Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EA449/401790FC073C11EF8D1DB056C4F9AE02/CA7EDDE0E5DA11EFAEFF9E58C4F9AE02.roa
File: CA7EDDE0E5DA11EFAEFF9E58C4F9AE02.roa (raw, json)
Hash identifier: zyjDrfpL7lY0Rgw2LcKqfXgFtpqKdoJ/qV/aTTwK+XE=
Subject key identifier: 9C:22:C0:D2:C7:46:AE:E1:93:FA:9A:0F:4F:D0:C1:00:F8:F8:24:60
Certificate issuer: /CN=A91EA449/serialNumber=6F65A0C92260B1ADA23187B29BAC3BEADAC05661
Certificate serial: 98
Authority key identifier: 6F:65:A0:C9:22:60:B1:AD:A2:31:87:B2:9B:AC:3B:EA:DA:C0:56:61
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b2WgySJgsa2iMYeym6w76trAVmE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EA449/401790FC073C11EF8D1DB056C4F9AE02/CA7EDDE0E5DA11EFAEFF9E58C4F9AE02.roa
Signing time: Sat 08 Feb 2025 05:08:53 +0000
ROA not before: Sat 08 Feb 2025 05:08:53 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 10753
IP address blocks: 203.21.95.0/24 maxlen: 24
203.27.70.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 13 Feb 2025 10:36:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 152 (0x98)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EA449, serialNumber=6F65A0C92260B1ADA23187B29BAC3BEADAC05661
Validity
Not Before: Feb 8 05:08:53 2025 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=67a6e6e5-19de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:5c:d5:33:77:a7:53:e7:fc:da:4a:bb:51:a8:
24:52:d4:1e:cc:39:0a:98:80:87:a5:22:80:9f:45:
cd:64:f5:00:25:67:cb:ff:2b:8b:87:39:11:9c:2d:
ee:05:b5:83:3b:07:35:14:aa:f4:a7:71:2b:ed:ed:
02:74:93:8d:a7:1d:b2:a6:b5:15:d5:38:99:fa:99:
ce:06:82:6d:6c:72:77:91:4c:0e:46:03:91:6d:89:
46:97:35:87:05:c7:e1:f3:3f:e8:88:03:51:76:28:
e8:c3:a1:73:77:71:27:8e:09:3e:28:68:1a:42:ab:
27:7c:c5:28:86:3d:dc:ff:6e:1e:d9:ab:75:53:ba:
62:f0:74:5c:06:c2:95:bb:10:7e:d0:a9:fe:cd:7e:
82:43:e3:5b:3a:c0:a7:ee:88:87:54:34:57:83:58:
19:a1:21:73:cc:c0:0c:e0:7f:a0:42:6a:fd:ba:4f:
87:5e:5b:ba:ce:94:1f:03:04:43:bf:a9:b5:f2:90:
1b:10:0c:d5:36:6f:5b:ad:f2:ea:7a:d9:b7:7d:35:
c6:cc:6d:72:d8:a6:5e:9c:21:ef:7b:df:ee:4a:41:
75:e0:26:0e:fe:c4:2f:9e:d2:94:13:55:8a:df:c1:
8a:31:fb:5a:bc:0d:31:0f:46:c5:be:12:64:3d:42:
bb:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:22:C0:D2:C7:46:AE:E1:93:FA:9A:0F:4F:D0:C1:00:F8:F8:24:60
X509v3 Authority Key Identifier:
keyid:6F:65:A0:C9:22:60:B1:AD:A2:31:87:B2:9B:AC:3B:EA:DA:C0:56:61
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EA449/401790FC073C11EF8D1DB056C4F9AE02/b2WgySJgsa2iMYeym6w76trAVmE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b2WgySJgsa2iMYeym6w76trAVmE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EA449/401790FC073C11EF8D1DB056C4F9AE02/CA7EDDE0E5DA11EFAEFF9E58C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.21.95.0/24
203.27.70.0/24
Signature Algorithm: sha256WithRSAEncryption
b2:be:5b:cb:0b:a1:c6:ba:80:dc:b3:05:f2:fb:36:45:df:63:
73:bd:e1:d5:d6:ab:7b:68:07:8d:11:1b:7a:64:d6:e7:fe:42:
d8:d2:10:bd:b8:9b:d9:16:a8:30:33:07:e1:4c:0a:f0:78:2b:
35:cf:a2:81:6f:25:38:d4:fc:d9:fc:64:8f:60:d7:b6:a3:c9:
46:10:18:32:a9:9a:61:3e:a0:32:a8:13:09:fe:a3:b7:a8:6d:
67:4d:c5:70:d7:69:7c:14:c1:ea:bf:1b:e5:55:0e:05:7d:23:
b8:5b:5e:08:99:40:4e:7e:a1:a6:f8:f3:29:cc:2f:60:fd:e3:
33:5c:f1:09:58:7f:ba:47:87:c9:8c:ed:81:a2:3f:94:2b:c4:
fe:ff:90:0b:7e:d1:79:43:a7:05:6a:7a:5e:fe:8e:f5:ed:15:
4c:2c:2a:ae:ec:6f:bd:76:05:cb:2e:6a:67:25:17:3c:b1:1a:
65:03:71:6b:46:f4:83:f2:f3:93:d6:c7:e0:90:cb:6a:05:c4:
f0:6b:d0:b4:8b:8c:e0:65:5b:f9:a0:9a:10:92:01:d2:e4:1f:
e0:ab:44:1f:3a:49:9b:61:97:a7:c0:52:d5:48:50:6c:f7:95:
5c:17:73:24:12:b3:f7:35:b0:9d:e7:4c:6d:a7:46:4c:c9:ae:
d3:52:0b:a4
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICAJgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUE0NDkxMTAvBgNVBAUTKDZGNjVBMEM5MjI2MEIxQURBMjMxODdCMjlCQUMzQkVB
REFDMDU2NjEwHhcNMjUwMjA4MDUwODUzWhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2E2ZTZlNS0xOWRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5lzVM3enU+f82kq7UagkUtQezDkKmICHpSKAn0XNZPUAJWfL/yuLhzkRnC3u
BbWDOwc1FKr0p3Er7e0CdJONpx2yprUV1TiZ+pnOBoJtbHJ3kUwORgORbYlGlzWH
Bcfh8z/oiANRdijow6Fzd3Enjgk+KGgaQqsnfMUohj3c/24e2at1U7pi8HRcBsKV
uxB+0Kn+zX6CQ+NbOsCn7oiHVDRXg1gZoSFzzMAM4H+gQmr9uk+HXlu6zpQfAwRD
v6m18pAbEAzVNm9brfLqetm3fTXGzG1y2KZenCHve9/uSkF14CYO/sQvntKUE1WK
38GKMftavA0xD0bFvhJkPUK7zQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFJwiwNLH
Rq7hk/qaD0/QwQD4+CRgMB8GA1UdIwQYMBaAFG9loMkiYLGtojGHspusO+rawFZh
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQTQ0OS80MDE3OTBGQzA3
M0MxMUVGOEQxREIwNTZDNEY5QUUwMi9iMldneVNKZ3NhMmlNWWV5bTZ3NzZ0ckFW
bUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2IyV2d5U0pnc2EyaU1ZZXltNnc3NnRyQVZtRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUE0NDkvNDAxNzkwRkMwNzNDMTFFRjhEMURCMDU2QzRGOUFFMDIvQ0E3RURERTBF
NURBMTFFRkFFRkY5RTU4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBADLFV8DBADLG0YwDQYJKoZIhvcNAQELBQADggEBALK+W8sL
oca6gNyzBfL7NkXfY3O94dXWq3toB40RG3pk1uf+QtjSEL24m9kWqDAzB+FMCvB4
KzXPooFvJTjU/Nn8ZI9g17ajyUYQGDKpmmE+oDKoEwn+o7eobWdNxXDXaXwUweq/
G+VVDgV9I7hbXgiZQE5+oab48ynML2D94zNc8QlYf7pHh8mM7YGiP5QrxP7/kAt+
0XlDpwVqel7+jvXtFUwsKq7sb712BcsuamclFzyxGmUDcWtG9IPy85PWx+CQy2oF
xPBr0LSLjOBlW/mgmhCSAdLkH+CrRB86SZthl6fAUtVIUGz3lVwXcyQSs/c1sJ3n
TG2nRkzJrtNSC6Q=
-----END CERTIFICATE-----
Generated at Sat Apr 26 08:06:32 2025 by rpki-client