Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9192C18/9A5EEA8C3DF411ED8041F930C4F9AE02/EBDDDBC2CEE611EF8E4CDF26C4F9AE02.roa
File: EBDDDBC2CEE611EF8E4CDF26C4F9AE02.roa (raw, json)
Hash identifier: 5OJYer4pOZvbSWX3fm1/elcJ//acqn342e91P4Nm7Sc=
Subject key identifier: D1:98:A3:16:19:4A:29:22:E1:69:D2:CD:7C:C1:62:34:4B:FC:13:04
Certificate issuer: /CN=A9192C18/serialNumber=F1FE0C327E79E5AF43E15B0E6F8CD66C0329D138
Certificate serial: 022D
Authority key identifier: F1:FE:0C:32:7E:79:E5:AF:43:E1:5B:0E:6F:8C:D6:6C:03:29:D1:38
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8f4MMn555a9D4VsOb4zWbAMp0Tg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9192C18/9A5EEA8C3DF411ED8041F930C4F9AE02/EBDDDBC2CEE611EF8E4CDF26C4F9AE02.roa
Signing time: Fri 10 Jan 2025 00:07:47 +0000
ROA not before: Fri 10 Jan 2025 00:07:46 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 834
IP address blocks: 218.33.104.0/22 maxlen: 24
218.33.108.0/22 maxlen: 24
218.33.112.0/22 maxlen: 24
218.33.116.0/22 maxlen: 24
218.33.124.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 13 Jan 2025 11:09:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 557 (0x22d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9192C18, serialNumber=F1FE0C327E79E5AF43E15B0E6F8CD66C0329D138
Validity
Not Before: Jan 10 00:07:46 2025 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=678064d2-4ee9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:2a:eb:65:f1:36:d7:c7:a1:cc:8a:ba:0e:e2:
c0:9b:fa:d2:e7:12:b6:10:00:16:6a:1c:25:cc:d8:
aa:e8:b1:01:d0:8d:64:73:83:58:77:69:45:36:e6:
a3:6a:7c:be:e2:f1:94:d4:e9:37:1a:f5:57:20:36:
8b:62:35:9d:ae:51:14:97:30:b2:3f:5d:69:e6:6c:
8f:b3:a6:54:b5:ac:9d:6f:e9:30:a3:32:86:76:1a:
78:84:ae:7e:1e:85:1d:46:2c:05:96:78:84:6b:3a:
fa:16:86:d4:3d:1f:81:1f:b0:88:1e:88:4b:8f:85:
28:94:15:8e:74:98:53:31:42:6c:da:02:1d:b2:a6:
e2:bc:b2:84:9e:e6:36:b5:6a:81:78:20:ef:da:92:
69:5f:e1:28:fa:3b:9b:00:c8:04:f5:94:b6:7b:af:
80:4a:3e:e4:89:a4:13:04:ba:2d:a6:6c:bc:d6:b0:
40:e4:5d:2f:aa:73:0b:32:20:eb:d7:4d:68:ab:3d:
bf:41:25:6a:aa:69:07:86:2c:66:f5:b5:2c:32:9e:
9e:10:f4:b7:ef:38:17:1f:88:68:25:c1:1a:a4:88:
58:60:67:5e:8a:e3:da:98:b8:30:dc:1c:c7:1d:d4:
37:3e:f6:5d:e9:37:81:e7:58:aa:35:21:10:0a:71:
f8:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:98:A3:16:19:4A:29:22:E1:69:D2:CD:7C:C1:62:34:4B:FC:13:04
X509v3 Authority Key Identifier:
keyid:F1:FE:0C:32:7E:79:E5:AF:43:E1:5B:0E:6F:8C:D6:6C:03:29:D1:38
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9192C18/9A5EEA8C3DF411ED8041F930C4F9AE02/8f4MMn555a9D4VsOb4zWbAMp0Tg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8f4MMn555a9D4VsOb4zWbAMp0Tg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9192C18/9A5EEA8C3DF411ED8041F930C4F9AE02/EBDDDBC2CEE611EF8E4CDF26C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
218.33.104.0-218.33.119.255
218.33.124.0/22
Signature Algorithm: sha256WithRSAEncryption
3e:f6:50:25:d5:3e:1e:4c:03:72:0f:60:3a:4e:60:59:30:bd:
3c:16:1a:ce:ef:8b:62:e8:53:37:ab:28:5b:01:ec:2e:50:3a:
2e:fb:67:01:46:01:54:b2:40:43:ac:0c:75:97:cc:3d:f3:5f:
67:74:b0:68:df:27:eb:e2:df:c9:2c:74:21:fb:07:09:a8:bc:
1c:f0:69:4d:34:b5:d1:91:53:ff:7c:ef:eb:32:eb:9e:81:fe:
a2:15:6d:5b:25:84:bc:fd:57:4d:9f:3f:80:68:a9:ee:a1:42:
8f:93:1e:7f:0f:8a:a7:99:08:bf:c3:a5:3b:91:56:dd:58:fd:
c2:ef:da:5b:22:25:4a:3b:78:82:2a:b1:91:dd:80:8b:a3:57:
25:38:87:77:56:31:c7:cf:63:e5:95:bf:fa:04:4b:41:62:91:
0a:b3:7c:a9:15:ae:3b:af:72:87:ee:31:ea:71:6e:01:80:64:
f3:57:9d:6d:06:3d:f1:27:1a:75:0d:37:3a:f4:93:f4:dc:57:
4d:90:a7:10:06:0a:f9:89:ea:e8:e8:8f:34:3f:7c:70:08:4d:
87:56:ef:23:6a:a0:41:90:05:c0:e1:7b:01:1c:3e:e6:36:ac:
da:87:2a:68:0e:22:be:52:a2:ef:cb:c7:e8:e1:05:d6:ef:e0:
5d:50:74:93
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgICAi0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTJDMTgxMTAvBgNVBAUTKEYxRkUwQzMyN0U3OUU1QUY0M0UxNUIwRTZGOENENjZD
MDMyOUQxMzgwHhcNMjUwMTEwMDAwNzQ2WhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzgwNjRkMi00ZWU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtyrrZfE218ehzIq6DuLAm/rS5xK2EAAWahwlzNiq6LEB0I1kc4NYd2lFNuaj
any+4vGU1Ok3GvVXIDaLYjWdrlEUlzCyP11p5myPs6ZUtaydb+kwozKGdhp4hK5+
HoUdRiwFlniEazr6FobUPR+BH7CIHohLj4UolBWOdJhTMUJs2gIdsqbivLKEnuY2
tWqBeCDv2pJpX+Eo+jubAMgE9ZS2e6+ASj7kiaQTBLotpmy81rBA5F0vqnMLMiDr
101oqz2/QSVqqmkHhixm9bUsMp6eEPS37zgXH4hoJcEapIhYYGdeiuPamLgw3BzH
HdQ3PvZd6TeB51iqNSEQCnH4owIDAQABo4ICozCCAp8wHQYDVR0OBBYEFNGYoxYZ
Siki4WnSzXzBYjRL/BMEMB8GA1UdIwQYMBaAFPH+DDJ+eeWvQ+FbDm+M1mwDKdE4
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5MkMxOC85QTVFRUE4QzNE
RjQxMUVEODA0MUY5MzBDNEY5QUUwMi84ZjRNTW41NTVhOUQ0VnNPYjR6V2JBTXAw
VGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzhmNE1NbjU1NWE5RDRWc09iNHpXYkFNcDBUZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTJDMTgvOUE1RUVBOEMzREY0MTFFRDgwNDFGOTMwQzRGOUFFMDIvRUJERERCQzJD
RUU2MTFFRjhFNENERjI2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLQYIKwYBBQUHAQcBAf8E
HjAcMBoEAgABMBQwDAMEA9ohaAMEA9ohcAMEAtohfDANBgkqhkiG9w0BAQsFAAOC
AQEAPvZQJdU+HkwDcg9gOk5gWTC9PBYazu+LYuhTN6soWwHsLlA6LvtnAUYBVLJA
Q6wMdZfMPfNfZ3SwaN8n6+LfySx0IfsHCai8HPBpTTS10ZFT/3zv6zLrnoH+ohVt
WyWEvP1XTZ8/gGip7qFCj5Mefw+Kp5kIv8OlO5FW3Vj9wu/aWyIlSjt4giqxkd2A
i6NXJTiHd1Yxx89j5ZW/+gRLQWKRCrN8qRWuO69yh+4x6nFuAYBk81edbQY98Sca
dQ03OvST9NxXTZCnEAYK+Ynq6OiPND98cAhNh1bvI2qgQZAFwOF7ARw+5jas2ocq
aA4ivlKi78vH6OEF1u/gXVB0kw==
-----END CERTIFICATE-----
Generated at Sun May 11 12:47:46 2025 by rpki-client