Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911DB66/77B6199CE09A11EFB63A8130C4F9AE02/8702F6F0E09E11EFAB364253C4F9AE02.roa
File: 8702F6F0E09E11EFAB364253C4F9AE02.roa (raw, json)
Hash identifier: XuomjDYLXw2HcrS+Mg5rjvgPFFJWgWFxp3wqUdcEiMk=
Subject key identifier: C6:06:23:4F:AA:28:D2:73:CF:3A:45:64:1A:8C:A2:97:2A:DA:4B:89
Certificate issuer: /CN=A911DB66/serialNumber=BC8C79F78491A1D5AA45DBE4133C0C10F69364AD
Certificate serial: 02
Authority key identifier: BC:8C:79:F7:84:91:A1:D5:AA:45:DB:E4:13:3C:0C:10:F6:93:64:AD
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/vIx594SRodWqRdvkEzwMEPaTZK0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911DB66/77B6199CE09A11EFB63A8130C4F9AE02/8702F6F0E09E11EFAB364253C4F9AE02.roa
Signing time: Sat 01 Feb 2025 13:14:55 +0000
ROA not before: Sat 01 Feb 2025 13:14:55 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 149179
IP address blocks: 161.248.204.0/23 maxlen: 23
161.248.204.0/24 maxlen: 24
161.248.205.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 27 Feb 2025 15:16:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911DB66
Validity
Not Before: Feb 1 13:14:55 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=679e1e4e-87fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:e1:32:78:6e:c4:f5:32:bc:a0:ac:ca:e3:85:
23:b9:36:b2:3f:9e:86:83:0f:1f:c6:bd:66:13:0e:
d3:f6:12:91:58:62:29:c6:e2:f0:ab:dd:58:5c:26:
83:81:8c:13:d6:0b:0b:e1:5c:ff:d4:c5:45:07:2d:
b3:00:5c:40:c5:7b:11:ff:c9:01:4c:cb:c3:e7:32:
ac:c1:fc:79:ee:10:11:3a:85:0e:87:ea:00:03:e3:
8a:3c:aa:2f:e4:fd:bd:b0:11:9a:ff:8b:11:4c:ef:
4c:56:ad:fb:32:f7:b3:a1:2c:8a:8c:e2:83:b2:8c:
86:fb:2a:b6:e7:74:c5:2e:87:26:3c:01:c2:11:59:
ca:43:cd:98:ce:76:1c:21:be:b6:2e:1e:51:07:12:
f7:c6:7f:e1:38:64:e4:35:f5:47:1c:49:3c:5b:65:
58:93:ea:19:06:9f:34:fd:0c:6d:32:e4:c0:69:69:
2c:bc:f2:9c:b2:e0:1c:59:0f:ae:c4:92:1e:8f:04:
c0:20:c6:a9:26:76:71:99:9b:c3:ec:ed:33:e4:14:
15:78:b5:74:40:87:b4:42:59:2a:52:a3:b7:18:b6:
27:7c:92:cb:eb:78:22:1f:de:86:f5:0c:3a:77:7f:
51:dc:1d:0f:23:5b:f1:01:f1:96:56:a6:5b:9d:b1:
69:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:06:23:4F:AA:28:D2:73:CF:3A:45:64:1A:8C:A2:97:2A:DA:4B:89
X509v3 Authority Key Identifier:
keyid:BC:8C:79:F7:84:91:A1:D5:AA:45:DB:E4:13:3C:0C:10:F6:93:64:AD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911DB66/77B6199CE09A11EFB63A8130C4F9AE02/vIx594SRodWqRdvkEzwMEPaTZK0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/vIx594SRodWqRdvkEzwMEPaTZK0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911DB66/77B6199CE09A11EFB63A8130C4F9AE02/8702F6F0E09E11EFAB364253C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
161.248.204.0/23
Signature Algorithm: sha256WithRSAEncryption
73:b6:f6:c3:82:c4:59:c5:01:71:39:6f:2d:6b:98:24:85:39:
55:a9:49:ec:9f:58:e2:41:38:d5:2c:45:4c:84:ec:50:81:1e:
b0:95:c9:4d:1a:26:51:4b:ec:6e:21:02:f0:09:34:12:c7:5f:
45:64:e2:00:50:ac:2c:92:40:6b:2f:7a:63:3a:f8:06:a1:b3:
d1:57:a3:2b:29:4e:76:d7:93:e3:a8:c8:f6:04:94:46:06:a1:
77:ec:dc:53:5c:cc:dc:77:ab:a2:6f:c5:9a:ed:40:8d:bd:bb:
ac:ea:2c:ae:89:d6:a6:ae:b9:10:06:9c:c0:9f:d4:2a:60:a5:
c5:be:ce:88:e5:f6:e8:8d:fc:fe:ba:79:c8:20:ea:ed:41:e6:
b2:6f:4a:4b:ec:07:ba:30:39:a0:18:c0:fa:2a:d5:74:d1:6e:
b1:ac:b0:0e:27:2f:4f:bb:67:38:3d:a3:2b:2c:38:45:1f:fe:
ad:50:ac:68:f0:8c:d4:80:6d:cb:f8:8d:f1:59:e9:a6:9c:05:
94:2d:59:33:9a:ac:94:f5:c4:35:25:0f:ee:e8:b6:34:72:cb:
c7:fa:28:f7:38:cb:14:55:b1:d9:64:f4:76:f2:13:0d:22:55:
e6:fb:d4:ab:8f:22:02:b6:64:b4:dd:5f:b6:77:84:e8:8d:7a:
e1:e9:0d:a8
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEx
REI2NjExMC8GA1UEBRMoQkM4Qzc5Rjc4NDkxQTFENUFBNDVEQkU0MTMzQzBDMTBG
NjkzNjRBRDAeFw0yNTAyMDExMzE0NTVaFw0yNjA1MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3OWUxZTRlLTg3ZmIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDC4TJ4bsT1MrygrMrjhSO5NrI/noaDDx/GvWYTDtP2EpFYYinG4vCr3VhcJoOB
jBPWCwvhXP/UxUUHLbMAXEDFexH/yQFMy8PnMqzB/HnuEBE6hQ6H6gAD44o8qi/k
/b2wEZr/ixFM70xWrfsy97OhLIqM4oOyjIb7KrbndMUuhyY8AcIRWcpDzZjOdhwh
vrYuHlEHEvfGf+E4ZOQ19UccSTxbZViT6hkGnzT9DG0y5MBpaSy88pyy4BxZD67E
kh6PBMAgxqkmdnGZm8Ps7TPkFBV4tXRAh7RCWSpSo7cYtid8ksvreCIf3ob1DDp3
f1HcHQ8jW/EB8ZZWpludsWmnAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUxgYjT6oo
0nPPOkVkGoyilyraS4kwHwYDVR0jBBgwFoAUvIx594SRodWqRdvkEzwMEPaTZK0w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTFEQjY2Lzc3QjYxOTlDRTA5
QTExRUZCNjNBODEzMEM0RjlBRTAyL3ZJeDU5NFNSb2RXcVJkdmtFendNRVBhVFpL
MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvdkl4NTk0U1JvZFdxUmR2a0V6d01FUGFUWkswLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx
REI2Ni83N0I2MTk5Q0UwOUExMUVGQjYzQTgxMzBDNEY5QUUwMi84NzAyRjZGMEUw
OUUxMUVGQUIzNjQyNTNDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAaH4zDANBgkqhkiG9w0BAQsFAAOCAQEAc7b2w4LEWcUBcTlv
LWuYJIU5ValJ7J9Y4kE41SxFTITsUIEesJXJTRomUUvsbiEC8Ak0EsdfRWTiAFCs
LJJAay96Yzr4BqGz0VejKylOdteT46jI9gSURgahd+zcU1zM3Herom/Fmu1Ajb27
rOosronWpq65EAacwJ/UKmClxb7OiOX26I38/rp5yCDq7UHmsm9KS+wHujA5oBjA
+irVdNFusaywDicvT7tnOD2jKyw4RR/+rVCsaPCM1IBty/iN8VnpppwFlC1ZM5qs
lPXENSUP7ui2NHLLx/oo9zjLFFWx2WT0dvITDSJV5vvUq48iArZktN1ftneE6I16
4ekNqA==
-----END CERTIFICATE-----
Generated at Mon Apr 7 14:51:35 2025 by rpki-client