Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/2B7DF93ED6D911EFAC242673C4F9AE02.roa
File: 2B7DF93ED6D911EFAC242673C4F9AE02.roa (raw, json)
Hash identifier: xkLIC9QW2K6vjVWS/xEDEnQmBXyUMQ5Pkpv6ZITvk7c=
Subject key identifier: D8:0B:DF:4C:62:94:52:85:A7:A3:B3:7E:8C:DC:EB:D1:14:5E:B7:FD
Certificate issuer: /CN=A91E3E27/serialNumber=A272ACAFE8FAA4F2A9700A6FC11425908C743D4B
Certificate serial: 0A68
Authority key identifier: A2:72:AC:AF:E8:FA:A4:F2:A9:70:0A:6F:C1:14:25:90:8C:74:3D:4B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/onKsr-j6pPKpcApvwRQlkIx0PUs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/2B7DF93ED6D911EFAC242673C4F9AE02.roa
Signing time: Mon 20 Jan 2025 02:49:30 +0000
ROA not before: Mon 20 Jan 2025 02:49:30 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 203.88.80.0/23 maxlen: 23
203.88.82.0/24 maxlen: 24
203.88.86.0/23 maxlen: 23
203.88.88.0/23 maxlen: 23
203.88.90.0/24 maxlen: 24
203.88.95.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 20 Jan 2025 03:14:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2664 (0xa68)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E3E27, serialNumber=A272ACAFE8FAA4F2A9700A6FC11425908C743D4B
Validity
Not Before: Jan 20 02:49:30 2025 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=678db9ba-1e54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:28:89:a0:81:84:15:6b:62:1c:f4:ac:67:ca:
b5:e0:d2:67:b3:00:55:03:71:22:87:ab:40:e2:9c:
8a:bb:64:c7:ef:d3:38:39:a3:4c:58:bc:42:cc:43:
ee:15:83:a7:cf:55:5a:7f:5d:6e:8b:99:7a:fe:c8:
19:2c:cc:01:36:dc:a8:c8:9e:76:13:01:08:3d:6f:
86:39:cc:40:06:e2:73:83:97:c0:77:0d:63:f7:db:
e5:3b:d5:6e:02:9e:60:b1:6d:8a:97:ee:17:48:82:
5a:86:aa:3a:11:32:21:54:57:41:86:0e:aa:b9:4a:
96:7a:09:3f:8f:20:0e:5b:01:b4:3f:51:b1:78:02:
b6:ec:31:89:ef:31:37:08:8e:71:c2:2e:76:fb:09:
12:e6:d7:e0:50:40:13:b7:f1:67:eb:e0:8c:09:31:
10:08:9c:16:51:af:0d:7d:3d:9c:2e:53:4c:8e:0f:
2b:ac:2f:18:27:5e:f8:09:1f:2d:06:e5:93:9a:88:
e8:a1:6a:45:0e:87:5a:3c:d7:07:59:e7:20:07:48:
06:05:78:07:e3:bc:c4:95:b6:6f:35:38:14:da:bd:
b3:e2:36:c4:36:f7:ef:60:a5:2e:6a:f4:44:bb:d8:
cc:2e:fe:9d:cf:e1:57:5c:f9:3b:e8:0e:24:99:5a:
bb:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:0B:DF:4C:62:94:52:85:A7:A3:B3:7E:8C:DC:EB:D1:14:5E:B7:FD
X509v3 Authority Key Identifier:
keyid:A2:72:AC:AF:E8:FA:A4:F2:A9:70:0A:6F:C1:14:25:90:8C:74:3D:4B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/onKsr-j6pPKpcApvwRQlkIx0PUs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/onKsr-j6pPKpcApvwRQlkIx0PUs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E3E27/F38887666F3A11EA9840133DC4F9AE02/2B7DF93ED6D911EFAC242673C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.88.80.0-203.88.82.255
203.88.86.0-203.88.90.255
203.88.95.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:7d:c0:13:b8:d0:1a:82:d9:0a:bb:fa:71:48:47:27:d0:f5:
68:9d:34:e7:3c:6f:44:d0:0f:8b:ad:5f:3c:0e:bd:ae:e2:15:
07:6f:80:75:71:b6:d3:17:82:fa:e7:e8:21:b3:5e:78:51:75:
f2:f4:48:bb:4a:7a:62:7b:1c:41:f3:ef:51:c7:b0:3f:c6:16:
74:5e:5e:a9:a0:44:c1:8e:66:14:9b:76:69:d1:fe:d7:b0:16:
03:40:57:32:08:e7:ef:bc:a5:d3:d4:99:c7:c8:ed:b3:f5:17:
4a:10:3e:09:8b:b8:15:da:a4:d7:32:7f:e1:01:99:bb:8a:13:
74:20:ad:da:30:71:9b:fc:dd:a3:1f:77:45:df:fe:05:55:19:
4e:80:7d:09:79:6b:60:26:04:e9:57:3e:81:56:a1:8f:b5:9b:
37:08:d9:55:4e:c1:b9:5d:6e:5d:8b:e4:7f:a3:b9:d2:ab:23:
3b:d6:a1:7a:87:b4:05:ca:51:54:8e:9b:04:5f:65:bf:18:2b:
3c:e4:c1:53:1c:a6:d7:60:d4:a3:7c:30:b7:1e:eb:0d:02:60:
7c:b7:89:aa:a8:19:f5:b6:3a:5f:2a:cf:84:bd:d3:87:2b:d4:
ff:1c:73:74:21:80:5a:a0:21:1b:11:e9:23:ee:f8:6f:ea:9a:
ca:bb:22:ec
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgICCmgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTNFMjcxMTAvBgNVBAUTKEEyNzJBQ0FGRThGQUE0RjJBOTcwMEE2RkMxMTQyNTkw
OEM3NDNENEIwHhcNMjUwMTIwMDI0OTMwWhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzhkYjliYS0xZTU0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2yiJoIGEFWtiHPSsZ8q14NJnswBVA3Eih6tA4pyKu2TH79M4OaNMWLxCzEPu
FYOnz1Vaf11ui5l6/sgZLMwBNtyoyJ52EwEIPW+GOcxABuJzg5fAdw1j99vlO9Vu
Ap5gsW2Kl+4XSIJahqo6ETIhVFdBhg6quUqWegk/jyAOWwG0P1GxeAK27DGJ7zE3
CI5xwi52+wkS5tfgUEATt/Fn6+CMCTEQCJwWUa8NfT2cLlNMjg8rrC8YJ174CR8t
BuWTmojooWpFDodaPNcHWecgB0gGBXgH47zElbZvNTgU2r2z4jbENvfvYKUuavRE
u9jMLv6dz+FXXPk76A4kmVq7gwIDAQABo4ICsTCCAq0wHQYDVR0OBBYEFNgL30xi
lFKFp6Ozfozc69EUXrf9MB8GA1UdIwQYMBaAFKJyrK/o+qTyqXAKb8EUJZCMdD1L
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFM0UyNy9GMzg4ODc2NjZG
M0ExMUVBOTg0MDEzM0RDNEY5QUUwMi9vbktzci1qNnBQS3BjQXB2d1JRbGtJeDBQ
VXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL29uS3NyLWo2cFBLcGNBcHZ3UlFsa0l4MFBVcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTNFMjcvRjM4ODg3NjY2RjNBMTFFQTk4NDAxMzNEQzRGOUFFMDIvMkI3REY5M0VE
NkQ5MTFFRkFDMjQyNjczQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOwYIKwYBBQUHAQcBAf8E
LDAqMCgEAgABMCIwDAMEBMtYUAMEAMtYUjAMAwQBy1hWAwQAy1haAwQAy1hfMA0G
CSqGSIb3DQEBCwUAA4IBAQBqfcATuNAagtkKu/pxSEcn0PVonTTnPG9E0A+LrV88
Dr2u4hUHb4B1cbbTF4L65+ghs154UXXy9Ei7SnpiexxB8+9Rx7A/xhZ0Xl6poETB
jmYUm3Zp0f7XsBYDQFcyCOfvvKXT1JnHyO2z9RdKED4Ji7gV2qTXMn/hAZm7ihN0
IK3aMHGb/N2jH3dF3/4FVRlOgH0JeWtgJgTpVz6BVqGPtZs3CNlVTsG5XW5di+R/
o7nSqyM71qF6h7QFylFUjpsEX2W/GCs85MFTHKbXYNSjfDC3HusNAmB8t4mqqBn1
tjpfKs+EvdOHK9T/HHN0IYBaoCEbEekj7vhv6prKuyLs
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:01:09 2025 by rpki-client