Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C7AA5/BAFB357415BB11F0BFD54881C4F9AE02/D29133BA19B111F0B1C57D85C4F9AE02.roa
File: D29133BA19B111F0B1C57D85C4F9AE02.roa (raw, json)
Hash identifier: SEXWHA4kOwd0IMuEhh18TyVY7Ntj0FrKNB+58Fz8z5I=
Subject key identifier: 67:45:64:AD:21:53:34:5C:D6:05:C1:A0:2E:E9:A6:3A:29:01:D1:2F
Certificate issuer: /CN=A91C7AA5/serialNumber=F7267E80BE817F043D28FB7E7305F4C488A8391A
Certificate serial: 05
Authority key identifier: F7:26:7E:80:BE:81:7F:04:3D:28:FB:7E:73:05:F4:C4:88:A8:39:1A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9yZ-gL6BfwQ9KPt-cwX0xIioORo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C7AA5/BAFB357415BB11F0BFD54881C4F9AE02/D29133BA19B111F0B1C57D85C4F9AE02.roa
Signing time: Tue 15 Apr 2025 04:26:38 +0000
ROA not before: Tue 15 Apr 2025 04:26:38 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 8075
IP address blocks: 203.2.220.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 16 Apr 2025 00:53:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5 (0x5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C7AA5, serialNumber=F7267E80BE817F043D28FB7E7305F4C488A8391A
Validity
Not Before: Apr 15 04:26:38 2025 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=67fddffe-8d16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:10:bc:84:1d:71:17:78:86:90:66:1b:58:48:
7a:f6:13:f8:a3:ba:00:09:fe:3c:b1:01:ba:0f:bf:
68:22:32:78:31:a5:f4:e7:54:b7:ec:f9:2f:9c:ac:
11:4a:c9:44:ba:37:87:0b:ff:20:d2:59:fb:8a:39:
11:30:a5:77:51:76:af:ac:34:27:be:89:26:0d:d6:
d4:da:48:49:06:49:a7:7a:3c:17:34:1b:ce:72:a3:
0b:de:9e:6e:f3:45:7b:b5:d6:56:06:66:97:20:ae:
c4:cd:62:84:a4:bb:d8:eb:d4:ce:74:66:38:b6:05:
5f:d1:78:f7:6a:29:27:64:f4:86:ba:bf:32:14:f5:
45:63:18:ec:f7:8b:25:bc:c6:43:c3:e8:11:9f:a8:
58:df:cb:14:3f:e1:ac:35:f6:0e:e2:f0:fe:da:9d:
db:82:71:61:c5:9f:3a:35:f7:55:76:8a:08:be:ae:
8b:ec:17:2d:fc:ff:4d:69:33:52:19:35:dc:e3:0c:
d0:d1:09:86:52:d2:1c:54:39:ef:11:79:8b:d0:87:
61:9c:fd:07:ee:4c:61:89:7c:80:48:53:1a:f8:d2:
b7:86:9b:f0:88:a8:fe:7e:57:9e:1b:a4:f1:e0:85:
ff:59:9b:ee:f3:8f:6e:96:4f:d4:22:3d:a1:79:b1:
3e:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:45:64:AD:21:53:34:5C:D6:05:C1:A0:2E:E9:A6:3A:29:01:D1:2F
X509v3 Authority Key Identifier:
keyid:F7:26:7E:80:BE:81:7F:04:3D:28:FB:7E:73:05:F4:C4:88:A8:39:1A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C7AA5/BAFB357415BB11F0BFD54881C4F9AE02/9yZ-gL6BfwQ9KPt-cwX0xIioORo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9yZ-gL6BfwQ9KPt-cwX0xIioORo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C7AA5/BAFB357415BB11F0BFD54881C4F9AE02/D29133BA19B111F0B1C57D85C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.2.220.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:82:1d:4e:c9:9a:0a:33:e2:72:36:60:9c:35:c7:34:fc:09:
fb:3c:3c:2a:38:ae:2b:ea:8c:2b:24:5c:67:02:e6:d5:72:a2:
bb:59:42:cd:34:c7:e5:e6:71:86:2e:e9:94:e9:9f:fc:57:4e:
b2:ab:e3:6e:96:9b:55:5b:33:34:34:40:b8:b3:56:1a:0b:4a:
51:5a:5c:49:a7:4f:fc:5e:6f:bf:98:d5:a7:cc:24:4e:24:6e:
6c:3f:58:9b:f9:0d:c1:31:b5:9e:6c:23:fc:33:a1:75:6d:cf:
c9:f9:b6:74:8a:ca:c5:aa:77:08:fc:8d:8a:fc:d2:cf:d1:c3:
05:b0:d9:48:8b:72:b5:6a:46:7f:0d:d4:54:04:63:04:5a:5b:
54:31:88:5a:5f:db:1c:6b:54:2c:2e:5b:63:3a:38:2a:22:a3:
ce:27:46:67:b1:42:2f:af:ac:37:ae:35:0c:4f:8d:6d:b2:13:
1b:52:0a:88:64:35:1f:13:4d:2c:ec:a1:85:42:f4:36:48:d5:
d7:c9:a5:35:a7:24:0e:9e:24:2e:e9:77:ff:bd:4f:5a:88:26:
e6:f5:90:ef:89:a3:20:10:7d:81:d1:05:70:74:ca:1c:82:24:
bc:3e:14:f9:74:68:d1:e5:c8:f7:79:02:be:37:ad:91:cb:b8:
af:3c:44:fd
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBBTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD
N0FBNTExMC8GA1UEBRMoRjcyNjdFODBCRTgxN0YwNDNEMjhGQjdFNzMwNUY0QzQ4
OEE4MzkxQTAeFw0yNTA0MTUwNDI2MzhaFw0yNTA4MzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3ZmRkZmZlLThkMTYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDGELyEHXEXeIaQZhtYSHr2E/ijugAJ/jyxAboPv2giMngxpfTnVLfs+S+crBFK
yUS6N4cL/yDSWfuKOREwpXdRdq+sNCe+iSYN1tTaSEkGSad6PBc0G85yowvenm7z
RXu11lYGZpcgrsTNYoSku9jr1M50Zji2BV/RePdqKSdk9Ia6vzIU9UVjGOz3iyW8
xkPD6BGfqFjfyxQ/4aw19g7i8P7anduCcWHFnzo191V2igi+rovsFy38/01pM1IZ
NdzjDNDRCYZS0hxUOe8ReYvQh2Gc/QfuTGGJfIBIUxr40reGm/CIqP5+V54bpPHg
hf9Zm+7zj26WT9QiPaF5sT7tAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUZ0VkrSFT
NFzWBcGgLummOikB0S8wHwYDVR0jBBgwFoAU9yZ+gL6BfwQ9KPt+cwX0xIioORow
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUM3QUE1L0JBRkIzNTc0MTVC
QjExRjBCRkQ1NDg4MUM0RjlBRTAyLzl5Wi1nTDZCZndROUtQdC1jd1gweElpb09S
by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvOXlaLWdMNkJmd1E5S1B0LWN3WDB4SWlvT1JvLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD
N0FBNS9CQUZCMzU3NDE1QkIxMUYwQkZENTQ4ODFDNEY5QUUwMi9EMjkxMzNCQTE5
QjExMUYwQjFDNTdEODVDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAMsC3DANBgkqhkiG9w0BAQsFAAOCAQEAboIdTsmaCjPicjZg
nDXHNPwJ+zw8KjiuK+qMKyRcZwLm1XKiu1lCzTTH5eZxhi7plOmf/FdOsqvjbpab
VVszNDRAuLNWGgtKUVpcSadP/F5vv5jVp8wkTiRubD9Ym/kNwTG1nmwj/DOhdW3P
yfm2dIrKxap3CPyNivzSz9HDBbDZSItytWpGfw3UVARjBFpbVDGIWl/bHGtULC5b
Yzo4KiKjzidGZ7FCL6+sN641DE+NbbITG1IKiGQ1HxNNLOyhhUL0NkjV18mlNack
Dp4kLul3/71PWogm5vWQ74mjIBB9gdEFcHTKHIIkvD4U+XRo0eXI93kCvjetkcu4
rzxE/Q==
-----END CERTIFICATE-----
Generated at Sat Apr 26 08:32:42 2025 by rpki-client