Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917E1FA/9A873EB045A311F095EFFD48C4F9AE02/3D2BE20645A411F0A0860C4AC4F9AE02.roa
File: 3D2BE20645A411F0A0860C4AC4F9AE02.roa (raw, json)
Hash identifier: 2UXoZ2p14mAsN+q7+5nI1v9d2Bblr8A3LhWdQ+Ax9xc=
Subject key identifier: 49:63:90:BD:70:05:17:CE:4D:4E:43:67:4F:BB:D2:E9:C9:84:AA:59
Certificate issuer: /CN=A917E1FA/serialNumber=F15C5C5BA521453707C81F5FEC0811BF21CFF40E
Certificate serial: 02
Authority key identifier: F1:5C:5C:5B:A5:21:45:37:07:C8:1F:5F:EC:08:11:BF:21:CF:F4:0E
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/8VxcW6UhRTcHyB9f7AgRvyHP9A4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917E1FA/9A873EB045A311F095EFFD48C4F9AE02/3D2BE20645A411F0A0860C4AC4F9AE02.roa
Signing time: Tue 10 Jun 2025 02:40:16 +0000
ROA not before: Tue 10 Jun 2025 02:40:16 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 137474
IP address blocks: 160.250.212.0/23 maxlen: 24
Validation: Failed, certificate revoked on Thu 12 Jun 2025 00:33:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917E1FA, serialNumber=F15C5C5BA521453707C81F5FEC0811BF21CFF40E
Validity
Not Before: Jun 10 02:40:16 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=68479b0f-09e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:97:5e:21:9d:de:f7:25:7c:08:bb:14:a1:28:
04:fe:b4:8d:de:be:7e:e4:4c:57:5e:65:8d:8b:9d:
98:66:c2:24:33:ad:40:77:9e:a4:53:b8:fd:1b:51:
45:d9:db:03:28:5f:6b:6c:02:78:53:d5:b6:f6:07:
64:c0:ba:80:4e:e4:a4:65:af:c4:c5:58:b8:75:13:
a6:81:03:e1:18:16:21:27:02:92:6c:62:da:1f:09:
12:a5:e6:1e:73:cb:44:e0:9b:84:93:33:86:cb:7f:
ac:5c:29:4e:50:89:02:c7:9e:48:b5:db:5f:c8:03:
b1:d6:d4:4f:1b:10:68:13:d1:5e:2c:1a:39:98:e1:
2a:11:e5:f1:7a:b6:4a:d7:91:e1:8c:4d:7d:a7:28:
1d:f3:62:dd:42:b7:e6:23:5e:a5:45:a2:4a:5b:f8:
9a:a8:80:26:46:e9:70:28:71:f5:48:9a:e0:5a:03:
0f:6d:e5:e2:41:02:d1:7b:73:63:29:76:51:aa:0e:
b4:b4:f5:21:86:80:6d:6d:48:a4:b2:ce:f2:a4:d7:
ca:d7:db:32:6d:10:b1:8f:23:5c:83:1c:ac:36:99:
da:5e:51:b5:ff:f4:6a:06:39:c9:32:69:ee:9e:fd:
d6:62:95:6e:65:e8:05:32:69:82:81:4a:b1:a8:47:
56:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:63:90:BD:70:05:17:CE:4D:4E:43:67:4F:BB:D2:E9:C9:84:AA:59
X509v3 Authority Key Identifier:
keyid:F1:5C:5C:5B:A5:21:45:37:07:C8:1F:5F:EC:08:11:BF:21:CF:F4:0E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917E1FA/9A873EB045A311F095EFFD48C4F9AE02/8VxcW6UhRTcHyB9f7AgRvyHP9A4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/8VxcW6UhRTcHyB9f7AgRvyHP9A4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917E1FA/9A873EB045A311F095EFFD48C4F9AE02/3D2BE20645A411F0A0860C4AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
160.250.212.0/23
Signature Algorithm: sha256WithRSAEncryption
1e:48:e5:67:0f:66:10:ca:c2:47:c9:dd:b7:c1:9f:d0:fb:1f:
bb:d9:d6:ee:e8:6b:ca:fd:ad:f2:3c:db:65:d4:67:77:99:6f:
14:e8:df:4d:7a:5e:11:52:48:99:60:d1:86:35:05:65:33:66:
da:b1:ca:20:f5:5d:02:51:aa:85:03:95:35:e3:a2:7a:ea:71:
19:65:eb:cb:5a:0a:60:08:97:37:3c:9b:39:cf:e5:74:e6:90:
f1:5c:99:12:67:98:7c:9c:d2:5c:1f:f5:80:20:d0:7d:15:d4:
fd:b8:c5:0a:ff:76:2e:58:4c:b3:ee:04:7d:42:37:6d:43:63:
63:52:13:30:c5:2a:52:b4:0a:13:ed:86:cf:96:9c:f5:36:d9:
42:98:63:ec:c6:c1:56:d8:a5:e6:6f:4c:96:a4:c4:fc:d1:3a:
d1:60:f0:3b:54:9f:94:a4:3d:82:df:c0:8f:57:ac:4a:7d:38:
d6:3a:1b:fe:99:f2:ca:ea:65:75:59:18:0f:22:c5:d8:4e:63:
e6:d1:fe:cb:87:67:6a:86:34:b6:9b:39:63:97:06:37:d2:4a:
78:78:58:19:83:6f:6b:67:49:78:5b:21:ea:ca:a4:3a:6d:0c:
01:2a:71:82:4b:e2:31:2c:d9:c4:42:f9:f0:97:da:01:ee:0f:
71:26:f6:4d
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3
RTFGQTExMC8GA1UEBRMoRjE1QzVDNUJBNTIxNDUzNzA3QzgxRjVGRUMwODExQkYy
MUNGRjQwRTAeFw0yNTA2MTAwMjQwMTZaFw0yNjAzMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY4NDc5YjBmLTA5ZTgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC8l14hnd73JXwIuxShKAT+tI3evn7kTFdeZY2LnZhmwiQzrUB3nqRTuP0bUUXZ
2wMoX2tsAnhT1bb2B2TAuoBO5KRlr8TFWLh1E6aBA+EYFiEnApJsYtofCRKl5h5z
y0Tgm4STM4bLf6xcKU5QiQLHnki121/IA7HW1E8bEGgT0V4sGjmY4SoR5fF6tkrX
keGMTX2nKB3zYt1Ct+YjXqVFokpb+JqogCZG6XAocfVImuBaAw9t5eJBAtF7c2Mp
dlGqDrS09SGGgG1tSKSyzvKk18rX2zJtELGPI1yDHKw2mdpeUbX/9GoGOckyae6e
/dZilW5l6AUyaYKBSrGoR1aBAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUSWOQvXAF
F85NTkNnT7vS6cmEqlkwHwYDVR0jBBgwFoAU8VxcW6UhRTcHyB9f7AgRvyHP9A4w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTdFMUZBLzlBODczRUIwNDVB
MzExRjA5NUVGRkQ0OEM0RjlBRTAyLzhWeGNXNlVoUlRjSHlCOWY3QWdSdnlIUDlB
NC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvOFZ4Y1c2VWhSVGNIeUI5ZjdBZ1J2eUhQOUE0LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
RTFGQS85QTg3M0VCMDQ1QTMxMUYwOTVFRkZENDhDNEY5QUUwMi8zRDJCRTIwNjQ1
QTQxMUYwQTA4NjBDNEFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAaD61DANBgkqhkiG9w0BAQsFAAOCAQEAHkjlZw9mEMrCR8nd
t8Gf0Psfu9nW7uhryv2t8jzbZdRnd5lvFOjfTXpeEVJImWDRhjUFZTNm2rHKIPVd
AlGqhQOVNeOieupxGWXry1oKYAiXNzybOc/ldOaQ8VyZEmeYfJzSXB/1gCDQfRXU
/bjFCv92LlhMs+4EfUI3bUNjY1ITMMUqUrQKE+2Gz5ac9TbZQphj7MbBVtil5m9M
lqTE/NE60WDwO1SflKQ9gt/Aj1esSn041job/pnyyupldVkYDyLF2E5j5tH+y4dn
aoY0tps5Y5cGN9JKeHhYGYNva2dJeFsh6sqkOm0MASpxgkviMSzZxEL58JfaAe4P
cSb2TQ==
-----END CERTIFICATE-----
Generated at Fri Jun 20 15:40:00 2025 by rpki-client