Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A912E31D/2CF6B8B0F9C911EFA54F762AC4F9AE02/E49A1C42FA4011EF91CF5054C4F9AE02.roa
File: E49A1C42FA4011EF91CF5054C4F9AE02.roa (raw, json)
Hash identifier: K/+SYw0di8PRwZ3hnPRXYUyYF4m0X28CRDhKfCp67M8=
Subject key identifier: DD:06:30:29:70:EC:D8:9D:DF:98:5D:29:65:0A:31:71:19:D7:08:A3
Certificate issuer: /CN=A912E31D/serialNumber=E628220F3FD00F417B9972E1D4A0F641696E7999
Certificate serial: 03
Authority key identifier: E6:28:22:0F:3F:D0:0F:41:7B:99:72:E1:D4:A0:F6:41:69:6E:79:99
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5igiDz_QD0F7mXLh1KD2QWlueZk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A912E31D/2CF6B8B0F9C911EFA54F762AC4F9AE02/E49A1C42FA4011EF91CF5054C4F9AE02.roa
Signing time: Thu 06 Mar 2025 04:10:09 +0000
ROA not before: Thu 06 Mar 2025 04:10:09 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 134732
IP address blocks: 163.61.156.0/23 maxlen: 23
2001:df5:19c0::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 06 Mar 2025 04:28:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3 (0x3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A912E31D
Validity
Not Before: Mar 6 04:10:09 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=67c92021-e769
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:f4:c2:61:04:01:13:d6:df:e6:f6:b4:df:52:
d1:fc:81:76:df:aa:f0:14:73:de:cd:32:83:22:7f:
1a:72:91:98:42:59:b5:3c:78:dd:4c:6d:9a:4d:2c:
b8:57:b2:24:65:81:be:d0:b6:04:0c:90:d8:85:e5:
af:1a:18:37:b4:cd:5e:d1:83:b0:86:1e:5f:21:2e:
72:4c:ef:bb:32:40:a8:70:52:7e:3c:3e:d8:90:39:
f1:e8:1d:fb:c8:23:72:e4:4b:c1:af:07:b9:cf:ac:
8a:f8:d7:2c:78:53:52:a2:2b:75:69:c8:76:d6:30:
e4:f2:b6:05:69:4a:2f:ad:c3:bf:3b:21:ae:10:ad:
61:e3:ea:11:c2:7b:6e:96:06:c7:44:36:b6:b7:2a:
3a:54:5b:ef:50:17:64:53:06:1e:e0:a7:04:ab:b2:
f7:46:a9:0d:30:2f:64:2d:66:7e:30:06:f0:7c:3b:
2a:11:19:4b:ae:82:98:e3:45:2c:41:0d:d9:6a:78:
7f:02:c9:62:2a:7d:f6:16:fb:fc:c3:f2:ad:40:bd:
4e:4a:a9:ca:cd:4e:03:11:dd:1d:a1:4a:43:21:55:
7d:e5:ef:03:49:7d:d9:e1:5a:a2:22:b6:84:b4:a7:
2d:03:c9:60:7c:d9:20:23:c1:c9:48:c7:2a:7b:bc:
2a:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:06:30:29:70:EC:D8:9D:DF:98:5D:29:65:0A:31:71:19:D7:08:A3
X509v3 Authority Key Identifier:
keyid:E6:28:22:0F:3F:D0:0F:41:7B:99:72:E1:D4:A0:F6:41:69:6E:79:99
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A912E31D/2CF6B8B0F9C911EFA54F762AC4F9AE02/5igiDz_QD0F7mXLh1KD2QWlueZk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5igiDz_QD0F7mXLh1KD2QWlueZk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912E31D/2CF6B8B0F9C911EFA54F762AC4F9AE02/E49A1C42FA4011EF91CF5054C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
163.61.156.0/23
IPv6:
2001:df5:19c0::/48
Signature Algorithm: sha256WithRSAEncryption
28:4b:2d:1a:7a:7f:4e:56:d0:ef:15:40:d5:54:52:20:71:81:
5a:ef:e3:1d:a9:61:a1:7d:6e:e6:35:89:31:9f:25:35:b0:43:
2f:3a:10:98:10:eb:37:ac:fb:45:8b:82:40:1c:2f:32:8c:f6:
f9:c2:a2:a9:32:4b:25:3a:79:f4:8e:a2:d8:ec:48:c9:c6:db:
9e:19:d4:5f:77:b3:73:c9:91:23:2d:2b:49:84:2e:07:f2:c5:
3c:93:1e:6a:28:36:44:0b:88:d4:05:ce:e2:8b:b4:25:ca:df:
64:b2:27:57:d2:43:2c:18:d0:ca:ff:60:fb:4d:f1:44:3d:1d:
80:24:cf:59:ac:c0:c9:df:15:a0:07:25:84:d6:f9:fb:9d:88:
fd:df:4d:71:a6:4b:49:9f:df:73:29:14:82:53:4d:66:4b:fc:
bf:2e:3b:a3:10:0d:3d:5b:22:27:8f:40:59:6d:96:dd:9a:5e:
d6:7b:3b:a9:3e:e3:c5:95:ec:43:be:b8:be:f2:a5:96:57:ac:
d2:9c:3f:e9:6a:cc:ec:3f:57:25:10:98:d4:6c:20:78:ff:20:
ef:f0:c5:0b:d9:84:10:74:b1:15:c0:da:ef:75:72:03:73:8d:
fc:21:16:f1:69:cc:0d:53:d4:82:ea:b8:a6:b8:cb:45:16:24:
d8:11:a6:c3
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIBAzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEy
RTMxRDExMC8GA1UEBRMoRTYyODIyMEYzRkQwMEY0MTdCOTk3MkUxRDRBMEY2NDE2
OTZFNzk5OTAeFw0yNTAzMDYwNDEwMDlaFw0yNjA1MjgwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3YzkyMDIxLWU3NjkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC+9MJhBAET1t/m9rTfUtH8gXbfqvAUc97NMoMifxpykZhCWbU8eN1MbZpNLLhX
siRlgb7QtgQMkNiF5a8aGDe0zV7Rg7CGHl8hLnJM77syQKhwUn48PtiQOfHoHfvI
I3LkS8GvB7nPrIr41yx4U1KiK3VpyHbWMOTytgVpSi+tw787Ia4QrWHj6hHCe26W
BsdENra3KjpUW+9QF2RTBh7gpwSrsvdGqQ0wL2QtZn4wBvB8OyoRGUuugpjjRSxB
DdlqeH8CyWIqffYW+/zD8q1AvU5KqcrNTgMR3R2hSkMhVX3l7wNJfdnhWqIitoS0
py0DyWB82SAjwclIxyp7vCqNAgMBAAGjggKmMIICojAdBgNVHQ4EFgQU3QYwKXDs
2J3fmF0pZQoxcRnXCKMwHwYDVR0jBBgwFoAU5igiDz/QD0F7mXLh1KD2QWlueZkw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTJFMzFELzJDRjZCOEIwRjlD
OTExRUZBNTRGNzYyQUM0RjlBRTAyLzVpZ2lEel9RRDBGN21YTGgxS0QyUVdsdWVa
ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvNWlnaUR6X1FEMEY3bVhMaDFLRDJRV2x1ZVprLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy
RTMxRC8yQ0Y2QjhCMEY5QzkxMUVGQTU0Rjc2MkFDNEY5QUUwMi9FNDlBMUM0MkZB
NDAxMUVGOTFDRjUwNTRDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh
MB8wDAQCAAEwBgMEAaM9nDAPBAIAAjAJAwcAIAEN9RnAMA0GCSqGSIb3DQEBCwUA
A4IBAQAoSy0aen9OVtDvFUDVVFIgcYFa7+MdqWGhfW7mNYkxnyU1sEMvOhCYEOs3
rPtFi4JAHC8yjPb5wqKpMkslOnn0jqLY7EjJxtueGdRfd7NzyZEjLStJhC4H8sU8
kx5qKDZEC4jUBc7ii7Qlyt9ksidX0kMsGNDK/2D7TfFEPR2AJM9ZrMDJ3xWgByWE
1vn7nYj9301xpktJn99zKRSCU01mS/y/LjujEA09WyInj0BZbZbdml7WezupPuPF
lexDvri+8qWWV6zSnD/paszsP1clEJjUbCB4/yDv8MUL2YQQdLEVwNrvdXIDc438
IRbxacwNU9SC6rimuMtFFiTYEabD
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:13:32 2025 by rpki-client