Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91685E9/C112F55CD17611EF95C5DE5AC4F9AE02/8177F18AD18111EF8963264FC4F9AE02.roa
File: 8177F18AD18111EF8963264FC4F9AE02.roa (raw, json)
Hash identifier: ppxOtc0ww2+UpVmNFL9Em2zLE65ruvmhMo7FYnmw6oU=
Subject key identifier: 29:8A:B0:5E:4F:58:48:0F:7F:52:E8:60:B8:37:03:54:01:E3:1A:06
Certificate issuer: /CN=A91685E9/serialNumber=624B96E1D665ED78E78DFAF6C220191073DB66CC
Certificate serial: 04
Authority key identifier: 62:4B:96:E1:D6:65:ED:78:E7:8D:FA:F6:C2:20:19:10:73:DB:66:CC
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YkuW4dZl7Xjnjfr2wiAZEHPbZsw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91685E9/C112F55CD17611EF95C5DE5AC4F9AE02/8177F18AD18111EF8963264FC4F9AE02.roa
Signing time: Mon 13 Jan 2025 07:39:23 +0000
ROA not before: Mon 13 Jan 2025 07:39:23 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 152565
IP address blocks: 161.248.162.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 13 Jan 2025 10:52:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4 (0x4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91685E9, serialNumber=624B96E1D665ED78E78DFAF6C220191073DB66CC
Validity
Not Before: Jan 13 07:39:23 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=6784c32a-aea6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:ab:3a:12:90:ac:28:33:68:48:c4:10:5a:ae:
1c:1a:91:3d:66:4c:6f:92:1d:0c:7f:da:fa:69:f1:
bb:c6:f7:64:d9:ea:65:67:b9:b8:b4:80:8c:5d:e7:
98:36:c5:41:79:5b:dc:50:68:aa:8b:32:cb:f7:40:
bf:f1:fc:12:dd:12:20:52:0f:7b:4e:06:db:0e:7e:
52:3f:7f:75:fa:92:d8:d3:7e:6f:fb:a6:6e:a9:d8:
f9:32:19:b3:b4:0d:dc:59:30:8d:d3:18:cb:0c:8e:
64:87:7e:ad:8e:4e:01:ea:7b:57:15:4b:25:d3:7d:
63:44:40:e1:12:e1:34:5e:e3:0f:c4:88:2c:c9:fc:
1a:1b:87:70:31:e1:b5:21:84:8f:90:82:74:70:37:
8c:61:32:7f:46:44:48:50:06:8b:1c:c1:92:ff:93:
d1:f1:b7:65:9a:5b:29:8a:3a:d1:4d:4e:f9:d4:df:
69:3e:e7:ec:82:e0:dc:05:2f:4f:ba:6b:48:0f:20:
a2:8d:90:50:fd:22:24:0d:67:14:12:b4:f2:e4:16:
ac:d6:b7:ec:62:bb:c1:fb:a7:85:18:fc:f4:80:7e:
22:85:8c:e1:b6:83:52:bd:45:d4:5d:8a:27:82:b5:
8c:7e:8a:8d:7a:0e:f9:65:23:36:80:a1:7e:12:25:
e5:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:8A:B0:5E:4F:58:48:0F:7F:52:E8:60:B8:37:03:54:01:E3:1A:06
X509v3 Authority Key Identifier:
keyid:62:4B:96:E1:D6:65:ED:78:E7:8D:FA:F6:C2:20:19:10:73:DB:66:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91685E9/C112F55CD17611EF95C5DE5AC4F9AE02/YkuW4dZl7Xjnjfr2wiAZEHPbZsw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YkuW4dZl7Xjnjfr2wiAZEHPbZsw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91685E9/C112F55CD17611EF95C5DE5AC4F9AE02/8177F18AD18111EF8963264FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
161.248.162.0/24
Signature Algorithm: sha256WithRSAEncryption
18:a2:4e:10:b0:d6:58:58:78:67:70:f8:6f:66:28:ca:9b:50:
74:13:b9:12:de:d3:61:9d:9b:83:95:5e:d5:0a:92:23:50:d4:
e7:cb:7a:69:16:4e:66:8a:7f:32:27:02:48:65:ac:8d:34:31:
a2:0f:32:e9:9e:bf:d0:06:99:86:38:8c:0f:ca:6a:ba:f9:64:
45:34:6d:e3:2b:b8:94:1b:16:88:a8:e1:cc:4a:8b:0d:8a:bd:
7d:82:40:bf:c8:9f:89:32:db:cc:ea:ce:3f:97:ed:5a:31:8c:
ec:36:ac:5c:ce:1b:ab:8e:12:fd:e5:4f:e0:3c:06:2a:8c:92:
01:6d:9f:f1:f3:4f:36:f4:f5:61:b8:79:93:f4:1e:fd:b9:c8:
ee:92:f4:62:68:00:5d:60:01:6b:fc:d8:ef:1f:83:3d:72:cf:
c4:8b:2a:ba:53:bc:91:c4:b3:ea:00:5d:2a:78:12:7e:a2:f4:
3d:12:a9:78:4a:db:c4:f6:99:18:a8:46:30:6f:e1:db:aa:1b:
34:ea:b4:41:92:05:15:83:74:14:50:9e:cf:c8:e8:59:7c:65:
7e:16:ec:13:37:38:e4:75:6e:7b:7b:6b:7d:24:3d:c2:ba:f1:
95:76:02:aa:94:7b:23:04:28:3a:5e:cb:32:b6:7e:00:0b:5d:
37:d0:64:34
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBBDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE2
ODVFOTExMC8GA1UEBRMoNjI0Qjk2RTFENjY1RUQ3OEU3OERGQUY2QzIyMDE5MTA3
M0RCNjZDQzAeFw0yNTAxMTMwNzM5MjNaFw0yNjA1MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3ODRjMzJhLWFlYTYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCVqzoSkKwoM2hIxBBarhwakT1mTG+SHQx/2vpp8bvG92TZ6mVnubi0gIxd55g2
xUF5W9xQaKqLMsv3QL/x/BLdEiBSD3tOBtsOflI/f3X6ktjTfm/7pm6p2PkyGbO0
DdxZMI3TGMsMjmSHfq2OTgHqe1cVSyXTfWNEQOES4TRe4w/EiCzJ/Bobh3Ax4bUh
hI+QgnRwN4xhMn9GREhQBoscwZL/k9Hxt2WaWymKOtFNTvnU32k+5+yC4NwFL0+6
a0gPIKKNkFD9IiQNZxQStPLkFqzWt+xiu8H7p4UY/PSAfiKFjOG2g1K9RdRdiieC
tYx+io16DvllIzaAoX4SJeVZAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUKYqwXk9Y
SA9/UuhguDcDVAHjGgYwHwYDVR0jBBgwFoAUYkuW4dZl7Xjnjfr2wiAZEHPbZsww
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTY4NUU5L0MxMTJGNTVDRDE3
NjExRUY5NUM1REU1QUM0RjlBRTAyL1lrdVc0ZFpsN1hqbmpmcjJ3aUFaRUhQYlpz
dy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvWWt1VzRkWmw3WGpuamZyMndpQVpFSFBiWnN3LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2
ODVFOS9DMTEyRjU1Q0QxNzYxMUVGOTVDNURFNUFDNEY5QUUwMi84MTc3RjE4QUQx
ODExMUVGODk2MzI2NEZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAKH4ojANBgkqhkiG9w0BAQsFAAOCAQEAGKJOELDWWFh4Z3D4
b2YoyptQdBO5Et7TYZ2bg5Ve1QqSI1DU58t6aRZOZop/MicCSGWsjTQxog8y6Z6/
0AaZhjiMD8pquvlkRTRt4yu4lBsWiKjhzEqLDYq9fYJAv8ifiTLbzOrOP5ftWjGM
7DasXM4bq44S/eVP4DwGKoySAW2f8fNPNvT1Ybh5k/Qe/bnI7pL0YmgAXWABa/zY
7x+DPXLPxIsqulO8kcSz6gBdKngSfqL0PRKpeErbxPaZGKhGMG/h26obNOq0QZIF
FYN0FFCez8joWXxlfhbsEzc45HVue3trfSQ9wrrxlXYCqpR7IwQoOl7LMrZ+AAtd
N9BkNA==
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:50:55 2025 by rpki-client