Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9192C18/9A5EEA8C3DF411ED8041F930C4F9AE02/303D1C500B0B11F0953DF32FC4F9AE02.roa
File: 303D1C500B0B11F0953DF32FC4F9AE02.roa (raw, json)
Hash identifier: Q45a/FI+KUjeInN89CKFDhvJwQFi05tkvZDFT4PosAM=
Subject key identifier: 3C:6C:2C:14:F3:24:7B:42:AB:23:05:C2:00:92:40:4C:CD:AF:2B:43
Certificate issuer: /CN=A9192C18/serialNumber=F1FE0C327E79E5AF43E15B0E6F8CD66C0329D138
Certificate serial: 02EB
Authority key identifier: F1:FE:0C:32:7E:79:E5:AF:43:E1:5B:0E:6F:8C:D6:6C:03:29:D1:38
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8f4MMn555a9D4VsOb4zWbAMp0Tg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9192C18/9A5EEA8C3DF411ED8041F930C4F9AE02/303D1C500B0B11F0953DF32FC4F9AE02.roa
Signing time: Tue 01 Apr 2025 05:14:48 +0000
ROA not before: Tue 01 Apr 2025 05:14:48 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 834
IP address blocks: 202.155.134.0/24 maxlen: 24
202.155.136.0/24 maxlen: 24
218.33.80.0/22 maxlen: 24
218.33.92.0/22 maxlen: 24
218.33.100.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 02 Apr 2025 13:19:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 747 (0x2eb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9192C18
Validity
Not Before: Apr 1 05:14:48 2025 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=67eb7647-9435
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:e5:f8:11:e4:c3:cc:86:87:7d:0f:61:29:ac:
d7:ce:46:ca:f3:2d:69:f4:a5:97:5e:70:6f:88:0b:
f6:a8:56:e9:6e:f3:4d:aa:75:23:6b:83:5c:92:00:
8c:ce:10:09:36:a3:84:ba:c4:57:4a:a4:bb:b7:15:
b2:fa:83:da:e2:87:f5:25:39:19:76:eb:a0:14:eb:
76:c9:2f:97:bd:af:e0:80:c1:fe:c4:21:fa:f6:23:
8f:5e:14:31:3e:bb:b7:ab:a2:07:0a:b8:a7:04:83:
5a:81:12:00:b2:9b:98:88:e9:0e:f9:ea:55:43:c5:
0e:f0:c2:3a:98:7d:d7:c8:72:cc:67:ac:1b:0d:f5:
b9:75:f5:35:b8:59:fb:4f:57:67:76:ed:15:e5:63:
fe:0e:3f:d9:27:81:c6:da:95:da:77:53:11:8c:f8:
80:3c:ff:a5:a1:03:32:f7:9b:ae:83:51:1e:9b:25:
58:43:d8:fc:f4:67:33:d4:f5:79:36:e8:b4:88:68:
b3:4a:dd:56:08:7f:aa:f6:0a:57:2f:a5:63:83:e5:
27:f2:d3:e7:0a:0f:e2:9a:3d:f2:be:61:94:a1:b4:
fb:86:54:28:5f:e7:78:6e:7d:7f:86:07:6b:97:5c:
c7:6a:83:b9:db:51:12:7f:25:90:24:e7:87:e6:50:
44:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:6C:2C:14:F3:24:7B:42:AB:23:05:C2:00:92:40:4C:CD:AF:2B:43
X509v3 Authority Key Identifier:
keyid:F1:FE:0C:32:7E:79:E5:AF:43:E1:5B:0E:6F:8C:D6:6C:03:29:D1:38
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9192C18/9A5EEA8C3DF411ED8041F930C4F9AE02/8f4MMn555a9D4VsOb4zWbAMp0Tg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8f4MMn555a9D4VsOb4zWbAMp0Tg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9192C18/9A5EEA8C3DF411ED8041F930C4F9AE02/303D1C500B0B11F0953DF32FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.155.134.0/24
202.155.136.0/24
218.33.80.0/22
218.33.92.0/22
218.33.100.0/22
Signature Algorithm: sha256WithRSAEncryption
bf:b2:f7:dc:cf:97:46:2b:f8:b4:2b:f6:b0:a4:be:a9:50:1c:
77:d3:f5:39:dc:6d:6c:63:c4:1a:0b:b0:52:5a:16:ed:7d:b4:
75:7b:53:1f:4e:9e:b3:90:d4:1a:da:7f:0e:8f:a8:43:21:9d:
41:62:ec:9e:ab:65:a3:91:02:b7:60:2e:ec:64:bc:00:9e:b0:
4c:20:c6:28:bc:43:41:e4:a1:9c:b5:3a:d9:3a:69:70:89:de:
f0:78:13:b3:7b:02:e1:80:2e:5a:04:3b:f5:e9:c9:b9:9c:c5:
1a:62:e9:89:cf:a3:b7:d0:25:cf:d9:5c:7b:b3:6d:c3:03:86:
5c:a9:6f:0c:9e:f4:b1:47:00:73:95:59:08:10:a9:ff:1c:51:
c7:df:32:67:57:ea:89:fa:5c:5c:9c:72:cf:49:c0:e4:4d:5f:
5a:e6:1a:82:14:b2:90:95:71:9f:5c:1c:c1:ae:a8:3a:7d:dc:
62:6d:59:89:b2:f8:ff:1d:fd:43:9c:d7:4f:7e:ad:09:1d:1c:
9a:fe:cc:9b:c7:5b:9b:09:09:3c:13:90:c3:a9:ef:67:94:4c:
6d:43:de:f6:19:0a:35:97:0f:f1:ca:9d:11:fe:79:19:7e:e8:
e6:40:35:92:e4:14:c0:21:ba:00:11:ea:cd:ed:dc:2d:ad:b0:
d0:7f:97:b1
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgICAuswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTJDMTgxMTAvBgNVBAUTKEYxRkUwQzMyN0U3OUU1QUY0M0UxNUIwRTZGOENENjZD
MDMyOUQxMzgwHhcNMjUwNDAxMDUxNDQ4WhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2ViNzY0Ny05NDM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA6OX4EeTDzIaHfQ9hKazXzkbK8y1p9KWXXnBviAv2qFbpbvNNqnUja4NckgCM
zhAJNqOEusRXSqS7txWy+oPa4of1JTkZduugFOt2yS+Xva/ggMH+xCH69iOPXhQx
Pru3q6IHCrinBINagRIAspuYiOkO+epVQ8UO8MI6mH3XyHLMZ6wbDfW5dfU1uFn7
T1dndu0V5WP+Dj/ZJ4HG2pXad1MRjPiAPP+loQMy95uug1EemyVYQ9j89Gcz1PV5
Nui0iGizSt1WCH+q9gpXL6Vjg+Un8tPnCg/imj3yvmGUobT7hlQoX+d4bn1/hgdr
l1zHaoO521ESfyWQJOeH5lBEGwIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFDxsLBTz
JHtCqyMFwgCSQEzNrytDMB8GA1UdIwQYMBaAFPH+DDJ+eeWvQ+FbDm+M1mwDKdE4
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5MkMxOC85QTVFRUE4QzNE
RjQxMUVEODA0MUY5MzBDNEY5QUUwMi84ZjRNTW41NTVhOUQ0VnNPYjR6V2JBTXAw
VGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzhmNE1NbjU1NWE5RDRWc09iNHpXYkFNcDBUZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTJDMTgvOUE1RUVBOEMzREY0MTFFRDgwNDFGOTMwQzRGOUFFMDIvMzAzRDFDNTAw
QjBCMTFGMDk1M0RGMzJGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNwYIKwYBBQUHAQcBAf8E
KDAmMCQEAgABMB4DBADKm4YDBADKm4gDBALaIVADBALaIVwDBALaIWQwDQYJKoZI
hvcNAQELBQADggEBAL+y99zPl0Yr+LQr9rCkvqlQHHfT9TncbWxjxBoLsFJaFu19
tHV7Ux9OnrOQ1Brafw6PqEMhnUFi7J6rZaORArdgLuxkvACesEwgxii8Q0HkoZy1
Otk6aXCJ3vB4E7N7AuGALloEO/XpybmcxRpi6YnPo7fQJc/ZXHuzbcMDhlypbwye
9LFHAHOVWQgQqf8cUcffMmdX6on6XFyccs9JwORNX1rmGoIUspCVcZ9cHMGuqDp9
3GJtWYmy+P8d/UOc109+rQkdHJr+zJvHW5sJCTwTkMOp72eUTG1D3vYZCjWXD/HK
nRH+eRl+6OZANZLkFMAhugAR6s3t3C2tsNB/l7E=
-----END CERTIFICATE-----
Generated at Wed Apr 2 15:16:07 2025 by rpki-client on console.sobornost.net