Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AA28B/1E0264AADBC811E9BEA91051C4F9AE02/4CD0FAAE0E2011F0A0825648C4F9AE02.roa
File: 4CD0FAAE0E2011F0A0825648C4F9AE02.roa (raw, json)
Hash identifier: /67DLfEQfTPWW5En6rOKl8BYvRpXRIGz+yw6/suDPPw=
Subject key identifier: DF:9A:95:76:91:42:13:25:5F:37:70:8A:B2:FC:22:5E:90:D7:CB:3A
Certificate issuer: /CN=A91AA28B/serialNumber=6FC2EDF0C51152A3BEC1149A1BDB2EDB293C9D95
Certificate serial: 0D38
Authority key identifier: 6F:C2:ED:F0:C5:11:52:A3:BE:C1:14:9A:1B:DB:2E:DB:29:3C:9D:95
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b8Lt8MURUqO-wRSaG9su2yk8nZU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91AA28B/1E0264AADBC811E9BEA91051C4F9AE02/4CD0FAAE0E2011F0A0825648C4F9AE02.roa
Signing time: Mon 31 Mar 2025 11:07:14 +0000
ROA not before: Mon 31 Mar 2025 11:07:14 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 134500
IP address blocks: 202.181.17.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 21 Apr 2025 18:13:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3384 (0xd38)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91AA28B, serialNumber=6FC2EDF0C51152A3BEC1149A1BDB2EDB293C9D95
Validity
Not Before: Mar 31 11:07:14 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=67ea7762-2665
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:96:2a:80:1f:f0:79:ea:50:3a:a1:fc:b8:39:
de:0d:c9:8b:88:c5:5d:05:37:07:e6:60:71:59:3f:
06:70:9b:ca:4f:af:4f:e2:ae:49:5e:5f:40:17:2a:
e0:4f:35:3c:8e:8f:1e:c8:8a:ba:c8:34:98:2f:ef:
a8:33:3a:51:84:2e:89:01:d2:0f:c1:de:f4:46:2f:
95:ef:7b:ae:ba:52:25:a8:20:1b:e0:80:d8:d8:34:
3f:35:14:e2:9a:20:1e:ef:69:d3:37:ed:20:96:72:
cc:e3:76:0a:ae:8b:5e:46:a8:cd:55:a6:9a:16:2c:
68:da:63:e6:23:77:8d:aa:0b:ba:cf:86:09:82:05:
a1:4e:36:20:5c:ea:89:06:36:78:d3:f2:fc:f8:59:
a3:03:b2:83:bd:f5:a9:41:4a:be:28:d4:e2:78:04:
7e:66:79:d1:7e:55:27:ba:86:6e:ad:95:4c:3c:87:
8e:92:8e:0d:5e:94:1a:38:70:88:7c:8b:2b:b7:ef:
c1:dc:e4:25:0a:64:dc:cd:cf:c8:ca:c4:aa:d2:11:
e8:0b:aa:a1:df:ea:86:50:1a:8a:76:a7:96:51:94:
34:b7:4e:12:fb:15:d2:c2:98:54:96:7f:e2:9d:4c:
d8:0d:57:c1:29:84:d3:f7:f7:26:36:49:6e:ae:b8:
7d:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:9A:95:76:91:42:13:25:5F:37:70:8A:B2:FC:22:5E:90:D7:CB:3A
X509v3 Authority Key Identifier:
keyid:6F:C2:ED:F0:C5:11:52:A3:BE:C1:14:9A:1B:DB:2E:DB:29:3C:9D:95
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91AA28B/1E0264AADBC811E9BEA91051C4F9AE02/b8Lt8MURUqO-wRSaG9su2yk8nZU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b8Lt8MURUqO-wRSaG9su2yk8nZU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AA28B/1E0264AADBC811E9BEA91051C4F9AE02/4CD0FAAE0E2011F0A0825648C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
202.181.17.0/24
Signature Algorithm: sha256WithRSAEncryption
04:9a:ab:7f:d7:29:3f:4e:86:fa:d9:f6:05:6a:78:cb:db:2c:
2a:87:ed:ed:ac:e0:0e:af:0c:22:6c:1f:f6:87:fc:85:10:3d:
6b:9e:6b:05:51:7d:5a:9d:40:ce:e8:91:30:fe:f0:98:8d:c5:
86:a0:01:cc:d9:4d:b7:cb:2e:36:9f:89:71:d7:41:74:34:63:
79:07:90:d8:a7:88:fd:83:93:cc:29:59:eb:cc:bd:80:96:9c:
36:fb:4d:79:37:6e:a1:c0:0d:59:1f:12:8d:b0:72:c4:4e:c4:
49:a6:72:da:48:a3:16:42:98:45:e9:c3:5a:fa:35:4d:7b:f2:
f0:e2:79:87:21:d5:3b:b5:2c:30:5e:51:c1:cd:24:2e:1b:46:
c9:71:3c:bd:c2:4f:1f:f0:04:f3:ed:98:9a:9e:37:11:c5:cb:
50:9c:57:d8:8c:19:dc:f9:c5:54:b7:83:93:3d:96:4a:9c:99:
ac:fa:37:25:f3:35:25:e5:41:5d:6f:d8:d2:17:fe:15:ee:14:
cb:93:90:54:f9:84:e3:5f:94:e6:ee:c1:ae:db:de:f4:c8:1b:
e9:c8:20:94:b1:22:70:9c:e3:52:4f:90:99:11:59:f6:34:21:
08:0e:c4:d9:bf:ef:40:aa:32:98:aa:8f:69:b2:fc:29:c7:83:
9b:bd:56:20
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICDTgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUEyOEIxMTAvBgNVBAUTKDZGQzJFREYwQzUxMTUyQTNCRUMxMTQ5QTFCREIyRURC
MjkzQzlEOTUwHhcNMjUwMzMxMTEwNzE0WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2VhNzc2Mi0yNjY1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuJYqgB/weepQOqH8uDneDcmLiMVdBTcH5mBxWT8GcJvKT69P4q5JXl9AFyrg
TzU8jo8eyIq6yDSYL++oMzpRhC6JAdIPwd70Ri+V73uuulIlqCAb4IDY2DQ/NRTi
miAe72nTN+0glnLM43YKroteRqjNVaaaFixo2mPmI3eNqgu6z4YJggWhTjYgXOqJ
BjZ40/L8+FmjA7KDvfWpQUq+KNTieAR+ZnnRflUnuoZurZVMPIeOko4NXpQaOHCI
fIsrt+/B3OQlCmTczc/IysSq0hHoC6qh3+qGUBqKdqeWUZQ0t04S+xXSwphUln/i
nUzYDVfBKYTT9/cmNklurrh9QwIDAQABo4IClTCCApEwHQYDVR0OBBYEFN+alXaR
QhMlXzdwirL8Il6Q18s6MB8GA1UdIwQYMBaAFG/C7fDFEVKjvsEUmhvbLtspPJ2V
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQTI4Qi8xRTAyNjRBQURC
QzgxMUU5QkVBOTEwNTFDNEY5QUUwMi9iOEx0OE1VUlVxTy13UlNhRzlzdTJ5azhu
WlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2I4THQ4TVVSVXFPLXdSU2FHOXN1MnlrOG5aVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QUEyOEIvMUUwMjY0QUFEQkM4MTFFOUJFQTkxMDUxQzRGOUFFMDIvNENEMEZBQUUw
RTIwMTFGMEEwODI1NjQ4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADKtREwDQYJKoZIhvcNAQELBQADggEBAASaq3/XKT9OhvrZ
9gVqeMvbLCqH7e2s4A6vDCJsH/aH/IUQPWueawVRfVqdQM7okTD+8JiNxYagAczZ
TbfLLjafiXHXQXQ0Y3kHkNiniP2Dk8wpWevMvYCWnDb7TXk3bqHADVkfEo2wcsRO
xEmmctpIoxZCmEXpw1r6NU178vDieYch1Tu1LDBeUcHNJC4bRslxPL3CTx/wBPPt
mJqeNxHFy1CcV9iMGdz5xVS3g5M9lkqcmaz6NyXzNSXlQV1v2NIX/hXuFMuTkFT5
hONflObuwa7b3vTIG+nIIJSxInCc41JPkJkRWfY0IQgOxNm/70CqMpiqj2my/CnH
g5u9ViA=
-----END CERTIFICATE-----
Generated at Tue Apr 22 03:48:39 2025 by rpki-client on console.sobornost.net