Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C7AA5/BAFB357415BB11F0BFD54881C4F9AE02/8778443E1A5D11F0BF5E3633C4F9AE02.roa
File: 8778443E1A5D11F0BF5E3633C4F9AE02.roa (raw, json)
Hash identifier: Dfatpihvv1CLwAAuC2V1ulsQUHXfW44NEyoYBvIJk/M=
Subject key identifier: DE:05:AB:98:F1:83:E4:A0:05:9D:19:47:3C:13:0B:B0:F5:37:B7:76
Certificate issuer: /CN=A91C7AA5/serialNumber=F7267E80BE817F043D28FB7E7305F4C488A8391A
Certificate serial: 09
Authority key identifier: F7:26:7E:80:BE:81:7F:04:3D:28:FB:7E:73:05:F4:C4:88:A8:39:1A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9yZ-gL6BfwQ9KPt-cwX0xIioORo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C7AA5/BAFB357415BB11F0BFD54881C4F9AE02/8778443E1A5D11F0BF5E3633C4F9AE02.roa
Signing time: Wed 16 Apr 2025 00:55:46 +0000
ROA not before: Wed 16 Apr 2025 00:55:45 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 8075
IP address blocks: 203.2.220.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 16 Apr 2025 04:27:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9 (0x9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C7AA5, serialNumber=F7267E80BE817F043D28FB7E7305F4C488A8391A
Validity
Not Before: Apr 16 00:55:45 2025 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=67ff0011-a6b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:9d:22:23:96:57:41:94:ee:71:89:0d:53:b0:
10:a5:a4:d8:0e:bb:72:da:e0:bb:6d:f1:14:d3:0a:
02:b5:a2:f9:49:5a:33:c7:48:97:29:c8:a9:d1:3f:
a8:e4:d9:af:37:b2:9e:5f:87:ca:ea:76:60:d9:be:
10:f9:39:81:f7:fd:96:61:3d:59:37:69:bf:6f:94:
4d:4a:54:24:10:ae:94:f4:8d:81:5c:c1:f1:8c:99:
79:7c:98:05:1a:44:19:63:b6:4e:19:f8:ca:42:d9:
a5:97:2f:82:85:77:42:77:2e:cd:f3:3e:7d:09:e5:
24:fd:16:7c:b6:42:a5:26:cf:61:9d:00:72:a2:a2:
ea:89:da:3e:f7:2a:da:76:ba:41:68:1a:82:57:f0:
09:1b:3f:a4:e8:77:59:9d:86:f3:a8:b1:1a:f4:4c:
ad:09:6c:9c:e2:db:8f:55:e5:9a:6e:d5:7c:38:96:
f4:a8:45:2f:c5:e9:a9:c7:97:0c:b0:12:b6:d4:19:
3c:06:20:87:5b:fa:07:8d:cc:df:a1:0e:8d:bf:02:
cd:0a:53:f2:b6:d3:45:e7:16:15:e4:82:60:4c:8d:
de:10:2a:21:26:28:e0:34:4b:04:0d:c0:c9:ab:43:
a7:76:f1:80:5e:13:ac:c8:b8:c5:d1:7a:73:a8:5c:
69:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:05:AB:98:F1:83:E4:A0:05:9D:19:47:3C:13:0B:B0:F5:37:B7:76
X509v3 Authority Key Identifier:
keyid:F7:26:7E:80:BE:81:7F:04:3D:28:FB:7E:73:05:F4:C4:88:A8:39:1A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C7AA5/BAFB357415BB11F0BFD54881C4F9AE02/9yZ-gL6BfwQ9KPt-cwX0xIioORo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9yZ-gL6BfwQ9KPt-cwX0xIioORo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C7AA5/BAFB357415BB11F0BFD54881C4F9AE02/8778443E1A5D11F0BF5E3633C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.2.220.0/24
Signature Algorithm: sha256WithRSAEncryption
e3:4f:95:5b:19:20:bf:7b:a8:e4:f9:a2:fd:30:2f:d6:86:44:
be:a4:81:e0:28:0c:b1:79:30:be:e2:42:bd:e3:98:98:f4:e8:
0c:89:7c:08:e4:97:45:c8:77:f8:1f:92:66:be:e5:d6:f4:fb:
b7:26:1c:be:6e:7e:fb:d6:fd:59:f8:73:31:94:ad:ef:24:13:
f4:9c:c3:03:ed:ba:a6:dc:ca:1c:98:22:c4:9f:ef:ef:34:ce:
b9:08:36:cd:f2:67:9a:8f:84:83:37:44:8d:a2:fe:f7:ea:dd:
3b:c3:30:78:b3:c0:39:81:c1:a4:76:48:35:28:4e:96:02:23:
8b:2a:af:17:e8:26:1a:37:d7:10:66:d1:5a:38:35:2a:84:d2:
af:ee:4c:56:4e:de:bb:26:b8:43:1c:13:c3:a1:6e:1c:8d:33:
73:9c:0a:6e:57:40:ce:e6:25:9d:5e:55:76:21:55:cc:87:66:
fe:5b:86:a3:38:f9:96:6d:b9:7d:d1:ac:05:57:d3:8a:24:d0:
6b:ce:75:41:ef:7b:10:1a:f3:c5:02:83:ba:e2:c0:15:4e:97:
2f:3f:29:41:73:6c:55:8b:77:de:85:44:86:53:09:fd:5b:6b:
23:ce:b2:f5:34:db:63:e2:3e:aa:f2:0d:65:37:9f:16:1d:0c:
55:e8:b7:85
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBCTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD
N0FBNTExMC8GA1UEBRMoRjcyNjdFODBCRTgxN0YwNDNEMjhGQjdFNzMwNUY0QzQ4
OEE4MzkxQTAeFw0yNTA0MTYwMDU1NDVaFw0yNTA4MzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3ZmYwMDExLWE2YjIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDynSIjlldBlO5xiQ1TsBClpNgOu3La4Ltt8RTTCgK1ovlJWjPHSJcpyKnRP6jk
2a83sp5fh8rqdmDZvhD5OYH3/ZZhPVk3ab9vlE1KVCQQrpT0jYFcwfGMmXl8mAUa
RBljtk4Z+MpC2aWXL4KFd0J3Ls3zPn0J5ST9Fny2QqUmz2GdAHKiouqJ2j73Ktp2
ukFoGoJX8AkbP6Tod1mdhvOosRr0TK0JbJzi249V5Zpu1Xw4lvSoRS/F6anHlwyw
ErbUGTwGIIdb+geNzN+hDo2/As0KU/K200XnFhXkgmBMjd4QKiEmKOA0SwQNwMmr
Q6d28YBeE6zIuMXRenOoXGmLAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQU3gWrmPGD
5KAFnRlHPBMLsPU3t3YwHwYDVR0jBBgwFoAU9yZ+gL6BfwQ9KPt+cwX0xIioORow
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUM3QUE1L0JBRkIzNTc0MTVC
QjExRjBCRkQ1NDg4MUM0RjlBRTAyLzl5Wi1nTDZCZndROUtQdC1jd1gweElpb09S
by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvOXlaLWdMNkJmd1E5S1B0LWN3WDB4SWlvT1JvLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD
N0FBNS9CQUZCMzU3NDE1QkIxMUYwQkZENTQ4ODFDNEY5QUUwMi84Nzc4NDQzRTFB
NUQxMUYwQkY1RTM2MzNDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAMsC3DANBgkqhkiG9w0BAQsFAAOCAQEA40+VWxkgv3uo5Pmi
/TAv1oZEvqSB4CgMsXkwvuJCveOYmPToDIl8COSXRch3+B+SZr7l1vT7tyYcvm5+
+9b9WfhzMZSt7yQT9JzDA+26ptzKHJgixJ/v7zTOuQg2zfJnmo+EgzdEjaL+9+rd
O8MweLPAOYHBpHZINShOlgIjiyqvF+gmGjfXEGbRWjg1KoTSr+5MVk7euya4QxwT
w6FuHI0zc5wKbldAzuYlnV5VdiFVzIdm/luGozj5lm25fdGsBVfTiiTQa851Qe97
EBrzxQKDuuLAFU6XLz8pQXNsVYt33oVEhlMJ/VtrI86y9TTbY+I+qvINZTefFh0M
Vei3hQ==
-----END CERTIFICATE-----
Generated at Sat Apr 26 08:33:47 2025 by rpki-client