Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9158491/60DA53FADFA511EF8BD49F87C4F9AE02/B02B36FEE37911EF82A3D232C4F9AE02.roa
File: B02B36FEE37911EF82A3D232C4F9AE02.roa (raw, json)
Hash identifier: 7i6R1YGkSpN/p5zgfufLxlSn1z1WQk/ug0r7u413CQI=
Subject key identifier: C9:66:E7:4F:51:E6:30:91:FD:B1:77:A1:4C:CD:F8:A2:98:E7:09:4F
Certificate issuer: /CN=A9158491/serialNumber=61F8C7EBA7B55E71B2E6B17740914251D88CF0A6
Certificate serial: 14
Authority key identifier: 61:F8:C7:EB:A7:B5:5E:71:B2:E6:B1:77:40:91:42:51:D8:8C:F0:A6
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YfjH66e1XnGy5rF3QJFCUdiM8KY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9158491/60DA53FADFA511EF8BD49F87C4F9AE02/B02B36FEE37911EF82A3D232C4F9AE02.roa
Signing time: Wed 05 Feb 2025 04:28:46 +0000
ROA not before: Wed 05 Feb 2025 04:28:46 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 140641
IP address blocks: 163.61.39.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 06 Feb 2025 09:09:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20 (0x14)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9158491, serialNumber=61F8C7EBA7B55E71B2E6B17740914251D88CF0A6
Validity
Not Before: Feb 5 04:28:46 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67a2e8fe-b831
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:3d:d9:a0:e7:cb:ae:90:ca:3c:39:5f:7a:14:
2e:25:2e:68:5d:e4:62:86:90:ee:e0:38:15:1c:6a:
39:54:a0:1e:7f:7f:35:08:44:d5:8d:31:85:9a:ba:
c6:51:b6:8c:89:2c:78:51:56:85:3e:e1:c1:20:bb:
21:2f:52:2c:09:78:5f:89:26:50:7a:5c:91:66:f7:
4b:b6:b3:75:a0:fa:00:1f:6c:74:f4:2a:34:02:2c:
ec:80:d7:34:d2:21:57:3f:20:b7:ac:43:61:49:6a:
41:d2:8e:d1:45:44:5c:8b:4a:42:c2:f1:f3:3e:ca:
65:29:37:ae:09:53:b5:cd:79:34:45:16:a9:f4:37:
12:c3:35:a1:66:60:f1:53:11:57:80:b8:17:2f:5b:
9c:cc:a3:12:94:a6:df:87:90:35:c7:ca:f5:ce:eb:
49:67:64:4b:2d:0a:aa:d3:9b:40:07:2d:09:95:42:
f1:69:02:ef:51:a9:ed:04:0f:8c:bf:93:e9:bb:e5:
12:ca:bd:b8:58:13:95:57:10:31:8d:d9:4e:e7:b4:
4d:d1:1f:b8:84:02:64:a4:cf:7b:c3:da:ef:0a:b3:
f0:fe:41:a3:2c:da:9c:11:41:1f:b8:c0:d9:f3:1f:
a5:fd:64:77:ac:db:1a:9d:4f:ed:45:16:14:49:0c:
de:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:66:E7:4F:51:E6:30:91:FD:B1:77:A1:4C:CD:F8:A2:98:E7:09:4F
X509v3 Authority Key Identifier:
keyid:61:F8:C7:EB:A7:B5:5E:71:B2:E6:B1:77:40:91:42:51:D8:8C:F0:A6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9158491/60DA53FADFA511EF8BD49F87C4F9AE02/YfjH66e1XnGy5rF3QJFCUdiM8KY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YfjH66e1XnGy5rF3QJFCUdiM8KY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9158491/60DA53FADFA511EF8BD49F87C4F9AE02/B02B36FEE37911EF82A3D232C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
163.61.39.0/24
Signature Algorithm: sha256WithRSAEncryption
96:f7:b0:e3:51:be:4f:96:12:80:8a:27:50:16:0a:da:a2:5c:
ac:8d:c7:2b:a7:06:97:a0:27:4a:5c:11:7e:d3:36:33:8d:8f:
a4:3e:b6:bd:ad:3d:8c:0a:4b:54:40:fd:e4:a0:53:09:d6:d7:
f8:1c:58:b1:84:95:11:92:81:cc:47:29:28:93:a1:7a:dd:fb:
a0:4c:64:5d:d2:bc:cf:86:f3:d1:6b:81:ae:6e:c0:5c:db:ab:
ac:16:73:85:04:61:03:1a:da:02:19:70:0f:76:1a:ab:d4:e2:
19:7e:c3:72:d0:88:cc:f0:ec:a0:65:83:a1:d8:df:89:05:22:
a7:3a:0b:57:dd:0b:44:09:c5:91:b4:f1:e9:66:81:1f:2d:c9:
ae:95:66:7c:b1:b3:35:66:49:97:ec:b3:66:bf:de:d7:c6:e9:
40:50:aa:b7:64:59:22:11:4c:f7:7a:5f:ba:2e:68:4b:06:e6:
b0:5b:85:fd:ed:1c:80:cf:16:3f:08:1c:90:5d:bb:30:fb:96:
e5:67:4c:00:b2:a8:6e:57:24:ca:6f:53:e5:00:ae:bd:04:69:
40:c1:a4:75:62:db:b8:57:9f:17:96:26:2d:bc:be:ff:6d:7c:
4e:17:33:64:88:88:5a:69:01:a9:66:48:ae:dd:e7:a3:c6:e8:
df:15:c5:4c
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBFDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE1
ODQ5MTExMC8GA1UEBRMoNjFGOEM3RUJBN0I1NUU3MUIyRTZCMTc3NDA5MTQyNTFE
ODhDRjBBNjAeFw0yNTAyMDUwNDI4NDZaFw0yNjA1MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3YTJlOGZlLWI4MzEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCrPdmg58uukMo8OV96FC4lLmhd5GKGkO7gOBUcajlUoB5/fzUIRNWNMYWausZR
toyJLHhRVoU+4cEguyEvUiwJeF+JJlB6XJFm90u2s3Wg+gAfbHT0KjQCLOyA1zTS
IVc/ILesQ2FJakHSjtFFRFyLSkLC8fM+ymUpN64JU7XNeTRFFqn0NxLDNaFmYPFT
EVeAuBcvW5zMoxKUpt+HkDXHyvXO60lnZEstCqrTm0AHLQmVQvFpAu9Rqe0ED4y/
k+m75RLKvbhYE5VXEDGN2U7ntE3RH7iEAmSkz3vD2u8Ks/D+QaMs2pwRQR+4wNnz
H6X9ZHes2xqdT+1FFhRJDN5XAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUyWbnT1Hm
MJH9sXehTM34opjnCU8wHwYDVR0jBBgwFoAUYfjH66e1XnGy5rF3QJFCUdiM8KYw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTU4NDkxLzYwREE1M0ZBREZB
NTExRUY4QkQ0OUY4N0M0RjlBRTAyL1lmakg2NmUxWG5HeTVyRjNRSkZDVWRpTThL
WS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvWWZqSDY2ZTFYbkd5NXJGM1FKRkNVZGlNOEtZLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1
ODQ5MS82MERBNTNGQURGQTUxMUVGOEJENDlGODdDNEY5QUUwMi9CMDJCMzZGRUUz
NzkxMUVGODJBM0QyMzJDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAKM9JzANBgkqhkiG9w0BAQsFAAOCAQEAlvew41G+T5YSgIon
UBYK2qJcrI3HK6cGl6AnSlwRftM2M42PpD62va09jApLVED95KBTCdbX+BxYsYSV
EZKBzEcpKJOhet37oExkXdK8z4bz0WuBrm7AXNurrBZzhQRhAxraAhlwD3Yaq9Ti
GX7DctCIzPDsoGWDodjfiQUipzoLV90LRAnFkbTx6WaBHy3JrpVmfLGzNWZJl+yz
Zr/e18bpQFCqt2RZIhFM93pfui5oSwbmsFuF/e0cgM8WPwgckF27MPuW5WdMALKo
blckym9T5QCuvQRpQMGkdWLbuFefF5YmLby+/218ThczZIiIWmkBqWZIrt3no8bo
3xXFTA==
-----END CERTIFICATE-----
Generated at Tue Apr 22 13:02:04 2025 by rpki-client