Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9192C18/9A5EEA8C3DF411ED8041F930C4F9AE02/3F24F618CF2C11EF936EC73CC4F9AE02.roa
File: 3F24F618CF2C11EF936EC73CC4F9AE02.roa (raw, json)
Hash identifier: QYrNuXnSZlie+Eux0TiloWGjY9eRWyIDDQWMbN2d++Q=
Subject key identifier: 12:A9:EB:6D:F0:73:D2:4F:A2:5D:0D:B8:48:ED:80:FC:11:32:52:2E
Certificate issuer: /CN=A9192C18/serialNumber=F1FE0C327E79E5AF43E15B0E6F8CD66C0329D138
Certificate serial: 0233
Authority key identifier: F1:FE:0C:32:7E:79:E5:AF:43:E1:5B:0E:6F:8C:D6:6C:03:29:D1:38
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8f4MMn555a9D4VsOb4zWbAMp0Tg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9192C18/9A5EEA8C3DF411ED8041F930C4F9AE02/3F24F618CF2C11EF936EC73CC4F9AE02.roa
Signing time: Fri 10 Jan 2025 08:24:02 +0000
ROA not before: Fri 10 Jan 2025 08:24:02 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 9304
IP address blocks: 202.155.152.0/22 maxlen: 24
Validation: Failed, certificate revoked on Sat 18 Jan 2025 00:38:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 563 (0x233)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9192C18/serialNumber=F1FE0C327E79E5AF43E15B0E6F8CD66C0329D138
Validity
Not Before: Jan 10 08:24:02 2025 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=6780d921-d316
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:dd:b0:f7:d9:bf:df:f5:1e:04:04:c0:52:01:
69:8a:f9:b3:ce:62:8a:9e:96:28:77:88:bb:54:bb:
d0:7e:4c:0b:cb:49:10:73:17:5b:d6:cc:34:00:6d:
e7:d0:df:f7:8a:d7:1e:e8:3f:59:c0:78:99:34:91:
60:86:a0:01:59:86:15:3f:09:44:f5:c9:46:31:73:
22:bb:a3:60:f4:2f:04:c6:74:1d:6c:0c:c0:8f:76:
6e:f4:f1:ae:f8:0f:d1:02:47:1e:e5:fc:46:e9:13:
70:c1:de:59:09:8f:06:06:00:0f:c8:6a:eb:5b:1b:
8b:f8:57:ea:6c:fc:24:07:42:d2:86:e0:e8:6f:9f:
47:7c:1b:d7:29:f2:cd:f2:eb:20:ed:15:3e:4f:64:
b9:5d:0d:bd:92:cf:87:82:fd:f9:96:62:34:43:d3:
0f:82:34:97:44:0b:98:00:b1:54:42:0c:e5:b4:15:
f5:a1:9a:c3:10:ff:5e:54:46:3e:25:32:0b:47:21:
cb:68:5e:c0:c8:9c:dc:6d:18:7d:a5:fc:9b:86:4a:
54:d0:1c:fa:eb:41:a2:0e:ff:aa:5e:18:37:f3:d4:
22:72:4f:83:54:b5:ea:23:1f:85:cb:62:11:ab:cb:
39:ca:ee:8d:44:c6:a9:95:f7:99:0d:1b:68:08:f1:
97:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:A9:EB:6D:F0:73:D2:4F:A2:5D:0D:B8:48:ED:80:FC:11:32:52:2E
X509v3 Authority Key Identifier:
keyid:F1:FE:0C:32:7E:79:E5:AF:43:E1:5B:0E:6F:8C:D6:6C:03:29:D1:38
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9192C18/9A5EEA8C3DF411ED8041F930C4F9AE02/8f4MMn555a9D4VsOb4zWbAMp0Tg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8f4MMn555a9D4VsOb4zWbAMp0Tg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9192C18/9A5EEA8C3DF411ED8041F930C4F9AE02/3F24F618CF2C11EF936EC73CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.155.152.0/22
Signature Algorithm: sha256WithRSAEncryption
30:2b:ff:67:7f:33:93:df:c7:c7:ec:ae:cc:d6:2d:37:64:46:
33:fd:1a:1e:f3:58:e4:3e:b0:09:52:79:03:dd:d5:46:60:52:
f6:6b:c5:f0:29:52:2e:7c:9c:a6:50:be:c1:42:ae:70:7d:30:
e7:9e:18:57:4e:38:ce:be:7d:f4:bb:c4:08:43:87:6e:aa:a2:
23:53:34:5f:6a:a5:15:67:71:a4:93:e3:75:0b:9e:20:57:fb:
5f:da:bc:6a:c6:ee:a3:e4:75:8d:a3:76:17:c1:3c:ca:a9:2f:
de:2e:9e:3e:0f:b6:5e:07:4b:ee:7b:b8:d0:c7:f1:05:05:e9:
e8:ca:ea:02:6b:a4:1b:9b:3a:84:cb:09:17:af:d2:84:82:ac:
da:7e:2f:15:1d:fe:ff:c8:e5:ff:4e:4e:b3:48:45:29:48:35:
30:89:96:a7:f7:a1:b5:70:26:59:82:a0:93:f8:da:7c:47:29:
5a:ca:86:93:24:6d:5d:c9:df:12:04:c2:a4:3d:e7:c0:d1:2f:
80:71:22:42:3c:b8:0c:8d:3a:f2:35:2b:67:ed:1e:31:0d:ca:
8d:1c:c1:ed:28:1b:a5:29:88:b6:bf:e5:4c:07:03:5c:66:54:
21:88:88:86:b1:b7:21:eb:02:17:7a:3f:20:0a:ef:da:4a:8b:
19:86:68:fc
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAjMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTJDMTgxMTAvBgNVBAUTKEYxRkUwQzMyN0U3OUU1QUY0M0UxNUIwRTZGOENENjZD
MDMyOUQxMzgwHhcNMjUwMTEwMDgyNDAyWhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzgwZDkyMS1kMzE2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqt2w99m/3/UeBATAUgFpivmzzmKKnpYod4i7VLvQfkwLy0kQcxdb1sw0AG3n
0N/3itce6D9ZwHiZNJFghqABWYYVPwlE9clGMXMiu6Ng9C8ExnQdbAzAj3Zu9PGu
+A/RAkce5fxG6RNwwd5ZCY8GBgAPyGrrWxuL+FfqbPwkB0LShuDob59HfBvXKfLN
8usg7RU+T2S5XQ29ks+Hgv35lmI0Q9MPgjSXRAuYALFUQgzltBX1oZrDEP9eVEY+
JTILRyHLaF7AyJzcbRh9pfybhkpU0Bz660GiDv+qXhg389Qick+DVLXqIx+Fy2IR
q8s5yu6NRMaplfeZDRtoCPGXVQIDAQABo4IClTCCApEwHQYDVR0OBBYEFBKp623w
c9JPol0NuEjtgPwRMlIuMB8GA1UdIwQYMBaAFPH+DDJ+eeWvQ+FbDm+M1mwDKdE4
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5MkMxOC85QTVFRUE4QzNE
RjQxMUVEODA0MUY5MzBDNEY5QUUwMi84ZjRNTW41NTVhOUQ0VnNPYjR6V2JBTXAw
VGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzhmNE1NbjU1NWE5RDRWc09iNHpXYkFNcDBUZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTJDMTgvOUE1RUVBOEMzREY0MTFFRDgwNDFGOTMwQzRGOUFFMDIvM0YyNEY2MThD
RjJDMTFFRjkzNkVDNzNDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBALKm5gwDQYJKoZIhvcNAQELBQADggEBADAr/2d/M5Pfx8fs
rszWLTdkRjP9Gh7zWOQ+sAlSeQPd1UZgUvZrxfApUi58nKZQvsFCrnB9MOeeGFdO
OM6+ffS7xAhDh26qoiNTNF9qpRVncaST43ULniBX+1/avGrG7qPkdY2jdhfBPMqp
L94unj4Ptl4HS+57uNDH8QUF6ejK6gJrpBubOoTLCRev0oSCrNp+LxUd/v/I5f9O
TrNIRSlINTCJlqf3obVwJlmCoJP42nxHKVrKhpMkbV3J3xIEwqQ958DRL4BxIkI8
uAyNOvI1K2ftHjENyo0cwe0oG6UpiLa/5UwHA1xmVCGIiIaxtyHrAhd6PyAK79pK
ixmGaPw=
-----END CERTIFICATE-----
Generated at Sat Jan 18 03:26:36 2025 by rpki-client on console.sobornost.net