Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/B2D54D6E203B11F0B0D89511C4F9AE02.roa
File: B2D54D6E203B11F0B0D89511C4F9AE02.roa (raw, json)
Hash identifier: yAeLjKzJ4obFmcsP1SHek+vmnHX8fhTAvjahWcirkV4=
Subject key identifier: E9:3A:1C:C1:D5:58:D5:A3:B8:15:A3:37:E0:6C:75:9E:56:DE:BB:E5
Certificate issuer: /CN=A915A0CD/serialNumber=38193720821E07D6918E3A79FBE0823C6732E264
Certificate serial: 0D15
Authority key identifier: 38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/B2D54D6E203B11F0B0D89511C4F9AE02.roa
Signing time: Wed 23 Apr 2025 12:08:42 +0000
ROA not before: Wed 23 Apr 2025 12:08:42 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 2914
IP address blocks: 111.92.134.0/24 maxlen: 24
111.92.139.0/24 maxlen: 24
111.92.142.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 23 Apr 2025 12:10:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3349 (0xd15)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915A0CD, serialNumber=38193720821E07D6918E3A79FBE0823C6732E264
Validity
Not Before: Apr 23 12:08:42 2025 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=6808d84a-ad99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:cc:cd:6b:43:59:24:29:f1:4f:c2:63:ab:02:
dd:a2:f9:e1:26:95:28:02:2b:43:e8:f7:c5:c5:e6:
18:dc:ac:d3:24:8a:f2:a4:48:26:da:63:29:70:e0:
38:ad:c3:a0:1d:f4:0b:af:a6:f0:c8:02:1e:e2:a5:
ab:b2:46:4a:57:b2:63:a5:73:00:ad:42:09:7b:4a:
f8:c2:58:84:44:1c:31:24:5e:d6:43:66:0d:b9:ae:
76:b0:aa:b9:95:e8:a5:7e:eb:a8:93:cf:67:61:e1:
81:14:cf:73:2b:4a:db:e1:ad:14:e5:61:80:50:18:
af:8b:0e:53:47:7b:c0:dc:10:4c:26:ea:d9:37:36:
31:e0:d8:1e:70:2b:67:08:8b:22:f0:cc:4e:38:82:
26:fb:bd:99:57:36:f3:5b:13:1c:34:c1:37:91:4e:
43:b4:ec:f7:18:f6:52:6d:7b:53:9a:09:0f:1d:7b:
7c:0b:cf:a3:67:b8:6e:a2:71:0f:79:22:f1:fd:6e:
8c:64:44:66:66:46:80:57:de:34:0b:4d:e2:95:07:
ae:ad:fe:69:9a:42:27:fd:4f:5a:52:5a:e5:38:a8:
5a:e6:3d:76:d9:0b:53:3c:80:7d:56:55:34:7d:38:
bc:92:38:51:1e:0f:c5:0f:82:2e:e7:bc:0f:7f:9e:
65:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:3A:1C:C1:D5:58:D5:A3:B8:15:A3:37:E0:6C:75:9E:56:DE:BB:E5
X509v3 Authority Key Identifier:
keyid:38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/OBk3IIIeB9aRjjp5--CCPGcy4mQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/B2D54D6E203B11F0B0D89511C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
111.92.134.0/24
111.92.139.0/24
111.92.142.0/24
Signature Algorithm: sha256WithRSAEncryption
32:67:7d:7b:f1:02:dc:8e:b0:6c:49:dd:c2:c0:1e:e5:5a:95:
fe:c4:4c:bb:58:53:81:d2:fb:7a:c1:16:d1:1d:e5:dd:4a:0a:
c5:d3:35:a6:84:01:db:98:9d:15:63:a4:17:73:57:49:7f:91:
e7:85:f0:35:ba:c5:95:ff:8a:82:0e:48:47:2d:86:b7:5e:16:
d2:4f:ef:fb:5b:9b:80:4e:47:7f:00:5a:e9:c4:49:d6:1d:8d:
7b:75:36:e0:00:19:45:4e:0b:67:33:5d:bc:01:5e:e4:d0:55:
63:8f:e9:37:d8:47:83:12:c8:38:ae:85:b9:cf:2e:cd:f3:51:
5e:9d:d0:33:d2:4e:30:07:84:f7:35:d7:bd:d7:33:46:48:53:
e5:aa:27:4f:26:9a:dc:28:4f:8b:40:56:35:9f:90:7d:19:7c:
6c:98:06:ab:21:86:b7:94:50:73:47:3b:2b:33:eb:11:b2:b3:
9b:96:24:e7:6d:67:5d:43:5d:eb:48:cb:ef:12:81:2b:55:db:
3b:39:60:9f:1b:a0:9a:1c:0b:6d:10:68:fc:db:c7:74:52:5f:
58:ff:94:b1:10:86:44:62:ed:00:1f:ef:c1:07:f1:c0:ff:a1:
ce:64:41:2b:35:51:da:a8:85:98:60:8e:98:91:04:34:f7:b9:
71:2d:cc:07
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICDRUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUEwQ0QxMTAvBgNVBAUTKDM4MTkzNzIwODIxRTA3RDY5MThFM0E3OUZCRTA4MjND
NjczMkUyNjQwHhcNMjUwNDIzMTIwODQyWhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODA4ZDg0YS1hZDk5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyMzNa0NZJCnxT8JjqwLdovnhJpUoAitD6PfFxeYY3KzTJIrypEgm2mMpcOA4
rcOgHfQLr6bwyAIe4qWrskZKV7JjpXMArUIJe0r4wliERBwxJF7WQ2YNua52sKq5
leilfuuok89nYeGBFM9zK0rb4a0U5WGAUBiviw5TR3vA3BBMJurZNzYx4NgecCtn
CIsi8MxOOIIm+72ZVzbzWxMcNME3kU5DtOz3GPZSbXtTmgkPHXt8C8+jZ7huonEP
eSLx/W6MZERmZkaAV940C03ilQeurf5pmkIn/U9aUlrlOKha5j122QtTPIB9VlU0
fTi8kjhRHg/FD4Iu57wPf55lfQIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFOk6HMHV
WNWjuBWjN+BsdZ5W3rvlMB8GA1UdIwQYMBaAFDgZNyCCHgfWkY46efvggjxnMuJk
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QTBDRC80NjcyM0YxRTg5
RUMxMUVBODFDMDRGMUVDNEY5QUUwMi9PQmszSUlJZUI5YVJqanA1LS1DQ1BHY3k0
bVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09CazNJSUllQjlhUmpqcDUtLUNDUEdjeTRtUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUEwQ0QvNDY3MjNGMUU4OUVDMTFFQTgxQzA0RjFFQzRGOUFFMDIvQjJENTRENkUy
MDNCMTFGMEIwRDg5NTExQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBABvXIYDBABvXIsDBABvXI4wDQYJKoZIhvcNAQELBQADggEB
ADJnfXvxAtyOsGxJ3cLAHuValf7ETLtYU4HS+3rBFtEd5d1KCsXTNaaEAduYnRVj
pBdzV0l/keeF8DW6xZX/ioIOSEcthrdeFtJP7/tbm4BOR38AWunESdYdjXt1NuAA
GUVOC2czXbwBXuTQVWOP6TfYR4MSyDiuhbnPLs3zUV6d0DPSTjAHhPc1173XM0ZI
U+WqJ08mmtwoT4tAVjWfkH0ZfGyYBqshhreUUHNHOysz6xGys5uWJOdtZ11DXetI
y+8SgStV2zs5YJ8boJocC20QaPzbx3RSX1j/lLEQhkRi7QAf78EH8cD/oc5kQSs1
UdqohZhgjpiRBDT3uXEtzAc=
-----END CERTIFICATE-----
Generated at Wed May 14 15:20:38 2025 by rpki-client