Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916B18B/628DE502DF2311E797225D2EC4F9AE02/5D4FB6AAE42111EF9CACF348C4F9AE02.roa
File: 5D4FB6AAE42111EF9CACF348C4F9AE02.roa (raw, json)
Hash identifier: KoQnXeCu013YlvtsyxZtOnKgXpByfkWxx1t7BejU9Ps=
Subject key identifier: 43:54:67:B5:ED:28:C7:72:F5:E8:F4:70:1E:47:86:35:DD:7D:B0:76
Certificate issuer: /CN=A916B18B/serialNumber=FDE36B6E949398E52D95E89D40BDF60B25DB69B9
Certificate serial: 17DA
Authority key identifier: FD:E3:6B:6E:94:93:98:E5:2D:95:E8:9D:40:BD:F6:0B:25:DB:69:B9
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_eNrbpSTmOUtleidQL32CyXbabk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916B18B/628DE502DF2311E797225D2EC4F9AE02/5D4FB6AAE42111EF9CACF348C4F9AE02.roa
Signing time: Thu 06 Feb 2025 00:29:02 +0000
ROA not before: Thu 06 Feb 2025 00:29:02 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 152332
IP address blocks: 27.49.148.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 06 Feb 2025 05:17:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6106 (0x17da)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916B18B, serialNumber=FDE36B6E949398E52D95E89D40BDF60B25DB69B9
Validity
Not Before: Feb 6 00:29:02 2025 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=67a4024e-c492
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:11:46:fa:19:6f:4a:82:6a:d8:92:83:4c:63:
0e:aa:7d:48:19:57:b5:e2:f7:15:91:04:48:58:d9:
d0:0d:78:78:48:b3:58:b8:fe:00:1b:64:a7:31:69:
a3:7c:22:22:d0:ac:5a:5a:5c:5b:aa:4f:5d:68:85:
77:16:a7:e4:36:34:f8:76:5f:09:37:43:a1:d1:94:
7d:e8:60:3a:77:27:26:91:b7:fd:c1:96:0f:cf:d2:
31:88:12:b0:5a:df:4d:bf:73:88:a4:9a:36:81:4b:
d4:53:7a:9f:be:c9:1b:1f:43:63:92:f1:78:c9:bc:
57:1c:fb:a4:49:50:03:a8:7e:81:63:32:44:23:80:
11:b0:e6:18:48:44:46:d8:35:75:ba:9b:42:43:0c:
ce:91:79:9c:3e:f0:fc:5d:b5:5d:73:9b:4f:f5:a4:
8c:42:26:10:c4:ff:35:4c:ea:66:b0:62:1d:dc:c0:
ac:20:40:8d:41:e6:9a:1e:4d:f0:d5:28:54:93:36:
4e:9f:2f:c0:eb:29:74:ff:b1:17:99:1a:64:5c:08:
bc:0d:d1:3b:e1:1f:89:f3:16:41:67:71:da:69:70:
f6:a1:73:6d:35:73:ce:84:da:d0:4b:a1:fb:9b:75:
99:5f:63:a5:41:31:b4:6e:86:a2:89:e6:57:45:a6:
99:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:54:67:B5:ED:28:C7:72:F5:E8:F4:70:1E:47:86:35:DD:7D:B0:76
X509v3 Authority Key Identifier:
keyid:FD:E3:6B:6E:94:93:98:E5:2D:95:E8:9D:40:BD:F6:0B:25:DB:69:B9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916B18B/628DE502DF2311E797225D2EC4F9AE02/_eNrbpSTmOUtleidQL32CyXbabk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_eNrbpSTmOUtleidQL32CyXbabk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916B18B/628DE502DF2311E797225D2EC4F9AE02/5D4FB6AAE42111EF9CACF348C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
27.49.148.0/22
Signature Algorithm: sha256WithRSAEncryption
a0:fc:3c:7f:b4:48:77:3b:f8:49:05:5a:40:de:80:24:5d:dc:
c1:5c:c6:f7:2d:27:23:95:ef:8b:42:15:f9:0a:70:91:14:1e:
bd:f3:56:83:01:ca:b8:1c:aa:74:37:ff:fe:c6:53:3d:c5:90:
ce:e6:d5:f4:17:a1:5c:eb:89:a5:ca:63:86:26:4a:51:7c:f0:
c8:c3:5b:83:69:c5:45:5b:b5:2b:e8:04:2c:5d:64:f1:68:c8:
00:03:32:80:21:74:f1:49:09:b5:1f:22:c6:64:b8:f3:17:a3:
7c:4e:51:4a:11:59:7f:0b:05:7b:87:0c:86:a3:8b:c4:42:65:
44:82:65:93:f4:31:80:45:95:1b:aa:96:dd:57:55:75:c4:52:
49:3f:42:ab:51:a6:38:ab:a1:6a:82:c3:32:35:db:ee:b0:ed:
af:6a:ff:94:a0:a7:ca:c1:d5:c1:c7:3e:8e:de:c8:4a:b0:ef:
e8:2f:5f:78:1c:93:b8:2a:c4:63:fa:07:7b:e1:f8:81:6d:27:
7b:62:53:40:73:11:2c:cb:37:e8:bc:3d:a1:96:a9:c6:96:4d:
28:30:dd:e9:35:44:cd:95:8c:a0:6b:ba:02:e5:31:44:4f:79:
9f:e2:2d:32:70:d4:50:d7:3d:53:b9:d5:0d:83:1f:d3:2c:be:
45:34:30:7a
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICF9owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkIxOEIxMTAvBgNVBAUTKEZERTM2QjZFOTQ5Mzk4RTUyRDk1RTg5RDQwQkRGNjBC
MjVEQjY5QjkwHhcNMjUwMjA2MDAyOTAyWhcNMjYwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2E0MDI0ZS1jNDkyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnBFG+hlvSoJq2JKDTGMOqn1IGVe14vcVkQRIWNnQDXh4SLNYuP4AG2SnMWmj
fCIi0KxaWlxbqk9daIV3FqfkNjT4dl8JN0Oh0ZR96GA6dycmkbf9wZYPz9IxiBKw
Wt9Nv3OIpJo2gUvUU3qfvskbH0NjkvF4ybxXHPukSVADqH6BYzJEI4ARsOYYSERG
2DV1uptCQwzOkXmcPvD8XbVdc5tP9aSMQiYQxP81TOpmsGId3MCsIECNQeaaHk3w
1ShUkzZOny/A6yl0/7EXmRpkXAi8DdE74R+J8xZBZ3HaaXD2oXNtNXPOhNrQS6H7
m3WZX2OlQTG0boaiieZXRaaZ/QIDAQABo4IClTCCApEwHQYDVR0OBBYEFENUZ7Xt
KMdy9ej0cB5HhjXdfbB2MB8GA1UdIwQYMBaAFP3ja26Uk5jlLZXonUC99gsl22m5
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2QjE4Qi82MjhERTUwMkRG
MjMxMUU3OTcyMjVEMkVDNEY5QUUwMi9fZU5yYnBTVG1PVXRsZWlkUUwzMkN5WGJh
YmsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL19lTnJicFNUbU9VdGxlaWRRTDMyQ3lYYmFiay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkIxOEIvNjI4REU1MDJERjIzMTFFNzk3MjI1RDJFQzRGOUFFMDIvNUQ0RkI2QUFF
NDIxMTFFRjlDQUNGMzQ4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAIbMZQwDQYJKoZIhvcNAQELBQADggEBAKD8PH+0SHc7+EkF
WkDegCRd3MFcxvctJyOV74tCFfkKcJEUHr3zVoMByrgcqnQ3//7GUz3FkM7m1fQX
oVzriaXKY4YmSlF88MjDW4NpxUVbtSvoBCxdZPFoyAADMoAhdPFJCbUfIsZkuPMX
o3xOUUoRWX8LBXuHDIaji8RCZUSCZZP0MYBFlRuqlt1XVXXEUkk/QqtRpjiroWqC
wzI12+6w7a9q/5Sgp8rB1cHHPo7eyEqw7+gvX3gck7gqxGP6B3vh+IFtJ3tiU0Bz
ESzLN+i8PaGWqcaWTSgw3ek1RM2VjKBrugLlMURPeZ/iLTJw1FDXPVO51Q2DH9Ms
vkU0MHo=
-----END CERTIFICATE-----
Generated at Sat Apr 26 13:03:13 2025 by rpki-client