Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91106C7/6F03D630320E11EFB6E0DA76C4F9AE02/E9D7DA8EC81611EFB2F94686C4F9AE02.roa
File: E9D7DA8EC81611EFB2F94686C4F9AE02.roa (raw, json)
Hash identifier: 2K42Pw2r4FAl0TwUwlI2fDpic/bFy7hRoe7I4Hfa07U=
Subject key identifier: 58:03:C1:31:D9:52:8A:FA:91:C9:4C:FF:89:09:A1:94:AF:37:96:2E
Certificate issuer: /CN=A91106C7/serialNumber=229EE6CFB79584BA2310ACCE452838F7A48A501E
Certificate serial: 6A
Authority key identifier: 22:9E:E6:CF:B7:95:84:BA:23:10:AC:CE:45:28:38:F7:A4:8A:50:1E
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Ip7mz7eVhLojEKzORSg496SKUB4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91106C7/6F03D630320E11EFB6E0DA76C4F9AE02/E9D7DA8EC81611EFB2F94686C4F9AE02.roa
Signing time: Wed 01 Jan 2025 08:03:41 +0000
ROA not before: Wed 01 Jan 2025 08:03:41 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 152928
IP address blocks: 160.22.214.0/23 maxlen: 23
160.22.215.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 03 Jan 2025 15:46:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 106 (0x6a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91106C7, serialNumber=229EE6CFB79584BA2310ACCE452838F7A48A501E
Validity
Not Before: Jan 1 08:03:41 2025 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=6774f6dd-738c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:82:00:ee:22:cf:d0:f1:05:47:19:bd:14:bf:
42:d7:63:eb:fe:dd:52:8a:4e:56:2e:f8:0a:8a:7e:
80:ec:a5:56:eb:3f:ee:07:a5:a2:26:cf:c9:61:97:
b1:73:1d:f4:a4:21:e2:57:34:81:ee:08:03:fe:49:
1b:95:88:79:6d:d8:ca:6d:49:53:d5:1c:72:41:29:
7e:90:ee:ac:f3:1c:41:06:d1:60:ea:2f:a7:a9:b8:
6b:c1:97:7b:6e:97:43:30:4a:b8:e1:63:69:64:2c:
07:bd:59:95:2f:82:a1:e9:82:a1:5f:1a:79:78:bd:
e1:26:85:c4:9f:91:0f:e0:2c:91:cc:be:f6:a6:8c:
91:01:89:9c:d7:77:ee:73:cb:97:c5:16:76:4c:0c:
78:fb:fc:4c:5d:c3:47:ac:35:1a:bb:19:8d:5c:e9:
01:1c:40:16:31:ce:b2:1a:18:e0:31:6e:57:59:d8:
5d:02:9d:e3:8d:08:75:d9:e7:40:a1:ff:5c:33:db:
89:16:3b:e5:0d:ea:c4:74:22:94:72:fd:1e:62:76:
dd:ac:e1:dc:95:e7:0b:12:fe:39:15:1a:50:1c:1e:
e1:33:cc:43:db:82:1f:ee:b3:67:83:0c:28:3b:a4:
d1:01:50:ed:98:74:4f:3a:f4:f7:8e:e7:c6:f0:9d:
80:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:03:C1:31:D9:52:8A:FA:91:C9:4C:FF:89:09:A1:94:AF:37:96:2E
X509v3 Authority Key Identifier:
keyid:22:9E:E6:CF:B7:95:84:BA:23:10:AC:CE:45:28:38:F7:A4:8A:50:1E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91106C7/6F03D630320E11EFB6E0DA76C4F9AE02/Ip7mz7eVhLojEKzORSg496SKUB4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Ip7mz7eVhLojEKzORSg496SKUB4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91106C7/6F03D630320E11EFB6E0DA76C4F9AE02/E9D7DA8EC81611EFB2F94686C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
160.22.214.0/23
Signature Algorithm: sha256WithRSAEncryption
13:1c:3e:74:5a:e1:7e:ad:30:14:fc:ba:0b:b3:ee:8f:1a:d8:
f6:71:07:ac:c4:bf:01:c7:1f:3e:27:b0:96:48:d3:e2:ea:1b:
68:28:cc:57:ce:46:5a:16:91:71:5b:80:a7:40:9b:3e:97:de:
67:74:82:55:00:fa:0e:bc:bc:dc:ad:6c:ce:e2:16:1b:e6:db:
da:fa:6c:51:82:bf:ca:6c:b0:e4:c7:6a:3a:c5:1a:26:9f:4c:
3c:74:b5:26:cf:9e:c9:84:53:ef:07:8c:eb:ab:79:83:e0:ae:
cf:9b:a6:8d:68:f3:1f:cc:52:7f:6a:b9:bb:da:39:05:ad:a5:
c7:55:7c:5f:32:f5:61:3b:0c:b3:d0:1f:97:1e:62:07:f2:c7:
37:73:65:05:b5:5f:97:64:0e:c2:b8:86:24:96:f7:41:6b:41:
6e:4a:59:6a:c3:cd:ce:93:e1:2c:18:3b:e0:73:7a:5b:bf:96:
0d:e6:7d:23:84:94:60:7a:f8:b2:b2:f6:b3:df:e4:d5:52:18:
9c:ea:43:97:e7:b2:44:21:28:cd:69:f2:46:6e:21:84:5e:18:
36:e6:45:78:56:99:bc:08:bf:3b:5f:82:2a:69:ab:dd:36:f4:
dc:c4:83:f5:9d:69:9d:ce:1d:44:ee:37:37:d3:d8:a6:49:84:
66:3d:a9:89
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBajANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEx
MDZDNzExMC8GA1UEBRMoMjI5RUU2Q0ZCNzk1ODRCQTIzMTBBQ0NFNDUyODM4RjdB
NDhBNTAxRTAeFw0yNTAxMDEwODAzNDFaFw0yNTA4MzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3NzRmNmRkLTczOGMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCnggDuIs/Q8QVHGb0Uv0LXY+v+3VKKTlYu+AqKfoDspVbrP+4HpaImz8lhl7Fz
HfSkIeJXNIHuCAP+SRuViHlt2MptSVPVHHJBKX6Q7qzzHEEG0WDqL6epuGvBl3tu
l0MwSrjhY2lkLAe9WZUvgqHpgqFfGnl4veEmhcSfkQ/gLJHMvvamjJEBiZzXd+5z
y5fFFnZMDHj7/Exdw0esNRq7GY1c6QEcQBYxzrIaGOAxbldZ2F0CneONCHXZ50Ch
/1wz24kWO+UN6sR0IpRy/R5idt2s4dyV5wsS/jkVGlAcHuEzzEPbgh/us2eDDCg7
pNEBUO2YdE869PeO58bwnYDPAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUWAPBMdlS
ivqRyUz/iQmhlK83li4wHwYDVR0jBBgwFoAUIp7mz7eVhLojEKzORSg496SKUB4w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTEwNkM3LzZGMDNENjMwMzIw
RTExRUZCNkUwREE3NkM0RjlBRTAyL0lwN216N2VWaExvakVLek9SU2c0OTZTS1VC
NC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvSXA3bXo3ZVZoTG9qRUt6T1JTZzQ5NlNLVUI0LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx
MDZDNy82RjAzRDYzMDMyMEUxMUVGQjZFMERBNzZDNEY5QUUwMi9FOUQ3REE4RUM4
MTYxMUVGQjJGOTQ2ODZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAaAW1jANBgkqhkiG9w0BAQsFAAOCAQEAExw+dFrhfq0wFPy6
C7PujxrY9nEHrMS/AccfPiewlkjT4uobaCjMV85GWhaRcVuAp0CbPpfeZ3SCVQD6
Dry83K1szuIWG+bb2vpsUYK/ymyw5MdqOsUaJp9MPHS1Js+eyYRT7weM66t5g+Cu
z5umjWjzH8xSf2q5u9o5Ba2lx1V8XzL1YTsMs9Aflx5iB/LHN3NlBbVfl2QOwriG
JJb3QWtBbkpZasPNzpPhLBg74HN6W7+WDeZ9I4SUYHr4srL2s9/k1VIYnOpDl+ey
RCEozWnyRm4hhF4YNuZFeFaZvAi/O1+CKmmr3Tb03MSD9Z1pnc4dRO43N9PYpkmE
Zj2piQ==
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:57:48 2025 by rpki-client