Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/21429816203B11F086579D0CC4F9AE02.roa
File: 21429816203B11F086579D0CC4F9AE02.roa (raw, json)
Hash identifier: cVfZD8omIGNVRnoxQuDpDdLyM2+EiVKJm81mOMuO+Ic=
Subject key identifier: 5C:EC:3A:DE:70:88:09:3B:FF:12:19:E6:B8:77:FF:11:1D:85:9B:75
Certificate issuer: /CN=A915A0CD/serialNumber=38193720821E07D6918E3A79FBE0823C6732E264
Certificate serial: 0D11
Authority key identifier: 38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/21429816203B11F086579D0CC4F9AE02.roa
Signing time: Wed 23 Apr 2025 12:04:38 +0000
ROA not before: Wed 23 Apr 2025 12:04:38 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 2914
IP address blocks: 111.92.133.0/24 maxlen: 24
111.92.134.0/24 maxlen: 24
111.92.139.0/24 maxlen: 24
111.92.142.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 23 Apr 2025 12:08:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3345 (0xd11)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915A0CD, serialNumber=38193720821E07D6918E3A79FBE0823C6732E264
Validity
Not Before: Apr 23 12:04:38 2025 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=6808d756-85f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:72:60:c2:ca:c0:99:88:b4:2e:ff:ef:db:d1:
a1:8a:55:9c:89:1b:c1:1f:5d:4e:01:ac:15:b1:e6:
a7:94:e8:b9:f8:46:25:bf:b9:d3:51:67:2f:85:44:
88:cd:1b:7c:38:ab:f8:e6:40:99:46:a8:19:cb:3a:
01:3f:2f:2b:c3:df:a9:5a:cf:c5:dd:f7:23:5c:42:
41:62:47:f9:05:36:54:74:9d:bb:b4:30:c8:7f:f3:
24:5a:42:3d:17:c1:a6:a4:56:aa:a4:26:d6:08:31:
80:d9:fb:0a:8d:4b:52:a4:2d:fa:14:57:9f:fd:3c:
d9:b8:17:f2:fe:96:26:0a:2e:b4:75:2f:3a:8d:48:
30:29:1c:fa:23:1c:36:c9:d3:89:ff:3a:a8:fa:95:
17:7b:86:93:28:bc:17:88:5e:2f:05:ff:ee:81:db:
42:fa:b2:55:04:16:18:28:d7:b7:b3:48:f0:5a:6d:
91:65:17:d3:0c:23:23:02:15:75:6d:a0:ea:0d:66:
8c:3c:03:94:86:3a:07:e4:20:81:43:fd:b7:5c:15:
cb:e2:02:d7:fc:ce:ba:29:8b:a1:f4:35:b1:b8:04:
40:3f:79:b6:76:a3:55:87:4f:c3:01:66:17:83:ef:
62:d9:94:9a:a1:f6:0d:eb:b8:6b:56:dd:3b:9a:26:
33:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:EC:3A:DE:70:88:09:3B:FF:12:19:E6:B8:77:FF:11:1D:85:9B:75
X509v3 Authority Key Identifier:
keyid:38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/OBk3IIIeB9aRjjp5--CCPGcy4mQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/21429816203B11F086579D0CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
111.92.133.0-111.92.134.255
111.92.139.0/24
111.92.142.0/24
Signature Algorithm: sha256WithRSAEncryption
40:3a:3b:5f:b4:65:58:34:ca:22:78:23:c8:59:73:ff:fc:35:
a6:d8:39:01:e1:f4:68:db:74:3a:6b:45:3f:b8:d6:6b:f3:b1:
2f:99:2c:71:82:8f:4d:6d:fc:51:86:18:4e:fc:22:fc:72:83:
01:59:39:2b:6f:99:7f:4c:6a:33:01:83:c2:9a:e6:ae:5c:d9:
07:70:33:36:98:03:a3:a7:41:ec:44:4f:3e:ee:5f:26:3e:57:
31:44:10:ee:9e:3a:de:b9:68:32:fd:cf:a1:1c:d6:6f:fd:91:
e2:95:0c:4f:19:16:9b:b7:3e:28:a1:f7:8f:56:4b:21:a2:1a:
c3:f6:74:48:d4:dc:04:7f:06:3c:6a:70:df:c6:5a:6d:dd:46:
fe:5f:05:c0:65:9b:1e:28:74:33:e2:9a:28:bf:5c:2d:0b:3b:
91:d3:b4:6b:67:2b:47:c9:31:67:a8:c1:af:b0:73:7e:e8:8d:
f4:e5:ba:89:71:6a:4d:6a:66:7b:d0:93:c4:08:29:84:e9:d8:
f6:8c:a8:67:9b:1f:8e:b8:ab:d5:70:4c:c3:69:f2:f1:df:3f:
1a:5a:ac:2e:b4:19:bf:3c:68:43:97:6a:5b:a8:5b:c8:af:b0:
10:83:a6:d4:a8:91:35:3b:45:de:0c:4a:d5:ac:05:dd:e5:0f:
f5:8e:13:6e
-----BEGIN CERTIFICATE-----
MIIFhTCCBG2gAwIBAgICDREwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUEwQ0QxMTAvBgNVBAUTKDM4MTkzNzIwODIxRTA3RDY5MThFM0E3OUZCRTA4MjND
NjczMkUyNjQwHhcNMjUwNDIzMTIwNDM4WhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODA4ZDc1Ni04NWY3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAy3JgwsrAmYi0Lv/v29GhilWciRvBH11OAawVseanlOi5+EYlv7nTUWcvhUSI
zRt8OKv45kCZRqgZyzoBPy8rw9+pWs/F3fcjXEJBYkf5BTZUdJ27tDDIf/MkWkI9
F8GmpFaqpCbWCDGA2fsKjUtSpC36FFef/TzZuBfy/pYmCi60dS86jUgwKRz6Ixw2
ydOJ/zqo+pUXe4aTKLwXiF4vBf/ugdtC+rJVBBYYKNe3s0jwWm2RZRfTDCMjAhV1
baDqDWaMPAOUhjoH5CCBQ/23XBXL4gLX/M66KYuh9DWxuARAP3m2dqNVh0/DAWYX
g+9i2ZSaofYN67hrVt07miYztwIDAQABo4ICqTCCAqUwHQYDVR0OBBYEFFzsOt5w
iAk7/xIZ5rh3/xEdhZt1MB8GA1UdIwQYMBaAFDgZNyCCHgfWkY46efvggjxnMuJk
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QTBDRC80NjcyM0YxRTg5
RUMxMUVBODFDMDRGMUVDNEY5QUUwMi9PQmszSUlJZUI5YVJqanA1LS1DQ1BHY3k0
bVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09CazNJSUllQjlhUmpqcDUtLUNDUEdjeTRtUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUEwQ0QvNDY3MjNGMUU4OUVDMTFFQTgxQzA0RjFFQzRGOUFFMDIvMjE0Mjk4MTYy
MDNCMTFGMDg2NTc5RDBDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMwYIKwYBBQUHAQcBAf8E
JDAiMCAEAgABMBowDAMEAG9chQMEAG9chgMEAG9ciwMEAG9cjjANBgkqhkiG9w0B
AQsFAAOCAQEAQDo7X7RlWDTKIngjyFlz//w1ptg5AeH0aNt0OmtFP7jWa/OxL5ks
cYKPTW38UYYYTvwi/HKDAVk5K2+Zf0xqMwGDwprmrlzZB3AzNpgDo6dB7ERPPu5f
Jj5XMUQQ7p463rloMv3PoRzWb/2R4pUMTxkWm7c+KKH3j1ZLIaIaw/Z0SNTcBH8G
PGpw38Zabd1G/l8FwGWbHih0M+KaKL9cLQs7kdO0a2crR8kxZ6jBr7BzfuiN9OW6
iXFqTWpme9CTxAgphOnY9oyoZ5sfjrir1XBMw2ny8d8/GlqsLrQZvzxoQ5dqW6hb
yK+wEIOm1KiRNTtF3gxK1awF3eUP9Y4Tbg==
-----END CERTIFICATE-----
Generated at Sat Apr 26 08:06:36 2025 by rpki-client