Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915DE6C/6BC375B043D411F090B47668C4F9AE02/321A337444F311F0B5C29B5AC4F9AE02.roa
File: 321A337444F311F0B5C29B5AC4F9AE02.roa (raw, json)
Hash identifier: +FrR2ZlC46BJ4ZWmvdTmLc6QNLo6k+tGqVbdqjJ+m/I=
Subject key identifier: FE:DC:60:10:DD:03:97:C6:D1:DE:BF:AE:9D:9C:F6:4B:F6:FB:F1:01
Certificate issuer: /CN=A915DE6C/serialNumber=50AAFC6A3EF75B22B7683CAB63D84BE4291954B4
Certificate serial: 03
Authority key identifier: 50:AA:FC:6A:3E:F7:5B:22:B7:68:3C:AB:63:D8:4B:E4:29:19:54:B4
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/UKr8aj73WyK3aDyrY9hL5CkZVLQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915DE6C/6BC375B043D411F090B47668C4F9AE02/321A337444F311F0B5C29B5AC4F9AE02.roa
Signing time: Mon 09 Jun 2025 05:32:56 +0000
ROA not before: Mon 09 Jun 2025 05:32:56 +0000
ROA not after: Wed 30 Sep 2026 00:00:00 +0000
asID: 29802
IP address blocks: 165.99.218.0/24 maxlen: 24
165.99.219.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 19 Jun 2025 19:35:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3 (0x3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915DE6C, serialNumber=50AAFC6A3EF75B22B7683CAB63D84BE4291954B4
Validity
Not Before: Jun 9 05:32:56 2025 GMT
Not After : Sep 30 00:00:00 2026 GMT
Subject: CN=68467207-92a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:ee:49:3e:f8:fa:39:fb:1d:97:97:00:66:d7:
97:39:d3:96:39:c4:27:31:2d:a1:b3:bf:76:0a:31:
a2:bd:38:53:a6:8e:04:cb:2d:38:72:47:59:8a:bf:
a3:2a:d2:26:f8:d4:dc:d8:20:80:98:d4:d1:61:97:
63:e0:a9:66:6a:e0:ea:47:08:28:9c:13:78:b0:13:
89:20:24:69:72:78:0d:0c:1e:4a:50:e3:bb:c8:55:
d1:f5:cf:04:02:3f:b5:81:05:58:33:e6:cc:6b:6b:
b2:59:e7:7a:c4:f6:85:bc:e0:23:89:a7:8e:e4:08:
69:61:4d:8f:3c:2d:9f:52:0c:27:92:b0:ae:3e:1e:
55:1e:0e:51:f6:df:98:57:27:5d:f7:7f:6d:b3:fd:
f0:a8:5f:be:93:51:16:16:cd:90:44:31:1e:8f:48:
0d:00:e3:35:53:16:75:39:f0:25:76:06:8a:23:bc:
13:06:d1:5a:48:88:35:c6:27:b5:eb:6e:7b:29:b1:
e5:17:bd:e7:e0:11:48:b1:85:37:d0:cb:84:6d:b8:
73:fa:5e:a7:e7:85:7c:b7:67:90:8c:d9:a3:c2:d9:
c6:47:e5:a2:c0:8c:0d:0c:d7:48:69:e8:41:6b:26:
c1:97:00:c8:f7:b2:d0:a1:0a:93:90:d5:7d:a8:db:
2e:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:DC:60:10:DD:03:97:C6:D1:DE:BF:AE:9D:9C:F6:4B:F6:FB:F1:01
X509v3 Authority Key Identifier:
keyid:50:AA:FC:6A:3E:F7:5B:22:B7:68:3C:AB:63:D8:4B:E4:29:19:54:B4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915DE6C/6BC375B043D411F090B47668C4F9AE02/UKr8aj73WyK3aDyrY9hL5CkZVLQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/UKr8aj73WyK3aDyrY9hL5CkZVLQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915DE6C/6BC375B043D411F090B47668C4F9AE02/321A337444F311F0B5C29B5AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
165.99.218.0/23
Signature Algorithm: sha256WithRSAEncryption
57:22:04:32:34:f2:77:c4:b9:5c:54:27:3f:a2:2c:94:8c:e8:
6b:57:0f:e9:04:5e:81:54:ca:ba:98:5e:c2:6f:82:09:30:62:
49:42:fc:0a:c7:5c:5f:fd:27:fa:f3:a4:47:7a:c9:bd:b4:c4:
3c:7e:67:08:bc:ab:b3:4c:57:88:67:49:71:80:fa:e2:84:87:
05:0e:a1:de:eb:31:44:d3:89:a8:39:6c:bd:bf:64:66:1b:58:
9f:17:f0:da:a4:a4:91:49:ba:26:a0:4f:3c:f5:53:90:8d:0b:
05:60:78:03:73:6a:54:48:f9:14:3d:99:53:5d:97:f1:45:bf:
41:e9:21:f8:72:8a:92:c9:07:40:f8:d6:f0:52:23:30:0b:f1:
40:34:d1:b6:6b:e0:2d:cc:2e:57:8c:17:98:cb:61:e6:7b:de:
02:62:af:8d:61:e6:90:94:db:61:52:c5:9e:9e:9b:f2:62:8f:
d3:ae:f2:ac:d1:0c:98:76:c7:db:a0:cc:1c:45:1f:99:f2:05:
bd:91:39:d3:a9:f8:75:50:ca:25:92:85:f7:0c:97:1f:11:ed:
d9:f6:8d:b0:61:78:31:03:a7:8b:4b:42:b2:45:9b:d4:a9:3e:
be:1c:d4:53:1e:fc:5c:93:29:86:67:ea:2c:56:fa:a6:4d:25:
a1:c7:74:b1
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE1
REU2QzExMC8GA1UEBRMoNTBBQUZDNkEzRUY3NUIyMkI3NjgzQ0FCNjNEODRCRTQy
OTE5NTRCNDAeFw0yNTA2MDkwNTMyNTZaFw0yNjA5MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY4NDY3MjA3LTkyYTQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCx7kk++Po5+x2XlwBm15c505Y5xCcxLaGzv3YKMaK9OFOmjgTLLThyR1mKv6Mq
0ib41NzYIICY1NFhl2PgqWZq4OpHCCicE3iwE4kgJGlyeA0MHkpQ47vIVdH1zwQC
P7WBBVgz5sxra7JZ53rE9oW84COJp47kCGlhTY88LZ9SDCeSsK4+HlUeDlH235hX
J133f22z/fCoX76TURYWzZBEMR6PSA0A4zVTFnU58CV2BoojvBMG0VpIiDXGJ7Xr
bnspseUXvefgEUixhTfQy4RtuHP6XqfnhXy3Z5CM2aPC2cZH5aLAjA0M10hp6EFr
JsGXAMj3stChCpOQ1X2o2y45AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQU/txgEN0D
l8bR3r+unZz2S/b78QEwHwYDVR0jBBgwFoAUUKr8aj73WyK3aDyrY9hL5CkZVLQw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTVERTZDLzZCQzM3NUIwNDNE
NDExRjA5MEI0NzY2OEM0RjlBRTAyL1VLcjhhajczV3lLM2FEeXJZOWhMNUNrWlZM
US5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvVUtyOGFqNzNXeUszYUR5clk5aEw1Q2taVkxRLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1
REU2Qy82QkMzNzVCMDQzRDQxMUYwOTBCNDc2NjhDNEY5QUUwMi8zMjFBMzM3NDQ0
RjMxMUYwQjVDMjlCNUFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAaVj2jANBgkqhkiG9w0BAQsFAAOCAQEAVyIEMjTyd8S5XFQn
P6IslIzoa1cP6QRegVTKuphewm+CCTBiSUL8CsdcX/0n+vOkR3rJvbTEPH5nCLyr
s0xXiGdJcYD64oSHBQ6h3usxRNOJqDlsvb9kZhtYnxfw2qSkkUm6JqBPPPVTkI0L
BWB4A3NqVEj5FD2ZU12X8UW/Qekh+HKKkskHQPjW8FIjMAvxQDTRtmvgLcwuV4wX
mMth5nveAmKvjWHmkJTbYVLFnp6b8mKP067yrNEMmHbH26DMHEUfmfIFvZE506n4
dVDKJZKF9wyXHxHt2faNsGF4MQOni0tCskWb1Kk+vhzUUx78XJMphmfqLFb6pk0l
ocd0sQ==
-----END CERTIFICATE-----
Generated at Sat Jun 21 01:10:35 2025 by rpki-client