Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9140D69/0E177D5A058C11EDADD66011C4F9AE02/5F6D13A803FF11F0AB18630EC4F9AE02.roa
File: 5F6D13A803FF11F0AB18630EC4F9AE02.roa (raw, json)
Hash identifier: uz5cJKJAqQJKme5dsqGOi1ncOhl7KhQPnpqmMp/6nt8=
Subject key identifier: DD:BC:4D:D2:2C:61:84:17:4D:DA:42:9A:B0:A7:66:74:0D:04:49:91
Certificate issuer: /CN=A9140D69/serialNumber=103FA8BDFFFB9F0557072C47332B81A9E80EDD35
Certificate serial: 028D
Authority key identifier: 10:3F:A8:BD:FF:FB:9F:05:57:07:2C:47:33:2B:81:A9:E8:0E:DD:35
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ED-ovf_7nwVXByxHMyuBqegO3TU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9140D69/0E177D5A058C11EDADD66011C4F9AE02/5F6D13A803FF11F0AB18630EC4F9AE02.roa
Signing time: Tue 18 Mar 2025 13:46:20 +0000
ROA not before: Tue 18 Mar 2025 13:46:20 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 64021
IP address blocks: 163.53.244.0/24 maxlen: 24
163.53.247.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 14 Apr 2025 08:51:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 653 (0x28d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9140D69, serialNumber=103FA8BDFFFB9F0557072C47332B81A9E80EDD35
Validity
Not Before: Mar 18 13:46:20 2025 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=67d9792c-7d73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:6d:14:be:26:79:80:01:4e:e3:b5:5e:f3:66:
f9:d8:51:c8:18:c8:54:e7:ee:22:5b:e3:17:72:9e:
a0:c3:b8:11:0d:30:2a:79:3c:d4:0a:7c:df:f1:85:
23:4a:2f:86:6d:eb:25:99:4b:6e:63:56:05:86:3f:
0a:0b:29:60:82:d1:a4:1e:42:9e:40:80:f2:7b:19:
40:4c:f5:33:95:90:68:12:e8:a7:b2:43:4c:44:e8:
8f:2b:37:4a:22:3b:a5:15:6d:b7:a4:29:a7:39:4c:
7b:1b:22:a9:ff:aa:20:2b:6d:e0:2e:e7:cc:17:1a:
79:82:f7:cc:43:44:43:e2:6f:78:c3:fe:de:25:41:
d8:79:5c:88:57:c3:67:88:80:65:f3:e9:48:63:c9:
52:8a:05:2f:72:7a:3e:8b:59:21:4c:20:7f:b1:f0:
26:26:6b:bb:7d:92:88:96:84:a2:1b:97:2e:6f:49:
56:2c:f3:73:e9:a1:93:60:6c:c8:49:3d:d2:e4:90:
57:5c:60:7f:e5:27:2d:79:31:0c:14:7e:ea:dc:96:
87:35:02:62:76:ba:56:03:85:b4:08:f5:22:ae:85:
50:f8:b6:81:34:4c:6e:49:50:8d:5e:ef:83:f0:be:
83:e5:04:6e:4a:d7:a3:4b:2e:b9:be:44:7b:d7:94:
e4:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:BC:4D:D2:2C:61:84:17:4D:DA:42:9A:B0:A7:66:74:0D:04:49:91
X509v3 Authority Key Identifier:
keyid:10:3F:A8:BD:FF:FB:9F:05:57:07:2C:47:33:2B:81:A9:E8:0E:DD:35
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9140D69/0E177D5A058C11EDADD66011C4F9AE02/ED-ovf_7nwVXByxHMyuBqegO3TU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ED-ovf_7nwVXByxHMyuBqegO3TU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9140D69/0E177D5A058C11EDADD66011C4F9AE02/5F6D13A803FF11F0AB18630EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
163.53.244.0/24
163.53.247.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:0c:63:e5:d4:a2:d4:e1:05:ae:06:5a:50:db:5b:c7:12:bc:
d4:fe:fe:8e:03:fa:15:92:d1:eb:dd:14:25:6d:78:24:b9:d2:
af:3c:0c:73:81:7a:99:08:4d:2b:e9:2b:f5:17:ff:c7:fa:b7:
08:d1:63:88:68:05:cb:b4:f1:d0:d6:fd:29:b6:f5:78:82:3c:
d7:4d:d8:25:b7:5e:99:44:cc:36:e6:63:70:2e:cd:ae:f6:6f:
b0:a9:ee:40:c5:49:c2:b4:64:4c:8f:01:a0:a1:b5:e6:0b:38:
20:fa:e9:76:0b:12:e9:0e:70:85:a7:b1:8f:65:13:3b:9e:bb:
2f:f2:a5:c3:b8:8e:b9:ac:cf:d3:13:22:c7:ef:eb:76:29:e8:
08:c7:55:d2:24:ac:94:62:35:52:d5:c6:c0:25:dc:a7:0f:fd:
c6:a5:ec:48:7c:40:cd:d1:66:25:61:34:72:c7:18:8a:8c:8e:
be:82:d2:28:0a:ea:88:e9:a2:44:c3:a9:dd:44:cb:60:87:16:
83:76:75:4e:17:77:52:1f:0f:50:53:1f:09:08:68:23:f8:63:
cb:19:87:63:65:9e:f5:f8:e3:9e:83:af:3e:5e:a5:14:51:6a:
31:ce:51:1c:9f:9f:5e:dd:dc:f2:e0:5e:43:27:a7:18:43:79:
64:c8:3d:cf
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICAo0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDBENjkxMTAvBgNVBAUTKDEwM0ZBOEJERkZGQjlGMDU1NzA3MkM0NzMzMkI4MUE5
RTgwRUREMzUwHhcNMjUwMzE4MTM0NjIwWhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2Q5NzkyYy03ZDczMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArm0UviZ5gAFO47Ve82b52FHIGMhU5+4iW+MXcp6gw7gRDTAqeTzUCnzf8YUj
Si+GbeslmUtuY1YFhj8KCylggtGkHkKeQIDyexlATPUzlZBoEuinskNMROiPKzdK
IjulFW23pCmnOUx7GyKp/6ogK23gLufMFxp5gvfMQ0RD4m94w/7eJUHYeVyIV8Nn
iIBl8+lIY8lSigUvcno+i1khTCB/sfAmJmu7fZKIloSiG5cub0lWLPNz6aGTYGzI
ST3S5JBXXGB/5ScteTEMFH7q3JaHNQJidrpWA4W0CPUiroVQ+LaBNExuSVCNXu+D
8L6D5QRuStejSy65vkR715TknwIDAQABo4ICmzCCApcwHQYDVR0OBBYEFN28TdIs
YYQXTdpCmrCnZnQNBEmRMB8GA1UdIwQYMBaAFBA/qL3/+58FVwcsRzMrganoDt01
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MEQ2OS8wRTE3N0Q1QTA1
OEMxMUVEQURENjYwMTFDNEY5QUUwMi9FRC1vdmZfN253VlhCeXhITXl1QnFlZ08z
VFUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0VELW92Zl83bndWWEJ5eEhNeXVCcWVnTzNUVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDBENjkvMEUxNzdENUEwNThDMTFFREFERDY2MDExQzRGOUFFMDIvNUY2RDEzQTgw
M0ZGMTFGMEFCMTg2MzBFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBACjNfQDBACjNfcwDQYJKoZIhvcNAQELBQADggEBAKEMY+XU
otThBa4GWlDbW8cSvNT+/o4D+hWS0evdFCVteCS50q88DHOBepkITSvpK/UX/8f6
twjRY4hoBcu08dDW/Sm29XiCPNdN2CW3XplEzDbmY3Auza72b7Cp7kDFScK0ZEyP
AaChteYLOCD66XYLEukOcIWnsY9lEzueuy/ypcO4jrmsz9MTIsfv63Yp6AjHVdIk
rJRiNVLVxsAl3KcP/cal7Eh8QM3RZiVhNHLHGIqMjr6C0igK6ojpokTDqd1Ey2CH
FoN2dU4Xd1IfD1BTHwkIaCP4Y8sZh2NlnvX4456Drz5epRRRajHOURyfn17d3PLg
XkMnpxhDeWTIPc8=
-----END CERTIFICATE-----
Generated at Sat Apr 26 09:32:05 2025 by rpki-client