Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9158491/60DA53FADFA511EF8BD49F87C4F9AE02/09E08BBCDFA711EFB305A80EC4F9AE02.roa
File: 09E08BBCDFA711EFB305A80EC4F9AE02.roa (raw, json)
Hash identifier: kdTdufTqi4/CKXCIUHkp52fvUV+UlD83IYSyuA6QqEg=
Subject key identifier: 01:59:54:44:56:7C:9E:1B:1E:41:70:15:D8:9A:D8:B7:97:0C:65:16
Certificate issuer: /CN=A9158491/serialNumber=61F8C7EBA7B55E71B2E6B17740914251D88CF0A6
Certificate serial: 04
Authority key identifier: 61:F8:C7:EB:A7:B5:5E:71:B2:E6:B1:77:40:91:42:51:D8:8C:F0:A6
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YfjH66e1XnGy5rF3QJFCUdiM8KY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9158491/60DA53FADFA511EF8BD49F87C4F9AE02/09E08BBCDFA711EFB305A80EC4F9AE02.roa
Signing time: Fri 31 Jan 2025 07:43:19 +0000
ROA not before: Fri 31 Jan 2025 07:43:19 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 152565
IP address blocks: 163.61.38.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 04 Feb 2025 21:50:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4 (0x4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9158491, serialNumber=61F8C7EBA7B55E71B2E6B17740914251D88CF0A6
Validity
Not Before: Jan 31 07:43:19 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=679c7f17-9ea7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:ad:a2:08:73:ca:82:a2:0a:f5:41:38:f6:22:
39:75:b7:a3:13:3a:b0:ff:ff:3f:bf:1d:b2:df:61:
be:8f:9a:2a:f7:75:cd:14:b7:fb:59:33:bb:da:a4:
7e:15:ff:9b:c5:1a:a7:0a:c6:bc:79:67:6e:1e:60:
34:31:52:f7:53:bf:d5:25:e3:b6:82:7e:ba:8b:72:
b3:75:5d:cd:02:41:0b:23:1f:c1:17:20:fe:ae:dc:
ea:36:44:58:99:82:4f:52:7c:0b:d9:02:9d:c5:56:
42:78:2b:87:2a:d5:5c:06:3b:9b:ea:d5:b5:ec:b3:
06:26:83:50:12:0a:56:94:77:bd:73:20:ea:67:91:
cf:10:8a:92:5d:6a:62:23:2c:af:d6:a3:60:ca:1b:
c6:13:04:24:f5:51:c3:e1:ce:c2:f7:43:23:50:b4:
87:7a:1c:7d:bb:25:ea:c5:9d:88:3f:0b:bf:43:98:
bb:73:a3:a7:9a:cf:36:32:ac:fa:68:a4:4e:ff:90:
0d:7b:34:c8:d6:79:62:5d:03:87:fb:27:65:19:27:
3a:1b:fe:c2:6c:91:92:5a:18:15:78:96:a4:59:0d:
fd:29:eb:b3:ee:4f:3d:6b:86:39:c0:c1:17:b7:5b:
e3:37:1e:98:cc:d0:7c:b9:6c:22:e1:9e:fc:8a:c5:
9b:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:59:54:44:56:7C:9E:1B:1E:41:70:15:D8:9A:D8:B7:97:0C:65:16
X509v3 Authority Key Identifier:
keyid:61:F8:C7:EB:A7:B5:5E:71:B2:E6:B1:77:40:91:42:51:D8:8C:F0:A6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9158491/60DA53FADFA511EF8BD49F87C4F9AE02/YfjH66e1XnGy5rF3QJFCUdiM8KY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YfjH66e1XnGy5rF3QJFCUdiM8KY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9158491/60DA53FADFA511EF8BD49F87C4F9AE02/09E08BBCDFA711EFB305A80EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
163.61.38.0/24
Signature Algorithm: sha256WithRSAEncryption
b4:9a:00:f9:87:cc:dd:4a:be:30:60:db:77:11:bf:1a:66:58:
8a:06:72:7c:5f:e4:d4:54:c7:b4:4d:14:f6:f9:72:d6:b1:50:
5d:75:ae:f8:72:94:c0:bb:73:de:7b:3e:eb:98:f1:aa:a4:e4:
b1:ab:66:c2:65:02:49:df:46:df:21:4d:e6:60:5d:fc:b6:a1:
42:59:31:f2:bf:fe:6b:9b:64:a5:e8:aa:d4:1b:26:db:bd:55:
d1:ae:63:3d:86:fb:45:84:79:61:79:9d:47:f9:70:66:c0:b4:
b1:8f:2d:41:e6:83:55:f1:05:6e:a4:90:57:e9:ff:af:64:d9:
4a:76:0e:5b:c3:24:38:46:53:ac:3c:62:1b:39:52:c1:c2:30:
cf:3c:b1:55:dc:b4:88:a8:e1:9f:d1:a4:53:86:c3:df:d1:c1:
9d:0a:61:27:1e:d5:f5:24:96:53:84:6a:62:c2:93:44:c9:40:
a1:78:49:32:d8:30:b6:55:34:bb:8f:82:c1:0c:3d:e6:4f:52:
87:45:5e:e1:74:d8:41:af:0e:ce:19:a6:af:a4:a9:0d:ea:93:
57:9a:76:dd:17:85:fd:7a:cb:a5:5b:31:9e:f1:9f:61:c0:71:
dd:99:6b:64:9b:b1:a5:82:23:59:87:96:1a:b2:cd:28:21:48:
63:aa:48:33
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBBDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE1
ODQ5MTExMC8GA1UEBRMoNjFGOEM3RUJBN0I1NUU3MUIyRTZCMTc3NDA5MTQyNTFE
ODhDRjBBNjAeFw0yNTAxMzEwNzQzMTlaFw0yNjA1MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3OWM3ZjE3LTllYTcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDBraIIc8qCogr1QTj2Ijl1t6MTOrD//z+/HbLfYb6Pmir3dc0Ut/tZM7vapH4V
/5vFGqcKxrx5Z24eYDQxUvdTv9Ul47aCfrqLcrN1Xc0CQQsjH8EXIP6u3Oo2RFiZ
gk9SfAvZAp3FVkJ4K4cq1VwGO5vq1bXsswYmg1ASClaUd71zIOpnkc8QipJdamIj
LK/Wo2DKG8YTBCT1UcPhzsL3QyNQtId6HH27JerFnYg/C79DmLtzo6eazzYyrPpo
pE7/kA17NMjWeWJdA4f7J2UZJzob/sJskZJaGBV4lqRZDf0p67PuTz1rhjnAwRe3
W+M3HpjM0Hy5bCLhnvyKxZvFAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUAVlURFZ8
nhseQXAV2JrYt5cMZRYwHwYDVR0jBBgwFoAUYfjH66e1XnGy5rF3QJFCUdiM8KYw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTU4NDkxLzYwREE1M0ZBREZB
NTExRUY4QkQ0OUY4N0M0RjlBRTAyL1lmakg2NmUxWG5HeTVyRjNRSkZDVWRpTThL
WS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvWWZqSDY2ZTFYbkd5NXJGM1FKRkNVZGlNOEtZLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1
ODQ5MS82MERBNTNGQURGQTUxMUVGOEJENDlGODdDNEY5QUUwMi8wOUUwOEJCQ0RG
QTcxMUVGQjMwNUE4MEVDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAKM9JjANBgkqhkiG9w0BAQsFAAOCAQEAtJoA+YfM3Uq+MGDb
dxG/GmZYigZyfF/k1FTHtE0U9vly1rFQXXWu+HKUwLtz3ns+65jxqqTksatmwmUC
Sd9G3yFN5mBd/LahQlkx8r/+a5tkpeiq1Bsm271V0a5jPYb7RYR5YXmdR/lwZsC0
sY8tQeaDVfEFbqSQV+n/r2TZSnYOW8MkOEZTrDxiGzlSwcIwzzyxVdy0iKjhn9Gk
U4bD39HBnQphJx7V9SSWU4RqYsKTRMlAoXhJMtgwtlU0u4+CwQw95k9Sh0Ve4XTY
Qa8Ozhmmr6SpDeqTV5p23ReF/XrLpVsxnvGfYcBx3ZlrZJuxpYIjWYeWGrLNKCFI
Y6pIMw==
-----END CERTIFICATE-----
Generated at Fri Apr 18 20:34:36 2025 by rpki-client