Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E170B/97AF6DF01D6D11E2A12D9EAE08B02CD2/B1F8D834F0CF11EFA88F5D09C4F9AE02.roa
File: B1F8D834F0CF11EFA88F5D09C4F9AE02.roa (raw, json)
Hash identifier: G4/5xvJyM6dsTEUp6JHr2PU4JyXxUbCwrfnaaqvLBds=
Subject key identifier: 09:3C:3E:5E:AE:FD:DA:65:65:06:C6:4F:C4:B3:7A:BA:73:3A:00:44
Certificate issuer: /CN=A91E170B/serialNumber=6D38C5B4CF4BAD3D984871A7321A9D16960BE268
Certificate serial: 35DC
Authority key identifier: 6D:38:C5:B4:CF:4B:AD:3D:98:48:71:A7:32:1A:9D:16:96:0B:E2:68
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bTjFtM9LrT2YSHGnMhqdFpYL4mg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E170B/97AF6DF01D6D11E2A12D9EAE08B02CD2/B1F8D834F0CF11EFA88F5D09C4F9AE02.roa
Signing time: Sat 22 Feb 2025 03:47:11 +0000
ROA not before: Sat 22 Feb 2025 03:47:11 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 38022
IP address blocks: 202.125.96.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 22 Feb 2025 05:13:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13788 (0x35dc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E170B, serialNumber=6D38C5B4CF4BAD3D984871A7321A9D16960BE268
Validity
Not Before: Feb 22 03:47:11 2025 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=67b948be-c061
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:36:18:2a:ab:47:d7:42:a4:e5:9a:6d:39:3d:
49:87:d5:6f:0f:ec:0d:3f:5f:ef:fc:41:43:80:aa:
3b:d2:59:70:ba:34:7b:5d:c0:8f:6e:cf:da:c7:49:
52:87:30:9a:11:df:60:d4:20:87:9d:9f:a9:f6:1f:
36:3a:91:92:e2:73:42:22:ee:9b:7a:92:25:98:80:
f6:48:0e:29:a0:99:4c:4c:86:93:fb:ae:04:5e:88:
73:bd:3f:d4:a7:c7:75:7b:e4:25:ae:fd:21:ef:3e:
6a:2e:5f:18:f1:a0:6a:da:86:2e:00:c7:95:26:82:
87:07:e2:47:9b:32:39:81:de:79:5a:68:52:4b:8b:
24:3a:22:ba:75:a2:71:25:e9:0f:49:e2:ea:c9:78:
73:41:ae:67:b2:31:7a:26:9d:09:cc:96:87:93:a8:
3f:73:09:65:1d:7d:a1:f0:6d:60:a5:e8:19:79:27:
6f:62:5c:62:bb:58:9a:47:3a:7e:0c:0f:3e:14:2c:
d1:90:e2:e4:ed:bf:d0:ea:b7:e2:cd:da:f5:bf:55:
fc:5d:da:08:f9:9c:8f:cf:91:e9:af:9b:68:b7:29:
9c:68:cd:31:b0:1e:f9:2a:d0:28:a3:d2:5d:9b:f9:
55:dd:05:ef:3e:5f:83:3e:be:5c:e2:f3:c7:0a:ec:
87:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:3C:3E:5E:AE:FD:DA:65:65:06:C6:4F:C4:B3:7A:BA:73:3A:00:44
X509v3 Authority Key Identifier:
keyid:6D:38:C5:B4:CF:4B:AD:3D:98:48:71:A7:32:1A:9D:16:96:0B:E2:68
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E170B/97AF6DF01D6D11E2A12D9EAE08B02CD2/bTjFtM9LrT2YSHGnMhqdFpYL4mg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bTjFtM9LrT2YSHGnMhqdFpYL4mg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E170B/97AF6DF01D6D11E2A12D9EAE08B02CD2/B1F8D834F0CF11EFA88F5D09C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.125.96.0/24
Signature Algorithm: sha256WithRSAEncryption
73:20:a7:e5:a6:f6:52:6b:17:31:07:76:b0:65:4b:2d:5b:9f:
6a:e9:29:7d:ed:d4:5e:a3:e7:14:f6:78:f6:8a:8b:5d:b6:e0:
1d:9e:87:44:3f:c2:83:bd:a3:39:dd:d7:36:a9:c5:f0:e5:d4:
18:78:62:71:a5:f0:18:12:61:6b:95:c7:88:5e:04:fa:b3:ce:
c7:87:9f:ef:59:4d:21:32:06:d6:15:a7:b3:ea:fc:53:d6:d5:
a9:08:5f:44:08:5c:1a:c3:73:91:86:e4:fb:5f:6c:9d:3d:d3:
49:14:96:54:01:31:61:55:56:ba:b3:5c:57:8e:89:d0:ca:e0:
eb:d5:20:38:47:46:d5:be:e4:2a:d4:7b:d5:ec:c9:56:06:23:
52:e3:f9:1d:77:57:6b:ac:b8:03:15:1f:a8:99:15:a1:27:5e:
f9:0d:fe:7b:c6:69:5e:85:33:e1:a8:28:58:10:8f:49:ca:91:
95:4c:83:d7:f7:83:54:ba:1e:31:14:ae:c1:d3:41:e1:4f:ce:
c8:c9:8d:53:b7:ad:ff:71:e8:84:eb:23:c3:bb:b9:a3:e2:0d:
a8:3a:86:5a:b8:c1:33:c5:30:40:19:a0:34:66:68:41:39:c0:
c4:ce:89:f2:50:3a:cb:b4:ec:b2:ca:10:bf:e4:51:c8:06:53:
1d:21:a1:91
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICNdwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTE3MEIxMTAvBgNVBAUTKDZEMzhDNUI0Q0Y0QkFEM0Q5ODQ4NzFBNzMyMUE5RDE2
OTYwQkUyNjgwHhcNMjUwMjIyMDM0NzExWhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2I5NDhiZS1jMDYxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxzYYKqtH10Kk5ZptOT1Jh9VvD+wNP1/v/EFDgKo70llwujR7XcCPbs/ax0lS
hzCaEd9g1CCHnZ+p9h82OpGS4nNCIu6bepIlmID2SA4poJlMTIaT+64EXohzvT/U
p8d1e+Qlrv0h7z5qLl8Y8aBq2oYuAMeVJoKHB+JHmzI5gd55WmhSS4skOiK6daJx
JekPSeLqyXhzQa5nsjF6Jp0JzJaHk6g/cwllHX2h8G1gpegZeSdvYlxiu1iaRzp+
DA8+FCzRkOLk7b/Q6rfizdr1v1X8XdoI+ZyPz5Hpr5totymcaM0xsB75KtAoo9Jd
m/lV3QXvPl+DPr5c4vPHCuyHzwIDAQABo4IClTCCApEwHQYDVR0OBBYEFAk8Pl6u
/dplZQbGT8SzerpzOgBEMB8GA1UdIwQYMBaAFG04xbTPS609mEhxpzIanRaWC+Jo
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMTcwQi85N0FGNkRGMDFE
NkQxMUUyQTEyRDlFQUUwOEIwMkNEMi9iVGpGdE05THJUMllTSEduTWhxZEZwWUw0
bWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2JUakZ0TTlMclQyWVNIR25NaHFkRnBZTDRtZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTE3MEIvOTdBRjZERjAxRDZEMTFFMkExMkQ5RUFFMDhCMDJDRDIvQjFGOEQ4MzRG
MENGMTFFRkE4OEY1RDA5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADKfWAwDQYJKoZIhvcNAQELBQADggEBAHMgp+Wm9lJrFzEH
drBlSy1bn2rpKX3t1F6j5xT2ePaKi1224B2eh0Q/woO9oznd1zapxfDl1Bh4YnGl
8BgSYWuVx4heBPqzzseHn+9ZTSEyBtYVp7Pq/FPW1akIX0QIXBrDc5GG5PtfbJ09
00kUllQBMWFVVrqzXFeOidDK4OvVIDhHRtW+5CrUe9XsyVYGI1Lj+R13V2usuAMV
H6iZFaEnXvkN/nvGaV6FM+GoKFgQj0nKkZVMg9f3g1S6HjEUrsHTQeFPzsjJjVO3
rf9x6ITrI8O7uaPiDag6hlq4wTPFMEAZoDRmaEE5wMTOifJQOsu07LLKEL/kUcgG
Ux0hoZE=
-----END CERTIFICATE-----
Generated at Sun May 11 22:40:41 2025 by rpki-client