Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/BEC7F870C19E11EF8AAC267BC4F9AE02.roa
File: BEC7F870C19E11EF8AAC267BC4F9AE02.roa (raw, json)
Hash identifier: m3d8jt9NPFGUSbQdgvwBNiwWClB6eadQVB9Q3dmdUHs=
Subject key identifier: CF:C5:C6:D6:22:7C:50:8B:57:8F:65:B8:2F:D4:32:C5:3F:22:70:7D
Certificate issuer: /CN=A918FC75/serialNumber=482E5A6E0896A266A91A4066C06F4B4ED984649D
Certificate serial: 040F
Authority key identifier: 48:2E:5A:6E:08:96:A2:66:A9:1A:40:66:C0:6F:4B:4E:D9:84:64:9D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SC5abgiWomapGkBmwG9LTtmEZJ0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/BEC7F870C19E11EF8AAC267BC4F9AE02.roa
Signing time: Tue 24 Dec 2024 02:28:22 +0000
ROA not before: Tue 24 Dec 2024 02:28:22 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 24875
IP address blocks: 203.32.38.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 06 Jan 2025 23:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1039 (0x40f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918FC75, serialNumber=482E5A6E0896A266A91A4066C06F4B4ED984649D
Validity
Not Before: Dec 24 02:28:22 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=676a1c46-5892
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:6d:cc:79:a0:f2:93:7c:9b:fa:d0:16:78:cb:
e1:68:38:a9:7b:01:e6:53:e6:ff:59:e4:c8:0a:9d:
75:ab:5b:5c:8e:f5:c2:49:63:7e:31:ee:f4:87:16:
c0:f9:d3:76:df:64:c2:f7:0b:14:0f:58:61:54:0f:
4b:66:0f:ca:af:b5:28:21:f2:a9:37:a0:70:df:c9:
42:2f:a7:26:b2:be:76:2f:89:a7:ee:7e:3e:5d:d2:
5d:dc:e3:00:05:fb:b0:88:db:20:01:f5:78:cf:bc:
31:54:f1:24:f8:5f:ba:58:0e:cb:b1:fd:61:22:eb:
f8:48:e0:62:18:26:e8:e8:0c:76:4e:da:b2:d2:bc:
6f:7f:d5:f4:cf:af:0e:d9:ff:59:72:0c:7c:dd:0d:
5f:11:d8:1e:f3:2e:50:72:32:2d:17:7a:53:a3:a2:
03:74:c7:97:2f:b2:97:53:b6:17:9a:00:67:f6:c0:
b9:da:01:ed:8d:4a:6a:dc:7f:c6:1d:b4:f5:22:d1:
ed:9c:c3:47:21:fc:90:33:29:fb:93:ad:a4:53:38:
ba:14:b9:e4:bb:cf:96:db:4c:61:16:a8:0b:a7:a5:
92:94:82:49:a2:89:cd:62:a0:6a:e3:2a:24:35:5c:
05:00:a4:14:3e:46:39:a6:44:4d:9a:20:3b:eb:d8:
52:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:C5:C6:D6:22:7C:50:8B:57:8F:65:B8:2F:D4:32:C5:3F:22:70:7D
X509v3 Authority Key Identifier:
keyid:48:2E:5A:6E:08:96:A2:66:A9:1A:40:66:C0:6F:4B:4E:D9:84:64:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/SC5abgiWomapGkBmwG9LTtmEZJ0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SC5abgiWomapGkBmwG9LTtmEZJ0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/BEC7F870C19E11EF8AAC267BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.32.38.0/24
Signature Algorithm: sha256WithRSAEncryption
94:b5:19:1e:b0:fc:9e:62:21:d6:9d:66:34:29:85:d2:e5:a9:
b7:ed:8e:ac:ba:6a:8f:52:1a:ba:f2:51:39:05:62:70:de:5e:
c4:6e:df:01:af:29:06:3f:bf:a1:d2:6a:15:24:2d:3f:62:76:
99:b0:4c:fb:14:af:a6:b1:69:80:2d:55:cc:66:b2:1d:69:bb:
ca:48:1c:6e:90:5d:2b:84:50:a4:c2:be:fb:82:d2:1f:0b:d1:
22:33:32:39:fa:07:42:a3:fa:8d:a1:52:41:64:e6:71:59:70:
dd:e9:d4:66:8c:1b:71:2e:d5:a1:44:2c:e1:fc:bc:48:c3:f4:
c6:9e:ba:5b:cd:b5:70:68:33:07:0c:02:4b:8f:4d:9d:72:dd:
7c:db:22:b6:fe:51:b5:d8:1a:99:16:9b:e2:2a:87:ef:3b:c7:
b3:6a:0c:a6:e0:fe:60:eb:06:ac:ad:07:74:d5:e9:d2:ea:ff:
52:fb:19:3e:bc:b1:93:7a:a4:41:c9:ec:e1:b4:c8:7c:41:5c:
c4:8b:38:49:cb:bd:b6:49:70:a7:a4:f0:eb:0e:fc:d7:ad:42:
bc:1e:08:4c:2d:af:cd:d2:bd:26:cc:c1:83:f1:50:a0:73:a2:
92:d1:0d:97:ed:f9:1b:cd:08:70:98:9b:c7:9e:62:de:a9:9d:
4b:fa:9a:44
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBA8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEZDNzUxMTAvBgNVBAUTKDQ4MkU1QTZFMDg5NkEyNjZBOTFBNDA2NkMwNkY0QjRF
RDk4NDY0OUQwHhcNMjQxMjI0MDIyODIyWhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzZhMWM0Ni01ODkyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAoG3MeaDyk3yb+tAWeMvhaDipewHmU+b/WeTICp11q1tcjvXCSWN+Me70hxbA
+dN232TC9wsUD1hhVA9LZg/Kr7UoIfKpN6Bw38lCL6cmsr52L4mn7n4+XdJd3OMA
BfuwiNsgAfV4z7wxVPEk+F+6WA7Lsf1hIuv4SOBiGCbo6Ax2Ttqy0rxvf9X0z68O
2f9Zcgx83Q1fEdge8y5QcjItF3pTo6IDdMeXL7KXU7YXmgBn9sC52gHtjUpq3H/G
HbT1ItHtnMNHIfyQMyn7k62kUzi6FLnku8+W20xhFqgLp6WSlIJJoonNYqBq4yok
NVwFAKQUPkY5pkRNmiA769hStQIDAQABo4IClTCCApEwHQYDVR0OBBYEFM/FxtYi
fFCLV49luC/UMsU/InB9MB8GA1UdIwQYMBaAFEguWm4IlqJmqRpAZsBvS07ZhGSd
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RkM3NS8zQUE1REVFMERE
NTgxMUVDODcwRkMyMERDNEY5QUUwMi9TQzVhYmdpV29tYXBHa0Jtd0c5TFR0bUVa
SjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1NDNWFiZ2lXb21hcEdrQm13RzlMVHRtRVpKMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEZDNzUvM0FBNURFRTBERDU4MTFFQzg3MEZDMjBEQzRGOUFFMDIvQkVDN0Y4NzBD
MTlFMTFFRjhBQUMyNjdCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADLICYwDQYJKoZIhvcNAQELBQADggEBAJS1GR6w/J5iIdad
ZjQphdLlqbftjqy6ao9SGrryUTkFYnDeXsRu3wGvKQY/v6HSahUkLT9idpmwTPsU
r6axaYAtVcxmsh1pu8pIHG6QXSuEUKTCvvuC0h8L0SIzMjn6B0Kj+o2hUkFk5nFZ
cN3p1GaMG3Eu1aFELOH8vEjD9MaeulvNtXBoMwcMAkuPTZ1y3XzbIrb+UbXYGpkW
m+Iqh+87x7NqDKbg/mDrBqytB3TV6dLq/1L7GT68sZN6pEHJ7OG0yHxBXMSLOEnL
vbZJcKek8OsO/NetQrweCEwtr83SvSbMwYPxUKBzopLRDZft+RvNCHCYm8eeYt6p
nUv6mkQ=
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:07:12 2025 by rpki-client