Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9173780/8EB62DFA77ED11EAAA4CC422C4F9AE02/1E28598C244A11F095362B75C4F9AE02.roa
File: 1E28598C244A11F095362B75C4F9AE02.roa (raw, json)
Hash identifier: CLqBt5/2aOPCz3f3h/zxfiYWzpi335Ao5j/5xWXaHs0=
Subject key identifier: 21:70:4C:C1:F1:9A:21:34:A5:B6:D0:5B:33:EA:7B:53:38:1C:8C:C7
Certificate issuer: /CN=A9173780/serialNumber=9BC66CFF809A8A71212005DD9C27047AB418C8A7
Certificate serial: 09FE
Authority key identifier: 9B:C6:6C:FF:80:9A:8A:71:21:20:05:DD:9C:27:04:7A:B4:18:C8:A7
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/m8Zs_4CainEhIAXdnCcEerQYyKc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9173780/8EB62DFA77ED11EAAA4CC422C4F9AE02/1E28598C244A11F095362B75C4F9AE02.roa
Signing time: Mon 28 Apr 2025 16:03:18 +0000
ROA not before: Mon 28 Apr 2025 16:03:18 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 24479
IP address blocks: 203.3.167.0/24 maxlen: 24
203.28.212.0/24 maxlen: 24
203.170.2.0/23 maxlen: 23
203.170.2.0/24 maxlen: 24
203.170.4.0/22 maxlen: 22
203.170.8.0/21 maxlen: 21
203.170.8.0/24 maxlen: 24
203.170.9.0/24 maxlen: 24
203.170.10.0/24 maxlen: 24
203.170.11.0/24 maxlen: 24
203.170.12.0/24 maxlen: 24
203.170.13.0/24 maxlen: 24
203.170.14.0/24 maxlen: 24
2402:4d40::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 28 Apr 2025 17:30:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2558 (0x9fe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9173780, serialNumber=9BC66CFF809A8A71212005DD9C27047AB418C8A7
Validity
Not Before: Apr 28 16:03:18 2025 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=680fa6c6-9ad5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:f7:7b:bc:b2:7b:f9:cd:74:24:be:11:1c:66:
71:ea:75:24:09:a2:a1:2b:f9:74:c5:db:a8:d5:f6:
c6:0c:b7:47:fb:1b:1a:9b:91:87:78:6e:03:93:86:
d3:28:9f:d1:f3:4b:69:28:18:34:69:5a:d1:82:3c:
8f:7b:98:f4:b0:a5:05:97:81:9f:a9:03:48:94:78:
b0:8f:4b:bf:ff:d9:9a:f1:83:1c:cd:48:d6:d9:bd:
f0:0e:9b:d2:ff:ee:05:2a:22:5a:9f:1e:f4:71:2b:
d8:89:53:71:4f:ef:96:27:4d:ba:42:d1:51:31:16:
01:ba:63:08:14:fa:f6:78:83:38:49:31:42:c1:e7:
b0:8e:06:bd:84:e3:7e:fd:20:1d:5b:21:a4:f2:af:
03:bc:17:b7:c4:fc:dc:5d:26:3d:3d:c0:8c:b4:7a:
cb:56:a8:1f:35:b6:8f:d6:01:35:68:15:59:bf:a3:
71:c7:02:44:7e:4d:3f:f8:60:c5:7d:ac:a0:53:42:
f4:7a:6b:c6:d2:50:3f:0e:6d:50:18:23:4e:3c:5c:
4d:fd:f2:12:3a:d0:ee:77:94:ac:80:d7:fd:64:ea:
b5:76:8b:e9:bd:90:72:92:ce:d8:9f:c6:a7:48:14:
9a:15:b7:d6:95:2f:ac:a1:34:48:86:5c:df:80:29:
90:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:70:4C:C1:F1:9A:21:34:A5:B6:D0:5B:33:EA:7B:53:38:1C:8C:C7
X509v3 Authority Key Identifier:
keyid:9B:C6:6C:FF:80:9A:8A:71:21:20:05:DD:9C:27:04:7A:B4:18:C8:A7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9173780/8EB62DFA77ED11EAAA4CC422C4F9AE02/m8Zs_4CainEhIAXdnCcEerQYyKc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/m8Zs_4CainEhIAXdnCcEerQYyKc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9173780/8EB62DFA77ED11EAAA4CC422C4F9AE02/1E28598C244A11F095362B75C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.3.167.0/24
203.28.212.0/24
203.170.2.0-203.170.15.255
IPv6:
2402:4d40::/32
Signature Algorithm: sha256WithRSAEncryption
95:12:ef:20:05:d9:8f:74:ce:ea:c1:d7:48:41:22:c5:ba:87:
92:7b:b9:b2:f8:ac:19:96:fa:68:45:c7:73:b1:2f:9b:d7:60:
20:75:ea:40:f2:d0:31:1d:25:4f:97:00:ab:f6:73:16:21:6c:
36:fc:24:7e:05:bc:cd:7b:b0:6b:f6:ee:11:d7:42:4f:e3:b1:
07:4d:1f:99:21:05:94:1f:d7:57:f8:d0:63:6a:5c:39:dc:22:
33:86:8e:48:d4:9b:94:46:92:44:7f:b8:52:6b:17:c0:9b:24:
89:17:d4:5d:16:8e:d6:0b:b0:eb:c0:31:79:b8:c0:49:42:d0:
38:66:a6:5d:b8:ad:cd:3c:b2:a6:a4:40:72:3c:aa:8e:c8:21:
67:33:9b:52:80:c5:9a:ef:e0:5c:6d:57:9d:31:be:82:4d:cb:
4d:a5:97:29:20:61:7f:04:95:ce:cb:3e:ca:c5:4b:94:85:1f:
9e:ea:db:9f:ab:c0:7a:bd:26:01:9b:cc:a9:22:57:4d:a4:52:
9d:5f:2c:53:5b:86:9d:51:29:6d:45:10:04:b8:60:49:3c:03:
74:47:69:d5:a0:7a:d9:c3:b1:76:3a:18:e0:68:50:57:09:cf:
0a:f8:55:fd:87:c9:a7:cd:0d:08:ad:48:c3:fe:fe:69:f5:c6:
74:62:05:6b
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgICCf4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzM3ODAxMTAvBgNVBAUTKDlCQzY2Q0ZGODA5QThBNzEyMTIwMDVERDlDMjcwNDdB
QjQxOEM4QTcwHhcNMjUwNDI4MTYwMzE4WhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODBmYTZjNi05YWQ1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAu/d7vLJ7+c10JL4RHGZx6nUkCaKhK/l0xduo1fbGDLdH+xsam5GHeG4Dk4bT
KJ/R80tpKBg0aVrRgjyPe5j0sKUFl4GfqQNIlHiwj0u//9ma8YMczUjW2b3wDpvS
/+4FKiJanx70cSvYiVNxT++WJ026QtFRMRYBumMIFPr2eIM4STFCweewjga9hON+
/SAdWyGk8q8DvBe3xPzcXSY9PcCMtHrLVqgfNbaP1gE1aBVZv6NxxwJEfk0/+GDF
faygU0L0emvG0lA/Dm1QGCNOPFxN/fISOtDud5SsgNf9ZOq1dovpvZByks7Yn8an
SBSaFbfWlS+soTRIhlzfgCmQwwIDAQABo4ICuDCCArQwHQYDVR0OBBYEFCFwTMHx
miE0pbbQWzPqe1M4HIzHMB8GA1UdIwQYMBaAFJvGbP+AmopxISAF3ZwnBHq0GMin
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3Mzc4MC84RUI2MkRGQTc3
RUQxMUVBQUE0Q0M0MjJDNEY5QUUwMi9tOFpzXzRDYWluRWhJQVhkbkNjRWVyUVl5
S2MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL204WnNfNENhaW5FaElBWGRuQ2NFZXJRWXlLYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzM3ODAvOEVCNjJERkE3N0VEMTFFQUFBNENDNDIyQzRGOUFFMDIvMUUyODU5OEMy
NDRBMTFGMDk1MzYyQjc1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQgYIKwYBBQUHAQcBAf8E
MzAxMCAEAgABMBoDBADLA6cDBADLHNQwDAMEAcuqAgMEBMuqADANBAIAAjAHAwUA
JAJNQDANBgkqhkiG9w0BAQsFAAOCAQEAlRLvIAXZj3TO6sHXSEEixbqHknu5svis
GZb6aEXHc7Evm9dgIHXqQPLQMR0lT5cAq/ZzFiFsNvwkfgW8zXuwa/buEddCT+Ox
B00fmSEFlB/XV/jQY2pcOdwiM4aOSNSblEaSRH+4UmsXwJskiRfUXRaO1guw68Ax
ebjASULQOGamXbitzTyypqRAcjyqjsghZzObUoDFmu/gXG1XnTG+gk3LTaWXKSBh
fwSVzss+ysVLlIUfnurbn6vAer0mAZvMqSJXTaRSnV8sU1uGnVEpbUUQBLhgSTwD
dEdp1aB62cOxdjoY4GhQVwnPCvhV/YfJp80NCK1Iw/7+afXGdGIFaw==
-----END CERTIFICATE-----
Generated at Sun Jun 15 08:34:21 2025 by rpki-client