Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9158491/60DA53FADFA511EF8BD49F87C4F9AE02/8E2638CEE34211EF9F1F6178C4F9AE02.roa
File: 8E2638CEE34211EF9F1F6178C4F9AE02.roa (raw, json)
Hash identifier: spy3z28BQm2jgO7K2itJXfL4Ob0HTaofypyAgoTOMv8=
Subject key identifier: 6F:A7:AD:39:A9:2B:A2:0A:B8:8A:6A:A6:9E:65:42:86:E7:D4:7A:1B
Certificate issuer: /CN=A9158491/serialNumber=61F8C7EBA7B55E71B2E6B17740914251D88CF0A6
Certificate serial: 11
Authority key identifier: 61:F8:C7:EB:A7:B5:5E:71:B2:E6:B1:77:40:91:42:51:D8:8C:F0:A6
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YfjH66e1XnGy5rF3QJFCUdiM8KY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9158491/60DA53FADFA511EF8BD49F87C4F9AE02/8E2638CEE34211EF9F1F6178C4F9AE02.roa
Signing time: Tue 04 Feb 2025 21:54:06 +0000
ROA not before: Tue 04 Feb 2025 21:54:06 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 147224
IP address blocks: 163.61.39.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 05 Feb 2025 04:28:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17 (0x11)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9158491, serialNumber=61F8C7EBA7B55E71B2E6B17740914251D88CF0A6
Validity
Not Before: Feb 4 21:54:06 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67a28c7e-5e0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:cf:ab:20:69:46:eb:88:9e:99:4f:12:37:9a:
56:19:ac:b1:d9:b2:d9:28:03:03:51:ac:53:6c:c5:
50:51:ad:92:09:12:24:f8:3e:58:53:a7:31:af:b7:
95:c6:d1:e7:b9:92:29:e3:20:71:8d:44:5e:80:52:
9f:b3:8c:c1:2e:28:cd:87:d2:a3:20:1a:5a:55:44:
32:54:d3:18:bb:7a:ea:a8:5a:70:94:98:ae:41:fd:
50:80:51:fb:d9:73:3c:ed:6d:5f:c0:fa:cc:e7:dd:
49:7a:10:38:d7:c1:35:f8:38:10:c7:c3:ad:93:d7:
a6:25:8c:00:f3:b0:8e:1e:27:a8:27:43:1d:5c:d4:
8d:ec:a0:66:2d:92:2b:57:71:f4:8a:5c:50:ac:1e:
df:8c:48:38:a9:90:09:f2:fe:08:35:20:42:48:f9:
37:ce:71:03:5c:cc:a2:84:b2:bb:f4:02:27:56:39:
ee:ca:ae:bd:2d:e9:43:a9:60:8f:9d:14:4e:4c:bf:
4b:91:f0:d5:b1:53:f3:08:49:0b:b5:aa:1f:76:a8:
90:dc:f8:1d:c1:cf:f6:9e:25:55:48:be:f9:3c:dc:
8d:e8:e1:51:db:fe:ce:95:eb:7a:10:0a:d9:51:18:
ca:bb:4c:2e:cd:31:dc:64:7f:75:be:ce:6c:4f:22:
f0:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:A7:AD:39:A9:2B:A2:0A:B8:8A:6A:A6:9E:65:42:86:E7:D4:7A:1B
X509v3 Authority Key Identifier:
keyid:61:F8:C7:EB:A7:B5:5E:71:B2:E6:B1:77:40:91:42:51:D8:8C:F0:A6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9158491/60DA53FADFA511EF8BD49F87C4F9AE02/YfjH66e1XnGy5rF3QJFCUdiM8KY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YfjH66e1XnGy5rF3QJFCUdiM8KY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9158491/60DA53FADFA511EF8BD49F87C4F9AE02/8E2638CEE34211EF9F1F6178C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
163.61.39.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:f2:82:8f:9c:94:36:f5:a0:f6:b1:ba:89:32:49:df:39:63:
14:f4:4b:2c:44:ca:3a:99:6d:d9:13:1d:cf:c9:5b:90:0e:6c:
06:f2:3a:f4:7d:43:f9:7f:13:94:65:53:4c:8e:7d:98:87:da:
ec:b8:bd:c6:31:a7:f3:7a:bc:a9:ac:da:fd:4a:76:8c:09:5f:
2a:51:5b:76:3c:b8:e4:70:4f:57:9b:19:e8:6c:81:9f:f4:d6:
eb:78:37:12:98:e2:52:b8:59:d5:cb:09:3a:01:0f:bf:90:49:
b7:f8:bb:3f:a2:91:66:b5:dc:30:3a:c4:bb:ba:61:d2:42:f7:
8e:43:a2:55:9d:de:f9:7a:55:4f:86:ea:5e:98:3e:b5:ae:6c:
dd:d8:81:97:cc:63:68:90:6b:df:db:29:6f:f5:54:e3:f7:f1:
a6:65:0b:8a:c0:74:20:98:28:04:e9:71:77:13:f3:f3:33:34:
c0:da:ec:19:0f:47:9e:d3:cb:fa:15:5c:0d:d8:6a:7d:04:47:
b4:e4:f5:5e:53:c3:d5:6b:76:eb:93:4f:ca:5a:34:b7:9a:15:
31:e2:c3:da:77:cc:73:0c:9c:16:61:ee:f7:56:28:74:59:21:
7e:de:f8:82:66:4f:14:2c:b5:52:c7:2a:26:60:03:3a:2e:72:
f0:41:10:a9
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBETANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE1
ODQ5MTExMC8GA1UEBRMoNjFGOEM3RUJBN0I1NUU3MUIyRTZCMTc3NDA5MTQyNTFE
ODhDRjBBNjAeFw0yNTAyMDQyMTU0MDZaFw0yNjA1MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3YTI4YzdlLTVlMGQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCZz6sgaUbriJ6ZTxI3mlYZrLHZstkoAwNRrFNsxVBRrZIJEiT4PlhTpzGvt5XG
0ee5kinjIHGNRF6AUp+zjMEuKM2H0qMgGlpVRDJU0xi7euqoWnCUmK5B/VCAUfvZ
czztbV/A+szn3Ul6EDjXwTX4OBDHw62T16YljADzsI4eJ6gnQx1c1I3soGYtkitX
cfSKXFCsHt+MSDipkAny/gg1IEJI+TfOcQNczKKEsrv0AidWOe7Krr0t6UOpYI+d
FE5Mv0uR8NWxU/MISQu1qh92qJDc+B3Bz/aeJVVIvvk83I3o4VHb/s6V63oQCtlR
GMq7TC7NMdxkf3W+zmxPIvDDAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUb6etOakr
ogq4imqmnmVChufUehswHwYDVR0jBBgwFoAUYfjH66e1XnGy5rF3QJFCUdiM8KYw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTU4NDkxLzYwREE1M0ZBREZB
NTExRUY4QkQ0OUY4N0M0RjlBRTAyL1lmakg2NmUxWG5HeTVyRjNRSkZDVWRpTThL
WS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvWWZqSDY2ZTFYbkd5NXJGM1FKRkNVZGlNOEtZLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1
ODQ5MS82MERBNTNGQURGQTUxMUVGOEJENDlGODdDNEY5QUUwMi84RTI2MzhDRUUz
NDIxMUVGOUYxRjYxNzhDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAKM9JzANBgkqhkiG9w0BAQsFAAOCAQEAH/KCj5yUNvWg9rG6
iTJJ3zljFPRLLETKOplt2RMdz8lbkA5sBvI69H1D+X8TlGVTTI59mIfa7Li9xjGn
83q8qaza/Up2jAlfKlFbdjy45HBPV5sZ6GyBn/TW63g3EpjiUrhZ1csJOgEPv5BJ
t/i7P6KRZrXcMDrEu7ph0kL3jkOiVZ3e+XpVT4bqXpg+ta5s3diBl8xjaJBr39sp
b/VU4/fxpmULisB0IJgoBOlxdxPz8zM0wNrsGQ9HntPL+hVcDdhqfQRHtOT1XlPD
1Wt265NPylo0t5oVMeLD2nfMcwycFmHu91YodFkhft74gmZPFCy1UscqJmADOi5y
8EEQqQ==
-----END CERTIFICATE-----
Generated at Tue Apr 22 23:18:29 2025 by rpki-client