Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9170304/9EF411301D8E11E2B18226ED08B02CD2/D1893F2435F111EBBFEA4039C4F9AE02.roa
File: D1893F2435F111EBBFEA4039C4F9AE02.roa (raw, json)
Hash identifier: OVx247aEwh4VgeSed/Z3w0bcMwYA0vvT8/9bPEK81Jg=
Subject key identifier: 53:B4:0D:5D:7B:1F:25:C3:9B:11:3A:41:0F:71:B9:E1:CF:5F:DF:DA
Certificate issuer: /CN=A9170304/serialNumber=AD270FDE99B1F1069DAB8EF7A576AA2C2AF2C6F0
Certificate serial: 3492
Authority key identifier: AD:27:0F:DE:99:B1:F1:06:9D:AB:8E:F7:A5:76:AA:2C:2A:F2:C6:F0
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/rScP3pmx8Qadq473pXaqLCryxvA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9170304/9EF411301D8E11E2B18226ED08B02CD2/D1893F2435F111EBBFEA4039C4F9AE02.roa
Signing time: Wed 16 Apr 2025 23:34:44 +0000
ROA not before: Wed 16 Apr 2025 23:34:44 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 37978
IP address blocks: 147.41.0.0/17 maxlen: 17
147.41.128.0/17 maxlen: 17
147.41.240.0/20 maxlen: 20
147.109.0.0/16 maxlen: 16
147.109.124.0/24 maxlen: 24
147.109.192.0/21 maxlen: 21
147.109.208.0/21 maxlen: 21
147.109.216.0/21 maxlen: 21
192.26.232.0/24 maxlen: 24
192.107.101.0/24 maxlen: 24
192.190.61.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 17 Apr 2025 00:01:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13458 (0x3492)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9170304, serialNumber=AD270FDE99B1F1069DAB8EF7A576AA2C2AF2C6F0
Validity
Not Before: Apr 16 23:34:44 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=68003e94-f470
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:47:be:20:7c:dd:77:fe:27:e4:88:e0:05:63:
41:89:85:dd:b4:a1:ac:b4:65:82:2f:3d:dd:64:a2:
d2:a1:44:82:28:5f:3f:e7:96:f4:f0:31:9b:d6:c5:
2a:95:93:1b:17:de:b3:5c:15:04:8c:eb:fc:1a:4e:
2c:19:22:36:38:af:2e:dc:fd:e8:ef:fe:85:e1:8e:
ad:31:c9:cb:49:89:92:0b:85:1e:6a:6e:fd:7c:45:
22:79:d5:ee:5b:89:ff:fb:37:59:78:49:9a:78:58:
e2:aa:7f:2c:34:68:95:fa:86:46:69:37:0c:6e:a4:
16:b0:46:a6:53:9d:27:8b:99:91:67:93:ed:2c:9f:
79:4c:1c:d3:61:0a:cb:33:29:9b:08:dd:02:b5:c3:
0f:60:0a:eb:4e:b3:80:e5:e0:0b:10:07:16:12:09:
d8:4d:88:82:e6:db:e5:5c:46:09:b5:f4:91:d1:0f:
dc:68:ed:66:0c:af:75:53:d8:17:65:e5:9f:68:5e:
b9:fc:a8:63:15:02:20:fb:86:25:45:1d:a7:d3:98:
74:ff:df:a3:9c:33:ed:ae:bc:00:8b:14:44:39:29:
9f:35:39:f8:f5:29:d3:21:0c:91:64:50:c3:c4:78:
78:98:ae:35:d0:42:8b:20:6f:cb:8b:87:c7:48:1b:
32:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:B4:0D:5D:7B:1F:25:C3:9B:11:3A:41:0F:71:B9:E1:CF:5F:DF:DA
X509v3 Authority Key Identifier:
keyid:AD:27:0F:DE:99:B1:F1:06:9D:AB:8E:F7:A5:76:AA:2C:2A:F2:C6:F0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9170304/9EF411301D8E11E2B18226ED08B02CD2/rScP3pmx8Qadq473pXaqLCryxvA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/rScP3pmx8Qadq473pXaqLCryxvA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9170304/9EF411301D8E11E2B18226ED08B02CD2/D1893F2435F111EBBFEA4039C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
147.41.0.0/16
147.109.0.0/16
192.26.232.0/24
192.107.101.0/24
192.190.61.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:03:52:eb:a5:e8:5f:76:b2:2c:55:c1:c7:3b:7a:04:40:b6:
32:89:78:b0:55:22:ca:2b:78:7b:0b:3c:57:3b:5f:ca:3a:89:
5b:26:87:41:b3:5a:4f:d0:23:c2:98:23:0a:d8:8e:66:95:a7:
ae:4d:01:6e:89:87:f2:b0:a9:bc:ba:35:73:95:0f:d0:48:28:
3f:93:41:cf:cb:d3:3e:82:de:5c:fa:02:86:9c:dc:ec:b1:1c:
b6:af:9a:90:9c:13:6a:e1:87:84:3d:b4:3c:b9:f3:8a:40:01:
c0:f4:2a:34:eb:08:1c:ce:cb:85:d9:b5:51:e2:c0:8e:e2:33:
9c:11:e6:3d:82:fc:5c:88:9b:fd:de:dc:87:e0:e5:d2:5c:6e:
e5:d1:31:71:66:c1:c8:91:50:52:a0:95:bb:b3:49:70:9c:fe:
d2:db:91:e3:dd:8b:a6:00:16:8f:99:49:99:f7:57:0e:99:ff:
f5:e0:7f:37:35:ee:f5:8d:48:11:4d:5b:8d:f0:6c:72:65:fd:
f8:87:fc:f8:10:4c:83:ab:33:ab:57:7a:c4:e0:48:32:d8:b5:
8d:22:0a:13:65:8c:df:77:21:32:80:4d:9a:6a:b0:6d:45:b1:
28:42:1d:e7:9b:47:e7:8a:bc:8c:6b:9a:e4:4f:c9:f6:0f:b2:
95:7d:db:f8
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgICNJIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzAzMDQxMTAvBgNVBAUTKEFEMjcwRkRFOTlCMUYxMDY5REFCOEVGN0E1NzZBQTJD
MkFGMkM2RjAwHhcNMjUwNDE2MjMzNDQ0WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02ODAwM2U5NC1mNDcwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzEe+IHzdd/4n5IjgBWNBiYXdtKGstGWCLz3dZKLSoUSCKF8/55b08DGb1sUq
lZMbF96zXBUEjOv8Gk4sGSI2OK8u3P3o7/6F4Y6tMcnLSYmSC4Ueam79fEUiedXu
W4n/+zdZeEmaeFjiqn8sNGiV+oZGaTcMbqQWsEamU50ni5mRZ5PtLJ95TBzTYQrL
MymbCN0CtcMPYArrTrOA5eALEAcWEgnYTYiC5tvlXEYJtfSR0Q/caO1mDK91U9gX
ZeWfaF65/KhjFQIg+4YlRR2n05h0/9+jnDPtrrwAixREOSmfNTn49SnTIQyRZFDD
xHh4mK410EKLIG/Li4fHSBsygQIDAQABo4ICqzCCAqcwHQYDVR0OBBYEFFO0DV17
HyXDmxE6QQ9xueHPX9/aMB8GA1UdIwQYMBaAFK0nD96ZsfEGnauO96V2qiwq8sbw
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MDMwNC85RUY0MTEzMDFE
OEUxMUUyQjE4MjI2RUQwOEIwMkNEMi9yU2NQM3BteDhRYWRxNDczcFhhcUxDcnl4
dkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL3JTY1AzcG14OFFhZHE0NzNwWGFxTENyeXh2QS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzAzMDQvOUVGNDExMzAxRDhFMTFFMkIxODIyNkVEMDhCMDJDRDIvRDE4OTNGMjQz
NUYxMTFFQkJGRUE0MDM5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNQYIKwYBBQUHAQcBAf8E
JjAkMCIEAgABMBwDAwCTKQMDAJNtAwQAwBroAwQAwGtlAwQAwL49MA0GCSqGSIb3
DQEBCwUAA4IBAQAuA1LrpehfdrIsVcHHO3oEQLYyiXiwVSLKK3h7CzxXO1/KOolb
JodBs1pP0CPCmCMK2I5mlaeuTQFuiYfysKm8ujVzlQ/QSCg/k0HPy9M+gt5c+gKG
nNzssRy2r5qQnBNq4YeEPbQ8ufOKQAHA9Co06wgczsuF2bVR4sCO4jOcEeY9gvxc
iJv93tyH4OXSXG7l0TFxZsHIkVBSoJW7s0lwnP7S25Hj3YumABaPmUmZ91cOmf/1
4H83Ne71jUgRTVuN8GxyZf34h/z4EEyDqzOrV3rE4Egy2LWNIgoTZYzfdyEygE2a
arBtRbEoQh3nm0fniryMa5rkT8n2D7KVfdv4
-----END CERTIFICATE-----
Generated at Sat Apr 26 13:11:24 2025 by rpki-client