Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914DC5D/39E7146C2A3311EB929DC07CC4F9AE02/ACA389F02A4111EBA1B1BB3DC4F9AE02.roa
File: ACA389F02A4111EBA1B1BB3DC4F9AE02.roa (raw, json)
Hash identifier: YjrNGdrizOBRtrjVkXsHcvTjEQslxnovK8NhXfNyVzI=
Subject key identifier: 95:29:C6:F0:D2:FC:AC:8A:8A:5D:17:03:B8:99:B5:BE:72:B5:34:6B
Certificate issuer: /CN=A914DC5D/serialNumber=20F2531A7BA8212D2BB0900D576372D33F846928
Certificate serial: 0753
Authority key identifier: 20:F2:53:1A:7B:A8:21:2D:2B:B0:90:0D:57:63:72:D3:3F:84:69:28
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IPJTGnuoIS0rsJANV2Ny0z-EaSg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914DC5D/39E7146C2A3311EB929DC07CC4F9AE02/ACA389F02A4111EBA1B1BB3DC4F9AE02.roa
Signing time: Tue 02 Jul 2024 23:11:13 +0000
ROA not before: Tue 02 Jul 2024 23:11:13 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 133163
IP address blocks: 203.151.10.0/24 maxlen: 24
203.151.11.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 09 Sep 2024 10:37:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1875 (0x753)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914DC5D, serialNumber=20F2531A7BA8212D2BB0900D576372D33F846928
Validity
Not Before: Jul 2 23:11:13 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=66848911-642e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:12:85:7a:e6:77:e8:0c:01:45:a5:e9:a4:9b:
b2:4d:6e:4a:c5:ab:81:cb:2c:bb:02:fb:ed:3f:4a:
e0:d1:ee:7c:e7:a2:da:70:8d:49:1f:0a:ba:46:4a:
79:d9:f9:b5:ae:cc:4b:1d:92:70:2d:ce:d8:a1:ae:
69:20:f5:34:87:0e:50:3e:5a:74:5b:63:38:8a:f0:
95:25:d2:3d:1c:6a:19:f1:78:29:9d:58:1b:75:91:
65:59:33:f6:f3:f1:a6:5a:af:56:8b:f0:fc:45:e7:
d1:d6:f6:ca:1a:3c:81:9d:ae:54:07:3c:21:09:ef:
db:20:08:5a:70:ac:4a:a4:d4:48:d4:1a:14:76:60:
05:58:1f:b7:93:fc:7b:3d:bb:c7:7a:ec:32:be:bd:
2c:9f:71:82:c7:d9:d7:a3:f2:8e:26:a1:15:ef:eb:
3a:8f:1d:5d:33:17:15:68:76:7a:f1:80:f0:1b:7d:
d4:ff:80:ff:d3:c4:aa:e2:78:cc:66:b1:d9:54:27:
fb:12:6f:e1:31:66:be:61:ef:a3:d4:11:14:2b:ca:
21:8c:0e:a8:70:e4:e0:aa:d2:66:e6:c8:15:2b:20:
46:2c:1f:09:ea:fc:c8:03:57:6a:f7:89:ff:bb:df:
f9:ab:e7:7a:9a:78:40:66:67:e9:c4:8a:d1:a5:a6:
54:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:29:C6:F0:D2:FC:AC:8A:8A:5D:17:03:B8:99:B5:BE:72:B5:34:6B
X509v3 Authority Key Identifier:
keyid:20:F2:53:1A:7B:A8:21:2D:2B:B0:90:0D:57:63:72:D3:3F:84:69:28
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914DC5D/39E7146C2A3311EB929DC07CC4F9AE02/IPJTGnuoIS0rsJANV2Ny0z-EaSg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IPJTGnuoIS0rsJANV2Ny0z-EaSg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914DC5D/39E7146C2A3311EB929DC07CC4F9AE02/ACA389F02A4111EBA1B1BB3DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.151.10.0/23
Signature Algorithm: sha256WithRSAEncryption
06:4b:14:19:39:13:e2:cd:a6:b1:18:80:66:39:f6:56:81:4d:
17:5c:ca:7e:d0:a5:50:24:8f:ba:f6:d0:ac:d9:b0:d8:e7:19:
14:a6:3e:6d:de:04:a5:9d:02:43:91:93:83:81:13:ed:02:e3:
e1:aa:f6:f5:4f:1d:00:b8:a3:7b:db:96:95:69:f7:1e:53:a6:
da:fa:ca:24:e2:70:3f:a5:e3:2b:e9:ca:7e:33:13:84:a7:13:
21:11:61:9b:1c:4d:fa:d2:c7:f2:3c:44:18:37:80:2d:26:8d:
48:25:6f:95:b1:5a:cf:6b:c0:7c:c2:35:a0:95:e8:75:27:c1:
9f:e6:28:db:05:2c:e1:4f:da:d6:5a:6a:10:fd:ba:5b:f7:0f:
97:73:5f:22:06:1f:c4:9a:5b:e8:5e:18:6b:a1:c6:9f:99:39:
29:23:e3:95:e9:d8:d1:f3:12:e4:18:32:ae:48:12:c1:65:05:
17:d8:a6:ee:a6:91:11:0b:cf:44:0a:9a:71:99:95:1f:a5:55:
00:df:c5:b2:58:67:71:81:57:58:fe:a8:8d:42:ab:61:17:48:
d5:14:a4:05:90:33:c0:6b:f5:68:98:7a:ab:76:71:85:18:0a:
71:89:5f:7e:78:16:63:18:bc:f1:54:0e:6c:b2:0c:a7:64:14:
78:de:14:a9
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICB1MwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NERDNUQxMTAvBgNVBAUTKDIwRjI1MzFBN0JBODIxMkQyQkIwOTAwRDU3NjM3MkQz
M0Y4NDY5MjgwHhcNMjQwNzAyMjMxMTEzWhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02Njg0ODkxMS02NDJlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwBKFeuZ36AwBRaXppJuyTW5KxauByyy7AvvtP0rg0e5856LacI1JHwq6Rkp5
2fm1rsxLHZJwLc7Yoa5pIPU0hw5QPlp0W2M4ivCVJdI9HGoZ8XgpnVgbdZFlWTP2
8/GmWq9Wi/D8RefR1vbKGjyBna5UBzwhCe/bIAhacKxKpNRI1BoUdmAFWB+3k/x7
PbvHeuwyvr0sn3GCx9nXo/KOJqEV7+s6jx1dMxcVaHZ68YDwG33U/4D/08Sq4njM
ZrHZVCf7Em/hMWa+Ye+j1BEUK8ohjA6ocOTgqtJm5sgVKyBGLB8J6vzIA1dq94n/
u9/5q+d6mnhAZmfpxIrRpaZU8QIDAQABo4IClTCCApEwHQYDVR0OBBYEFJUpxvDS
/KyKil0XA7iZtb5ytTRrMB8GA1UdIwQYMBaAFCDyUxp7qCEtK7CQDVdjctM/hGko
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0REM1RC8zOUU3MTQ2QzJB
MzMxMUVCOTI5REMwN0NDNEY5QUUwMi9JUEpUR251b0lTMHJzSkFOVjJOeTB6LUVh
U2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0lQSlRHbnVvSVMwcnNKQU5WMk55MHotRWFTZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NERDNUQvMzlFNzE0NkMyQTMzMTFFQjkyOURDMDdDQzRGOUFFMDIvQUNBMzg5RjAy
QTQxMTFFQkExQjFCQjNEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAHLlwowDQYJKoZIhvcNAQELBQADggEBAAZLFBk5E+LNprEY
gGY59laBTRdcyn7QpVAkj7r20KzZsNjnGRSmPm3eBKWdAkORk4OBE+0C4+Gq9vVP
HQC4o3vblpVp9x5Tptr6yiTicD+l4yvpyn4zE4SnEyERYZscTfrSx/I8RBg3gC0m
jUglb5WxWs9rwHzCNaCV6HUnwZ/mKNsFLOFP2tZaahD9ulv3D5dzXyIGH8SaW+he
GGuhxp+ZOSkj45Xp2NHzEuQYMq5IEsFlBRfYpu6mkRELz0QKmnGZlR+lVQDfxbJY
Z3GBV1j+qI1Cq2EXSNUUpAWQM8Br9WiYeqt2cYUYCnGJX354FmMYvPFUDmyyDKdk
FHjeFKk=
-----END CERTIFICATE-----
Generated at Sat Apr 26 07:48:30 2025 by rpki-client