Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91685E9/C112F55CD17611EF95C5DE5AC4F9AE02/A8FB991ED17711EF84217B5EC4F9AE02.roa
File: A8FB991ED17711EF84217B5EC4F9AE02.roa (raw, json)
Hash identifier: miy3arsbtgNzSPHUsV+NwnIDBu2K3W4MlTTaoHICUP4=
Subject key identifier: 4D:33:09:BB:DC:58:DE:57:53:B2:7D:E9:21:A1:90:C5:A7:1D:18:DA
Certificate issuer: /CN=A91685E9/serialNumber=624B96E1D665ED78E78DFAF6C220191073DB66CC
Certificate serial: 0D
Authority key identifier: 62:4B:96:E1:D6:65:ED:78:E7:8D:FA:F6:C2:20:19:10:73:DB:66:CC
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YkuW4dZl7Xjnjfr2wiAZEHPbZsw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91685E9/C112F55CD17611EF95C5DE5AC4F9AE02/A8FB991ED17711EF84217B5EC4F9AE02.roa
Signing time: Mon 13 Jan 2025 12:49:44 +0000
ROA not before: Mon 13 Jan 2025 12:49:44 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 153522
IP address blocks: 161.248.162.0/24 maxlen: 24
161.248.163.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 14 Jan 2025 09:50:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13 (0xd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91685E9, serialNumber=624B96E1D665ED78E78DFAF6C220191073DB66CC
Validity
Not Before: Jan 13 12:49:44 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67850be8-78f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:2f:7e:22:77:7f:f5:2d:e6:c0:a7:3e:11:53:
c8:02:07:9c:da:35:87:24:2a:c6:bc:0a:c2:23:c7:
a5:c2:e1:ea:a1:08:21:84:c0:14:e9:17:8d:87:a3:
89:84:31:22:68:a4:05:13:89:47:82:e8:e7:7b:9e:
49:c5:3d:9e:d1:83:ad:c7:36:fe:96:23:84:b6:67:
b9:3a:16:03:ac:3e:60:be:10:a2:02:df:92:6d:d5:
81:48:93:70:4b:74:2b:13:8b:f3:0e:37:68:d4:7f:
f7:12:00:7e:53:07:66:53:26:f2:57:f1:35:04:05:
80:d5:7a:08:24:09:cc:9c:c3:d1:ce:85:59:96:2b:
40:bc:64:54:89:18:27:f9:ac:a1:3e:ab:95:9f:e4:
11:d7:02:b5:8e:79:ee:bb:0d:18:bd:71:a9:73:30:
b0:ec:06:9c:bd:09:af:74:b8:21:58:39:c2:48:9a:
b5:43:a9:be:cb:28:c7:67:2e:e2:07:a5:18:d9:0f:
3a:56:c6:24:00:77:28:73:22:7e:65:ff:77:0c:69:
4d:17:71:a7:0b:55:cb:97:57:a2:c4:9b:32:fd:df:
64:c8:7e:a3:a8:7b:98:21:85:26:b1:45:0e:68:b7:
30:5b:c5:5f:58:75:5c:3e:87:2e:a8:93:78:c1:31:
2f:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:33:09:BB:DC:58:DE:57:53:B2:7D:E9:21:A1:90:C5:A7:1D:18:DA
X509v3 Authority Key Identifier:
keyid:62:4B:96:E1:D6:65:ED:78:E7:8D:FA:F6:C2:20:19:10:73:DB:66:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91685E9/C112F55CD17611EF95C5DE5AC4F9AE02/YkuW4dZl7Xjnjfr2wiAZEHPbZsw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YkuW4dZl7Xjnjfr2wiAZEHPbZsw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91685E9/C112F55CD17611EF95C5DE5AC4F9AE02/A8FB991ED17711EF84217B5EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
161.248.162.0/23
Signature Algorithm: sha256WithRSAEncryption
7e:fd:ef:b3:da:3d:84:93:74:7d:99:65:83:5d:af:eb:53:12:
e7:e3:8e:87:bd:94:c4:91:89:c1:12:d9:7f:57:b5:94:89:1e:
0c:11:7f:59:75:f4:22:3c:53:d5:64:23:b8:76:84:02:cb:58:
e8:63:68:f3:ce:3a:2b:67:5c:1c:11:f9:d0:76:ed:41:72:57:
fc:c5:30:1a:8c:5f:f0:81:9e:60:70:18:0c:ec:09:fa:b3:d3:
ca:f3:0c:69:d0:70:09:7b:4e:61:9d:2a:47:ff:c0:bb:04:84:
21:de:5d:c0:19:88:d1:ae:d4:43:35:5b:c3:3c:bb:56:4c:00:
e5:76:4f:65:06:a3:59:a5:f2:52:c0:51:e5:c2:b1:eb:dc:58:
ec:22:2e:dc:33:31:00:4c:cf:e2:0b:34:cc:6d:fd:67:4b:c3:
94:2e:2e:44:32:ae:26:82:af:80:70:5f:2c:18:74:ff:3a:b8:
00:f9:6c:e7:04:80:c8:b9:b3:f9:6b:9a:66:38:e8:4d:76:19:
fa:9e:86:65:8f:0c:2e:bb:43:92:e2:03:a0:42:a2:af:26:a1:
06:1d:01:e1:53:53:df:99:09:be:cf:c4:d7:2b:c7:55:4c:64:
0d:60:23:8d:8a:52:55:8c:a2:0e:92:b4:53:6a:d6:f1:38:dc:
25:53:15:08
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBDTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE2
ODVFOTExMC8GA1UEBRMoNjI0Qjk2RTFENjY1RUQ3OEU3OERGQUY2QzIyMDE5MTA3
M0RCNjZDQzAeFw0yNTAxMTMxMjQ5NDRaFw0yNjA1MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3ODUwYmU4LTc4ZjkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDgL34id3/1LebApz4RU8gCB5zaNYckKsa8CsIjx6XC4eqhCCGEwBTpF42Ho4mE
MSJopAUTiUeC6Od7nknFPZ7Rg63HNv6WI4S2Z7k6FgOsPmC+EKIC35Jt1YFIk3BL
dCsTi/MON2jUf/cSAH5TB2ZTJvJX8TUEBYDVeggkCcycw9HOhVmWK0C8ZFSJGCf5
rKE+q5Wf5BHXArWOee67DRi9calzMLDsBpy9Ca90uCFYOcJImrVDqb7LKMdnLuIH
pRjZDzpWxiQAdyhzIn5l/3cMaU0XcacLVcuXV6LEmzL932TIfqOoe5ghhSaxRQ5o
tzBbxV9YdVw+hy6ok3jBMS+tAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUTTMJu9xY
3ldTsn3pIaGQxacdGNowHwYDVR0jBBgwFoAUYkuW4dZl7Xjnjfr2wiAZEHPbZsww
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTY4NUU5L0MxMTJGNTVDRDE3
NjExRUY5NUM1REU1QUM0RjlBRTAyL1lrdVc0ZFpsN1hqbmpmcjJ3aUFaRUhQYlpz
dy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvWWt1VzRkWmw3WGpuamZyMndpQVpFSFBiWnN3LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2
ODVFOS9DMTEyRjU1Q0QxNzYxMUVGOTVDNURFNUFDNEY5QUUwMi9BOEZCOTkxRUQx
NzcxMUVGODQyMTdCNUVDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAaH4ojANBgkqhkiG9w0BAQsFAAOCAQEAfv3vs9o9hJN0fZll
g12v61MS5+OOh72UxJGJwRLZf1e1lIkeDBF/WXX0IjxT1WQjuHaEAstY6GNo8846
K2dcHBH50HbtQXJX/MUwGoxf8IGeYHAYDOwJ+rPTyvMMadBwCXtOYZ0qR//AuwSE
Id5dwBmI0a7UQzVbwzy7VkwA5XZPZQajWaXyUsBR5cKx69xY7CIu3DMxAEzP4gs0
zG39Z0vDlC4uRDKuJoKvgHBfLBh0/zq4APls5wSAyLmz+WuaZjjoTXYZ+p6GZY8M
LrtDkuIDoEKiryahBh0B4VNT35kJvs/E1yvHVUxkDWAjjYpSVYyiDpK0U2rW8Tjc
JVMVCA==
-----END CERTIFICATE-----
Generated at Sat Apr 26 20:21:16 2025 by rpki-client