Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9192C18/9A5EEA8C3DF411ED8041F930C4F9AE02/02F5EE6CCEE711EF8A881927C4F9AE02.roa
File: 02F5EE6CCEE711EF8A881927C4F9AE02.roa (raw, json)
Hash identifier: ZLHdK5EW8w9p2/kVTk3z8WhPOrlEbhCnTSMed4bfRU0=
Subject key identifier: B9:5F:47:5B:71:17:53:23:CD:4C:74:63:BB:9D:D8:11:0A:9E:79:AE
Certificate issuer: /CN=A9192C18/serialNumber=F1FE0C327E79E5AF43E15B0E6F8CD66C0329D138
Certificate serial: 0237
Authority key identifier: F1:FE:0C:32:7E:79:E5:AF:43:E1:5B:0E:6F:8C:D6:6C:03:29:D1:38
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8f4MMn555a9D4VsOb4zWbAMp0Tg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9192C18/9A5EEA8C3DF411ED8041F930C4F9AE02/02F5EE6CCEE711EF8A881927C4F9AE02.roa
Signing time: Fri 10 Jan 2025 08:27:58 +0000
ROA not before: Fri 10 Jan 2025 08:27:58 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 4515
IP address blocks: 202.155.156.0/23 maxlen: 23
218.33.120.0/22 maxlen: 22
Validation: Failed, certificate revoked on Sun 09 Mar 2025 00:52:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 567 (0x237)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9192C18
Validity
Not Before: Jan 10 08:27:58 2025 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=6780da0e-9b6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:75:e7:b8:10:89:db:db:b4:21:f9:d1:3a:1f:
d6:fb:66:31:63:07:2b:7a:3c:bc:de:55:72:0a:4e:
94:fb:b0:91:24:6d:9d:7f:f6:af:84:8d:aa:96:77:
14:31:34:6f:01:68:36:6f:94:2b:2e:3a:3f:02:f9:
48:43:32:c1:12:63:35:80:2a:f9:c6:a6:ac:14:ea:
36:8a:9d:e4:f9:02:85:39:e4:ee:00:9c:63:42:e9:
a9:03:da:d5:56:68:75:52:c9:c9:f0:31:f1:3d:cb:
08:53:27:c1:e1:64:e2:bf:e9:65:0b:c3:9f:10:54:
2c:1c:84:6b:94:41:6d:11:0a:3f:5f:05:a6:2b:4e:
97:27:46:86:7f:2f:c7:28:2d:12:48:c9:0e:5d:b4:
b0:db:93:a8:e7:a3:1b:55:46:ed:ec:44:70:a7:4d:
31:5c:cd:6a:aa:3e:ce:89:ef:08:92:de:f8:5d:3d:
95:38:d4:5a:3f:0f:84:9a:79:ba:cc:a4:93:ec:90:
05:c2:7d:73:57:6e:23:0f:f7:29:df:79:6f:ed:a8:
25:71:4a:2f:84:be:bb:ef:9f:b8:88:4a:75:a2:4f:
d3:f3:5b:b5:ac:5d:0c:f4:81:f0:1d:5a:fb:9f:b2:
37:f7:4c:c2:2f:97:f5:9c:04:2b:7e:9b:e0:f3:01:
4d:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:5F:47:5B:71:17:53:23:CD:4C:74:63:BB:9D:D8:11:0A:9E:79:AE
X509v3 Authority Key Identifier:
keyid:F1:FE:0C:32:7E:79:E5:AF:43:E1:5B:0E:6F:8C:D6:6C:03:29:D1:38
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9192C18/9A5EEA8C3DF411ED8041F930C4F9AE02/8f4MMn555a9D4VsOb4zWbAMp0Tg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8f4MMn555a9D4VsOb4zWbAMp0Tg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9192C18/9A5EEA8C3DF411ED8041F930C4F9AE02/02F5EE6CCEE711EF8A881927C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.155.156.0/23
218.33.120.0/22
Signature Algorithm: sha256WithRSAEncryption
a8:c6:ed:68:f9:89:36:74:64:b9:f1:53:7a:4f:b1:ec:a4:52:
20:99:92:d3:67:08:cf:e2:3f:4f:dc:18:69:92:dc:6d:fd:8c:
26:fd:bc:0a:c0:e0:85:59:16:59:5c:aa:53:83:a7:4e:f1:4d:
8e:b2:17:a2:67:f8:7c:8b:d5:e4:f2:0c:90:54:c2:b5:df:25:
61:6d:a8:78:8a:9d:34:3b:88:20:69:9d:77:61:dd:40:f1:bd:
ef:67:86:f4:a3:17:78:1c:b8:5d:35:8b:0e:32:3a:38:fa:a6:
64:8a:37:9b:5d:ca:7a:08:f3:2c:10:37:fb:18:05:8a:6c:05:
7d:48:21:b5:d4:4a:10:e7:0b:f4:b3:c5:79:6b:67:b5:76:e2:
ab:34:47:67:08:c7:ff:0d:d3:1a:50:03:2d:8d:87:1b:ce:33:
d9:5c:8a:4e:70:01:f6:ec:9b:17:9c:04:91:3e:63:54:3c:40:
70:ad:2b:63:80:ab:92:77:5e:51:d9:b0:bd:a8:4e:a1:3a:4b:
f3:8e:87:5a:0a:fa:74:31:d7:97:f5:f6:f5:0c:25:d4:1a:c4:
04:56:33:a3:10:2e:6e:38:b6:0f:13:88:4d:25:30:56:bc:07:
ec:99:88:a7:68:27:41:aa:86:75:17:04:b0:4e:65:bf:2a:ff:
bb:b6:61:4f
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICAjcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTJDMTgxMTAvBgNVBAUTKEYxRkUwQzMyN0U3OUU1QUY0M0UxNUIwRTZGOENENjZD
MDMyOUQxMzgwHhcNMjUwMTEwMDgyNzU4WhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzgwZGEwZS05YjZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAunXnuBCJ29u0IfnROh/W+2YxYwcrejy83lVyCk6U+7CRJG2df/avhI2qlncU
MTRvAWg2b5QrLjo/AvlIQzLBEmM1gCr5xqasFOo2ip3k+QKFOeTuAJxjQumpA9rV
Vmh1UsnJ8DHxPcsIUyfB4WTiv+llC8OfEFQsHIRrlEFtEQo/XwWmK06XJ0aGfy/H
KC0SSMkOXbSw25Oo56MbVUbt7ERwp00xXM1qqj7Oie8Ikt74XT2VONRaPw+Emnm6
zKST7JAFwn1zV24jD/cp33lv7aglcUovhL6775+4iEp1ok/T81u1rF0M9IHwHVr7
n7I390zCL5f1nAQrfpvg8wFNlQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFLlfR1tx
F1MjzUx0Y7ud2BEKnnmuMB8GA1UdIwQYMBaAFPH+DDJ+eeWvQ+FbDm+M1mwDKdE4
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5MkMxOC85QTVFRUE4QzNE
RjQxMUVEODA0MUY5MzBDNEY5QUUwMi84ZjRNTW41NTVhOUQ0VnNPYjR6V2JBTXAw
VGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzhmNE1NbjU1NWE5RDRWc09iNHpXYkFNcDBUZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTJDMTgvOUE1RUVBOEMzREY0MTFFRDgwNDFGOTMwQzRGOUFFMDIvMDJGNUVFNkND
RUU3MTFFRjhBODgxOTI3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAHKm5wDBALaIXgwDQYJKoZIhvcNAQELBQADggEBAKjG7Wj5
iTZ0ZLnxU3pPseykUiCZktNnCM/iP0/cGGmS3G39jCb9vArA4IVZFllcqlODp07x
TY6yF6Jn+HyL1eTyDJBUwrXfJWFtqHiKnTQ7iCBpnXdh3UDxve9nhvSjF3gcuF01
iw4yOjj6pmSKN5tdynoI8ywQN/sYBYpsBX1IIbXUShDnC/SzxXlrZ7V24qs0R2cI
x/8N0xpQAy2NhxvOM9lcik5wAfbsmxecBJE+Y1Q8QHCtK2OAq5J3XlHZsL2oTqE6
S/OOh1oK+nQx15f19vUMJdQaxARWM6MQLm44tg8TiE0lMFa8B+yZiKdoJ0GqhnUX
BLBOZb8q/7u2YU8=
-----END CERTIFICATE-----
Generated at Sun Mar 9 10:17:05 2025 by rpki-client on console.sobornost.net