Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912C738/320C3A9AC9D111EB8DC5D210C4F9AE02/C3623470CF4611EBBBA79165C4F9AE02.roa
File: C3623470CF4611EBBBA79165C4F9AE02.roa (raw, json)
Hash identifier: C/IAn3oxk6dHZorPh2do/BPUKQc39EpJoxQII9GLoOI=
Subject key identifier: 3B:B8:38:1C:93:63:5E:6C:42:DE:DE:DC:38:F3:08:64:3C:63:4C:50
Certificate issuer: /CN=A912C738/serialNumber=7FB23916037E9332966376F2E075541224162AF4
Certificate serial: 05C6
Authority key identifier: 7F:B2:39:16:03:7E:93:32:96:63:76:F2:E0:75:54:12:24:16:2A:F4
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/f7I5FgN-kzKWY3by4HVUEiQWKvQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912C738/320C3A9AC9D111EB8DC5D210C4F9AE02/C3623470CF4611EBBBA79165C4F9AE02.roa
Signing time: Wed 11 Jun 2025 08:17:21 +0000
ROA not before: Wed 11 Jun 2025 08:17:21 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 16509
IP address blocks: 199.166.34.0/23 maxlen: 23
199.166.36.0/24 maxlen: 24
199.166.37.0/24 maxlen: 24
207.189.185.0/24 maxlen: 24
207.189.186.0/24 maxlen: 24
207.189.187.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 12 Jun 2025 09:20:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1478 (0x5c6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912C738, serialNumber=7FB23916037E9332966376F2E075541224162AF4
Validity
Not Before: Jun 11 08:17:21 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=68493b90-f9f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:e6:2b:62:8a:fc:fa:c4:bb:19:24:2f:fe:56:
9c:c2:7b:90:f9:21:ce:ae:c8:90:6e:1e:bd:3a:30:
e3:98:70:d9:2d:cb:f0:18:c7:30:58:5a:59:62:7f:
16:8b:88:71:4a:27:1e:cc:45:b6:89:f7:74:2e:2c:
f7:ec:44:64:51:11:fe:b8:e0:ef:ce:53:1e:c5:da:
c1:d9:99:87:62:50:9b:1b:dd:b4:b7:33:43:18:d5:
0c:75:8d:65:45:69:91:aa:2d:13:34:ef:fb:d2:8d:
1f:43:bc:51:a7:11:3e:7e:6c:1c:6c:d2:8d:19:48:
e8:ad:82:5f:31:72:9d:59:29:41:9f:58:6a:20:06:
23:f9:cf:96:c3:d2:90:d7:cd:23:b4:01:d8:6e:7b:
89:17:7c:76:f6:86:1e:be:7f:42:8f:21:88:a9:33:
cb:3c:16:b9:b0:28:42:f0:43:b0:81:41:5a:d6:f0:
b7:e3:e9:8d:0b:35:62:69:c7:16:ba:7f:f7:8f:07:
ee:4f:1f:37:f6:f7:c9:5d:09:87:33:29:93:e2:6e:
dc:48:64:07:2d:83:32:8e:f0:76:d7:31:26:d6:02:
32:5a:f0:15:d9:2a:8c:2f:a7:b8:f7:52:7c:94:8c:
0c:ff:f8:b9:05:bf:46:b9:20:e0:42:d2:f2:2a:d3:
87:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:B8:38:1C:93:63:5E:6C:42:DE:DE:DC:38:F3:08:64:3C:63:4C:50
X509v3 Authority Key Identifier:
keyid:7F:B2:39:16:03:7E:93:32:96:63:76:F2:E0:75:54:12:24:16:2A:F4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912C738/320C3A9AC9D111EB8DC5D210C4F9AE02/f7I5FgN-kzKWY3by4HVUEiQWKvQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/f7I5FgN-kzKWY3by4HVUEiQWKvQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912C738/320C3A9AC9D111EB8DC5D210C4F9AE02/C3623470CF4611EBBBA79165C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
199.166.34.0-199.166.37.255
207.189.185.0-207.189.187.255
Signature Algorithm: sha256WithRSAEncryption
ab:dd:fe:e5:f0:da:30:7f:2b:59:c4:ce:5f:49:90:d2:97:7d:
ec:1c:ee:50:5b:69:75:10:a3:5a:b1:56:ff:c9:bc:75:c2:f2:
ea:57:ed:c2:34:b1:aa:a3:67:c2:d7:43:ca:c7:13:b8:dd:d2:
38:19:ab:7f:43:96:d3:7c:0b:f8:7d:a3:89:a8:82:51:b4:ed:
7f:49:6d:25:b6:a7:64:a3:53:07:7d:bd:a5:a2:3e:c2:f3:42:
93:6c:e5:41:66:1d:47:8e:67:32:00:61:13:14:40:df:2c:d9:
d5:c0:73:be:d6:f7:20:1b:80:f5:64:17:08:82:dc:4a:bd:ed:
59:60:b2:42:2b:ff:91:ef:1f:a1:35:ce:21:3a:22:7f:5f:f4:
bb:09:c2:96:96:c9:0b:2d:93:f5:a6:30:b2:1c:63:5a:b4:d8:
8c:fd:02:f2:f4:70:2b:a9:6f:38:ab:da:8f:95:80:40:12:be:
13:be:77:f6:ef:a4:18:f1:49:e8:c4:88:dc:07:c5:6b:74:53:
a2:7b:dc:82:84:9d:b1:a4:93:5a:96:9a:dc:9e:6a:cf:5e:90:
59:99:85:15:9e:54:ff:1d:af:d5:7f:fe:54:26:5c:17:09:8f:
5f:eb:62:bf:3e:0c:a7:cc:c4:b3:f5:e7:6d:b0:fe:af:8f:3b:
b7:b3:fa:0b
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgICBcYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MkM3MzgxMTAvBgNVBAUTKDdGQjIzOTE2MDM3RTkzMzI5NjYzNzZGMkUwNzU1NDEy
MjQxNjJBRjQwHhcNMjUwNjExMDgxNzIxWhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODQ5M2I5MC1mOWY4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzeYrYor8+sS7GSQv/lacwnuQ+SHOrsiQbh69OjDjmHDZLcvwGMcwWFpZYn8W
i4hxSicezEW2ifd0Liz37ERkURH+uODvzlMexdrB2ZmHYlCbG920tzNDGNUMdY1l
RWmRqi0TNO/70o0fQ7xRpxE+fmwcbNKNGUjorYJfMXKdWSlBn1hqIAYj+c+Ww9KQ
180jtAHYbnuJF3x29oYevn9CjyGIqTPLPBa5sChC8EOwgUFa1vC34+mNCzViaccW
un/3jwfuTx839vfJXQmHMymT4m7cSGQHLYMyjvB21zEm1gIyWvAV2SqML6e491J8
lIwM//i5Bb9GuSDgQtLyKtOHoQIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFDu4OByT
Y15sQt7e3DjzCGQ8Y0xQMB8GA1UdIwQYMBaAFH+yORYDfpMylmN28uB1VBIkFir0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyQzczOC8zMjBDM0E5QUM5
RDExMUVCOERDNUQyMTBDNEY5QUUwMi9mN0k1RmdOLWt6S1dZM2J5NEhWVUVpUVdL
dlEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL2Y3STVGZ04ta3pLV1kzYnk0SFZVRWlRV0t2US5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MkM3MzgvMzIwQzNBOUFDOUQxMTFFQjhEQzVEMjEwQzRGOUFFMDIvQzM2MjM0NzBD
RjQ2MTFFQkJCQTc5MTY1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNQYIKwYBBQUHAQcBAf8E
JjAkMCIEAgABMBwwDAMEAcemIgMEAcemJDAMAwQAz725AwQCz724MA0GCSqGSIb3
DQEBCwUAA4IBAQCr3f7l8NowfytZxM5fSZDSl33sHO5QW2l1EKNasVb/ybx1wvLq
V+3CNLGqo2fC10PKxxO43dI4Gat/Q5bTfAv4faOJqIJRtO1/SW0ltqdko1MHfb2l
oj7C80KTbOVBZh1HjmcyAGETFEDfLNnVwHO+1vcgG4D1ZBcIgtxKve1ZYLJCK/+R
7x+hNc4hOiJ/X/S7CcKWlskLLZP1pjCyHGNatNiM/QLy9HArqW84q9qPlYBAEr4T
vnf276QY8UnoxIjcB8VrdFOie9yChJ2xpJNalprcnmrPXpBZmYUVnlT/Ha/Vf/5U
JlwXCY9f62K/PgynzMSz9edtsP6vjzu3s/oL
-----END CERTIFICATE-----
Generated at Thu Jun 19 23:42:40 2025 by rpki-client