Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9192C18/9A5EEA8C3DF411ED8041F930C4F9AE02/526E5FA4D28111EF9E699F81C4F9AE02.roa
File: 526E5FA4D28111EF9E699F81C4F9AE02.roa (raw, json)
Hash identifier: PvzNjULLa33iXMKj2JPMjZoZG0lLL7k1FeZK08ZD9vU=
Subject key identifier: E7:27:C8:02:98:6E:FC:91:AD:24:AF:A1:10:BD:58:1D:A6:7D:80:89
Certificate issuer: /CN=A9192C18/serialNumber=F1FE0C327E79E5AF43E15B0E6F8CD66C0329D138
Certificate serial: 0276
Authority key identifier: F1:FE:0C:32:7E:79:E5:AF:43:E1:5B:0E:6F:8C:D6:6C:03:29:D1:38
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8f4MMn555a9D4VsOb4zWbAMp0Tg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9192C18/9A5EEA8C3DF411ED8041F930C4F9AE02/526E5FA4D28111EF9E699F81C4F9AE02.roa
Signing time: Sat 08 Feb 2025 04:54:21 +0000
ROA not before: Sat 08 Feb 2025 04:54:21 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 834
IP address blocks: 202.155.136.0/24 maxlen: 24
218.33.80.0/22 maxlen: 24
218.33.104.0/22 maxlen: 24
218.33.112.0/22 maxlen: 24
218.33.116.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 11 Feb 2025 09:37:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 630 (0x276)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9192C18/serialNumber=F1FE0C327E79E5AF43E15B0E6F8CD66C0329D138
Validity
Not Before: Feb 8 04:54:21 2025 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=67a6e37c-01a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:4a:71:00:6a:f0:41:28:5a:06:1a:d3:cd:6d:
06:ca:11:d4:1d:a7:3c:6a:0b:30:45:44:35:ae:d8:
69:fb:bc:41:99:14:a2:e4:6a:cd:65:e3:d9:d3:1b:
d0:cd:85:64:34:b4:7a:60:8d:de:d7:82:ae:82:1e:
48:09:11:41:66:77:52:5e:63:92:2a:86:37:df:3c:
56:96:47:8b:0f:0f:5c:a2:90:d7:69:5e:3d:7c:f8:
c5:42:39:2b:6c:6d:ef:ac:40:4c:22:d2:5b:c4:1d:
5a:6a:55:58:6d:6c:55:6e:3d:2b:9f:ac:f5:33:05:
11:f3:9f:22:a4:26:93:48:2f:f2:63:f4:a5:d2:7e:
90:40:ba:98:9b:94:5c:3a:8a:e7:41:31:e3:d6:95:
7f:81:9d:80:09:5b:fb:32:85:e8:41:68:5d:66:96:
e9:95:43:c3:43:e8:00:9b:b9:26:9b:29:c7:d4:ad:
25:54:6a:7b:94:30:62:24:4b:3a:4a:15:82:1b:ae:
a5:8a:f4:45:7e:82:20:12:e5:1a:7d:d9:ae:17:3f:
3a:34:43:b0:6e:9a:86:0e:c3:98:86:0a:92:c1:af:
22:d8:b2:cd:6e:8d:ef:a4:98:26:6b:ac:19:f5:71:
c0:80:97:d3:35:f8:20:53:a8:33:ef:c6:9b:84:6a:
e4:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:27:C8:02:98:6E:FC:91:AD:24:AF:A1:10:BD:58:1D:A6:7D:80:89
X509v3 Authority Key Identifier:
keyid:F1:FE:0C:32:7E:79:E5:AF:43:E1:5B:0E:6F:8C:D6:6C:03:29:D1:38
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9192C18/9A5EEA8C3DF411ED8041F930C4F9AE02/8f4MMn555a9D4VsOb4zWbAMp0Tg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8f4MMn555a9D4VsOb4zWbAMp0Tg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9192C18/9A5EEA8C3DF411ED8041F930C4F9AE02/526E5FA4D28111EF9E699F81C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.155.136.0/24
218.33.80.0/22
218.33.104.0/22
218.33.112.0/21
Signature Algorithm: sha256WithRSAEncryption
4f:30:bc:d7:90:12:40:f8:ef:df:e3:45:6e:a7:87:f4:a8:1e:
9a:91:fc:a5:90:09:26:a0:cb:77:df:2f:91:9d:51:19:a8:3e:
52:84:09:75:0e:5d:21:6b:40:24:cb:99:4f:96:79:86:8c:b5:
41:3b:b6:92:cf:b3:da:7c:b9:02:26:a9:b8:d4:ed:98:74:0a:
43:0b:60:46:9d:05:5a:94:e1:8b:ec:fc:2b:a3:51:0d:cd:6c:
48:7c:74:fa:c4:9c:de:44:9d:30:83:d7:cf:81:e9:e0:78:bf:
57:46:00:38:aa:65:77:3a:8d:92:32:e5:18:47:ea:5d:45:d9:
df:0c:44:c8:de:68:30:f3:76:58:38:4e:95:97:ec:4d:1a:2c:
96:16:e3:79:fe:1d:ee:f0:f1:1f:c5:b2:73:75:a1:fa:4c:b0:
cb:33:2c:26:5a:41:e7:ba:d6:de:f5:c7:eb:6f:ed:62:10:ea:
8e:39:18:a7:f7:31:17:38:0d:7d:db:0e:2c:7a:31:0a:bd:bd:
e4:b6:5c:1f:c5:58:53:ae:55:c4:6b:53:f5:ee:c1:15:78:3c:
47:20:1e:d0:ca:51:ab:2c:0b:7e:7c:01:84:1a:ca:f1:ef:37:
01:3a:75:66:dd:50:f2:4e:4d:c5:ce:23:bd:ef:4f:80:ed:3c:
05:b4:77:dd
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAnYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTJDMTgxMTAvBgNVBAUTKEYxRkUwQzMyN0U3OUU1QUY0M0UxNUIwRTZGOENENjZD
MDMyOUQxMzgwHhcNMjUwMjA4MDQ1NDIxWhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2E2ZTM3Yy0wMWE3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA20pxAGrwQShaBhrTzW0GyhHUHac8agswRUQ1rthp+7xBmRSi5GrNZePZ0xvQ
zYVkNLR6YI3e14Kugh5ICRFBZndSXmOSKoY33zxWlkeLDw9copDXaV49fPjFQjkr
bG3vrEBMItJbxB1aalVYbWxVbj0rn6z1MwUR858ipCaTSC/yY/Sl0n6QQLqYm5Rc
OornQTHj1pV/gZ2ACVv7MoXoQWhdZpbplUPDQ+gAm7kmmynH1K0lVGp7lDBiJEs6
ShWCG66livRFfoIgEuUafdmuFz86NEOwbpqGDsOYhgqSwa8i2LLNbo3vpJgma6wZ
9XHAgJfTNfggU6gz78abhGrkzQIDAQABo4ICpzCCAqMwHQYDVR0OBBYEFOcnyAKY
bvyRrSSvoRC9WB2mfYCJMB8GA1UdIwQYMBaAFPH+DDJ+eeWvQ+FbDm+M1mwDKdE4
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5MkMxOC85QTVFRUE4QzNE
RjQxMUVEODA0MUY5MzBDNEY5QUUwMi84ZjRNTW41NTVhOUQ0VnNPYjR6V2JBTXAw
VGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzhmNE1NbjU1NWE5RDRWc09iNHpXYkFNcDBUZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTJDMTgvOUE1RUVBOEMzREY0MTFFRDgwNDFGOTMwQzRGOUFFMDIvNTI2RTVGQTRE
MjgxMTFFRjlFNjk5RjgxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMQYIKwYBBQUHAQcBAf8E
IjAgMB4EAgABMBgDBADKm4gDBALaIVADBALaIWgDBAPaIXAwDQYJKoZIhvcNAQEL
BQADggEBAE8wvNeQEkD479/jRW6nh/SoHpqR/KWQCSagy3ffL5GdURmoPlKECXUO
XSFrQCTLmU+WeYaMtUE7tpLPs9p8uQImqbjU7Zh0CkMLYEadBVqU4Yvs/CujUQ3N
bEh8dPrEnN5EnTCD18+B6eB4v1dGADiqZXc6jZIy5RhH6l1F2d8MRMjeaDDzdlg4
TpWX7E0aLJYW43n+He7w8R/FsnN1ofpMsMszLCZaQee61t71x+tv7WIQ6o45GKf3
MRc4DX3bDix6MQq9veS2XB/FWFOuVcRrU/XuwRV4PEcgHtDKUassC358AYQayvHv
NwE6dWbdUPJOTcXOI73vT4DtPAW0d90=
-----END CERTIFICATE-----
Generated at Wed Feb 12 03:38:00 2025 by rpki-client on console.sobornost.net