Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9153CE9/0AB1D396F51511EB9EFE0750C4F9AE02/CB6ED7B2645011EE9EAE117BC4F9AE02.roa
File: CB6ED7B2645011EE9EAE117BC4F9AE02.roa (raw, json)
Hash identifier: gq1I/8ULkfsYgR5m8puegSoXLZkf9aEj0WGKQgF8rpk=
Subject key identifier: CE:4B:B1:9A:13:F4:E2:E8:84:30:6C:9D:1F:29:C8:56:36:BA:1D:0D
Certificate issuer: /CN=A9153CE9/serialNumber=E0996115508A3AD59915DBABCCB696DBA0B4CC72
Certificate serial: 054F
Authority key identifier: E0:99:61:15:50:8A:3A:D5:99:15:DB:AB:CC:B6:96:DB:A0:B4:CC:72
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4JlhFVCKOtWZFdurzLaW26C0zHI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9153CE9/0AB1D396F51511EB9EFE0750C4F9AE02/CB6ED7B2645011EE9EAE117BC4F9AE02.roa
Signing time: Tue 08 Apr 2025 23:34:07 +0000
ROA not before: Tue 08 Apr 2025 23:34:07 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 13213
IP address blocks: 45.65.32.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 24 Apr 2025 16:16:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1359 (0x54f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9153CE9, serialNumber=E0996115508A3AD59915DBABCCB696DBA0B4CC72
Validity
Not Before: Apr 8 23:34:07 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=67f5b26f-009a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:af:0b:e0:42:ee:9a:8b:5e:51:90:63:44:8f:
f0:f4:9e:f8:0e:3f:96:4d:32:29:b7:0f:22:6e:de:
3a:f2:fc:97:5e:cd:03:17:f9:23:2d:48:18:1d:53:
2c:ea:21:11:0d:bc:ee:75:06:d0:5a:18:9c:26:85:
e8:90:f8:10:a2:7c:b7:21:72:36:c4:62:cf:d1:4b:
55:78:82:12:d5:9a:c6:fb:10:5a:8c:3c:6b:95:22:
9e:aa:69:22:8a:8a:c1:2a:a5:f3:e7:a6:36:ed:67:
7a:99:5f:28:a5:d6:d1:db:86:e2:9d:42:dd:07:37:
9a:21:4c:58:9f:fb:6b:98:02:f1:3a:c1:04:cd:62:
fb:20:bf:4c:8e:c7:04:c0:f3:70:cf:39:cd:7a:a7:
15:8a:42:21:50:d4:d6:c9:be:48:31:47:ab:7a:66:
36:18:ce:5d:eb:54:c5:48:f2:8b:f6:ba:fc:4b:0e:
1a:a3:8b:2a:80:4a:12:c0:d4:7d:0d:d0:a8:a6:96:
4d:24:d8:44:10:55:08:aa:77:9e:cc:fe:47:da:8a:
11:e8:fd:c2:69:65:26:43:1b:62:3f:17:61:80:7e:
80:b8:a8:0b:ec:ce:0f:bf:9d:b3:ab:a1:fd:8a:0c:
4d:66:5f:80:83:be:ee:03:46:54:6b:6e:f3:21:3e:
91:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:4B:B1:9A:13:F4:E2:E8:84:30:6C:9D:1F:29:C8:56:36:BA:1D:0D
X509v3 Authority Key Identifier:
keyid:E0:99:61:15:50:8A:3A:D5:99:15:DB:AB:CC:B6:96:DB:A0:B4:CC:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9153CE9/0AB1D396F51511EB9EFE0750C4F9AE02/4JlhFVCKOtWZFdurzLaW26C0zHI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4JlhFVCKOtWZFdurzLaW26C0zHI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9153CE9/0AB1D396F51511EB9EFE0750C4F9AE02/CB6ED7B2645011EE9EAE117BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.65.32.0/22
Signature Algorithm: sha256WithRSAEncryption
07:84:00:63:13:40:d3:60:00:8b:33:e8:8c:0b:57:35:07:e2:
71:8a:75:46:5c:1c:ef:2d:af:a7:23:ce:19:dc:3b:99:f5:10:
65:d7:e5:ce:0f:10:be:c2:a8:9b:38:07:22:87:ff:df:8b:d7:
1c:65:f9:22:eb:75:08:42:70:dd:13:1f:b8:c3:e3:06:76:00:
6e:f8:4c:e0:e3:2f:a2:51:1d:a5:e9:50:f3:8c:b6:ab:22:7e:
81:e8:ce:ec:81:26:89:3d:7d:3c:49:79:a3:5a:99:33:fd:d7:
2b:68:3f:80:51:8b:98:81:90:34:1b:b1:ce:c3:31:d2:cc:33:
83:68:0b:ae:0b:25:a0:d3:85:2a:1e:21:7d:0d:a1:0a:e4:59:
ff:3e:81:2b:52:86:2d:98:d4:5e:b6:70:bb:ea:2c:e0:51:3b:
fc:d2:5d:ba:59:7d:86:d8:76:e3:91:33:16:93:ae:f0:a5:10:
d2:63:6a:b9:3c:4b:e9:db:33:83:ee:52:9e:3c:29:36:71:3c:
ca:6d:16:1b:4b:0c:26:e8:2b:66:49:0a:c9:ed:6c:e8:bd:13:
ed:45:02:47:33:e9:04:d2:c1:e0:fa:99:26:02:a8:12:e3:fe:
35:07:bc:df:d6:f3:e9:d7:8a:20:ec:cc:0c:c6:45:25:64:38:
98:cb:e7:90
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBU8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTNDRTkxMTAvBgNVBAUTKEUwOTk2MTE1NTA4QTNBRDU5OTE1REJBQkNDQjY5NkRC
QTBCNENDNzIwHhcNMjUwNDA4MjMzNDA3WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02N2Y1YjI2Zi0wMDlhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAq68L4ELumoteUZBjRI/w9J74Dj+WTTIptw8ibt468vyXXs0DF/kjLUgYHVMs
6iERDbzudQbQWhicJoXokPgQony3IXI2xGLP0UtVeIIS1ZrG+xBajDxrlSKeqmki
iorBKqXz56Y27Wd6mV8opdbR24binULdBzeaIUxYn/trmALxOsEEzWL7IL9MjscE
wPNwzznNeqcVikIhUNTWyb5IMUeremY2GM5d61TFSPKL9rr8Sw4ao4sqgEoSwNR9
DdCoppZNJNhEEFUIqneezP5H2ooR6P3CaWUmQxtiPxdhgH6AuKgL7M4Pv52zq6H9
igxNZl+Ag77uA0ZUa27zIT6RXwIDAQABo4IClTCCApEwHQYDVR0OBBYEFM5LsZoT
9OLohDBsnR8pyFY2uh0NMB8GA1UdIwQYMBaAFOCZYRVQijrVmRXbq8y2ltugtMxy
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1M0NFOS8wQUIxRDM5NkY1
MTUxMUVCOUVGRTA3NTBDNEY5QUUwMi80SmxoRlZDS090V1pGZHVyekxhVzI2QzB6
SEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzRKbGhGVkNLT3RXWkZkdXJ6TGFXMjZDMHpISS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTNDRTkvMEFCMUQzOTZGNTE1MTFFQjlFRkUwNzUwQzRGOUFFMDIvQ0I2RUQ3QjI2
NDUwMTFFRTlFQUUxMTdCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAItQSAwDQYJKoZIhvcNAQELBQADggEBAAeEAGMTQNNgAIsz
6IwLVzUH4nGKdUZcHO8tr6cjzhncO5n1EGXX5c4PEL7CqJs4ByKH/9+L1xxl+SLr
dQhCcN0TH7jD4wZ2AG74TODjL6JRHaXpUPOMtqsifoHozuyBJok9fTxJeaNamTP9
1ytoP4BRi5iBkDQbsc7DMdLMM4NoC64LJaDThSoeIX0NoQrkWf8+gStShi2Y1F62
cLvqLOBRO/zSXbpZfYbYduORMxaTrvClENJjark8S+nbM4PuUp48KTZxPMptFhtL
DCboK2ZJCsntbOi9E+1FAkcz6QTSweD6mSYCqBLj/jUHvN/W8+nXiiDszAzGRSVk
OJjL55A=
-----END CERTIFICATE-----
Generated at Sat Apr 26 14:16:09 2025 by rpki-client