Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9192C18/9A5EEA8C3DF411ED8041F930C4F9AE02/4C9A45D8D6BF11EFA0D42513C4F9AE02.roa
File: 4C9A45D8D6BF11EFA0D42513C4F9AE02.roa (raw, json)
Hash identifier: a2qTalYIYd8Iju9y5GvbZNA/qLDfIlufLuaOds5x/d4=
Subject key identifier: 09:F1:D0:FB:EE:90:C0:1A:E7:45:F8:B9:1B:BE:53:8A:87:1F:8F:BC
Certificate issuer: /CN=A9192C18/serialNumber=F1FE0C327E79E5AF43E15B0E6F8CD66C0329D138
Certificate serial: 0278
Authority key identifier: F1:FE:0C:32:7E:79:E5:AF:43:E1:5B:0E:6F:8C:D6:6C:03:29:D1:38
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8f4MMn555a9D4VsOb4zWbAMp0Tg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9192C18/9A5EEA8C3DF411ED8041F930C4F9AE02/4C9A45D8D6BF11EFA0D42513C4F9AE02.roa
Signing time: Sat 08 Feb 2025 04:56:08 +0000
ROA not before: Sat 08 Feb 2025 04:56:08 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 9304
IP address blocks: 202.155.140.0/24 maxlen: 24
202.155.141.0/24 maxlen: 24
202.155.142.0/24 maxlen: 24
202.155.143.0/24 maxlen: 24
202.155.152.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Feb 2025 04:01:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 632 (0x278)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9192C18/serialNumber=F1FE0C327E79E5AF43E15B0E6F8CD66C0329D138
Validity
Not Before: Feb 8 04:56:08 2025 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=67a6e3e8-58c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:4a:7f:f2:59:7c:d4:ad:72:0f:0f:70:12:77:
25:39:c4:bf:56:13:b4:48:8b:ba:67:6e:34:60:6e:
fb:90:35:55:cd:5c:04:fa:7b:93:08:f8:c1:46:59:
6c:44:82:7d:d5:84:8c:e0:a1:8c:70:3f:95:0f:99:
4f:e5:68:79:39:d7:b4:54:29:f4:ef:3b:9a:f1:c2:
4c:97:0a:40:e1:41:ed:55:1f:6f:20:60:1d:55:c4:
1d:f7:20:2e:06:00:b8:93:3b:e5:7b:c4:b5:b3:34:
e0:ff:5c:53:97:6f:a1:d0:20:1b:8c:1e:db:c8:22:
7f:b5:74:fa:23:9b:ce:3c:c7:00:68:92:0d:5f:2a:
6d:36:c3:d7:70:79:96:80:71:d8:39:c7:a3:1a:96:
04:96:00:50:a0:ad:88:5e:c9:ce:58:b0:33:81:6d:
8c:27:dd:dc:70:8e:62:be:b7:69:c1:09:8b:02:eb:
e6:ce:9e:00:98:0e:e2:cd:c8:c9:39:19:6c:df:ae:
45:5e:a5:21:e5:65:a3:55:3a:78:2e:28:36:ec:0f:
db:ef:0a:2b:a5:6a:44:9f:07:f1:a8:0c:fa:62:01:
63:2f:ef:d4:d3:69:d9:fa:42:8a:7b:8d:56:bc:27:
71:c1:6c:ba:e9:49:35:2b:55:95:f3:0b:85:e0:5c:
8d:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:F1:D0:FB:EE:90:C0:1A:E7:45:F8:B9:1B:BE:53:8A:87:1F:8F:BC
X509v3 Authority Key Identifier:
keyid:F1:FE:0C:32:7E:79:E5:AF:43:E1:5B:0E:6F:8C:D6:6C:03:29:D1:38
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9192C18/9A5EEA8C3DF411ED8041F930C4F9AE02/8f4MMn555a9D4VsOb4zWbAMp0Tg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8f4MMn555a9D4VsOb4zWbAMp0Tg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9192C18/9A5EEA8C3DF411ED8041F930C4F9AE02/4C9A45D8D6BF11EFA0D42513C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.155.140.0/22
202.155.152.0/24
Signature Algorithm: sha256WithRSAEncryption
77:7a:69:5b:ea:c9:15:46:d9:6c:4a:2f:cc:bc:f3:e1:94:2f:
ed:bd:31:54:4e:36:d1:cb:a9:50:88:42:51:32:0c:09:f5:9d:
84:47:78:6a:4c:db:b8:c2:f2:b6:54:dd:16:e2:4f:72:60:37:
74:f2:53:5c:03:09:b6:10:f2:62:97:50:09:9e:16:35:94:91:
c3:41:65:96:0f:44:db:2d:82:f6:3a:b2:a1:8f:5a:a0:73:55:
16:37:8d:e8:a7:db:4e:00:f3:63:31:95:01:a5:a2:b8:57:2e:
e7:ea:7c:bc:f1:27:a9:4a:7a:68:c2:69:e1:c2:47:0b:21:29:
e5:f2:e0:36:72:f0:93:d4:00:8e:97:f6:17:fd:f8:35:ad:c9:
48:0d:c9:54:0b:51:24:3f:36:3a:e0:9c:f8:56:91:09:a5:65:
5c:9d:63:6f:46:0a:d7:ba:f7:61:f9:56:b6:da:11:49:d0:58:
4d:2c:0c:4d:08:71:94:1a:81:a3:44:57:07:4a:db:33:a9:e0:
b1:33:36:8f:0c:2b:64:9b:f1:f9:7e:63:1f:58:e1:50:2e:89:
d2:20:db:03:6e:33:23:d6:7d:ee:4f:a7:f5:0a:ca:fd:24:a4:
b9:4b:d7:cb:29:9e:34:43:ea:08:5b:ae:24:37:6c:d5:8c:f7:
8b:8a:f2:11
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICAngwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTJDMTgxMTAvBgNVBAUTKEYxRkUwQzMyN0U3OUU1QUY0M0UxNUIwRTZGOENENjZD
MDMyOUQxMzgwHhcNMjUwMjA4MDQ1NjA4WhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2E2ZTNlOC01OGMzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAr0p/8ll81K1yDw9wEnclOcS/VhO0SIu6Z240YG77kDVVzVwE+nuTCPjBRlls
RIJ91YSM4KGMcD+VD5lP5Wh5Ode0VCn07zua8cJMlwpA4UHtVR9vIGAdVcQd9yAu
BgC4kzvle8S1szTg/1xTl2+h0CAbjB7byCJ/tXT6I5vOPMcAaJINXyptNsPXcHmW
gHHYOcejGpYElgBQoK2IXsnOWLAzgW2MJ93ccI5ivrdpwQmLAuvmzp4AmA7izcjJ
ORls365FXqUh5WWjVTp4Lig27A/b7worpWpEnwfxqAz6YgFjL+/U02nZ+kKKe41W
vCdxwWy66Uk1K1WV8wuF4FyNlwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFAnx0Pvu
kMAa50X4uRu+U4qHH4+8MB8GA1UdIwQYMBaAFPH+DDJ+eeWvQ+FbDm+M1mwDKdE4
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5MkMxOC85QTVFRUE4QzNE
RjQxMUVEODA0MUY5MzBDNEY5QUUwMi84ZjRNTW41NTVhOUQ0VnNPYjR6V2JBTXAw
VGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzhmNE1NbjU1NWE5RDRWc09iNHpXYkFNcDBUZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTJDMTgvOUE1RUVBOEMzREY0MTFFRDgwNDFGOTMwQzRGOUFFMDIvNEM5QTQ1RDhE
NkJGMTFFRkEwRDQyNTEzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBALKm4wDBADKm5gwDQYJKoZIhvcNAQELBQADggEBAHd6aVvq
yRVG2WxKL8y88+GUL+29MVRONtHLqVCIQlEyDAn1nYRHeGpM27jC8rZU3RbiT3Jg
N3TyU1wDCbYQ8mKXUAmeFjWUkcNBZZYPRNstgvY6sqGPWqBzVRY3jein204A82Mx
lQGlorhXLufqfLzxJ6lKemjCaeHCRwshKeXy4DZy8JPUAI6X9hf9+DWtyUgNyVQL
USQ/NjrgnPhWkQmlZVydY29GCte692H5VrbaEUnQWE0sDE0IcZQagaNEVwdK2zOp
4LEzNo8MK2Sb8fl+Yx9Y4VAuidIg2wNuMyPWfe5Pp/UKyv0kpLlL18spnjRD6ghb
riQ3bNWM94uK8hE=
-----END CERTIFICATE-----
Generated at Tue Feb 11 03:42:41 2025 by rpki-client on console.sobornost.net