Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915FDD9/B622FA8AD6DE11EFB0474E1BC4F9AE02/0A61C5AA33BD11F0A2B1CE73C4F9AE02.roa
File: 0A61C5AA33BD11F0A2B1CE73C4F9AE02.roa (raw, json)
Hash identifier: 8cmTSAZAIz17ZaqoHiNAujInunAW7o+HeRBdASHHd/I=
Subject key identifier: 4A:67:BE:47:7F:BB:B9:CA:4F:9A:05:7A:EC:2B:C4:6B:BA:A7:D2:65
Certificate issuer: /CN=A915FDD9/serialNumber=967B97D9E311250D82942D27E4C5F90D98138058
Certificate serial: 4F
Authority key identifier: 96:7B:97:D9:E3:11:25:0D:82:94:2D:27:E4:C5:F9:0D:98:13:80:58
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lnuX2eMRJQ2ClC0n5MX5DZgTgFg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915FDD9/B622FA8AD6DE11EFB0474E1BC4F9AE02/0A61C5AA33BD11F0A2B1CE73C4F9AE02.roa
Signing time: Sun 18 May 2025 07:52:45 +0000
ROA not before: Sun 18 May 2025 07:52:45 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 146943
IP address blocks: 161.248.218.0/24 maxlen: 24
161.248.219.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 18 May 2025 08:44:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79 (0x4f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915FDD9, serialNumber=967B97D9E311250D82942D27E4C5F90D98138058
Validity
Not Before: May 18 07:52:45 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=682991cd-3e82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:7a:a6:78:19:b8:b1:04:bc:91:a6:14:aa:36:
f0:94:d2:16:1b:f9:92:b8:76:83:47:df:52:30:34:
e7:0b:c5:6d:1f:6f:39:ea:6c:5d:1b:9a:2f:0b:62:
45:e7:76:99:93:6c:a9:5a:18:54:12:7a:40:16:07:
ff:fa:a7:77:b4:d3:0d:80:94:19:4b:fd:ce:bb:38:
7f:93:8d:8b:c5:da:61:38:d6:bb:30:78:d2:a6:b3:
28:f8:bc:92:c7:80:91:8d:76:06:9a:5f:8c:e7:8e:
83:c9:34:4c:92:d1:af:68:3d:14:a8:ed:61:da:37:
c0:a6:21:34:58:65:c8:03:b8:5f:fc:44:dc:18:27:
10:18:e4:f9:c6:9e:71:a2:f9:b0:56:01:4f:ba:3b:
b5:48:55:00:b6:40:29:2f:09:c5:8c:fe:43:ea:80:
ae:a4:a8:d8:7d:40:3c:42:3d:54:26:f0:cf:96:9f:
0b:6e:38:5a:9c:3b:04:2f:ac:51:77:3c:cd:2b:7c:
a4:23:d1:1f:9b:7e:a1:a4:22:42:f7:99:eb:32:7b:
43:aa:04:9b:fd:fe:e7:6d:ed:3d:a3:5f:b8:03:a6:
92:03:78:35:44:61:0b:f0:b1:a4:5d:ab:e2:cb:ac:
45:64:50:b2:88:da:42:88:dd:49:b8:02:c5:b4:35:
aa:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:67:BE:47:7F:BB:B9:CA:4F:9A:05:7A:EC:2B:C4:6B:BA:A7:D2:65
X509v3 Authority Key Identifier:
keyid:96:7B:97:D9:E3:11:25:0D:82:94:2D:27:E4:C5:F9:0D:98:13:80:58
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915FDD9/B622FA8AD6DE11EFB0474E1BC4F9AE02/lnuX2eMRJQ2ClC0n5MX5DZgTgFg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lnuX2eMRJQ2ClC0n5MX5DZgTgFg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915FDD9/B622FA8AD6DE11EFB0474E1BC4F9AE02/0A61C5AA33BD11F0A2B1CE73C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
161.248.218.0/23
Signature Algorithm: sha256WithRSAEncryption
6e:b7:8a:46:bc:a6:c7:a7:de:d9:4c:9f:25:b4:4c:95:ec:a3:
20:b4:f8:39:a7:eb:2a:92:a4:f9:22:f0:74:5a:03:2e:ea:51:
62:66:84:6c:16:21:c0:c0:cc:c3:f2:93:f1:e0:cd:79:c6:68:
8a:02:7b:8c:91:56:86:91:34:ab:bc:c0:cf:d3:f8:3d:d2:2e:
b3:6a:28:06:3c:fd:1a:16:7a:b5:ec:71:1c:f6:8a:0f:46:d0:
f4:90:41:f4:08:cc:99:61:87:02:79:41:5b:59:4b:c3:b9:f5:
95:3b:cf:8d:ce:ba:67:c6:56:4b:2b:e5:39:ff:4d:ae:cb:6c:
82:30:82:60:3d:20:27:7c:e7:bd:b2:37:4f:32:ac:59:10:a0:
13:7a:fd:19:5b:09:9f:b7:a7:77:84:30:7c:1d:10:81:50:0b:
27:0a:b6:bf:68:0e:eb:d9:99:06:a2:ae:3e:6f:e5:6a:eb:d5:
ad:84:14:d5:09:dd:55:4f:85:86:00:0c:a9:fc:c4:a0:21:68:
91:c6:5e:21:13:03:38:28:c8:8e:01:ce:4c:15:b7:31:56:0b:
04:a4:1e:20:ff:0d:c7:a0:a0:8b:97:19:d9:cb:e8:7e:5d:9e:
37:7c:03:dc:58:fe:5b:01:4b:a5:7f:f5:61:05:d8:77:e6:9e:
99:53:13:39
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBTzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE1
RkREOTExMC8GA1UEBRMoOTY3Qjk3RDlFMzExMjUwRDgyOTQyRDI3RTRDNUY5MEQ5
ODEzODA1ODAeFw0yNTA1MTgwNzUyNDVaFw0yNjAzMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY4Mjk5MWNkLTNlODIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCteqZ4GbixBLyRphSqNvCU0hYb+ZK4doNH31IwNOcLxW0fbznqbF0bmi8LYkXn
dpmTbKlaGFQSekAWB//6p3e00w2AlBlL/c67OH+TjYvF2mE41rsweNKmsyj4vJLH
gJGNdgaaX4znjoPJNEyS0a9oPRSo7WHaN8CmITRYZcgDuF/8RNwYJxAY5PnGnnGi
+bBWAU+6O7VIVQC2QCkvCcWM/kPqgK6kqNh9QDxCPVQm8M+WnwtuOFqcOwQvrFF3
PM0rfKQj0R+bfqGkIkL3mesye0OqBJv9/udt7T2jX7gDppIDeDVEYQvwsaRdq+LL
rEVkULKI2kKI3Um4AsW0Nar7AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUSme+R3+7
ucpPmgV67CvEa7qn0mUwHwYDVR0jBBgwFoAUlnuX2eMRJQ2ClC0n5MX5DZgTgFgw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTVGREQ5L0I2MjJGQThBRDZE
RTExRUZCMDQ3NEUxQkM0RjlBRTAyL2xudVgyZU1SSlEyQ2xDMG41TVg1RFpnVGdG
Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvbG51WDJlTVJKUTJDbEMwbjVNWDVEWmdUZ0ZnLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1
RkREOS9CNjIyRkE4QUQ2REUxMUVGQjA0NzRFMUJDNEY5QUUwMi8wQTYxQzVBQTMz
QkQxMUYwQTJCMUNFNzNDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAaH42jANBgkqhkiG9w0BAQsFAAOCAQEAbreKRrymx6fe2Uyf
JbRMleyjILT4OafrKpKk+SLwdFoDLupRYmaEbBYhwMDMw/KT8eDNecZoigJ7jJFW
hpE0q7zAz9P4PdIus2ooBjz9GhZ6texxHPaKD0bQ9JBB9AjMmWGHAnlBW1lLw7n1
lTvPjc66Z8ZWSyvlOf9NrstsgjCCYD0gJ3znvbI3TzKsWRCgE3r9GVsJn7end4Qw
fB0QgVALJwq2v2gO69mZBqKuPm/lauvVrYQU1QndVU+FhgAMqfzEoCFokcZeIRMD
OCjIjgHOTBW3MVYLBKQeIP8Nx6Cgi5cZ2cvofl2eN3wD3Fj+WwFLpX/1YQXYd+ae
mVMTOQ==
-----END CERTIFICATE-----
Generated at Fri Jun 20 11:07:03 2025 by rpki-client