Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918C287/307CFF1EB37711EFB9184D7AC4F9AE02/2A135F02BBFA11EFAD03281FC4F9AE02.roa
File: 2A135F02BBFA11EFAD03281FC4F9AE02.roa (raw, json)
Hash identifier: kmzVhr0I4u14ERttwDFMgzUscj0HGPVcCR3G6JykWd4=
Subject key identifier: E3:E4:F5:29:80:53:D5:97:38:EB:25:66:47:EC:58:15:D4:6F:79:7B
Certificate issuer: /CN=A918C287/serialNumber=D8B1E2389BA591FD79B9A504AF5A44DAE0A6E828
Certificate serial: 0E
Authority key identifier: D8:B1:E2:38:9B:A5:91:FD:79:B9:A5:04:AF:5A:44:DA:E0:A6:E8:28
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2LHiOJulkf15uaUEr1pE2uCm6Cg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918C287/307CFF1EB37711EFB9184D7AC4F9AE02/2A135F02BBFA11EFAD03281FC4F9AE02.roa
Signing time: Mon 16 Dec 2024 22:07:39 +0000
ROA not before: Mon 16 Dec 2024 22:07:39 +0000
ROA not after: Sat 01 May 2038 00:00:00 +0000
asID: 55471
IP address blocks: 203.176.189.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 16 Dec 2024 22:11:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14 (0xe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918C287, serialNumber=D8B1E2389BA591FD79B9A504AF5A44DAE0A6E828
Validity
Not Before: Dec 16 22:07:39 2024 GMT
Not After : May 1 00:00:00 2038 GMT
Subject: CN=6760a4ab-f841
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:83:29:e7:c5:22:ba:d5:6b:c3:ab:d4:f6:df:
bf:6d:54:db:fa:97:59:89:bb:71:8a:06:94:e3:e2:
3c:05:ef:21:5b:29:58:05:e1:65:32:38:47:b6:ef:
77:72:f2:34:f5:cd:1c:79:c3:b0:10:0d:bf:5d:7a:
e4:1a:01:41:b9:75:a9:66:34:ec:c8:62:6e:3d:7d:
e0:c6:0b:44:6e:9f:eb:f4:b7:da:a9:03:4d:ec:74:
c9:87:51:1e:5c:c3:00:0d:cd:15:f8:f1:76:24:15:
71:97:46:6d:fd:83:e8:b8:bc:dc:be:4e:63:15:6c:
88:a7:66:66:b2:17:cf:df:f5:c9:cd:dc:aa:80:9a:
62:5d:95:4d:64:f6:52:fa:59:13:cd:f3:b4:2a:0b:
4f:3b:77:32:81:d3:8c:31:f6:44:34:49:7e:12:f8:
34:43:ce:53:af:bd:81:d9:2b:1e:30:d8:bc:d8:2a:
07:1d:92:be:c9:8c:21:62:02:98:12:82:98:1f:62:
9e:0a:f8:97:fd:78:1f:f2:5d:6e:1c:b0:d7:7f:fb:
7a:06:8a:bc:2f:50:9f:5f:a2:56:0c:0b:e3:08:af:
4c:b1:55:4a:95:bb:9c:9f:99:cc:5b:45:d4:a7:bb:
73:3e:d6:75:89:59:51:74:4e:99:35:15:34:93:ec:
91:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:E4:F5:29:80:53:D5:97:38:EB:25:66:47:EC:58:15:D4:6F:79:7B
X509v3 Authority Key Identifier:
keyid:D8:B1:E2:38:9B:A5:91:FD:79:B9:A5:04:AF:5A:44:DA:E0:A6:E8:28
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918C287/307CFF1EB37711EFB9184D7AC4F9AE02/2LHiOJulkf15uaUEr1pE2uCm6Cg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2LHiOJulkf15uaUEr1pE2uCm6Cg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918C287/307CFF1EB37711EFB9184D7AC4F9AE02/2A135F02BBFA11EFAD03281FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.176.189.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:9e:d8:94:ef:61:75:a3:09:c9:8a:8d:b6:48:51:ed:4d:a1:
69:d5:c3:68:27:a9:74:b5:73:5a:6f:2b:a7:43:cf:86:73:36:
3b:90:39:f1:6c:87:96:3d:2b:6a:42:ee:ed:f5:b3:97:9b:e1:
1d:3b:81:bc:59:3f:8c:de:33:88:14:19:82:1c:64:ee:86:5a:
1f:fa:94:cb:ea:4c:c5:fd:01:7f:12:02:49:b4:58:d5:ff:4c:
cf:2d:ad:b9:6c:cf:d9:4b:f7:fb:aa:b1:e5:e4:83:cd:0c:25:
13:76:14:15:84:8f:e6:7a:70:cf:5c:7b:8d:d1:c8:cb:be:cb:
27:a1:3c:6d:7e:22:5a:01:cc:cc:fc:37:65:02:f5:6d:c1:f0:
20:56:4d:b7:00:7f:f2:14:8c:dd:19:b9:ec:63:93:a5:f0:8d:
d3:d1:9a:9b:47:b7:6c:b8:e1:69:73:8b:bb:1e:fe:91:34:15:
44:51:ab:88:17:d3:65:06:55:46:05:3b:f3:cd:4f:49:e5:4a:
ed:e7:f8:f8:31:91:1a:d1:4c:27:e9:93:8e:36:2a:b9:b3:f4:
be:32:ab:3f:92:1a:64:cd:db:bb:c7:1a:84:fb:2a:48:b4:03:
36:c2:68:1b:26:b6:01:c2:39:dd:27:35:95:94:55:3c:73:ed:
e6:95:e6:3e
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBDjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE4
QzI4NzExMC8GA1UEBRMoRDhCMUUyMzg5QkE1OTFGRDc5QjlBNTA0QUY1QTQ0REFF
MEE2RTgyODAeFw0yNDEyMTYyMjA3MzlaFw0zODA1MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3NjBhNGFiLWY4NDEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC8gynnxSK61WvDq9T2379tVNv6l1mJu3GKBpTj4jwF7yFbKVgF4WUyOEe273dy
8jT1zRx5w7AQDb9deuQaAUG5dalmNOzIYm49feDGC0Run+v0t9qpA03sdMmHUR5c
wwANzRX48XYkFXGXRm39g+i4vNy+TmMVbIinZmayF8/f9cnN3KqAmmJdlU1k9lL6
WRPN87QqC087dzKB04wx9kQ0SX4S+DRDzlOvvYHZKx4w2LzYKgcdkr7JjCFiApgS
gpgfYp4K+Jf9eB/yXW4csNd/+3oGirwvUJ9folYMC+MIr0yxVUqVu5yfmcxbRdSn
u3M+1nWJWVF0Tpk1FTST7JF3AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQU4+T1KYBT
1Zc46yVmR+xYFdRveXswHwYDVR0jBBgwFoAU2LHiOJulkf15uaUEr1pE2uCm6Cgw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MThDMjg3LzMwN0NGRjFFQjM3
NzExRUZCOTE4NEQ3QUM0RjlBRTAyLzJMSGlPSnVsa2YxNXVhVUVyMXBFMnVDbTZD
Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvMkxIaU9KdWxrZjE1dWFVRXIxcEUydUNtNkNnLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4
QzI4Ny8zMDdDRkYxRUIzNzcxMUVGQjkxODREN0FDNEY5QUUwMi8yQTEzNUYwMkJC
RkExMUVGQUQwMzI4MUZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAMuwvTANBgkqhkiG9w0BAQsFAAOCAQEAb57YlO9hdaMJyYqN
tkhR7U2hadXDaCepdLVzWm8rp0PPhnM2O5A58WyHlj0rakLu7fWzl5vhHTuBvFk/
jN4ziBQZghxk7oZaH/qUy+pMxf0BfxICSbRY1f9Mzy2tuWzP2Uv3+6qx5eSDzQwl
E3YUFYSP5npwz1x7jdHIy77LJ6E8bX4iWgHMzPw3ZQL1bcHwIFZNtwB/8hSM3Rm5
7GOTpfCN09Gam0e3bLjhaXOLux7+kTQVRFGriBfTZQZVRgU7881PSeVK7ef4+DGR
GtFMJ+mTjjYqubP0vjKrP5IaZM3bu8cahPsqSLQDNsJoGya2AcI53Sc1lZRVPHPt
5pXmPg==
-----END CERTIFICATE-----
Generated at Sat Apr 26 04:36:00 2025 by rpki-client