Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912CD21/38C261E41C3811F0AA857D27C4F9AE02/1C93836C1C3911F09520E02BC4F9AE02.roa
File: 1C93836C1C3911F09520E02BC4F9AE02.roa (raw, json)
Hash identifier: DP6BE1lI0A09Mz3HRzti8UnV8kwK7/o/uGYXutfw4VM=
Subject key identifier: B8:34:97:9A:EE:5E:EB:B2:40:26:5C:01:9D:4C:71:ED:B8:D4:E2:B5
Certificate issuer: /CN=A912CD21/serialNumber=818BB90332717F935730DAF14708FFC2F605F05F
Certificate serial: 02
Authority key identifier: 81:8B:B9:03:32:71:7F:93:57:30:DA:F1:47:08:FF:C2:F6:05:F0:5F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gYu5AzJxf5NXMNrxRwj_wvYF8F8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912CD21/38C261E41C3811F0AA857D27C4F9AE02/1C93836C1C3911F09520E02BC4F9AE02.roa
Signing time: Fri 18 Apr 2025 09:40:07 +0000
ROA not before: Fri 18 Apr 2025 09:40:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 18024
IP address blocks: 163.227.28.0/23 maxlen: 24
Validation: Failed, certificate revoked on Wed 23 Apr 2025 08:35:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912CD21, serialNumber=818BB90332717F935730DAF14708FFC2F605F05F
Validity
Not Before: Apr 18 09:40:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=68021df6-1c37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:81:bb:25:34:f3:18:2d:89:c8:2f:f0:c0:89:
51:f7:0b:af:3a:8b:78:6e:fa:cc:9d:a6:f4:31:dc:
02:d3:fd:e8:a8:7d:95:0e:fa:4a:fa:0d:52:6d:68:
12:a7:17:13:ea:a3:ec:e5:ae:e2:03:15:0d:47:ae:
25:53:05:a6:77:3e:31:ca:4e:85:4f:a9:54:c9:ac:
76:6a:2a:25:a4:66:e8:bd:d3:13:c6:e4:90:14:7b:
0d:64:1a:fa:18:d1:20:24:f0:4c:c4:97:e0:3c:02:
3d:b3:e2:c7:48:72:ad:62:b8:56:e9:1e:72:48:18:
49:91:22:64:f5:26:9b:92:db:ee:18:3c:03:22:ae:
03:7b:b5:ab:6c:f3:83:2a:10:ff:b4:54:38:04:3a:
68:25:af:49:64:bf:4b:57:2b:5e:f2:fd:ee:b7:bb:
64:d7:78:ef:7c:8c:f2:bd:88:63:dd:b9:ef:14:c4:
76:20:d5:bc:c4:7c:6f:01:b6:71:5e:af:01:dc:f7:
91:7c:b0:18:62:f7:e4:cb:a9:5c:9e:ef:7c:06:57:
d3:fc:1d:7d:1b:1e:35:a6:9d:35:de:f0:23:cd:bf:
f0:0e:78:e0:77:47:b9:8f:7c:ff:88:d1:31:65:82:
7b:45:26:e4:6b:1f:ac:43:2e:39:79:22:1d:5a:89:
a7:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:34:97:9A:EE:5E:EB:B2:40:26:5C:01:9D:4C:71:ED:B8:D4:E2:B5
X509v3 Authority Key Identifier:
keyid:81:8B:B9:03:32:71:7F:93:57:30:DA:F1:47:08:FF:C2:F6:05:F0:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912CD21/38C261E41C3811F0AA857D27C4F9AE02/gYu5AzJxf5NXMNrxRwj_wvYF8F8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gYu5AzJxf5NXMNrxRwj_wvYF8F8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912CD21/38C261E41C3811F0AA857D27C4F9AE02/1C93836C1C3911F09520E02BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
163.227.28.0/23
Signature Algorithm: sha256WithRSAEncryption
49:e8:f0:64:cb:25:9f:dd:6c:47:af:b6:df:a5:c7:bc:72:48:
a3:4a:7e:50:9e:4f:0d:75:e7:ed:1a:1e:ff:d4:d0:b8:9b:d9:
54:50:bc:c1:09:66:60:48:6b:20:c2:1f:05:95:42:59:d7:7e:
60:2e:db:60:0b:7e:90:0c:98:39:bb:f1:08:d8:65:f1:30:48:
1e:bb:44:9d:98:ec:bd:0b:c2:c2:a5:0d:15:f9:1c:38:33:67:
9d:d4:21:0f:9b:ae:f2:06:d0:f9:8a:67:56:31:45:ed:2b:22:
cd:b6:6c:a6:91:5d:2c:5f:70:fb:99:5a:1a:c7:d4:b6:bd:f5:
c3:69:ac:8c:c4:c0:8f:d4:1f:4c:31:bd:2a:c7:0e:3f:83:cb:
86:b2:10:9a:80:aa:1b:c1:d7:15:8b:e6:02:18:c5:e2:be:b3:
c1:50:37:f3:93:a0:d8:08:39:a9:c7:8b:60:ad:6a:6d:19:58:
aa:c6:3f:10:e3:f2:4d:fd:13:a4:c4:e7:dc:66:93:4b:3e:24:
46:23:d3:32:01:fe:23:5c:d2:be:bb:67:50:b4:64:10:85:7e:
1c:c9:e2:bc:17:19:a1:be:bf:a6:fe:a4:72:f3:7e:e1:1f:f6:
d6:c4:93:81:e3:f7:c2:d7:52:58:3e:4b:0f:93:49:3c:94:d1:
27:60:de:0e
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEy
Q0QyMTExMC8GA1UEBRMoODE4QkI5MDMzMjcxN0Y5MzU3MzBEQUYxNDcwOEZGQzJG
NjA1RjA1RjAeFw0yNTA0MTgwOTQwMDdaFw0yNjA3MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY4MDIxZGY2LTFjMzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDBgbslNPMYLYnIL/DAiVH3C686i3hu+sydpvQx3ALT/eiofZUO+kr6DVJtaBKn
FxPqo+zlruIDFQ1HriVTBaZ3PjHKToVPqVTJrHZqKiWkZui90xPG5JAUew1kGvoY
0SAk8EzEl+A8Aj2z4sdIcq1iuFbpHnJIGEmRImT1JpuS2+4YPAMirgN7tats84Mq
EP+0VDgEOmglr0lkv0tXK17y/e63u2TXeO98jPK9iGPdue8UxHYg1bzEfG8BtnFe
rwHc95F8sBhi9+TLqVye73wGV9P8HX0bHjWmnTXe8CPNv/AOeOB3R7mPfP+I0TFl
gntFJuRrH6xDLjl5Ih1aiaepAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUuDSXmu5e
67JAJlwBnUxx7bjU4rUwHwYDVR0jBBgwFoAUgYu5AzJxf5NXMNrxRwj/wvYF8F8w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTJDRDIxLzM4QzI2MUU0MUMz
ODExRjBBQTg1N0QyN0M0RjlBRTAyL2dZdTVBekp4ZjVOWE1OcnhSd2pfd3ZZRjhG
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvZ1l1NUF6SnhmNU5YTU5yeFJ3al93dllGOEY4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy
Q0QyMS8zOEMyNjFFNDFDMzgxMUYwQUE4NTdEMjdDNEY5QUUwMi8xQzkzODM2QzFD
MzkxMUYwOTUyMEUwMkJDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAaPjHDANBgkqhkiG9w0BAQsFAAOCAQEASejwZMsln91sR6+2
36XHvHJIo0p+UJ5PDXXn7Roe/9TQuJvZVFC8wQlmYEhrIMIfBZVCWdd+YC7bYAt+
kAyYObvxCNhl8TBIHrtEnZjsvQvCwqUNFfkcODNnndQhD5uu8gbQ+YpnVjFF7Ssi
zbZsppFdLF9w+5laGsfUtr31w2msjMTAj9QfTDG9KscOP4PLhrIQmoCqG8HXFYvm
AhjF4r6zwVA385Og2Ag5qceLYK1qbRlYqsY/EOPyTf0TpMTn3GaTSz4kRiPTMgH+
I1zSvrtnULRkEIV+HMnivBcZob6/pv6kcvN+4R/21sSTgeP3wtdSWD5LD5NJPJTR
J2DeDg==
-----END CERTIFICATE-----
Generated at Sat Apr 26 09:27:30 2025 by rpki-client