a:9f:06:51:7a:81:2b:92:4a:27:a4:c1:46:
11:bb:ea:82:e0:6e:6f:7c:c8:16:ce:2e:e6:f3:33:6a:bc:9d:
bf:b8:a2:c9:9d:6c:59:90:d5:18:89:21:1c:b0:a2:be:7b:4c:
56:fb:27:ea:13:05:14:61:59:b2:0d:7b:06:77:1a:d5:9d:1d:
24:2e:7d:4e:10:83:53:68:fa:51:a1:36:30:0c:6f:b5:a9:bf:
a8:3e:57:38:49:83:e4:4d:c5:de:c2:dc:13:65:a4:eb:3b:0d:
65:10:7c:0b:dd:57:a1:a9:6a:71:5a:e8:e5:d9:f0:35:5f:02:
dc:94:35:4a
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICBygwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDA2QUExMTAvBgNVBAUTKDMxNTUxM0U1NEFCMEM5OUI4QkNBODQwNDJFMzgzNThC
NjBEQjFCMkMwHhcNMjUwMjEzMjA0NTU4WhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2FlNWEwNi1mNmRmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuCAuWwkFtvuR2Iqu8OykhEj13pSvsBaeMir+8318VjFfWsmos/nZalwnYLxq
r5sStK7V0ErkbkqN9F3Xds0EOZmyyMDQKBdgJZ4RqnwKigpC/lRS++pnNRDACi1g
7o3E1TyO2mtLrCeBsQPDtU/0hTxVDlQHiaNa7x98GP+xNAYIhAkFSWnzLjslQ6r/
no1ovftzvOXtQsHHVa4d8lhybkwTAIrDv7i2hFt8Oz61xYYs0oArbdBBOMsw/q/F
unUF2wxir9MFxgALqSD38+7LTEHnSwpmx7wqQmz6IB5Ii+HOHS6zdcCWhhu5cX4g
5eruU9F2D79GQsKc61c50380YQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFHJZYvR8
RzBM30xQX6opNzfOugvAMB8GA1UdIwQYMBaAFDFVE+VKsMmbi8qEBC44NYtg2xss
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MDZBQS84RjVCQjRGODg2
QzExMUVCQkFCMzE4NEJDNEY5QUUwMi9NVlVUNVVxd3ladUx5b1FFTGpnMWkyRGJH
eXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL01WVVQ1VXF3eVp1THlvUUVMamcxaTJEYkd5dy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDA2QUEvOEY1QkI0Rjg4NkMxMTFFQkJBQjMxODRCQzRGOUFFMDIvRTdDRTdGMTZF
N0ZEMTFFRjgwQUM5Qjc3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAXKlmAwDQQCAAIwBwMFACQDyQAwDQYJKoZIhvcNAQELBQAD
ggEBAJh3yFDG5FEoZUW9lNKv4bFAkzrIGM9E2T+Of4HUTDAprY0YQ52e3Zok9Daq
OFGYInrR9WDvlG9HjzQ0HtJM+SHSNDtqFX/OLLRXyKDP7goqBU5UsKwGahRTpht+
tFQraapxuUPB+Ll4x963UJn+r9kYv7vGmnXT4nsMmXN7CI5OJakTSp8GUXqBK5JK
J6TBRhG76oLgbm98yBbOLubzM2q8nb+4osmdbFmQ1RiJIRywor57TFb7J+oTBRRh
WbINewZ3GtWdHSQufU4Qg1No+lGhNjAMb7Wpv6g+VzhJg+RNxd7C3BNlpOs7DWUQ
fAvdV6GpanFa6OXZ8DVfAtyUNUo=
-----END CERTIFICATE-----
Generated at Sat Apr 26 09:19:13 2025 by rpki-client