Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A913B4BE/6F2FD338CCF711EE9E89D67AC4F9AE02/ABCCEBB6CDC711EE8A262C4EC4F9AE02.roa
File: ABCCEBB6CDC711EE8A262C4EC4F9AE02.roa (raw, json)
Hash identifier: P5R7d4a/0wC+N93KdxS+hWDlaT2bvbfVSONwYlsDMMA=
Subject key identifier: 58:E2:A1:88:F1:E7:01:6C:9B:85:4C:F6:60:27:64:98:61:2B:41:7A
Certificate issuer: /CN=A913B4BE/serialNumber=7B1FB1BA3B0EC8CA5E5C13AEBCFC6EBA8D20EAA7
Certificate serial: F0
Authority key identifier: 7B:1F:B1:BA:3B:0E:C8:CA:5E:5C:13:AE:BC:FC:6E:BA:8D:20:EA:A7
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ex-xujsOyMpeXBOuvPxuuo0g6qc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A913B4BE/6F2FD338CCF711EE9E89D67AC4F9AE02/ABCCEBB6CDC711EE8A262C4EC4F9AE02.roa
Signing time: Sat 17 May 2025 05:05:49 +0000
ROA not before: Sat 17 May 2025 05:05:49 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 139901
IP address blocks: 157.20.43.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 27 May 2025 15:30:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 240 (0xf0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A913B4BE, serialNumber=7B1FB1BA3B0EC8CA5E5C13AEBCFC6EBA8D20EAA7
Validity
Not Before: May 17 05:05:49 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=6828192d-1752
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:25:94:d2:3b:33:19:5e:ef:bc:49:54:30:23:
86:e8:63:eb:12:b9:eb:bf:1f:9e:0c:20:0f:d1:4c:
47:b4:5a:2a:f9:3c:18:0f:fe:49:7d:65:72:98:4a:
ea:41:d6:0f:5e:74:0a:76:ac:06:f4:fb:29:d8:3f:
3e:78:28:0f:8d:55:85:bd:69:0d:b1:13:48:0a:d5:
da:0c:cb:22:53:ea:bb:68:7e:35:ff:68:db:54:fe:
1a:dc:73:aa:9a:69:e9:51:ab:f8:b9:d0:7b:e7:54:
d8:49:c5:b9:a7:bd:31:6e:d0:eb:7e:ce:48:eb:c1:
63:91:62:92:4c:84:26:97:6c:36:fd:d5:60:3b:ac:
39:c1:91:08:21:71:85:14:3e:ec:5d:81:72:2f:c6:
f5:03:25:c6:3f:fc:1c:28:08:0d:33:c7:f9:d1:2a:
fd:0d:4e:69:3b:0e:f7:4d:79:6d:72:16:7c:13:65:
90:4c:cd:d1:87:7e:e4:92:4e:1d:94:91:df:ad:ef:
48:a6:8e:b2:a3:b8:af:69:94:32:a0:bc:05:cf:df:
f9:22:bb:17:b4:9d:60:15:67:5c:02:34:6b:85:4c:
34:5d:94:9a:78:f8:3f:8e:a9:0e:ac:d9:f2:55:13:
9b:7d:1b:ad:ab:f7:70:1d:03:1a:4c:d8:94:77:94:
e0:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:E2:A1:88:F1:E7:01:6C:9B:85:4C:F6:60:27:64:98:61:2B:41:7A
X509v3 Authority Key Identifier:
keyid:7B:1F:B1:BA:3B:0E:C8:CA:5E:5C:13:AE:BC:FC:6E:BA:8D:20:EA:A7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A913B4BE/6F2FD338CCF711EE9E89D67AC4F9AE02/ex-xujsOyMpeXBOuvPxuuo0g6qc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ex-xujsOyMpeXBOuvPxuuo0g6qc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913B4BE/6F2FD338CCF711EE9E89D67AC4F9AE02/ABCCEBB6CDC711EE8A262C4EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
157.20.43.0/24
Signature Algorithm: sha256WithRSAEncryption
23:49:e7:6d:8b:e0:42:77:3e:2f:db:e3:ec:e4:73:e5:d1:90:
66:1f:6e:c2:69:a0:8d:5e:3a:3a:46:41:cb:83:83:a3:02:66:
4d:31:f5:4f:de:6d:32:33:25:89:99:8b:22:0e:ac:2a:d1:78:
90:38:90:4e:fd:2d:d7:53:52:5e:7b:ac:f2:26:44:36:0b:a3:
fd:e9:98:28:fc:8f:c8:02:0f:f5:96:43:58:19:83:0d:b9:74:
df:f7:ca:04:be:68:2e:55:03:80:31:c6:34:15:34:c4:39:dc:
e9:20:ed:0f:69:f4:2e:68:ff:71:1b:b6:86:8a:88:df:12:78:
3b:b5:c1:c7:a7:19:15:c9:77:ae:07:b7:94:b8:b6:05:ea:85:
53:ad:a0:b5:b3:64:e1:0a:a3:f7:8a:2f:88:38:c2:6a:6d:e3:
e7:d4:15:df:fe:c7:f5:4f:9c:0e:bb:c5:50:c6:3f:76:2c:ee:
75:47:75:61:7e:9a:fd:fe:e7:58:2d:7e:d1:97:ad:d7:eb:75:
0a:c5:b7:ef:f8:a9:48:cd:21:22:f0:76:b8:bf:1c:bb:c2:dc:
1f:4d:e3:5e:9a:44:64:35:9e:ac:74:51:8a:40:6e:87:63:30:
2c:17:be:31:62:71:e6:2e:c0:7a:ad:e1:b4:08:53:2c:0a:ab:
72:e3:46:b4
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAPAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
M0I0QkUxMTAvBgNVBAUTKDdCMUZCMUJBM0IwRUM4Q0E1RTVDMTNBRUJDRkM2RUJB
OEQyMEVBQTcwHhcNMjUwNTE3MDUwNTQ5WhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODI4MTkyZC0xNzUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqCWU0jszGV7vvElUMCOG6GPrErnrvx+eDCAP0UxHtFoq+TwYD/5JfWVymErq
QdYPXnQKdqwG9Psp2D8+eCgPjVWFvWkNsRNICtXaDMsiU+q7aH41/2jbVP4a3HOq
mmnpUav4udB751TYScW5p70xbtDrfs5I68FjkWKSTIQml2w2/dVgO6w5wZEIIXGF
FD7sXYFyL8b1AyXGP/wcKAgNM8f50Sr9DU5pOw73TXltchZ8E2WQTM3Rh37kkk4d
lJHfre9Ipo6yo7ivaZQyoLwFz9/5IrsXtJ1gFWdcAjRrhUw0XZSaePg/jqkOrNny
VRObfRutq/dwHQMaTNiUd5TgmwIDAQABo4IClTCCApEwHQYDVR0OBBYEFFjioYjx
5wFsm4VM9mAnZJhhK0F6MB8GA1UdIwQYMBaAFHsfsbo7DsjKXlwTrrz8brqNIOqn
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzQjRCRS82RjJGRDMzOEND
RjcxMUVFOUU4OUQ2N0FDNEY5QUUwMi9leC14dWpzT3lNcGVYQk91dlB4dXVvMGc2
cWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL2V4LXh1anNPeU1wZVhCT3V2UHh1dW8wZzZxYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
M0I0QkUvNkYyRkQzMzhDQ0Y3MTFFRTlFODlENjdBQzRGOUFFMDIvQUJDQ0VCQjZD
REM3MTFFRThBMjYyQzRFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBACdFCswDQYJKoZIhvcNAQELBQADggEBACNJ522L4EJ3Pi/b
4+zkc+XRkGYfbsJpoI1eOjpGQcuDg6MCZk0x9U/ebTIzJYmZiyIOrCrReJA4kE79
LddTUl57rPImRDYLo/3pmCj8j8gCD/WWQ1gZgw25dN/3ygS+aC5VA4AxxjQVNMQ5
3Okg7Q9p9C5o/3EbtoaKiN8SeDu1wcenGRXJd64Ht5S4tgXqhVOtoLWzZOEKo/eK
L4g4wmpt4+fUFd/+x/VPnA67xVDGP3Ys7nVHdWF+mv3+51gtftGXrdfrdQrFt+/4
qUjNISLwdri/HLvC3B9N416aRGQ1nqx0UYpAbodjMCwXvjFiceYuwHqt4bQIUywK
q3LjRrQ=
-----END CERTIFICATE-----
Generated at Fri Jun 20 10:34:57 2025 by rpki-client