Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915E475/DA83AA7ACA1111EAA479C734C4F9AE02/25F61F4A7FA011EFA765BD5FC4F9AE02.roa
File: 25F61F4A7FA011EFA765BD5FC4F9AE02.roa (raw, json)
Hash identifier: 9HoW1xfigr6llVTNKawazONQVteKboOZp31+wJBdBzc=
Subject key identifier: 83:EA:AE:97:16:DA:8F:86:DC:1D:5A:73:AC:20:BF:24:84:CC:86:44
Certificate issuer: /CN=A915E475/serialNumber=745FF4F063AB5D171E05251B31E294A4BC7973B1
Certificate serial: 09B0
Authority key identifier: 74:5F:F4:F0:63:AB:5D:17:1E:05:25:1B:31:E2:94:A4:BC:79:73:B1
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dF_08GOrXRceBSUbMeKUpLx5c7E.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915E475/DA83AA7ACA1111EAA479C734C4F9AE02/25F61F4A7FA011EFA765BD5FC4F9AE02.roa
Signing time: Sat 02 Nov 2024 20:49:19 +0000
ROA not before: Sat 02 Nov 2024 20:49:19 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 24233
IP address blocks: 103.1.52.0/22 maxlen: 22
116.255.42.0/24 maxlen: 24
123.176.118.0/24 maxlen: 24
125.253.9.0/24 maxlen: 24
125.253.19.0/24 maxlen: 24
125.253.58.0/24 maxlen: 24
125.253.59.0/24 maxlen: 24
202.144.160.0/20 maxlen: 20
203.132.68.0/23 maxlen: 23
203.132.76.0/22 maxlen: 22
203.132.80.0/21 maxlen: 21
203.132.82.0/24 maxlen: 24
203.212.16.0/21 maxlen: 24
Validation: Failed, certificate revoked on Wed 29 Jan 2025 00:37:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2480 (0x9b0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915E475, serialNumber=745FF4F063AB5D171E05251B31E294A4BC7973B1
Validity
Not Before: Nov 2 20:49:19 2024 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=6726904f-0e8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:52:fc:b4:0b:f1:1a:f0:66:42:d4:ed:cb:7d:
0c:40:08:58:c9:46:13:68:4e:99:de:3c:8a:06:ef:
a8:d2:a8:2a:6f:05:c0:b5:fb:c4:d4:0c:59:9a:29:
01:a8:80:c7:b6:36:0e:02:14:ae:31:d0:ec:bd:b0:
bd:c7:35:f0:ae:9b:4c:a8:8d:d9:6f:61:5e:43:5a:
35:b8:ba:ab:d6:b0:af:ea:5c:6c:19:5c:fb:93:49:
ce:6b:6a:c8:13:bf:e7:a2:5c:a6:ef:6a:4a:f2:38:
ca:54:4f:45:4d:48:f6:33:1b:1b:13:6e:76:ee:b9:
a9:e6:cf:af:e4:92:b1:99:6c:e5:bb:43:8a:97:74:
42:dc:d5:f2:97:ad:87:b0:3c:4a:6e:45:ca:60:70:
7d:67:5c:87:1f:51:de:cd:54:7f:9b:96:8c:19:40:
a9:b2:8b:0a:e0:fc:38:ef:0e:18:c0:7e:cf:c1:9b:
58:01:a3:77:b1:3e:b7:13:20:e1:0c:b9:82:f1:bd:
90:4d:de:3d:4c:b2:9c:98:ba:98:50:85:8b:b6:55:
eb:41:70:e0:f9:d2:f4:9f:a7:e4:6a:30:8d:bb:66:
a4:74:f9:b3:dd:f5:48:50:70:9e:a8:d4:a3:28:86:
3a:d7:3c:98:83:db:c5:47:1a:d5:17:4b:e5:af:6b:
58:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:EA:AE:97:16:DA:8F:86:DC:1D:5A:73:AC:20:BF:24:84:CC:86:44
X509v3 Authority Key Identifier:
keyid:74:5F:F4:F0:63:AB:5D:17:1E:05:25:1B:31:E2:94:A4:BC:79:73:B1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915E475/DA83AA7ACA1111EAA479C734C4F9AE02/dF_08GOrXRceBSUbMeKUpLx5c7E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dF_08GOrXRceBSUbMeKUpLx5c7E.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915E475/DA83AA7ACA1111EAA479C734C4F9AE02/25F61F4A7FA011EFA765BD5FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.1.52.0/22
116.255.42.0/24
123.176.118.0/24
125.253.9.0/24
125.253.19.0/24
125.253.58.0/23
202.144.160.0/20
203.132.68.0/23
203.132.76.0-203.132.87.255
203.212.16.0/21
Signature Algorithm: sha256WithRSAEncryption
38:78:37:98:43:d8:7b:9a:c2:f5:70:3c:1c:81:fa:3d:a4:f7:
97:ae:5e:be:32:6b:57:33:05:99:03:a7:d0:b3:f5:6f:cd:0a:
60:da:3e:82:f3:33:90:a9:d2:bf:e1:74:66:7a:9f:6e:80:3f:
05:43:53:90:ea:90:9c:90:3e:54:26:61:07:b5:c0:65:36:0c:
e3:b5:de:68:bf:67:20:63:9c:53:0c:74:d2:9f:51:43:5e:b9:
83:a6:35:2d:e6:17:d3:40:bf:93:f7:f4:27:91:f7:38:c7:1a:
fb:69:ea:af:2e:1a:a1:bd:c6:8e:3d:84:33:c0:56:00:33:ee:
8f:ea:8c:f0:de:1d:31:a1:a6:0d:52:e6:eb:1d:93:e7:dd:d1:
92:b6:b6:f2:cf:9d:66:c5:6b:84:fb:7b:ea:4d:21:12:d9:84:
14:d6:eb:ff:6a:0f:ce:0d:7e:6e:39:79:c3:8e:11:02:c0:02:
c1:66:a2:4c:95:d8:73:b4:41:94:5d:9d:8a:8a:91:09:ed:08:
0a:1f:8e:df:a8:ba:5f:95:08:f3:f7:87:78:0c:69:3a:e1:fd:
55:ad:72:14:2f:8d:28:bf:df:e6:a5:76:62:cd:7e:7a:73:41:
8a:68:26:04:f1:51:26:c6:33:2c:c6:5a:bd:f9:41:1b:2e:1c:
a4:ed:3e:ec
-----BEGIN CERTIFICATE-----
MIIFrzCCBJegAwIBAgICCbAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUU0NzUxMTAvBgNVBAUTKDc0NUZGNEYwNjNBQjVEMTcxRTA1MjUxQjMxRTI5NEE0
QkM3OTczQjEwHhcNMjQxMTAyMjA0OTE5WhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzI2OTA0Zi0wZThjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxVL8tAvxGvBmQtTty30MQAhYyUYTaE6Z3jyKBu+o0qgqbwXAtfvE1AxZmikB
qIDHtjYOAhSuMdDsvbC9xzXwrptMqI3Zb2FeQ1o1uLqr1rCv6lxsGVz7k0nOa2rI
E7/nolym72pK8jjKVE9FTUj2MxsbE2527rmp5s+v5JKxmWzlu0OKl3RC3NXyl62H
sDxKbkXKYHB9Z1yHH1HezVR/m5aMGUCpsosK4Pw47w4YwH7PwZtYAaN3sT63EyDh
DLmC8b2QTd49TLKcmLqYUIWLtlXrQXDg+dL0n6fkajCNu2akdPmz3fVIUHCeqNSj
KIY61zyYg9vFRxrVF0vlr2tYSwIDAQABo4IC0zCCAs8wHQYDVR0OBBYEFIPqrpcW
2o+G3B1ac6wgvySEzIZEMB8GA1UdIwQYMBaAFHRf9PBjq10XHgUlGzHilKS8eXOx
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1RTQ3NS9EQTgzQUE3QUNB
MTExMUVBQTQ3OUM3MzRDNEY5QUUwMi9kRl8wOEdPclhSY2VCU1ViTWVLVXBMeDVj
N0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2RGXzA4R09yWFJjZUJTVWJNZUtVcEx4NWM3RS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUU0NzUvREE4M0FBN0FDQTExMTFFQUE0NzlDNzM0QzRGOUFFMDIvMjVGNjFGNEE3
RkEwMTFFRkE3NjVCRDVGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwXQYIKwYBBQUHAQcBAf8E
TjBMMEoEAgABMEQDBAJnATQDBAB0/yoDBAB7sHYDBAB9/QkDBAB9/RMDBAF9/ToD
BATKkKADBAHLhEQwDAMEAsuETAMEA8uEUAMEA8vUEDANBgkqhkiG9w0BAQsFAAOC
AQEAOHg3mEPYe5rC9XA8HIH6PaT3l65evjJrVzMFmQOn0LP1b80KYNo+gvMzkKnS
v+F0ZnqfboA/BUNTkOqQnJA+VCZhB7XAZTYM47XeaL9nIGOcUwx00p9RQ165g6Y1
LeYX00C/k/f0J5H3OMca+2nqry4aob3Gjj2EM8BWADPuj+qM8N4dMaGmDVLm6x2T
593Rkra28s+dZsVrhPt76k0hEtmEFNbr/2oPzg1+bjl5w44RAsACwWaiTJXYc7RB
lF2dioqRCe0ICh+O36i6X5UI8/eHeAxpOuH9Va1yFC+NKL/f5qV2Ys1+enNBimgm
BPFRJsYzLMZavflBGy4cpO0+7A==
-----END CERTIFICATE-----
Generated at Fri May 16 20:47:03 2025 by rpki-client