Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9158491/60DA53FADFA511EF8BD49F87C4F9AE02/BFF91200E33711EFADA18C1BC4F9AE02.roa
File: BFF91200E33711EFADA18C1BC4F9AE02.roa (raw, json)
Hash identifier: pxSQJAYWhRJwaAOl0D6heZ9bsgqQ16UyzIdE/X1M5X0=
Subject key identifier: 13:D9:7A:73:4A:9B:AE:C0:C7:3D:61:E2:BE:E1:F3:B9:E5:6A:D1:B4
Certificate issuer: /CN=A9158491/serialNumber=61F8C7EBA7B55E71B2E6B17740914251D88CF0A6
Certificate serial: 09
Authority key identifier: 61:F8:C7:EB:A7:B5:5E:71:B2:E6:B1:77:40:91:42:51:D8:8C:F0:A6
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YfjH66e1XnGy5rF3QJFCUdiM8KY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9158491/60DA53FADFA511EF8BD49F87C4F9AE02/BFF91200E33711EFADA18C1BC4F9AE02.roa
Signing time: Tue 04 Feb 2025 20:36:46 +0000
ROA not before: Tue 04 Feb 2025 20:36:46 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 140641
IP address blocks: 163.61.39.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 04 Feb 2025 21:45:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9 (0x9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9158491, serialNumber=61F8C7EBA7B55E71B2E6B17740914251D88CF0A6
Validity
Not Before: Feb 4 20:36:46 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67a27a5d-3712
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:28:ec:02:c8:c7:12:6b:47:fc:d9:ac:eb:d3:
c7:e5:46:81:12:1a:e4:25:90:08:e5:ec:cf:79:84:
12:fd:87:f4:9c:e1:ec:dc:a3:46:6f:e4:91:d8:89:
bb:4c:ef:aa:9b:28:3f:7b:ed:49:c3:1d:f2:ec:71:
4c:12:7f:63:2e:b2:07:3a:a0:71:1f:5b:bf:88:85:
75:ab:52:7b:f6:14:9f:86:6b:db:d4:2f:c5:00:a9:
ce:e5:c5:a2:ad:bc:a6:a1:07:ac:6b:0a:66:46:cb:
6b:9c:c1:21:b0:e8:3a:79:88:37:f7:20:80:7a:1f:
66:b9:27:4d:65:1d:d6:e6:56:2c:55:73:ce:33:a6:
27:4e:16:6c:f9:ec:46:9e:43:a1:15:e0:b4:96:ed:
6e:f7:7b:e5:82:95:6a:0c:9b:1c:c4:26:a7:27:37:
5e:a3:9f:89:11:00:8e:f0:22:9b:a7:c1:0c:20:ac:
95:72:59:8a:c9:db:6b:bc:37:db:f2:a5:21:ea:95:
7f:ad:0d:31:6c:4f:26:13:de:6b:eb:f5:92:b9:33:
44:82:ab:a6:49:d1:de:82:a6:2d:5a:52:b4:cf:f5:
d5:b7:34:c7:18:a5:39:60:1b:9c:6e:72:35:6d:28:
fb:57:5e:3a:21:d1:3d:82:5b:e0:53:4c:9c:b1:3d:
c2:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:D9:7A:73:4A:9B:AE:C0:C7:3D:61:E2:BE:E1:F3:B9:E5:6A:D1:B4
X509v3 Authority Key Identifier:
keyid:61:F8:C7:EB:A7:B5:5E:71:B2:E6:B1:77:40:91:42:51:D8:8C:F0:A6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9158491/60DA53FADFA511EF8BD49F87C4F9AE02/YfjH66e1XnGy5rF3QJFCUdiM8KY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YfjH66e1XnGy5rF3QJFCUdiM8KY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9158491/60DA53FADFA511EF8BD49F87C4F9AE02/BFF91200E33711EFADA18C1BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
163.61.39.0/24
Signature Algorithm: sha256WithRSAEncryption
80:f7:d2:c4:e9:47:07:17:aa:59:57:97:b8:cc:7a:a5:e0:11:
3e:b6:8f:c9:f1:f7:e8:6c:76:9d:9f:16:17:6b:0a:90:6c:1b:
e3:29:ca:0c:9d:1a:64:7d:76:53:88:b0:30:86:3c:d3:85:2d:
01:07:ad:39:7d:be:16:78:9e:9a:4c:c0:c0:67:5b:69:58:24:
1c:eb:c9:8b:cd:92:13:46:e1:1b:be:c9:88:b8:a1:45:72:33:
d9:11:50:a0:19:4b:c2:23:33:00:63:3c:a9:d6:e5:c5:18:df:
4f:cb:43:cf:35:9a:cc:91:05:ee:ca:4d:c7:24:e4:38:e0:d2:
a3:19:fe:55:ce:14:d1:91:ff:df:1f:09:78:db:86:9a:b7:2d:
6a:f5:0b:5f:de:e2:ab:e7:81:ed:e4:1b:f1:2c:06:9d:ed:2d:
c7:41:b2:51:86:32:ba:0c:1c:91:39:11:d7:1b:61:b4:e7:7e:
92:6b:a2:04:50:a6:00:73:76:de:60:d7:7d:65:95:74:1c:f4:
bd:3b:e2:59:a8:a7:35:9d:dc:20:4c:77:f3:83:17:8a:f1:12:
9a:5c:e2:97:af:e6:94:d4:18:0b:6a:8a:3b:69:5c:c8:c1:9d:
a7:a7:93:98:02:10:dd:a4:9a:5d:9f:05:6f:f4:d5:33:db:c4:
44:17:6c:7d
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBCTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE1
ODQ5MTExMC8GA1UEBRMoNjFGOEM3RUJBN0I1NUU3MUIyRTZCMTc3NDA5MTQyNTFE
ODhDRjBBNjAeFw0yNTAyMDQyMDM2NDZaFw0yNjA1MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3YTI3YTVkLTM3MTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDDKOwCyMcSa0f82azr08flRoESGuQlkAjl7M95hBL9h/Sc4ezco0Zv5JHYibtM
76qbKD977UnDHfLscUwSf2Musgc6oHEfW7+IhXWrUnv2FJ+Ga9vUL8UAqc7lxaKt
vKahB6xrCmZGy2ucwSGw6Dp5iDf3IIB6H2a5J01lHdbmVixVc84zpidOFmz57Eae
Q6EV4LSW7W73e+WClWoMmxzEJqcnN16jn4kRAI7wIpunwQwgrJVyWYrJ22u8N9vy
pSHqlX+tDTFsTyYT3mvr9ZK5M0SCq6ZJ0d6Cpi1aUrTP9dW3NMcYpTlgG5xucjVt
KPtXXjoh0T2CW+BTTJyxPcJbAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUE9l6c0qb
rsDHPWHivuHzueVq0bQwHwYDVR0jBBgwFoAUYfjH66e1XnGy5rF3QJFCUdiM8KYw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTU4NDkxLzYwREE1M0ZBREZB
NTExRUY4QkQ0OUY4N0M0RjlBRTAyL1lmakg2NmUxWG5HeTVyRjNRSkZDVWRpTThL
WS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvWWZqSDY2ZTFYbkd5NXJGM1FKRkNVZGlNOEtZLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1
ODQ5MS82MERBNTNGQURGQTUxMUVGOEJENDlGODdDNEY5QUUwMi9CRkY5MTIwMEUz
MzcxMUVGQURBMThDMUJDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAKM9JzANBgkqhkiG9w0BAQsFAAOCAQEAgPfSxOlHBxeqWVeX
uMx6peARPraPyfH36Gx2nZ8WF2sKkGwb4ynKDJ0aZH12U4iwMIY804UtAQetOX2+
FniemkzAwGdbaVgkHOvJi82SE0bhG77JiLihRXIz2RFQoBlLwiMzAGM8qdblxRjf
T8tDzzWazJEF7spNxyTkOODSoxn+Vc4U0ZH/3x8JeNuGmrctavULX97iq+eB7eQb
8SwGne0tx0GyUYYyugwckTkR1xthtOd+kmuiBFCmAHN23mDXfWWVdBz0vTviWain
NZ3cIEx384MXivESmlzil6/mlNQYC2qKO2lcyMGdp6eTmAIQ3aSaXZ8Fb/TVM9vE
RBdsfQ==
-----END CERTIFICATE-----
Generated at Tue Apr 22 13:46:54 2025 by rpki-client