Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EC225/499FDF908E5511E980D09A42C4F9AE02/5DCDC4FE8E5611E9A403BF44C4F9AE02.roa
File: 5DCDC4FE8E5611E9A403BF44C4F9AE02.roa (raw, json)
Hash identifier: ts2h0rgjGICxjO/KU0lWhffu7W7saVJ1GZ6Q3yRQISE=
Subject key identifier: 58:BA:8D:D9:B2:14:4A:AD:74:EF:D6:C9:3E:B1:48:F0:24:DE:01:6B
Certificate issuer: /CN=A91EC225/serialNumber=D8E2FAB150A2FD578F67E19B0296539B3752C9A9
Certificate serial: 0E57
Authority key identifier: D8:E2:FA:B1:50:A2:FD:57:8F:67:E1:9B:02:96:53:9B:37:52:C9:A9
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2OL6sVCi_VePZ-GbApZTmzdSyak.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EC225/499FDF908E5511E980D09A42C4F9AE02/5DCDC4FE8E5611E9A403BF44C4F9AE02.roa
Signing time: Mon 30 Dec 2024 17:45:47 +0000
ROA not before: Mon 30 Dec 2024 17:45:47 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 135425
IP address blocks: 203.19.132.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 11 Mar 2025 09:48:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3671 (0xe57)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EC225, serialNumber=D8E2FAB150A2FD578F67E19B0296539B3752C9A9
Validity
Not Before: Dec 30 17:45:47 2024 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=6772dc4b-6235
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:d8:89:fe:07:1d:1b:aa:c8:77:91:5b:aa:4f:
99:09:3f:7f:08:73:74:9a:0c:23:56:6e:e8:2f:08:
cf:ac:4a:b7:b1:70:67:4b:ac:0f:f2:96:e8:ec:b4:
f2:59:8c:7b:cc:d4:9a:a7:8a:14:fd:da:1b:96:5d:
cd:29:49:b7:70:76:91:f0:88:3c:92:5f:6c:42:c8:
68:c3:a0:f3:14:17:e6:96:94:03:02:83:64:7c:ae:
0a:51:03:9f:10:e8:08:79:20:e0:01:bb:8b:fb:ba:
91:b4:b7:b5:a0:0a:6f:33:d6:34:c3:de:1d:9c:17:
fc:3b:53:6a:6b:31:4e:1e:46:8c:ea:6f:7f:dd:9f:
55:52:57:79:09:68:ca:2e:95:6f:e1:66:a8:35:be:
c2:f5:1b:fb:e8:0b:4f:79:7f:75:1d:7d:8a:7e:30:
80:98:af:fe:4c:10:d3:69:78:c6:43:87:8d:bc:b4:
e9:62:75:fd:34:b5:6d:20:a7:65:16:cb:73:e4:56:
1d:ba:fc:63:68:c7:e3:bc:6a:7d:df:0a:cc:ac:76:
34:54:f2:76:92:f3:0b:6d:05:88:e8:b0:29:74:39:
c9:21:eb:51:d8:73:c0:9e:88:25:53:ed:47:b2:e7:
74:d6:97:6c:5b:2b:51:fd:86:47:44:20:62:bd:dd:
c9:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:BA:8D:D9:B2:14:4A:AD:74:EF:D6:C9:3E:B1:48:F0:24:DE:01:6B
X509v3 Authority Key Identifier:
keyid:D8:E2:FA:B1:50:A2:FD:57:8F:67:E1:9B:02:96:53:9B:37:52:C9:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EC225/499FDF908E5511E980D09A42C4F9AE02/2OL6sVCi_VePZ-GbApZTmzdSyak.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2OL6sVCi_VePZ-GbApZTmzdSyak.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EC225/499FDF908E5511E980D09A42C4F9AE02/5DCDC4FE8E5611E9A403BF44C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.19.132.0/24
Signature Algorithm: sha256WithRSAEncryption
03:d5:66:3a:17:20:5e:5f:44:10:ba:71:4c:1e:cc:64:d1:01:
fa:0c:05:32:96:91:0c:b2:11:42:03:a6:b1:ea:e8:f5:a0:43:
97:8f:5e:0c:f3:2c:df:24:9b:28:43:9d:4d:df:9e:c4:8a:71:
f5:3e:38:86:9e:92:3e:63:a5:1b:f6:35:3c:f4:64:57:81:52:
ae:a5:76:c3:a9:71:3e:6b:e9:3f:5f:6d:45:5c:39:af:99:51:
8a:e4:af:dd:21:b4:25:dd:6e:c7:ac:0a:29:d8:9e:ef:9d:42:
47:c3:26:94:52:41:c3:de:10:d7:7b:f6:98:44:ff:23:8c:7d:
85:04:38:6e:4e:f4:2c:4f:d0:58:df:be:20:55:d2:d8:0e:79:
ee:17:c2:05:b0:a4:bd:1b:9a:e3:8a:2c:46:84:80:34:f0:b8:
3c:91:87:30:ef:58:77:d1:71:4e:0a:8c:a6:59:16:41:6a:6c:
df:ea:8d:ef:28:de:4e:79:3b:6a:09:89:83:50:e3:72:ef:ea:
92:63:0b:77:cb:5d:be:16:4a:aa:86:90:c2:fd:5f:07:44:40:
7a:08:a9:5e:71:37:44:06:d5:54:8d:23:09:c1:42:6c:51:6f:
4e:d6:1f:94:3f:57:27:27:eb:27:7a:e2:83:33:a0:9b:70:a2:
08:d0:34:3d
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICDlcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUMyMjUxMTAvBgNVBAUTKEQ4RTJGQUIxNTBBMkZENTc4RjY3RTE5QjAyOTY1MzlC
Mzc1MkM5QTkwHhcNMjQxMjMwMTc0NTQ3WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzcyZGM0Yi02MjM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA49iJ/gcdG6rId5Fbqk+ZCT9/CHN0mgwjVm7oLwjPrEq3sXBnS6wP8pbo7LTy
WYx7zNSap4oU/dobll3NKUm3cHaR8Ig8kl9sQshow6DzFBfmlpQDAoNkfK4KUQOf
EOgIeSDgAbuL+7qRtLe1oApvM9Y0w94dnBf8O1NqazFOHkaM6m9/3Z9VUld5CWjK
LpVv4WaoNb7C9Rv76AtPeX91HX2KfjCAmK/+TBDTaXjGQ4eNvLTpYnX9NLVtIKdl
Fstz5FYduvxjaMfjvGp93wrMrHY0VPJ2kvMLbQWI6LApdDnJIetR2HPAnoglU+1H
sud01pdsWytR/YZHRCBivd3JRwIDAQABo4IClTCCApEwHQYDVR0OBBYEFFi6jdmy
FEqtdO/WyT6xSPAk3gFrMB8GA1UdIwQYMBaAFNji+rFQov1Xj2fhmwKWU5s3Usmp
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQzIyNS80OTlGREY5MDhF
NTUxMUU5ODBEMDlBNDJDNEY5QUUwMi8yT0w2c1ZDaV9WZVBaLUdiQXBaVG16ZFN5
YWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzJPTDZzVkNpX1ZlUFotR2JBcFpUbXpkU3lhay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUMyMjUvNDk5RkRGOTA4RTU1MTFFOTgwRDA5QTQyQzRGOUFFMDIvNURDREM0RkU4
RTU2MTFFOUE0MDNCRjQ0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADLE4QwDQYJKoZIhvcNAQELBQADggEBAAPVZjoXIF5fRBC6
cUwezGTRAfoMBTKWkQyyEUIDprHq6PWgQ5ePXgzzLN8kmyhDnU3fnsSKcfU+OIae
kj5jpRv2NTz0ZFeBUq6ldsOpcT5r6T9fbUVcOa+ZUYrkr90htCXdbsesCinYnu+d
QkfDJpRSQcPeENd79phE/yOMfYUEOG5O9CxP0FjfviBV0tgOee4XwgWwpL0bmuOK
LEaEgDTwuDyRhzDvWHfRcU4KjKZZFkFqbN/qje8o3k55O2oJiYNQ43Lv6pJjC3fL
Xb4WSqqGkML9XwdEQHoIqV5xN0QG1VSNIwnBQmxRb07WH5Q/Vycn6yd64oMzoJtw
ogjQND0=
-----END CERTIFICATE-----
Generated at Sat Apr 26 08:14:28 2025 by rpki-client