Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D9CA8/20DA2746E4FD11EFAC1CE67FC4F9AE02/5B47964C399011F08C88A069C4F9AE02.roa
File: 5B47964C399011F08C88A069C4F9AE02.roa (raw, json)
Hash identifier: hxlJO9ocGvl+OzjNMOPLtETaVRQ/HPO5DQ7f2sah1fU=
Subject key identifier: 15:5F:BD:32:CE:B5:A7:29:02:73:6D:FE:F5:AD:5F:D7:F0:2C:5F:9C
Certificate issuer: /CN=A91D9CA8/serialNumber=CBC6603370FBE84CCCE064E84F4F26EDBEC267B1
Certificate serial: 4B
Authority key identifier: CB:C6:60:33:70:FB:E8:4C:CC:E0:64:E8:4F:4F:26:ED:BE:C2:67:B1
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/y8ZgM3D76EzM4GToT08m7b7CZ7E.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D9CA8/20DA2746E4FD11EFAC1CE67FC4F9AE02/5B47964C399011F08C88A069C4F9AE02.roa
Signing time: Sun 25 May 2025 17:47:42 +0000
ROA not before: Sun 25 May 2025 17:47:42 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 153490
IP address blocks: 161.248.118.0/23 maxlen: 23
161.248.118.0/24 maxlen: 30
161.248.119.0/24 maxlen: 30
Validation: Failed, certificate revoked on Sun 25 May 2025 17:54:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 75 (0x4b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D9CA8, serialNumber=CBC6603370FBE84CCCE064E84F4F26EDBEC267B1
Validity
Not Before: May 25 17:47:42 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=683357be-c025
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:42:24:81:e8:49:80:69:fd:20:e9:89:80:4a:
06:e1:89:d8:b4:29:f9:bf:2c:f2:62:dd:39:7a:cd:
64:27:fa:c4:2d:84:28:0d:08:56:53:f7:2a:6a:69:
08:76:ef:e8:b0:85:4a:ba:14:16:98:57:39:cf:e9:
8b:30:68:d6:17:93:19:99:90:5d:b2:34:6d:f4:50:
2d:7e:a0:bc:27:e8:5b:66:48:47:26:46:19:66:dd:
c6:2d:fc:4b:3e:ca:ce:71:15:aa:8e:32:89:51:62:
51:e1:c9:db:b8:30:dc:24:8c:4b:67:48:a5:5b:de:
6a:7c:f1:f3:5b:5b:21:6e:9a:15:45:51:13:ba:90:
a5:58:8e:03:c1:69:e9:b5:5e:ff:7a:0d:5d:ea:ed:
df:dd:c8:a7:ee:89:97:fb:9b:aa:33:00:98:d4:94:
ca:d3:51:65:11:88:0c:d9:16:28:8e:83:6c:c9:1a:
43:35:94:b3:ac:0c:a5:32:68:5b:bb:69:99:c3:e7:
c6:75:10:df:f4:2a:55:87:05:8a:c6:9e:24:e9:fe:
99:59:ef:0b:6b:21:98:63:07:e8:b6:95:84:1d:5f:
f8:48:24:23:09:0f:6c:33:9e:4f:0d:cb:b5:fc:ec:
45:1d:09:50:83:ae:d6:bf:e1:e3:f3:5c:93:ca:34:
5f:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:5F:BD:32:CE:B5:A7:29:02:73:6D:FE:F5:AD:5F:D7:F0:2C:5F:9C
X509v3 Authority Key Identifier:
keyid:CB:C6:60:33:70:FB:E8:4C:CC:E0:64:E8:4F:4F:26:ED:BE:C2:67:B1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D9CA8/20DA2746E4FD11EFAC1CE67FC4F9AE02/y8ZgM3D76EzM4GToT08m7b7CZ7E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/y8ZgM3D76EzM4GToT08m7b7CZ7E.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D9CA8/20DA2746E4FD11EFAC1CE67FC4F9AE02/5B47964C399011F08C88A069C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
161.248.118.0/23
Signature Algorithm: sha256WithRSAEncryption
8c:55:49:e1:21:dd:5a:6a:ee:06:15:da:00:67:04:75:f4:c5:
d7:d7:73:3c:c6:1b:f1:53:c5:d6:c9:48:f3:2f:ff:d3:ba:f8:
e1:08:24:26:e2:71:eb:28:bc:63:d1:32:39:99:29:11:66:5c:
e2:75:f3:03:f4:94:e1:ae:71:6f:d5:46:ce:3b:e3:f5:78:2f:
01:23:c5:06:30:3d:43:15:3d:97:d7:00:4e:a1:38:c0:ec:d2:
d2:ea:e8:24:f8:dd:84:a6:d4:bc:1a:22:d2:df:f0:6e:8d:fc:
d1:69:96:f2:43:2a:d1:f5:1f:31:4f:58:1e:93:37:78:7f:a6:
0b:38:22:9f:57:5f:ca:6b:f1:a4:a4:58:21:d2:b0:0b:e4:a6:
61:79:a4:5c:83:67:d7:e9:8d:68:62:2e:06:e2:b3:d6:4c:8a:
f9:9a:93:8d:a2:30:91:db:64:df:d4:15:c8:13:6c:e7:a2:66:
0d:33:68:cf:fd:f9:ff:8b:a3:2f:73:7e:25:ce:32:a3:13:2b:
b8:bb:a1:cf:c8:44:e5:f7:91:d4:92:f9:97:d6:d8:3f:27:6b:
c5:57:36:83:c5:0a:d4:02:8d:c6:96:dd:31:37:1a:b9:bc:85:
44:53:4d:e0:6c:a6:8f:3b:87:46:49:e1:2e:97:0f:06:7b:76:
b2:c0:ef:e2
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBSzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE
OUNBODExMC8GA1UEBRMoQ0JDNjYwMzM3MEZCRTg0Q0NDRTA2NEU4NEY0RjI2RURC
RUMyNjdCMTAeFw0yNTA1MjUxNzQ3NDJaFw0yNjAzMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY4MzM1N2JlLWMwMjUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCuQiSB6EmAaf0g6YmASgbhidi0Kfm/LPJi3Tl6zWQn+sQthCgNCFZT9ypqaQh2
7+iwhUq6FBaYVznP6YswaNYXkxmZkF2yNG30UC1+oLwn6FtmSEcmRhlm3cYt/Es+
ys5xFaqOMolRYlHhydu4MNwkjEtnSKVb3mp88fNbWyFumhVFURO6kKVYjgPBaem1
Xv96DV3q7d/dyKfuiZf7m6ozAJjUlMrTUWURiAzZFiiOg2zJGkM1lLOsDKUyaFu7
aZnD58Z1EN/0KlWHBYrGniTp/plZ7wtrIZhjB+i2lYQdX/hIJCMJD2wznk8Ny7X8
7EUdCVCDrta/4ePzXJPKNF9fAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUFV+9Ms61
pykCc23+9a1f1/AsX5wwHwYDVR0jBBgwFoAUy8ZgM3D76EzM4GToT08m7b7CZ7Ew
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUQ5Q0E4LzIwREEyNzQ2RTRG
RDExRUZBQzFDRTY3RkM0RjlBRTAyL3k4WmdNM0Q3NkV6TTRHVG9UMDhtN2I3Q1o3
RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIveThaZ00zRDc2RXpNNEdUb1QwOG03YjdDWjdFLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE
OUNBOC8yMERBMjc0NkU0RkQxMUVGQUMxQ0U2N0ZDNEY5QUUwMi81QjQ3OTY0QzM5
OTAxMUYwOEM4OEEwNjlDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAaH4djANBgkqhkiG9w0BAQsFAAOCAQEAjFVJ4SHdWmruBhXa
AGcEdfTF19dzPMYb8VPF1slI8y//07r44QgkJuJx6yi8Y9EyOZkpEWZc4nXzA/SU
4a5xb9VGzjvj9XgvASPFBjA9QxU9l9cATqE4wOzS0uroJPjdhKbUvBoi0t/wbo38
0WmW8kMq0fUfMU9YHpM3eH+mCzgin1dfymvxpKRYIdKwC+SmYXmkXINn1+mNaGIu
BuKz1kyK+ZqTjaIwkdtk39QVyBNs56JmDTNoz/35/4ujL3N+Jc4yoxMruLuhz8hE
5feR1JL5l9bYPydrxVc2g8UK1AKNxpbdMTcaubyFRFNN4GymjzuHRknhLpcPBnt2
ssDv4g==
-----END CERTIFICATE-----
Generated at Thu Jun 19 11:06:27 2025 by rpki-client