Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/B38527CA203B11F0B0D89511C4F9AE02.roa
File: B38527CA203B11F0B0D89511C4F9AE02.roa (raw, json)
Hash identifier: +WcT0yrMH/Mp1ly6MsVX8xyy2I9AtcwKPkZW7OUFKcA=
Subject key identifier: 4B:4F:05:A5:CD:14:E6:DD:00:0D:AE:00:DC:D8:CE:72:DC:FA:C0:FF
Certificate issuer: /CN=A915A0CD/serialNumber=38193720821E07D6918E3A79FBE0823C6732E264
Certificate serial: 0D16
Authority key identifier: 38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/B38527CA203B11F0B0D89511C4F9AE02.roa
Signing time: Wed 23 Apr 2025 12:08:43 +0000
ROA not before: Wed 23 Apr 2025 12:08:43 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 4766
IP address blocks: 111.92.134.0/24 maxlen: 24
111.92.139.0/24 maxlen: 24
111.92.142.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 23 Apr 2025 12:10:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3350 (0xd16)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915A0CD, serialNumber=38193720821E07D6918E3A79FBE0823C6732E264
Validity
Not Before: Apr 23 12:08:43 2025 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=6808d84b-25f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:a0:dd:2d:ee:de:a3:92:47:67:71:00:a2:92:
19:82:9b:d4:e3:8e:09:31:9b:5e:98:56:97:b1:60:
19:66:b1:82:75:31:4a:08:96:79:90:af:96:eb:1a:
c0:c6:6e:6d:b4:89:32:0b:bc:8d:dc:c2:9d:0b:75:
b4:1c:a0:b2:a3:6a:a1:93:de:e0:d2:82:17:c3:4f:
3a:b8:ec:ec:fe:56:bc:73:84:24:04:94:48:d8:39:
a6:c8:34:58:cf:8e:c2:13:7c:9a:f4:e7:21:af:4f:
cf:3a:23:70:3c:97:61:94:ce:c1:17:0a:a5:64:5e:
71:2d:7e:96:7c:89:a6:e3:dc:13:51:b6:ba:1c:26:
ad:af:f7:bc:10:d1:ca:77:e5:4b:00:1b:5e:7f:2c:
aa:b3:c0:37:12:26:b7:d1:0c:69:21:60:c5:eb:d9:
f9:e4:c0:0f:03:26:51:80:52:9e:7a:fa:d1:fb:09:
e1:ed:ee:67:83:3c:71:77:18:86:cf:d1:7b:e9:8d:
df:1b:36:26:01:4f:1e:09:a1:4b:dd:81:b9:60:f2:
f6:14:16:44:a9:a6:ec:0c:66:77:d1:40:37:75:d8:
3c:27:3a:4b:36:0c:f8:9b:cd:8e:57:a2:f4:b7:2c:
fc:24:d0:e6:56:d2:2b:76:a4:81:ef:1d:6a:f4:69:
61:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:4F:05:A5:CD:14:E6:DD:00:0D:AE:00:DC:D8:CE:72:DC:FA:C0:FF
X509v3 Authority Key Identifier:
keyid:38:19:37:20:82:1E:07:D6:91:8E:3A:79:FB:E0:82:3C:67:32:E2:64
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/OBk3IIIeB9aRjjp5--CCPGcy4mQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OBk3IIIeB9aRjjp5--CCPGcy4mQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915A0CD/46723F1E89EC11EA81C04F1EC4F9AE02/B38527CA203B11F0B0D89511C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
111.92.134.0/24
111.92.139.0/24
111.92.142.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:d3:c1:6b:cb:3f:da:1b:48:30:cd:ce:f4:c2:a1:70:62:bd:
c2:48:25:2a:fa:22:34:51:ef:9d:e3:0b:29:46:6c:39:dd:ed:
15:9d:3c:2f:ea:c6:11:03:ec:bd:f8:19:9a:20:5e:9f:76:76:
f9:f1:d5:b1:c7:9f:5a:64:e5:c0:b0:55:7c:64:e8:4d:66:23:
16:24:a6:b5:32:10:b2:3b:b4:83:b3:7e:0f:6e:af:5e:82:a0:
d6:74:d0:17:a6:b5:67:ce:4f:ae:05:ad:9d:ab:39:95:dd:7f:
6c:aa:d0:90:8e:ea:83:b9:f2:98:00:95:ff:98:1c:b0:89:95:
f8:8e:65:64:47:95:9b:15:46:70:6e:7b:6e:a9:59:bb:2e:4d:
d5:91:07:ef:fb:5f:0a:f7:86:a4:0e:63:c0:cb:10:7c:a9:28:
b1:79:8e:b4:f7:eb:64:ad:31:ba:0b:ba:62:83:13:c7:a1:22:
d7:c8:2a:6d:c8:85:e5:db:72:19:64:94:05:10:70:b1:7d:f6:
a7:98:f8:f3:a9:b8:c7:c9:ed:df:e9:47:44:ca:91:43:aa:3d:
8e:af:1e:ff:a1:83:12:95:da:54:35:35:56:5f:24:f2:6a:53:
5a:f0:f5:27:0f:a0:b7:3a:8d:90:c5:83:45:76:a2:5b:2a:25:
83:16:0e:b9
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICDRYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUEwQ0QxMTAvBgNVBAUTKDM4MTkzNzIwODIxRTA3RDY5MThFM0E3OUZCRTA4MjND
NjczMkUyNjQwHhcNMjUwNDIzMTIwODQzWhcNMjUwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODA4ZDg0Yi0yNWY3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAy6DdLe7eo5JHZ3EAopIZgpvU444JMZtemFaXsWAZZrGCdTFKCJZ5kK+W6xrA
xm5ttIkyC7yN3MKdC3W0HKCyo2qhk97g0oIXw086uOzs/la8c4QkBJRI2DmmyDRY
z47CE3ya9Ochr0/POiNwPJdhlM7BFwqlZF5xLX6WfImm49wTUba6HCatr/e8ENHK
d+VLABtefyyqs8A3Eia30QxpIWDF69n55MAPAyZRgFKeevrR+wnh7e5ngzxxdxiG
z9F76Y3fGzYmAU8eCaFL3YG5YPL2FBZEqabsDGZ30UA3ddg8JzpLNgz4m82OV6L0
tyz8JNDmVtIrdqSB7x1q9GlhwwIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFEtPBaXN
FObdAA2uANzYznLc+sD/MB8GA1UdIwQYMBaAFDgZNyCCHgfWkY46efvggjxnMuJk
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QTBDRC80NjcyM0YxRTg5
RUMxMUVBODFDMDRGMUVDNEY5QUUwMi9PQmszSUlJZUI5YVJqanA1LS1DQ1BHY3k0
bVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09CazNJSUllQjlhUmpqcDUtLUNDUEdjeTRtUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUEwQ0QvNDY3MjNGMUU4OUVDMTFFQTgxQzA0RjFFQzRGOUFFMDIvQjM4NTI3Q0Ey
MDNCMTFGMEIwRDg5NTExQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBABvXIYDBABvXIsDBABvXI4wDQYJKoZIhvcNAQELBQADggEB
AKLTwWvLP9obSDDNzvTCoXBivcJIJSr6IjRR753jCylGbDnd7RWdPC/qxhED7L34
GZogXp92dvnx1bHHn1pk5cCwVXxk6E1mIxYkprUyELI7tIOzfg9ur16CoNZ00Bem
tWfOT64FrZ2rOZXdf2yq0JCO6oO58pgAlf+YHLCJlfiOZWRHlZsVRnBue26pWbsu
TdWRB+/7Xwr3hqQOY8DLEHypKLF5jrT362StMboLumKDE8ehItfIKm3IheXbchlk
lAUQcLF99qeY+POpuMfJ7d/pR0TKkUOqPY6vHv+hgxKV2lQ1NVZfJPJqU1rw9ScP
oLc6jZDFg0V2olsqJYMWDrk=
-----END CERTIFICATE-----
Generated at Fri May 16 16:47:09 2025 by rpki-client