Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E17F3/9A9FB8F2FFEC11EFBF55BB6FC4F9AE02/ED2A2BA2FFEC11EFAD909E72C4F9AE02.roa
File: ED2A2BA2FFEC11EFAD909E72C4F9AE02.roa (raw, json)
Hash identifier: 5wZNCDSUzMsFgklx+hWVDebsZBr13Qa8M9xQrU62rwk=
Subject key identifier: 99:52:A6:21:BA:D5:56:43:47:81:F7:B2:EE:4E:38:80:F6:60:F6:C7
Certificate issuer: /CN=A91E17F3/serialNumber=39241DC2A94922EAFF982D9B4080F8BE40F7B6BD
Certificate serial: 02
Authority key identifier: 39:24:1D:C2:A9:49:22:EA:FF:98:2D:9B:40:80:F8:BE:40:F7:B6:BD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OSQdwqlJIur_mC2bQID4vkD3tr0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E17F3/9A9FB8F2FFEC11EFBF55BB6FC4F9AE02/ED2A2BA2FFEC11EFAD909E72C4F9AE02.roa
Signing time: Thu 13 Mar 2025 09:24:13 +0000
ROA not before: Thu 13 Mar 2025 09:24:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 150739
IP address blocks: 163.223.106.0/23 maxlen: 24
Validation: Failed, certificate revoked on Sun 16 Mar 2025 10:21:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E17F3, serialNumber=39241DC2A94922EAFF982D9B4080F8BE40F7B6BD
Validity
Not Before: Mar 13 09:24:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=67d2a43d-3e36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:2e:ff:9d:43:7a:42:81:f6:c8:13:6b:0c:95:
63:3c:6d:0b:53:c1:f6:be:3f:78:e0:01:89:68:7e:
27:e1:52:aa:c0:6d:32:6a:df:31:b5:e1:af:16:89:
6b:91:10:85:8d:28:e9:99:cb:83:10:e9:50:69:5a:
c6:00:7d:aa:6b:dd:82:5e:ef:df:6d:08:67:57:dd:
22:2c:12:71:2a:9d:7c:85:0c:0a:ed:e5:3c:0c:0c:
15:bf:18:d7:60:2b:b8:a3:dd:f9:6d:36:30:04:26:
5a:39:64:4d:2d:38:a9:7f:9f:39:80:7d:a1:39:81:
d7:fb:33:e6:4f:30:23:d7:cb:03:b1:89:7f:56:be:
dc:12:08:94:11:84:63:e4:11:33:a1:2a:b3:47:a9:
f4:c7:7b:49:92:44:04:cb:7b:d8:4e:34:24:2c:24:
c8:ee:f2:f9:18:e5:c8:3a:c2:aa:e3:8f:c4:2a:01:
90:30:e3:e8:f6:7a:e3:78:c3:06:fa:c0:91:be:6e:
e4:5b:7f:f5:e7:9b:44:6e:ba:0c:f8:4d:b1:8c:3a:
2d:b5:33:35:74:7a:aa:2f:20:fe:39:da:b2:53:4b:
1a:b0:d2:7e:bf:ac:86:e4:b7:49:9b:61:60:4e:36:
a2:5c:9c:e2:3a:db:6f:ca:ae:59:7e:3c:fb:ef:57:
db:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:52:A6:21:BA:D5:56:43:47:81:F7:B2:EE:4E:38:80:F6:60:F6:C7
X509v3 Authority Key Identifier:
keyid:39:24:1D:C2:A9:49:22:EA:FF:98:2D:9B:40:80:F8:BE:40:F7:B6:BD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E17F3/9A9FB8F2FFEC11EFBF55BB6FC4F9AE02/OSQdwqlJIur_mC2bQID4vkD3tr0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/OSQdwqlJIur_mC2bQID4vkD3tr0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E17F3/9A9FB8F2FFEC11EFBF55BB6FC4F9AE02/ED2A2BA2FFEC11EFAD909E72C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
163.223.106.0/23
Signature Algorithm: sha256WithRSAEncryption
25:1b:40:df:13:25:c6:c5:ab:1e:f3:0d:a5:e3:c6:f3:69:ac:
45:04:51:8e:1e:d3:29:8b:31:f6:4f:79:14:2f:12:1e:d4:6f:
da:46:e0:22:0b:6b:76:d3:49:03:9d:01:1b:74:7c:2d:ec:f2:
fe:4b:3c:25:b2:65:3c:67:f3:d3:aa:e3:fc:35:1d:40:ce:ab:
23:b0:ee:7f:37:f7:3e:ac:3b:d3:d4:d0:3a:e6:0a:d1:fc:40:
7d:39:2b:72:13:c2:e8:27:44:96:6e:01:7e:20:b9:8d:ee:79:
25:b1:09:5d:e9:76:3e:dd:e6:32:b7:65:98:36:57:2a:39:8d:
9d:21:18:fb:0e:6a:58:1c:03:d9:a5:00:a2:d9:09:76:82:e5:
a4:cc:d6:fa:30:47:3c:8b:47:aa:03:cc:f1:d1:c8:d6:f7:4b:
0a:9e:04:16:8a:cc:03:d5:42:18:72:17:4f:f5:5f:98:da:b7:
67:ec:0f:93:4f:7f:ac:6d:ca:92:5a:30:24:3f:8b:c2:61:44:
07:41:48:bf:52:83:90:c3:d9:47:98:0d:79:58:9a:17:f2:53:
d7:39:5f:8d:d8:39:fa:fe:01:04:1a:08:60:ad:11:12:6b:d2:
43:e3:4b:e6:18:f7:c9:d1:b7:25:71:79:f2:75:95:de:5a:7f:
62:2e:f9:98
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF
MTdGMzExMC8GA1UEBRMoMzkyNDFEQzJBOTQ5MjJFQUZGOTgyRDlCNDA4MEY4QkU0
MEY3QjZCRDAeFw0yNTAzMTMwOTI0MTNaFw0yNjA3MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3ZDJhNDNkLTNlMzYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCzLv+dQ3pCgfbIE2sMlWM8bQtTwfa+P3jgAYlofifhUqrAbTJq3zG14a8WiWuR
EIWNKOmZy4MQ6VBpWsYAfapr3YJe799tCGdX3SIsEnEqnXyFDArt5TwMDBW/GNdg
K7ij3fltNjAEJlo5ZE0tOKl/nzmAfaE5gdf7M+ZPMCPXywOxiX9WvtwSCJQRhGPk
ETOhKrNHqfTHe0mSRATLe9hONCQsJMju8vkY5cg6wqrjj8QqAZAw4+j2euN4wwb6
wJG+buRbf/Xnm0Ruugz4TbGMOi21MzV0eqovIP452rJTSxqw0n6/rIbkt0mbYWBO
NqJcnOI622/Krll+PPvvV9uxAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUmVKmIbrV
VkNHgfey7k44gPZg9scwHwYDVR0jBBgwFoAUOSQdwqlJIur/mC2bQID4vkD3tr0w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUUxN0YzLzlBOUZCOEYyRkZF
QzExRUZCRjU1QkI2RkM0RjlBRTAyL09TUWR3cWxKSXVyX21DMmJRSUQ0dmtEM3Ry
MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvT1NRZHdxbEpJdXJfbUMyYlFJRDR2a0QzdHIwLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF
MTdGMy85QTlGQjhGMkZGRUMxMUVGQkY1NUJCNkZDNEY5QUUwMi9FRDJBMkJBMkZG
RUMxMUVGQUQ5MDlFNzJDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAaPfajANBgkqhkiG9w0BAQsFAAOCAQEAJRtA3xMlxsWrHvMN
pePG82msRQRRjh7TKYsx9k95FC8SHtRv2kbgIgtrdtNJA50BG3R8Lezy/ks8JbJl
PGfz06rj/DUdQM6rI7Dufzf3Pqw709TQOuYK0fxAfTkrchPC6CdElm4BfiC5je55
JbEJXel2Pt3mMrdlmDZXKjmNnSEY+w5qWBwD2aUAotkJdoLlpMzW+jBHPItHqgPM
8dHI1vdLCp4EForMA9VCGHIXT/VfmNq3Z+wPk09/rG3KklowJD+LwmFEB0FIv1KD
kMPZR5gNeViaF/JT1zlfjdg5+v4BBBoIYK0REmvSQ+NL5hj3ydG3JXF58nWV3lp/
Yi75mA==
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:20:58 2025 by rpki-client