Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/02B7807A2B3311F0B5BF4516C4F9AE02.roa
File: 02B7807A2B3311F0B5BF4516C4F9AE02.roa (raw, json)
Hash identifier: 3zhNkW1z73j3Scct+m74hX4DUY8BLrYV1mLoWbWXD60=
Subject key identifier: 19:18:03:57:CC:1B:D5:B5:EA:27:E7:FE:06:21:12:76:FD:F7:FF:21
Certificate issuer: /CN=A9186214/serialNumber=F3DB9F162008BD666CBF8C99607814CFAB24D7E7
Certificate serial: 354F
Authority key identifier: F3:DB:9F:16:20:08:BD:66:6C:BF:8C:99:60:78:14:CF:AB:24:D7:E7
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/89ufFiAIvWZsv4yZYHgUz6sk1-c.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/02B7807A2B3311F0B5BF4516C4F9AE02.roa
Signing time: Wed 07 May 2025 11:12:41 +0000
ROA not before: Wed 07 May 2025 11:12:41 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 153840
IP address blocks: 163.227.149.0/24 maxlen: 24
2001:df5:70c0::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 08 May 2025 07:37:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13647 (0x354f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9186214, serialNumber=F3DB9F162008BD666CBF8C99607814CFAB24D7E7
Validity
Not Before: May 7 11:12:41 2025 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=681b4028-568d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:ec:fc:ee:0b:05:3b:31:88:83:60:60:3e:5b:
2f:aa:8d:c0:d3:67:6c:1f:6a:88:0d:f4:86:11:7c:
28:3c:cb:21:fa:a5:23:04:46:d8:c8:88:bc:8d:d1:
db:bb:86:30:c4:91:40:43:41:dc:b1:28:76:36:d0:
b5:8c:6c:a7:6b:a9:c2:fb:9a:d1:6b:e9:af:66:df:
a0:75:2f:43:5c:75:01:24:18:3a:2c:2d:6b:48:fc:
82:46:9b:49:77:c3:10:6c:32:a4:12:90:81:aa:c1:
ea:ef:5c:74:af:39:45:6d:21:a7:ed:cb:88:34:31:
b4:f3:66:c6:3b:58:48:e0:b2:ff:56:6b:5a:bc:61:
62:b9:b2:33:61:9d:62:a9:02:89:82:c0:ca:0c:d4:
aa:28:dd:34:9b:c9:e3:ab:04:09:35:18:7c:2a:bf:
a3:d9:db:d3:e5:a2:b4:35:52:37:e4:bb:8c:ad:f3:
c7:7d:75:d1:b3:bc:ce:f9:82:f7:23:2d:d7:38:13:
76:c2:f9:b6:f1:6c:4c:d7:ce:44:39:7d:26:7c:77:
74:eb:3c:11:5e:32:f8:2b:ea:83:79:4f:2c:d1:f0:
4c:c0:1f:fe:86:53:18:e8:d7:cd:7d:2b:07:d1:1a:
39:5c:fa:31:03:ce:d5:73:32:81:dc:2a:71:f2:b8:
03:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:18:03:57:CC:1B:D5:B5:EA:27:E7:FE:06:21:12:76:FD:F7:FF:21
X509v3 Authority Key Identifier:
keyid:F3:DB:9F:16:20:08:BD:66:6C:BF:8C:99:60:78:14:CF:AB:24:D7:E7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/89ufFiAIvWZsv4yZYHgUz6sk1-c.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/89ufFiAIvWZsv4yZYHgUz6sk1-c.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9186214/C65D5364331A11E4AF2AB37CC4F9AE02/02B7807A2B3311F0B5BF4516C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
163.227.149.0/24
IPv6:
2001:df5:70c0::/48
Signature Algorithm: sha256WithRSAEncryption
20:14:9a:db:eb:27:0b:60:f3:54:58:02:03:da:ba:73:dd:a9:
1e:a6:3f:1b:12:f0:8f:f7:5d:8f:4b:60:6e:09:a6:a3:c8:e7:
bf:fa:80:4a:3b:28:7a:cc:5a:24:e9:b9:32:29:77:35:31:4a:
54:5e:a0:bb:e5:9a:00:9c:96:9e:0b:6d:0e:0c:01:8f:d2:f5:
95:75:e6:d1:bc:8d:e3:9d:d2:a1:17:fa:f7:5e:f8:5e:5c:a6:
ad:56:b1:15:1f:5a:a3:e6:b0:f4:3a:e2:33:79:93:66:40:82:
e9:a4:cb:ce:9b:3e:7f:c0:ac:05:8d:99:f3:7d:df:8b:a9:47:
08:a2:42:8b:65:86:3a:cf:7e:b6:ce:c9:17:3a:6c:9d:4d:b6:
49:e3:7e:8a:18:3e:4e:9a:2d:a1:eb:12:17:5e:2d:4f:1e:97:
02:6d:fb:9d:1f:99:2a:eb:c3:1a:88:58:7d:a8:35:29:bc:54:
ea:84:21:6b:52:cc:98:c8:b2:b1:fe:2f:b3:c7:28:02:3c:69:
db:bf:14:6e:8f:35:ab:d6:bf:f0:6f:59:4f:db:66:31:9f:f1:
98:26:39:f0:06:ed:2c:b0:3f:46:7d:56:06:07:e1:18:30:75:
dc:c1:96:86:6c:85:08:81:ba:5e:1c:be:ab:eb:b9:31:ad:e7:
13:a0:5d:28
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICNU8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODYyMTQxMTAvBgNVBAUTKEYzREI5RjE2MjAwOEJENjY2Q0JGOEM5OTYwNzgxNENG
QUIyNEQ3RTcwHhcNMjUwNTA3MTExMjQxWhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODFiNDAyOC01NjhkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5Oz87gsFOzGIg2BgPlsvqo3A02dsH2qIDfSGEXwoPMsh+qUjBEbYyIi8jdHb
u4YwxJFAQ0HcsSh2NtC1jGyna6nC+5rRa+mvZt+gdS9DXHUBJBg6LC1rSPyCRptJ
d8MQbDKkEpCBqsHq71x0rzlFbSGn7cuINDG082bGO1hI4LL/VmtavGFiubIzYZ1i
qQKJgsDKDNSqKN00m8njqwQJNRh8Kr+j2dvT5aK0NVI35LuMrfPHfXXRs7zO+YL3
Iy3XOBN2wvm28WxM185EOX0mfHd06zwRXjL4K+qDeU8s0fBMwB/+hlMY6NfNfSsH
0Ro5XPoxA87VczKB3Cpx8rgDpQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFBkYA1fM
G9W16ifn/gYhEnb99/8hMB8GA1UdIwQYMBaAFPPbnxYgCL1mbL+MmWB4FM+rJNfn
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NjIxNC9DNjVENTM2NDMz
MUExMUU0QUYyQUIzN0NDNEY5QUUwMi84OXVmRmlBSXZXWnN2NHlaWUhnVXo2c2sx
LWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzg5dWZGaUFJdldac3Y0eVpZSGdVejZzazEtYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODYyMTQvQzY1RDUzNjQzMzFBMTFFNEFGMkFCMzdDQzRGOUFFMDIvMDJCNzgwN0Ey
QjMzMTFGMEI1QkY0NTE2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBACj45UwDwQCAAIwCQMHACABDfVwwDANBgkqhkiG9w0BAQsF
AAOCAQEAIBSa2+snC2DzVFgCA9q6c92pHqY/GxLwj/ddj0tgbgmmo8jnv/qASjso
esxaJOm5Mil3NTFKVF6gu+WaAJyWngttDgwBj9L1lXXm0byN453SoRf69174Xlym
rVaxFR9ao+aw9DriM3mTZkCC6aTLzps+f8CsBY2Z833fi6lHCKJCi2WGOs9+ts7J
FzpsnU22SeN+ihg+TpotoesSF14tTx6XAm37nR+ZKuvDGohYfag1KbxU6oQha1LM
mMiysf4vs8coAjxp278Ubo81q9a/8G9ZT9tmMZ/xmCY58AbtLLA/Rn1WBgfhGDB1
3MGWhmyFCIG6Xhy+q+u5Ma3nE6BdKA==
-----END CERTIFICATE-----
Generated at Sun Jun 15 22:12:01 2025 by rpki-client