Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/A8994F2AAB8411EFB565D34EC4F9AE02.roa
File: A8994F2AAB8411EFB565D34EC4F9AE02.roa (raw, json)
Hash identifier: 5PB25992Qdm0NOV5cr5nOdB0Cjpvoeso8fhD0lbSox0=
Subject key identifier: 89:02:B7:9B:97:80:32:6E:A9:90:8D:30:36:DA:17:8B:B9:64:DC:21
Certificate issuer: /CN=A918FC75/serialNumber=482E5A6E0896A266A91A4066C06F4B4ED984649D
Certificate serial: 03F2
Authority key identifier: 48:2E:5A:6E:08:96:A2:66:A9:1A:40:66:C0:6F:4B:4E:D9:84:64:9D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SC5abgiWomapGkBmwG9LTtmEZJ0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/A8994F2AAB8411EFB565D34EC4F9AE02.roa
Signing time: Mon 25 Nov 2024 23:26:12 +0000
ROA not before: Mon 25 Nov 2024 23:26:12 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 150110
IP address blocks: 203.32.25.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 15 Dec 2024 11:06:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1010 (0x3f2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918FC75/serialNumber=482E5A6E0896A266A91A4066C06F4B4ED984649D
Validity
Not Before: Nov 25 23:26:12 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=67450794-36ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:3d:6b:28:05:82:0d:f6:d6:a3:c1:6b:7f:9f:
c5:32:88:20:29:3a:aa:87:0f:21:9c:ba:9e:ed:95:
fd:40:1c:8f:e3:57:6b:de:11:87:c0:bf:8a:d7:38:
80:52:29:af:ec:5f:f2:47:6c:f3:0e:9a:14:b3:8b:
6a:ed:b9:b8:10:ca:0c:a6:9f:ef:8c:d7:cf:4f:6e:
7e:28:46:03:2e:97:88:7b:5c:99:57:ae:72:94:d6:
07:39:91:33:e2:d4:57:5c:fe:f2:d3:31:6e:62:75:
bb:ed:d7:77:95:82:f7:34:da:a5:da:51:fc:09:3b:
8a:c6:58:2b:1f:9e:ab:b0:0b:b5:99:b7:2f:05:57:
1c:a2:3e:7f:5c:6e:fd:ce:c3:25:1e:02:f8:bd:b3:
e3:d1:a6:f5:c5:a2:ad:13:11:c9:53:4b:ab:92:20:
1d:08:82:01:14:a8:57:e9:36:b7:ca:b8:27:f4:92:
43:88:82:23:b3:51:7f:6f:60:c7:35:68:b9:88:ad:
78:c4:a5:e9:f7:2a:54:4e:0f:20:9b:7c:bd:9e:1c:
c0:5a:28:24:2a:1a:9d:de:bd:29:e5:77:ec:7b:f4:
f6:ff:d2:09:c7:f8:05:72:13:98:1a:ae:21:d0:27:
93:5a:5d:54:94:ff:f3:e2:ea:ef:cb:e5:aa:e6:54:
a4:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:02:B7:9B:97:80:32:6E:A9:90:8D:30:36:DA:17:8B:B9:64:DC:21
X509v3 Authority Key Identifier:
keyid:48:2E:5A:6E:08:96:A2:66:A9:1A:40:66:C0:6F:4B:4E:D9:84:64:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/SC5abgiWomapGkBmwG9LTtmEZJ0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SC5abgiWomapGkBmwG9LTtmEZJ0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918FC75/3AA5DEE0DD5811EC870FC20DC4F9AE02/A8994F2AAB8411EFB565D34EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
203.32.25.0/24
Signature Algorithm: sha256WithRSAEncryption
96:aa:5b:c6:8d:fb:33:19:ab:a5:39:d9:0e:67:da:99:7a:18:
31:6e:1a:32:e7:90:44:1a:fd:fe:8a:7b:89:32:c1:17:1e:ed:
d7:9b:96:89:fb:fd:52:3d:5d:da:b0:10:c0:01:4d:46:60:ad:
51:af:bf:dc:09:24:6a:93:72:ca:55:c8:58:37:d7:05:c5:8b:
2d:61:97:c7:7e:22:c8:da:b6:dc:d7:30:b9:a1:84:16:7a:3f:
ad:34:0b:97:cc:b2:95:a8:6e:3e:ae:6f:87:95:94:7e:02:cc:
10:75:5b:7f:50:5b:e2:81:ab:2b:cd:c2:0b:fa:99:df:15:da:
59:04:60:f1:ae:1e:90:81:73:fd:f2:97:95:15:37:51:42:e4:
e8:ab:0e:02:75:20:2f:5c:ec:2b:0e:74:9c:95:8c:74:77:8f:
9f:c9:14:73:d3:a0:4c:75:41:f2:18:4a:6a:88:a0:af:46:8e:
af:10:8e:fb:58:ae:b3:74:f1:11:d9:24:b1:58:96:03:28:42:
a0:9d:df:f8:a2:81:49:fe:9d:08:9f:2c:d3:ce:ba:20:c7:09:
8e:62:6f:13:97:91:d8:e6:3e:51:9f:07:fc:25:be:34:69:b1:
b3:6d:16:b4:33:af:fb:88:93:ff:ce:08:2b:6c:e9:4b:f6:a6:
86:21:15:48
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICA/IwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEZDNzUxMTAvBgNVBAUTKDQ4MkU1QTZFMDg5NkEyNjZBOTFBNDA2NkMwNkY0QjRF
RDk4NDY0OUQwHhcNMjQxMTI1MjMyNjEyWhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzQ1MDc5NC0zNmFlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxj1rKAWCDfbWo8Frf5/FMoggKTqqhw8hnLqe7ZX9QByP41dr3hGHwL+K1ziA
Uimv7F/yR2zzDpoUs4tq7bm4EMoMpp/vjNfPT25+KEYDLpeIe1yZV65ylNYHOZEz
4tRXXP7y0zFuYnW77dd3lYL3NNql2lH8CTuKxlgrH56rsAu1mbcvBVccoj5/XG79
zsMlHgL4vbPj0ab1xaKtExHJU0urkiAdCIIBFKhX6Ta3yrgn9JJDiIIjs1F/b2DH
NWi5iK14xKXp9ypUTg8gm3y9nhzAWigkKhqd3r0p5Xfse/T2/9IJx/gFchOYGq4h
0CeTWl1UlP/z4urvy+Wq5lSkmwIDAQABo4IClTCCApEwHQYDVR0OBBYEFIkCt5uX
gDJuqZCNMDbaF4u5ZNwhMB8GA1UdIwQYMBaAFEguWm4IlqJmqRpAZsBvS07ZhGSd
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RkM3NS8zQUE1REVFMERE
NTgxMUVDODcwRkMyMERDNEY5QUUwMi9TQzVhYmdpV29tYXBHa0Jtd0c5TFR0bUVa
SjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1NDNWFiZ2lXb21hcEdrQm13RzlMVHRtRVpKMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEZDNzUvM0FBNURFRTBERDU4MTFFQzg3MEZDMjBEQzRGOUFFMDIvQTg5OTRGMkFB
Qjg0MTFFRkI1NjVEMzRFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADLIBkwDQYJKoZIhvcNAQELBQADggEBAJaqW8aN+zMZq6U5
2Q5n2pl6GDFuGjLnkEQa/f6Ke4kywRce7deblon7/VI9XdqwEMABTUZgrVGvv9wJ
JGqTcspVyFg31wXFiy1hl8d+IsjattzXMLmhhBZ6P600C5fMspWobj6ub4eVlH4C
zBB1W39QW+KBqyvNwgv6md8V2lkEYPGuHpCBc/3yl5UVN1FC5OirDgJ1IC9c7CsO
dJyVjHR3j5/JFHPToEx1QfIYSmqIoK9Gjq8QjvtYrrN08RHZJLFYlgMoQqCd3/ii
gUn+nQifLNPOuiDHCY5ibxOXkdjmPlGfB/wlvjRpsbNtFrQzr/uIk//OCCts6Uv2
poYhFUg=
Generated at Sun Dec 15 14:12:01 2024 by rpki-client on console.sobornost.net