Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916BF2B/459E666EB78A11EFB874276EC4F9AE02/89F69FFABBBF11EF87907310C4F9AE02.roa
File: 89F69FFABBBF11EF87907310C4F9AE02.roa (raw, json)
Hash identifier: flmzsMP/g4lBB8WHrWZ1NlwRbOTXC45u0P8d+4p/tmc=
Subject key identifier: FA:CD:78:94:57:B3:C6:87:DE:29:1E:9E:D8:59:54:BC:86:1C:CD:7C
Certificate issuer: /CN=A916BF2B/serialNumber=FCC4A657DD530D953A2D6F3F15932FFE01F291D6
Certificate serial: 09
Authority key identifier: FC:C4:A6:57:DD:53:0D:95:3A:2D:6F:3F:15:93:2F:FE:01:F2:91:D6
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/_MSmV91TDZU6LW8_FZMv_gHykdY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916BF2B/459E666EB78A11EFB874276EC4F9AE02/89F69FFABBBF11EF87907310C4F9AE02.roa
Signing time: Mon 16 Dec 2024 15:13:21 +0000
ROA not before: Mon 16 Dec 2024 15:13:21 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 140068
IP address blocks: 160.250.192.0/24 maxlen: 24
160.250.193.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 17 Dec 2024 15:48:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9 (0x9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916BF2B, serialNumber=FCC4A657DD530D953A2D6F3F15932FFE01F291D6
Validity
Not Before: Dec 16 15:13:21 2024 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=67604391-e572
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:41:b3:ff:4b:e5:f5:ee:d2:a9:bf:e4:f3:5e:
17:0b:94:f2:76:73:c1:d3:b0:11:e9:b4:13:3f:75:
67:8f:58:6d:c6:83:4d:a4:5a:36:cd:a6:88:7a:e5:
87:2f:4b:1b:bf:55:80:20:52:56:85:e3:4c:47:d6:
a9:c7:dc:36:7c:d9:66:be:ba:3e:3a:e6:f3:46:21:
55:11:74:59:09:4c:c6:c8:e5:0f:56:b1:fb:db:f7:
62:96:1c:13:32:8d:76:de:42:3e:f0:5c:44:66:ef:
bc:83:b7:07:eb:17:ce:de:a4:31:8f:50:d7:cb:7c:
43:04:9c:59:0b:89:6e:31:d8:59:a6:f5:16:99:cd:
1d:bc:73:e6:00:db:9e:e0:bd:50:cc:61:dd:b7:e8:
b2:69:62:20:41:b3:0e:0a:37:70:11:b8:fb:58:1b:
fb:6a:54:ad:86:bf:8f:a3:32:9d:26:80:dd:6d:ba:
19:f4:71:eb:02:ef:e7:78:85:9c:c1:35:16:3a:09:
ed:fa:7f:4a:ab:8b:d3:9d:62:65:91:5a:cc:9f:7e:
f9:a0:a4:ba:71:c0:7c:8f:7c:1e:f9:7d:bf:24:b2:
a2:36:66:0f:4a:03:15:c1:e0:52:a0:87:4f:bb:d4:
94:61:2b:ae:70:e2:5f:ab:56:0e:53:f3:39:9f:72:
08:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:CD:78:94:57:B3:C6:87:DE:29:1E:9E:D8:59:54:BC:86:1C:CD:7C
X509v3 Authority Key Identifier:
keyid:FC:C4:A6:57:DD:53:0D:95:3A:2D:6F:3F:15:93:2F:FE:01:F2:91:D6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916BF2B/459E666EB78A11EFB874276EC4F9AE02/_MSmV91TDZU6LW8_FZMv_gHykdY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/_MSmV91TDZU6LW8_FZMv_gHykdY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916BF2B/459E666EB78A11EFB874276EC4F9AE02/89F69FFABBBF11EF87907310C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
160.250.192.0/23
Signature Algorithm: sha256WithRSAEncryption
a5:d2:bf:83:e4:df:d2:7b:5a:f2:a9:3d:ea:6c:57:87:6e:26:
5a:e1:e4:43:6d:44:44:91:bd:33:50:6b:88:8b:53:4d:1b:81:
d4:98:da:c3:90:47:9a:95:62:eb:b2:cf:14:fc:96:ce:38:87:
16:d0:b0:89:99:40:fa:42:25:80:99:51:a1:c7:0c:a5:2b:ac:
c3:4a:10:f7:af:cc:55:16:64:b7:7d:f1:70:91:f5:4c:13:28:
7d:27:ff:3a:d5:e8:f6:5b:96:bc:e1:6c:a2:b9:01:a1:c6:1b:
37:1b:e6:cc:f2:fc:ea:fe:f7:21:94:27:11:4d:c6:ea:8e:d5:
66:1e:43:bd:43:a0:05:16:6a:a1:86:81:7e:62:51:d3:3e:67:
38:66:4e:39:16:f5:fa:3c:3a:8d:9d:f5:d3:50:de:7e:37:25:
1b:3a:03:65:1d:f0:39:30:66:bb:d4:c7:12:39:84:c2:71:d9:
6c:72:db:a4:24:0b:d7:d9:af:87:d1:22:80:23:22:3f:c5:33:
3a:c9:bf:86:40:a5:5e:a3:04:54:ab:f4:f8:3d:34:77:b4:83:
2b:a5:27:22:4a:3c:81:cb:f4:b3:fb:17:a9:d6:48:70:fd:9d:
7a:11:fe:7d:db:74:6b:b6:8b:ad:3c:dd:36:05:74:1f:1b:9b:
99:b6:cb:62
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBCTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE2
QkYyQjExMC8GA1UEBRMoRkNDNEE2NTdERDUzMEQ5NTNBMkQ2RjNGMTU5MzJGRkUw
MUYyOTFENjAeFw0yNDEyMTYxNTEzMjFaFw0yNjAzMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3NjA0MzkxLWU1NzIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCgQbP/S+X17tKpv+TzXhcLlPJ2c8HTsBHptBM/dWePWG3Gg02kWjbNpoh65Ycv
Sxu/VYAgUlaF40xH1qnH3DZ82Wa+uj465vNGIVURdFkJTMbI5Q9Wsfvb92KWHBMy
jXbeQj7wXERm77yDtwfrF87epDGPUNfLfEMEnFkLiW4x2Fmm9RaZzR28c+YA257g
vVDMYd236LJpYiBBsw4KN3ARuPtYG/tqVK2Gv4+jMp0mgN1tuhn0cesC7+d4hZzB
NRY6Ce36f0qri9OdYmWRWsyffvmgpLpxwHyPfB75fb8ksqI2Zg9KAxXB4FKgh0+7
1JRhK65w4l+rVg5T8zmfcgjTAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQU+s14lFez
xofeKR6e2FlUvIYczXwwHwYDVR0jBBgwFoAU/MSmV91TDZU6LW8/FZMv/gHykdYw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTZCRjJCLzQ1OUU2NjZFQjc4
QTExRUZCODc0Mjc2RUM0RjlBRTAyL19NU21WOTFURFpVNkxXOF9GWk12X2dIeWtk
WS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvX01TbVY5MVREWlU2TFc4X0ZaTXZfZ0h5a2RZLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2
QkYyQi80NTlFNjY2RUI3OEExMUVGQjg3NDI3NkVDNEY5QUUwMi84OUY2OUZGQUJC
QkYxMUVGODc5MDczMTBDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAaD6wDANBgkqhkiG9w0BAQsFAAOCAQEApdK/g+Tf0nta8qk9
6mxXh24mWuHkQ21ERJG9M1BriItTTRuB1Jjaw5BHmpVi67LPFPyWzjiHFtCwiZlA
+kIlgJlRoccMpSusw0oQ96/MVRZkt33xcJH1TBMofSf/OtXo9luWvOFsorkBocYb
NxvmzPL86v73IZQnEU3G6o7VZh5DvUOgBRZqoYaBfmJR0z5nOGZOORb1+jw6jZ31
01DefjclGzoDZR3wOTBmu9THEjmEwnHZbHLbpCQL19mvh9EigCMiP8UzOsm/hkCl
XqMEVKv0+D00d7SDK6UnIko8gcv0s/sXqdZIcP2dehH+fdt0a7aLrTzdNgV0Hxub
mbbLYg==
-----END CERTIFICATE-----
Generated at Sat Apr 26 14:08:16 2025 by rpki-client