Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/8975AF72144211F0A098EF73C4F9AE02.roa
File: 8975AF72144211F0A098EF73C4F9AE02.roa (raw, json)
Hash identifier: IJi/I7P68jCMm61JJxcP5KgtBx9v6fgw9vrG1cOBcok=
Subject key identifier: 11:6A:10:25:25:7F:17:41:3D:AE:42:94:68:8E:35:BB:F0:1C:67:81
Certificate issuer: /CN=A918FC75/serialNumber=482E5A6E0896A266A91A4066C06F4B4ED984649D
Certificate serial: 046A
Authority key identifier: 48:2E:5A:6E:08:96:A2:66:A9:1A:40:66:C0:6F:4B:4E:D9:84:64:9D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SC5abgiWomapGkBmwG9LTtmEZJ0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/8975AF72144211F0A098EF73C4F9AE02.roa
Signing time: Wed 30 Apr 2025 00:32:49 +0000
ROA not before: Wed 30 Apr 2025 00:32:49 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 150110
IP address blocks: 203.32.7.0/24 maxlen: 24
203.32.32.0/24 maxlen: 24
203.32.38.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 05 May 2025 03:04:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1130 (0x46a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918FC75, serialNumber=482E5A6E0896A266A91A4066C06F4B4ED984649D
Validity
Not Before: Apr 30 00:32:49 2025 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=68116fb1-2ce1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:f0:0f:3c:a6:e2:0d:10:26:00:b9:e5:01:b7:
bc:45:33:5c:69:8c:0c:5e:c0:e1:ab:2d:18:18:25:
03:49:f7:5e:50:e8:a0:38:d5:dc:1c:3d:c2:7f:b8:
63:50:82:72:ec:b5:5d:73:ab:1f:ba:c1:68:06:e7:
7f:bb:fc:7d:2b:f5:e0:38:74:59:b4:f0:d0:bc:6e:
86:96:fc:1e:73:6b:a8:ed:53:15:61:d4:98:8f:d0:
d9:c0:fa:58:c1:a6:50:74:31:b6:a3:e3:ab:82:07:
aa:4c:87:df:73:ed:0f:a6:91:cd:e8:8d:08:4d:d7:
46:06:d7:e2:c6:d0:fb:a0:e4:b7:50:8e:5e:ac:1e:
45:ee:6b:86:e2:18:25:f6:bd:bc:1e:c0:35:ed:a6:
94:63:8e:64:ec:dd:58:0e:b9:d6:0c:ca:e9:07:3a:
7d:81:33:f2:1c:78:4e:59:a6:f8:17:4c:14:94:e5:
5f:45:39:df:47:65:30:42:eb:22:a1:13:63:6a:05:
c9:b8:0b:56:48:ea:1d:40:47:e6:76:c5:69:bf:8a:
8e:3e:fb:9e:5b:91:40:03:d8:4a:62:18:c4:4e:df:
a4:4f:26:81:2f:4b:c2:a3:43:f8:12:d9:30:3c:41:
db:a4:69:bc:d7:de:df:8e:42:9e:78:ec:b7:7f:0b:
96:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:6A:10:25:25:7F:17:41:3D:AE:42:94:68:8E:35:BB:F0:1C:67:81
X509v3 Authority Key Identifier:
keyid:48:2E:5A:6E:08:96:A2:66:A9:1A:40:66:C0:6F:4B:4E:D9:84:64:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/SC5abgiWomapGkBmwG9LTtmEZJ0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SC5abgiWomapGkBmwG9LTtmEZJ0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/8975AF72144211F0A098EF73C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.32.7.0/24
203.32.32.0/24
203.32.38.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:01:d5:bc:73:3a:61:e7:fd:2c:0c:33:e1:05:a8:c4:85:ba:
5a:a2:04:83:72:38:f0:84:72:5c:bb:cc:ba:3a:32:24:d2:f1:
79:56:d2:2d:74:4f:d6:27:28:71:e0:94:37:f5:ca:0b:7d:3b:
c6:32:f1:82:45:12:a6:f5:cc:4d:b6:4b:8d:5b:9b:54:2e:de:
98:ab:09:35:0b:1f:97:83:c4:dd:e9:07:50:24:3d:4a:66:cb:
ee:24:20:be:28:85:94:9a:6e:86:74:b6:8d:8b:46:14:0d:22:
ce:c2:1b:2c:f9:63:e6:8b:d5:d4:a0:92:3a:c6:62:9d:55:67:
0a:2c:4f:1a:a7:14:34:1d:f9:16:dc:0a:25:25:33:c6:4d:cb:
be:f1:26:ce:10:be:d7:a9:47:ca:82:b4:94:23:16:a5:85:d3:
f0:2e:73:52:41:64:97:8e:1d:15:69:b2:2c:30:9e:26:b4:cf:
0d:07:e0:46:2d:b0:cb:7c:d4:a4:13:46:ac:1c:8e:ee:91:ee:
95:c8:3b:c7:30:0f:c1:95:90:14:a9:29:d8:6d:54:02:fa:4b:
a1:74:33:a0:3e:64:e6:ba:95:b5:46:eb:c3:50:53:1d:aa:ed:
df:bc:ea:f2:2e:78:bc:14:84:7a:db:87:1b:c5:96:26:62:90:
81:bb:fd:7b
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICBGowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEZDNzUxMTAvBgNVBAUTKDQ4MkU1QTZFMDg5NkEyNjZBOTFBNDA2NkMwNkY0QjRF
RDk4NDY0OUQwHhcNMjUwNDMwMDAzMjQ5WhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODExNmZiMS0yY2UxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAufAPPKbiDRAmALnlAbe8RTNcaYwMXsDhqy0YGCUDSfdeUOigONXcHD3Cf7hj
UIJy7LVdc6sfusFoBud/u/x9K/XgOHRZtPDQvG6Glvwec2uo7VMVYdSYj9DZwPpY
waZQdDG2o+OrggeqTIffc+0PppHN6I0ITddGBtfixtD7oOS3UI5erB5F7muG4hgl
9r28HsA17aaUY45k7N1YDrnWDMrpBzp9gTPyHHhOWab4F0wUlOVfRTnfR2UwQusi
oRNjagXJuAtWSOodQEfmdsVpv4qOPvueW5FAA9hKYhjETt+kTyaBL0vCo0P4Etkw
PEHbpGm8197fjkKeeOy3fwuWsQIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFBFqECUl
fxdBPa5ClGiONbvwHGeBMB8GA1UdIwQYMBaAFEguWm4IlqJmqRpAZsBvS07ZhGSd
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RkM3NS8zQUE1REVFMERE
NTgxMUVDODcwRkMyMERDNEY5QUUwMi9TQzVhYmdpV29tYXBHa0Jtd0c5TFR0bUVa
SjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1NDNWFiZ2lXb21hcEdrQm13RzlMVHRtRVpKMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEZDNzUvM0FBNURFRTBERDU4MTFFQzg3MEZDMjBEQzRGOUFFMDIvODk3NUFGNzIx
NDQyMTFGMEEwOThFRjczQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBADLIAcDBADLICADBADLICYwDQYJKoZIhvcNAQELBQADggEB
AH4B1bxzOmHn/SwMM+EFqMSFulqiBINyOPCEcly7zLo6MiTS8XlW0i10T9YnKHHg
lDf1ygt9O8Yy8YJFEqb1zE22S41bm1Qu3pirCTULH5eDxN3pB1AkPUpmy+4kIL4o
hZSaboZ0to2LRhQNIs7CGyz5Y+aL1dSgkjrGYp1VZwosTxqnFDQd+RbcCiUlM8ZN
y77xJs4QvtepR8qCtJQjFqWF0/Auc1JBZJeOHRVpsiwwnia0zw0H4EYtsMt81KQT
Rqwcju6R7pXIO8cwD8GVkBSpKdhtVAL6S6F0M6A+ZOa6lbVG68NQUx2q7d+86vIu
eLwUhHrbhxvFliZikIG7/Xs=
-----END CERTIFICATE-----
Generated at Thu May 15 18:18:25 2025 by rpki-client