Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91348C9/CFC10E0ACE9711EE923F0470C4F9AE02/EDEF37C60E8811F0B7E6A013C4F9AE02.roa
File: EDEF37C60E8811F0B7E6A013C4F9AE02.roa (raw, json)
Hash identifier: nfYlDb9cIbMJqr6pjSDavKxss38pIl1cmAfp4ag22TA=
Subject key identifier: F6:8D:94:0C:10:B7:E2:33:65:BF:5F:FC:8F:4D:2A:61:BD:0A:97:E1
Certificate issuer: /CN=A91348C9/serialNumber=0C762B2C9024B34C988482F1D71D749AE7DC4AEB
Certificate serial: DF
Authority key identifier: 0C:76:2B:2C:90:24:B3:4C:98:84:82:F1:D7:1D:74:9A:E7:DC:4A:EB
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DHYrLJAks0yYhILx1x10mufcSus.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91348C9/CFC10E0ACE9711EE923F0470C4F9AE02/EDEF37C60E8811F0B7E6A013C4F9AE02.roa
Signing time: Mon 31 Mar 2025 23:36:12 +0000
ROA not before: Mon 31 Mar 2025 23:36:12 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 132707
IP address blocks: 43.239.95.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 05 Apr 2025 23:58:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 223 (0xdf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91348C9, serialNumber=0C762B2C9024B34C988482F1D71D749AE7DC4AEB
Validity
Not Before: Mar 31 23:36:12 2025 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=67eb26ec-3bf2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:5e:3b:2b:b2:87:d1:b3:2d:58:58:7f:60:a1:
62:97:7d:e6:55:3f:4a:c2:f0:a8:62:ca:91:15:2a:
86:0c:18:03:76:62:13:f3:55:22:b3:a9:75:85:ea:
4d:f0:bf:60:59:e1:ba:10:0d:45:5a:73:de:b3:27:
d2:bb:01:32:e8:f3:23:56:f1:34:44:16:b4:75:83:
eb:7a:3d:f5:e2:99:5d:bc:cb:10:38:ef:79:e6:3e:
04:02:b5:99:66:bb:ab:e0:33:ee:9c:ec:da:7d:38:
61:ba:38:93:bf:97:59:70:2b:95:86:43:31:49:3f:
e5:e5:e3:eb:a5:3a:fd:a4:ee:7f:d5:8d:47:52:19:
22:bf:45:e2:ef:c9:c2:93:70:bb:4e:af:19:18:2b:
41:2f:02:b7:c0:cf:bb:6b:f8:d9:04:01:8b:2e:f4:
ba:9c:21:a6:6d:cb:c7:c9:8e:b5:4c:a9:f4:15:46:
41:64:c3:16:75:b6:b7:b1:c7:d6:95:7e:e2:c5:b5:
a8:23:f4:e8:9a:e3:c3:7e:67:71:24:c0:ef:47:aa:
a9:20:67:18:db:51:31:4a:c0:6c:3c:b2:aa:db:86:
39:34:77:f5:54:ae:28:be:12:76:ff:fd:8d:88:59:
89:ca:34:3e:48:76:89:9c:5f:71:b8:ee:c4:0b:3d:
6f:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:8D:94:0C:10:B7:E2:33:65:BF:5F:FC:8F:4D:2A:61:BD:0A:97:E1
X509v3 Authority Key Identifier:
keyid:0C:76:2B:2C:90:24:B3:4C:98:84:82:F1:D7:1D:74:9A:E7:DC:4A:EB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91348C9/CFC10E0ACE9711EE923F0470C4F9AE02/DHYrLJAks0yYhILx1x10mufcSus.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DHYrLJAks0yYhILx1x10mufcSus.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91348C9/CFC10E0ACE9711EE923F0470C4F9AE02/EDEF37C60E8811F0B7E6A013C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.239.95.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:12:ef:c7:4c:85:7b:46:5d:00:99:d9:28:f0:06:94:38:7b:
13:77:69:4b:69:48:92:af:02:74:e4:2e:d0:4f:cb:ef:2a:ae:
ab:3d:c4:2a:bb:a3:a0:d9:3d:28:04:a7:df:5a:a9:c3:f3:6a:
76:5a:ba:22:1e:34:c1:be:a3:0a:f5:f4:90:0b:26:c7:25:ef:
99:8d:cb:c7:8e:37:29:8a:fa:c5:04:2d:88:1d:0e:cd:c6:e2:
44:c7:04:b9:93:8b:50:96:21:e1:c2:74:35:be:19:d0:bf:49:
48:d1:2d:2c:f3:28:d9:44:83:a4:97:c8:41:dc:cf:eb:da:6d:
18:ff:38:59:af:64:0d:97:11:8d:7d:bf:e9:12:06:de:14:e3:
24:b9:93:0d:06:aa:d8:bf:db:b6:74:67:26:2e:da:8b:29:7a:
81:d3:58:36:5a:cc:e4:5f:b6:7c:aa:2b:73:41:3e:e8:40:1e:
04:69:5e:20:f9:04:32:dc:16:f0:ae:5d:97:02:29:de:ef:8e:
af:0a:9f:66:89:73:ea:f6:9f:e5:e2:73:7d:ef:bb:c6:76:ab:
1e:39:b6:11:16:04:8d:13:14:63:3d:c7:c5:f7:01:2c:f2:dc:
7e:62:4c:bf:7f:fa:97:1b:c7:ec:9b:6f:90:cc:40:54:f8:0e:
2d:22:58:5b
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAN8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzQ4QzkxMTAvBgNVBAUTKDBDNzYyQjJDOTAyNEIzNEM5ODg0ODJGMUQ3MUQ3NDlB
RTdEQzRBRUIwHhcNMjUwMzMxMjMzNjEyWhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2ViMjZlYy0zYmYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAu147K7KH0bMtWFh/YKFil33mVT9KwvCoYsqRFSqGDBgDdmIT81Uis6l1hepN
8L9gWeG6EA1FWnPesyfSuwEy6PMjVvE0RBa0dYPrej314pldvMsQOO955j4EArWZ
Zrur4DPunOzafThhujiTv5dZcCuVhkMxST/l5ePrpTr9pO5/1Y1HUhkiv0Xi78nC
k3C7Tq8ZGCtBLwK3wM+7a/jZBAGLLvS6nCGmbcvHyY61TKn0FUZBZMMWdba3scfW
lX7ixbWoI/TomuPDfmdxJMDvR6qpIGcY21ExSsBsPLKq24Y5NHf1VK4ovhJ2//2N
iFmJyjQ+SHaJnF9xuO7ECz1vmQIDAQABo4IClTCCApEwHQYDVR0OBBYEFPaNlAwQ
t+IzZb9f/I9NKmG9CpfhMB8GA1UdIwQYMBaAFAx2KyyQJLNMmISC8dcddJrn3Err
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzNDhDOS9DRkMxMEUwQUNF
OTcxMUVFOTIzRjA0NzBDNEY5QUUwMi9ESFlyTEpBa3MweVloSUx4MXgxMG11ZmNT
dXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0RIWXJMSkFrczB5WWhJTHgxeDEwbXVmY1N1cy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzQ4QzkvQ0ZDMTBFMEFDRTk3MTFFRTkyM0YwNDcwQzRGOUFFMDIvRURFRjM3QzYw
RTg4MTFGMEI3RTZBMDEzQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAAr718wDQYJKoZIhvcNAQELBQADggEBAIsS78dMhXtGXQCZ
2SjwBpQ4exN3aUtpSJKvAnTkLtBPy+8qrqs9xCq7o6DZPSgEp99aqcPzanZauiIe
NMG+owr19JALJscl75mNy8eONymK+sUELYgdDs3G4kTHBLmTi1CWIeHCdDW+GdC/
SUjRLSzzKNlEg6SXyEHcz+vabRj/OFmvZA2XEY19v+kSBt4U4yS5kw0Gqti/27Z0
ZyYu2ospeoHTWDZazORftnyqK3NBPuhAHgRpXiD5BDLcFvCuXZcCKd7vjq8Kn2aJ
c+r2n+Xic33vu8Z2qx45thEWBI0TFGM9x8X3ASzy3H5iTL9/+pcbx+ybb5DMQFT4
Di0iWFs=
-----END CERTIFICATE-----
Generated at Fri Apr 18 17:24:21 2025 by rpki-client