Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B7691/82164D047D5911EDBEB55D0AC4F9AE02/33EC894A7D5E11EDA43E0186C4F9AE02.roa
File: 33EC894A7D5E11EDA43E0186C4F9AE02.roa (raw, json)
Hash identifier: TQzKl+xNFEXkifMWIruO6rhakN0jE6vG5A/yiHK36Jo=
Subject key identifier: 7F:47:D2:8F:57:16:C6:24:12:70:A3:9D:D3:92:A1:74:C3:2E:D8:94
Certificate issuer: /CN=A91B7691/serialNumber=EC0C9A58CB0ACD4273B45E1B91813BFFFFD08140
Certificate serial: 019F
Authority key identifier: EC:0C:9A:58:CB:0A:CD:42:73:B4:5E:1B:91:81:3B:FF:FF:D0:81:40
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7AyaWMsKzUJztF4bkYE7___QgUA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B7691/82164D047D5911EDBEB55D0AC4F9AE02/33EC894A7D5E11EDA43E0186C4F9AE02.roa
Signing time: Tue 18 Feb 2025 12:08:38 +0000
ROA not before: Tue 18 Feb 2025 12:08:38 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 135772
IP address blocks: 14.192.52.0/22 maxlen: 24
103.54.230.0/23 maxlen: 24
103.68.216.0/22 maxlen: 24
2001:df6:6b00::/48 maxlen: 48
2400:cc60::/32 maxlen: 36
2407:a8c0::/32 maxlen: 36
2407:a8c0::/33 maxlen: 39
2407:a8c0::/34 maxlen: 40
2407:a8c0:4000::/36 maxlen: 40
2407:a8c0:5000::/39 maxlen: 40
2407:a8c0:5300::/40 maxlen: 40
2407:a8c0:5400::/38 maxlen: 40
2407:a8c0:5800::/37 maxlen: 40
2407:a8c0:6000::/35 maxlen: 40
2407:a8c0:8000::/34 maxlen: 40
2407:a8c0:c000::/35 maxlen: 40
2407:a8c0:e000::/36 maxlen: 40
2407:a8c0:f000::/37 maxlen: 37
2407:a8c0:f000::/38 maxlen: 38
2407:a8c0:f000::/39 maxlen: 40
Validation: Failed, certificate revoked on Wed 19 Feb 2025 07:05:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 415 (0x19f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B7691, serialNumber=EC0C9A58CB0ACD4273B45E1B91813BFFFFD08140
Validity
Not Before: Feb 18 12:08:38 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=67b47846-35b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:15:51:ae:d3:dc:36:78:11:9d:91:70:36:74:
14:4a:e9:3b:2a:92:68:d6:91:6e:b1:93:0e:ea:92:
39:0a:d5:c5:19:8d:3d:52:19:e0:b4:be:81:b7:69:
23:42:ce:5a:72:07:d8:68:ec:5c:22:03:72:86:ca:
68:9a:ed:12:c7:a7:94:94:d4:ac:41:47:bd:ba:97:
2c:6a:3c:1f:6b:26:0f:dc:41:9e:ae:d3:80:a1:b6:
f8:8a:25:e2:8f:76:78:17:89:90:44:65:7f:6b:f8:
3f:df:d3:7f:d1:d6:0b:09:ad:bb:90:50:7f:37:fd:
e5:0e:78:32:00:11:0f:f7:21:90:52:a0:2e:75:ed:
05:a8:b9:bc:f4:43:c7:9f:e5:d3:36:2d:33:7f:55:
2d:e2:63:48:7a:b3:1f:0c:91:a1:42:a1:ed:b7:c9:
23:0d:8e:87:c1:a3:0e:64:98:ee:5f:f7:b1:bb:d6:
cd:7f:b5:00:b5:d2:59:ec:1f:eb:88:02:a9:7f:ed:
37:ea:57:88:56:c0:fa:6c:0f:9b:36:05:9a:e0:5e:
af:53:63:f8:9f:57:60:47:81:dd:37:d4:a8:6e:25:
01:ea:86:be:bf:73:8b:8c:05:b6:6a:a0:ca:c7:f8:
8f:60:9b:be:e7:0a:9b:7f:83:74:5a:f7:4b:0b:3c:
bd:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:47:D2:8F:57:16:C6:24:12:70:A3:9D:D3:92:A1:74:C3:2E:D8:94
X509v3 Authority Key Identifier:
keyid:EC:0C:9A:58:CB:0A:CD:42:73:B4:5E:1B:91:81:3B:FF:FF:D0:81:40
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B7691/82164D047D5911EDBEB55D0AC4F9AE02/7AyaWMsKzUJztF4bkYE7___QgUA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7AyaWMsKzUJztF4bkYE7___QgUA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B7691/82164D047D5911EDBEB55D0AC4F9AE02/33EC894A7D5E11EDA43E0186C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
14.192.52.0/22
103.54.230.0/23
103.68.216.0/22
IPv6:
2001:df6:6b00::/48
2400:cc60::/32
2407:a8c0::/32
Signature Algorithm: sha256WithRSAEncryption
3a:ec:b7:5c:6b:53:d1:c1:68:9c:1d:47:e6:24:e5:d7:50:b2:
b4:c6:d0:0d:c9:a4:51:9b:f2:55:26:28:68:e1:55:2e:2d:fc:
30:5e:73:73:96:b4:ab:ef:8c:0b:0a:37:3d:c7:87:35:52:fa:
fc:c4:aa:69:e1:f5:0b:9a:06:a2:8f:3a:83:71:3c:8e:14:d0:
6e:2f:e9:24:2b:93:21:b2:14:0d:de:ca:f4:a8:7e:98:6e:24:
14:59:9c:b8:db:9c:5c:f0:df:f4:33:43:24:64:e6:10:7a:94:
85:21:9f:9c:f1:03:f7:5f:fd:b8:ff:2f:a5:28:f2:37:89:04:
eb:e0:bf:6b:63:2c:a7:71:4d:53:05:6a:7b:cb:a4:ab:e1:81:
b9:53:ee:3c:48:f8:99:03:da:c8:c5:d5:19:06:53:96:55:b8:
d1:cc:eb:90:14:ae:3e:36:c0:24:af:f6:70:14:c4:11:c8:3f:
7e:dd:09:26:41:62:f2:4f:ef:24:73:74:d1:42:2e:f7:71:a9:
08:69:98:7c:d3:f2:91:30:57:84:0c:32:df:1d:0e:79:dc:e7:
d2:82:d5:d4:28:01:03:dd:d9:22:8f:33:62:7b:23:20:e4:82:
d0:7a:93:5b:24:8b:dd:78:42:49:3b:50:cf:de:51:4c:89:83:
d6:23:22:9f
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgICAZ8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Qjc2OTExMTAvBgNVBAUTKEVDMEM5QTU4Q0IwQUNENDI3M0I0NUUxQjkxODEzQkZG
RkZEMDgxNDAwHhcNMjUwMjE4MTIwODM4WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2I0Nzg0Ni0zNWI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzhVRrtPcNngRnZFwNnQUSuk7KpJo1pFusZMO6pI5CtXFGY09UhngtL6Bt2kj
Qs5acgfYaOxcIgNyhspomu0Sx6eUlNSsQUe9upcsajwfayYP3EGertOAobb4iiXi
j3Z4F4mQRGV/a/g/39N/0dYLCa27kFB/N/3lDngyABEP9yGQUqAude0FqLm89EPH
n+XTNi0zf1Ut4mNIerMfDJGhQqHtt8kjDY6HwaMOZJjuX/exu9bNf7UAtdJZ7B/r
iAKpf+036leIVsD6bA+bNgWa4F6vU2P4n1dgR4HdN9SobiUB6oa+v3OLjAW2aqDK
x/iPYJu+5wqbf4N0WvdLCzy9kwIDAQABo4ICwDCCArwwHQYDVR0OBBYEFH9H0o9X
FsYkEnCjndOSoXTDLtiUMB8GA1UdIwQYMBaAFOwMmljLCs1Cc7ReG5GBO///0IFA
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNzY5MS84MjE2NEQwNDdE
NTkxMUVEQkVCNTVEMEFDNEY5QUUwMi83QXlhV01zS3pVSnp0RjRia1lFN19fX1Fn
VUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzdBeWFXTXNLelVKenRGNGJrWUU3X19fUWdVQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
Qjc2OTEvODIxNjREMDQ3RDU5MTFFREJFQjU1RDBBQzRGOUFFMDIvMzNFQzg5NEE3
RDVFMTFFREE0M0UwMTg2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwSgYIKwYBBQUHAQcBAf8E
OzA5MBgEAgABMBIDBAIOwDQDBAFnNuYDBAJnRNgwHQQCAAIwFwMHACABDfZrAAMF
ACQAzGADBQAkB6jAMA0GCSqGSIb3DQEBCwUAA4IBAQA67Ldca1PRwWicHUfmJOXX
ULK0xtANyaRRm/JVJiho4VUuLfwwXnNzlrSr74wLCjc9x4c1Uvr8xKpp4fULmgai
jzqDcTyOFNBuL+kkK5MhshQN3sr0qH6YbiQUWZy425xc8N/0M0MkZOYQepSFIZ+c
8QP3X/24/y+lKPI3iQTr4L9rYyyncU1TBWp7y6Sr4YG5U+48SPiZA9rIxdUZBlOW
VbjRzOuQFK4+NsAkr/ZwFMQRyD9+3QkmQWLyT+8kc3TRQi73cakIaZh80/KRMFeE
DDLfHQ553OfSgtXUKAED3dkijzNieyMg5ILQepNbJIvdeEJJO1DP3lFMiYPWIyKf
-----END CERTIFICATE-----
Generated at Tue May 13 03:31:29 2025 by rpki-client