Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9173780/8EB62DFA77ED11EAAA4CC422C4F9AE02/1E28598C244A11F095362B75C4F9AE02.roa
File: 1E28598C244A11F095362B75C4F9AE02.roa (raw, json)
Hash identifier: CxVBiH+UbBaT2HBKR23nJRziYsg4kTKCmwH+JykYRa0=
Subject key identifier: DA:67:BD:96:48:4E:72:29:53:12:B9:7A:D3:AB:90:EF:D7:32:7F:87
Certificate issuer: /CN=A9173780/serialNumber=9BC66CFF809A8A71212005DD9C27047AB418C8A7
Certificate serial: 0A01
Authority key identifier: 9B:C6:6C:FF:80:9A:8A:71:21:20:05:DD:9C:27:04:7A:B4:18:C8:A7
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/m8Zs_4CainEhIAXdnCcEerQYyKc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9173780/8EB62DFA77ED11EAAA4CC422C4F9AE02/1E28598C244A11F095362B75C4F9AE02.roa
Signing time: Mon 28 Apr 2025 17:10:51 +0000
ROA not before: Mon 28 Apr 2025 17:10:51 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 24479
IP address blocks: 203.3.167.0/24 maxlen: 24
203.28.212.0/24 maxlen: 24
203.170.2.0/23 maxlen: 23
203.170.2.0/24 maxlen: 24
203.170.4.0/22 maxlen: 22
203.170.8.0/21 maxlen: 21
203.170.8.0/24 maxlen: 24
203.170.9.0/24 maxlen: 24
203.170.10.0/24 maxlen: 24
203.170.11.0/24 maxlen: 24
203.170.12.0/24 maxlen: 24
203.170.13.0/24 maxlen: 24
203.170.14.0/24 maxlen: 24
2402:4d40::/32 maxlen: 32
2402:4d40::/36 maxlen: 36
2402:4d40:200::/40 maxlen: 40
Validation: Failed, certificate revoked on Mon 28 Apr 2025 17:30:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2561 (0xa01)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9173780, serialNumber=9BC66CFF809A8A71212005DD9C27047AB418C8A7
Validity
Not Before: Apr 28 17:10:51 2025 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=680fb69b-1c47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:bc:60:87:9e:0a:25:d3:f8:ab:4b:5e:ea:57:
ef:0c:07:1d:d5:9f:6a:a5:3f:cd:e3:78:2b:15:b9:
39:e2:73:55:ec:28:b4:fb:6f:42:82:9a:38:93:76:
20:4b:ea:9a:82:3a:8f:49:9f:0d:0d:66:df:42:3b:
61:81:2f:ab:c1:1a:85:e7:e7:9f:4a:0d:16:60:fc:
cb:4e:b5:76:7b:48:ad:96:77:44:e7:01:e9:e4:fb:
cc:c8:3d:ef:3e:d2:c7:83:bd:64:bd:d6:10:54:c2:
fa:2f:1b:d7:c8:7c:8e:b8:10:f4:ac:8d:23:c2:a7:
00:62:0f:05:e5:3b:b3:eb:52:73:2f:81:e7:12:a2:
1c:ba:96:f3:ab:68:24:85:b7:2d:44:dc:7a:13:52:
86:1e:ad:eb:a9:02:48:63:32:2d:d1:09:92:1a:75:
a1:da:82:92:e6:e9:3b:e1:0c:5f:da:18:98:6c:d9:
e4:ce:c9:7d:91:29:4f:17:98:12:ad:5c:a2:fa:93:
ea:e3:85:94:71:ac:d7:47:c6:34:59:62:e3:c3:9e:
8f:4a:00:ed:05:d6:c2:65:89:9b:02:aa:82:c9:b1:
e7:96:c6:32:aa:64:6c:fc:da:2f:72:4b:e2:b6:93:
99:c8:a4:97:47:aa:07:b5:e0:b3:70:c4:8d:67:a7:
ba:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:67:BD:96:48:4E:72:29:53:12:B9:7A:D3:AB:90:EF:D7:32:7F:87
X509v3 Authority Key Identifier:
keyid:9B:C6:6C:FF:80:9A:8A:71:21:20:05:DD:9C:27:04:7A:B4:18:C8:A7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9173780/8EB62DFA77ED11EAAA4CC422C4F9AE02/m8Zs_4CainEhIAXdnCcEerQYyKc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/m8Zs_4CainEhIAXdnCcEerQYyKc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9173780/8EB62DFA77ED11EAAA4CC422C4F9AE02/1E28598C244A11F095362B75C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.3.167.0/24
203.28.212.0/24
203.170.2.0-203.170.15.255
IPv6:
2402:4d40::/32
Signature Algorithm: sha256WithRSAEncryption
b7:79:8c:5d:7e:14:c1:b2:df:f0:29:58:9d:11:2e:ba:e3:11:
f9:2a:e7:e9:1c:d2:57:23:0d:35:55:3c:ce:0c:1e:2c:f5:a4:
14:06:bb:16:2a:3f:b1:dc:e3:0a:6b:e4:0d:a4:cc:a5:77:68:
64:0a:13:10:03:96:a6:eb:c6:1c:23:87:ce:da:9a:ff:82:5e:
c7:75:aa:28:64:68:88:96:87:44:0b:5f:42:1c:1a:ee:7f:93:
e2:aa:39:60:c3:d5:08:4b:a5:ee:57:a8:d6:f8:47:90:59:74:
3a:d2:77:c5:4a:2c:18:48:5f:0b:20:38:02:62:b3:1f:22:d7:
2e:51:10:30:69:7e:aa:fb:99:26:41:3b:19:87:3a:0a:82:4e:
aa:78:eb:ae:26:cd:a1:80:0d:b8:06:7d:4d:58:32:24:eb:83:
e8:8b:c5:83:30:0b:26:0c:68:f1:5e:71:c9:d3:d9:e6:ed:b5:
10:9e:62:43:c5:db:35:31:34:ef:db:0f:79:fa:b9:c8:c7:e1:
9c:82:24:97:d0:e0:db:33:01:e1:e7:b6:b5:8b:14:a2:b8:3f:
d0:f7:1d:8e:40:82:75:30:05:7e:3a:e7:39:7f:7b:05:56:1a:
ae:c5:a1:76:56:df:fb:18:12:d8:d6:7b:e1:a8:0f:68:ce:50:
6a:df:a5:7a
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgICCgEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzM3ODAxMTAvBgNVBAUTKDlCQzY2Q0ZGODA5QThBNzEyMTIwMDVERDlDMjcwNDdB
QjQxOEM4QTcwHhcNMjUwNDI4MTcxMDUxWhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODBmYjY5Yi0xYzQ3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArrxgh54KJdP4q0te6lfvDAcd1Z9qpT/N43grFbk54nNV7Ci0+29Cgpo4k3Yg
S+qagjqPSZ8NDWbfQjthgS+rwRqF5+efSg0WYPzLTrV2e0itlndE5wHp5PvMyD3v
PtLHg71kvdYQVML6LxvXyHyOuBD0rI0jwqcAYg8F5Tuz61JzL4HnEqIcupbzq2gk
hbctRNx6E1KGHq3rqQJIYzIt0QmSGnWh2oKS5uk74Qxf2hiYbNnkzsl9kSlPF5gS
rVyi+pPq44WUcazXR8Y0WWLjw56PSgDtBdbCZYmbAqqCybHnlsYyqmRs/Novckvi
tpOZyKSXR6oHteCzcMSNZ6e6xwIDAQABo4ICuDCCArQwHQYDVR0OBBYEFNpnvZZI
TnIpUxK5etOrkO/XMn+HMB8GA1UdIwQYMBaAFJvGbP+AmopxISAF3ZwnBHq0GMin
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3Mzc4MC84RUI2MkRGQTc3
RUQxMUVBQUE0Q0M0MjJDNEY5QUUwMi9tOFpzXzRDYWluRWhJQVhkbkNjRWVyUVl5
S2MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL204WnNfNENhaW5FaElBWGRuQ2NFZXJRWXlLYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzM3ODAvOEVCNjJERkE3N0VEMTFFQUFBNENDNDIyQzRGOUFFMDIvMUUyODU5OEMy
NDRBMTFGMDk1MzYyQjc1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwQgYIKwYBBQUHAQcBAf8E
MzAxMCAEAgABMBoDBADLA6cDBADLHNQwDAMEAcuqAgMEBMuqADANBAIAAjAHAwUA
JAJNQDANBgkqhkiG9w0BAQsFAAOCAQEAt3mMXX4UwbLf8ClYnREuuuMR+Srn6RzS
VyMNNVU8zgweLPWkFAa7Fio/sdzjCmvkDaTMpXdoZAoTEAOWpuvGHCOHztqa/4Je
x3WqKGRoiJaHRAtfQhwa7n+T4qo5YMPVCEul7leo1vhHkFl0OtJ3xUosGEhfCyA4
AmKzHyLXLlEQMGl+qvuZJkE7GYc6CoJOqnjrribNoYANuAZ9TVgyJOuD6IvFgzAL
Jgxo8V5xydPZ5u21EJ5iQ8XbNTE079sPefq5yMfhnIIkl9Dg2zMB4ee2tYsUorg/
0PcdjkCCdTAFfjrnOX97BVYarsWhdlbf+xgS2NZ74agPaM5Qat+leg==
-----END CERTIFICATE-----
Generated at Mon May 12 22:05:42 2025 by rpki-client