Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A913FE55/24CAE4A8473B11F08336F75CC4F9AE02/4DAAA9DE473C11F090453A62C4F9AE02.roa
File: 4DAAA9DE473C11F090453A62C4F9AE02.roa (raw, json)
Hash identifier: b5DCpzoZMIo3+RqEGk5TxlcdWgFkzGVus1TPDnE9SGM=
Subject key identifier: 5C:1E:68:85:C4:77:82:88:87:FA:CC:78:2D:F7:15:53:DB:51:5E:06
Certificate issuer: /CN=A913FE55/serialNumber=BAC1FA1B1E4EE430023B275D227A5D043C7F96A3
Certificate serial: 02
Authority key identifier: BA:C1:FA:1B:1E:4E:E4:30:02:3B:27:5D:22:7A:5D:04:3C:7F:96:A3
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/usH6Gx5O5DACOyddInpdBDx_lqM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A913FE55/24CAE4A8473B11F08336F75CC4F9AE02/4DAAA9DE473C11F090453A62C4F9AE02.roa
Signing time: Thu 12 Jun 2025 03:21:17 +0000
ROA not before: Thu 12 Jun 2025 03:21:17 +0000
ROA not after: Wed 30 Sep 2026 00:00:00 +0000
asID: 153966
IP address blocks: 165.99.248.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 13 Jun 2025 03:27:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A913FE55, serialNumber=BAC1FA1B1E4EE430023B275D227A5D043C7F96A3
Validity
Not Before: Jun 12 03:21:17 2025 GMT
Not After : Sep 30 00:00:00 2026 GMT
Subject: CN=684a47ad-05ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:dd:a5:a0:40:d7:f9:b4:af:aa:ae:e5:4f:ff:
dc:b7:77:fe:22:9b:5e:6a:17:72:7a:72:fa:7d:cb:
83:79:eb:ef:6b:24:91:1f:f5:d4:ec:9d:b7:37:6f:
28:c9:71:55:78:66:39:77:92:96:77:66:c4:81:a8:
6b:98:19:9b:e8:ef:bd:de:64:2b:d2:58:2b:68:0c:
dc:ae:8b:b5:28:75:93:e8:79:fb:14:fa:ca:a5:4b:
a6:46:4c:ca:54:e6:fd:83:89:7c:28:cf:a4:f2:e5:
94:ed:bb:e8:96:c1:7d:b1:60:36:fc:31:e2:e1:1e:
e4:0c:ea:5f:91:26:a0:25:25:2b:39:c0:d2:b3:3e:
00:08:52:1f:b4:7b:63:eb:4d:d3:1c:29:96:fd:b6:
4c:d0:43:d2:88:f6:78:34:24:b3:33:9c:4c:41:27:
ef:c1:1a:a9:80:89:2c:b2:b1:78:03:c8:eb:25:57:
02:f9:ca:8d:11:3b:4e:0c:a6:df:17:ee:cd:07:e3:
bf:a2:db:53:8b:39:99:ce:af:dd:8f:d1:f4:3e:64:
21:58:2d:b2:ad:9f:b9:82:f5:10:5b:37:d1:4f:9c:
02:98:37:a5:e4:d1:69:2e:a7:e5:58:26:22:76:87:
03:9d:ae:10:40:2b:35:8f:35:7c:5c:00:21:a8:e2:
60:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:1E:68:85:C4:77:82:88:87:FA:CC:78:2D:F7:15:53:DB:51:5E:06
X509v3 Authority Key Identifier:
keyid:BA:C1:FA:1B:1E:4E:E4:30:02:3B:27:5D:22:7A:5D:04:3C:7F:96:A3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A913FE55/24CAE4A8473B11F08336F75CC4F9AE02/usH6Gx5O5DACOyddInpdBDx_lqM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/usH6Gx5O5DACOyddInpdBDx_lqM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913FE55/24CAE4A8473B11F08336F75CC4F9AE02/4DAAA9DE473C11F090453A62C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
165.99.248.0/24
Signature Algorithm: sha256WithRSAEncryption
02:c4:3b:b5:69:ef:1b:0f:00:5f:e7:1a:39:a5:be:8b:98:fc:
b5:f5:b7:85:a5:28:a0:91:45:1a:ef:fe:53:f0:4e:1c:a9:78:
64:4f:f0:1e:40:8c:c5:b5:cd:af:81:a1:bc:78:77:d3:2f:d6:
1a:a2:aa:9a:f8:70:61:96:f7:bc:c5:04:66:20:c3:bf:a1:3c:
7f:83:dc:cc:85:db:a6:6d:32:a1:5d:12:37:b7:09:a3:0a:47:
89:fb:88:4b:9e:bd:7c:99:7e:c2:3f:c9:30:18:d0:a0:43:94:
54:0e:f2:c9:be:38:6d:9a:da:71:03:ba:f3:9a:0c:28:c0:e5:
90:d4:b9:54:76:5c:0a:88:99:f6:93:15:26:fa:c9:1b:3b:e1:
1d:4d:ae:74:f6:32:d0:fc:37:67:79:7c:d1:13:1a:fa:8a:1e:
7c:52:46:6e:f2:28:9d:b3:86:a7:30:62:a3:ef:cb:e7:a0:86:
6e:00:6f:2a:bf:88:fa:d3:1a:cd:c9:0a:be:80:19:86:05:e2:
63:45:1a:73:ec:91:b5:44:a2:25:01:91:45:07:cb:4e:8b:f1:
54:bb:f6:03:f7:c6:6c:33:ef:a6:f7:3a:03:db:7f:3c:24:ee:
f2:3f:4e:65:7c:bf:48:76:75:16:af:d8:0a:07:6d:0b:fd:78:
0f:c6:9e:17
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEz
RkU1NTExMC8GA1UEBRMoQkFDMUZBMUIxRTRFRTQzMDAyM0IyNzVEMjI3QTVEMDQz
QzdGOTZBMzAeFw0yNTA2MTIwMzIxMTdaFw0yNjA5MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY4NGE0N2FkLTA1ZWMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC43aWgQNf5tK+qruVP/9y3d/4im15qF3J6cvp9y4N56+9rJJEf9dTsnbc3byjJ
cVV4Zjl3kpZ3ZsSBqGuYGZvo773eZCvSWCtoDNyui7UodZPoefsU+sqlS6ZGTMpU
5v2DiXwoz6Ty5ZTtu+iWwX2xYDb8MeLhHuQM6l+RJqAlJSs5wNKzPgAIUh+0e2Pr
TdMcKZb9tkzQQ9KI9ng0JLMznExBJ+/BGqmAiSyysXgDyOslVwL5yo0RO04Mpt8X
7s0H47+i21OLOZnOr92P0fQ+ZCFYLbKtn7mC9RBbN9FPnAKYN6Xk0Wkup+VYJiJ2
hwOdrhBAKzWPNXxcACGo4mAhAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUXB5ohcR3
goiH+sx4LfcVU9tRXgYwHwYDVR0jBBgwFoAUusH6Gx5O5DACOyddInpdBDx/lqMw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTNGRTU1LzI0Q0FFNEE4NDcz
QjExRjA4MzM2Rjc1Q0M0RjlBRTAyL3VzSDZHeDVPNURBQ095ZGRJbnBkQkR4X2xx
TS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvdXNINkd4NU81REFDT3lkZElucGRCRHhfbHFNLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz
RkU1NS8yNENBRTRBODQ3M0IxMUYwODMzNkY3NUNDNEY5QUUwMi80REFBQTlERTQ3
M0MxMUYwOTA0NTNBNjJDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAKVj+DANBgkqhkiG9w0BAQsFAAOCAQEAAsQ7tWnvGw8AX+ca
OaW+i5j8tfW3haUooJFFGu/+U/BOHKl4ZE/wHkCMxbXNr4GhvHh30y/WGqKqmvhw
YZb3vMUEZiDDv6E8f4PczIXbpm0yoV0SN7cJowpHifuIS569fJl+wj/JMBjQoEOU
VA7yyb44bZracQO685oMKMDlkNS5VHZcCoiZ9pMVJvrJGzvhHU2udPYy0Pw3Z3l8
0RMa+ooefFJGbvIonbOGpzBio+/L56CGbgBvKr+I+tMazckKvoAZhgXiY0Uac+yR
tUSiJQGRRQfLTovxVLv2A/fGbDPvpvc6A9t/PCTu8j9OZXy/SHZ1Fq/YCgdtC/14
D8aeFw==
-----END CERTIFICATE-----
Generated at Thu Jun 19 01:23:34 2025 by rpki-client