Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915BC98/ABAFF5EA061211F08E9AE529C4F9AE02/4BFCAA3E098811F090DD303BC4F9AE02.roa
File: 4BFCAA3E098811F090DD303BC4F9AE02.roa (raw, json)
Hash identifier: /mRDGNCLEbKPYxLCKFv6W+DwfTq5nEZTCU5idgIOOZ0=
Subject key identifier: E0:A9:A3:2D:B5:3D:13:FB:5B:81:D7:4D:F8:62:2E:45:0D:0E:E6:7B
Certificate issuer: /CN=A915BC98/serialNumber=FF8CCBE618755A1F5199BD0C82760E8EDB8F85BA
Certificate serial: 27
Authority key identifier: FF:8C:CB:E6:18:75:5A:1F:51:99:BD:0C:82:76:0E:8E:DB:8F:85:BA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_4zL5hh1Wh9Rmb0MgnYOjtuPhbo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915BC98/ABAFF5EA061211F08E9AE529C4F9AE02/4BFCAA3E098811F090DD303BC4F9AE02.roa
Signing time: Tue 25 Mar 2025 14:49:04 +0000
ROA not before: Tue 25 Mar 2025 14:49:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 153725
IP address blocks: 163.223.178.0/23 maxlen: 23
163.223.178.0/24 maxlen: 24
163.223.179.0/24 maxlen: 24
2401:f860:87::/48 maxlen: 48
2401:f860:88::/48 maxlen: 48
2401:f860:89::/48 maxlen: 48
2401:f860:90::/48 maxlen: 48
2401:f860:100::/40 maxlen: 40
Validation: Failed, certificate revoked on Tue 25 Mar 2025 15:46:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 39 (0x27)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915BC98, serialNumber=FF8CCBE618755A1F5199BD0C82760E8EDB8F85BA
Validity
Not Before: Mar 25 14:49:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=67e2c260-9140
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:b3:e2:27:41:21:28:6b:80:cc:37:67:8c:c7:
6a:c0:a2:d4:4b:7e:f2:db:c0:f4:f0:7d:33:e1:aa:
a1:09:0a:f2:00:07:57:7b:7b:80:2d:8c:a7:11:99:
d8:8e:11:26:9b:80:20:52:b1:38:ef:90:1f:fe:c0:
50:65:c8:14:31:66:ad:e0:a4:fb:b3:bb:79:58:cd:
a6:e5:6a:24:94:50:1d:32:b9:ff:4b:43:9b:b0:82:
1c:e8:2a:c0:a1:69:30:44:2d:b4:ab:4d:c4:8a:ff:
54:72:f0:7a:d0:4d:3f:26:3f:87:b2:b9:e7:9e:6c:
31:b7:43:5d:9f:be:7e:39:0f:f0:fa:81:8f:a7:94:
6b:63:63:fb:d4:ec:68:1f:e7:fd:12:82:83:35:24:
41:ac:90:ce:f7:a5:ca:e7:25:73:11:81:d1:16:b5:
bc:45:78:d7:42:0f:fe:67:2d:63:14:4c:a7:9a:3e:
8c:e6:00:de:23:a3:a7:26:a5:1a:c2:9e:bc:ec:80:
e8:d6:5e:2f:ea:4d:c9:c1:b5:f8:d7:58:0c:e8:8f:
3a:5c:8e:99:1c:7c:69:0f:51:6d:62:11:82:95:2f:
7b:4a:8c:9a:f0:77:1f:09:00:1a:24:bb:28:8e:a8:
c8:e8:d8:26:fc:e0:30:a8:42:c1:6e:ec:61:e9:fc:
d7:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:A9:A3:2D:B5:3D:13:FB:5B:81:D7:4D:F8:62:2E:45:0D:0E:E6:7B
X509v3 Authority Key Identifier:
keyid:FF:8C:CB:E6:18:75:5A:1F:51:99:BD:0C:82:76:0E:8E:DB:8F:85:BA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915BC98/ABAFF5EA061211F08E9AE529C4F9AE02/_4zL5hh1Wh9Rmb0MgnYOjtuPhbo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_4zL5hh1Wh9Rmb0MgnYOjtuPhbo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915BC98/ABAFF5EA061211F08E9AE529C4F9AE02/4BFCAA3E098811F090DD303BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
163.223.178.0/23
IPv6:
2401:f860:87::-2401:f860:89:ffff:ffff:ffff:ffff:ffff
2401:f860:90::/48
2401:f860:100::/40
Signature Algorithm: sha256WithRSAEncryption
3f:63:f0:c5:df:88:fc:76:b5:12:91:7e:69:f6:76:6a:ad:f3:
5a:52:b1:ff:e3:9b:dc:71:1c:4c:8f:48:b6:db:15:52:48:d2:
7b:94:73:3a:0f:88:2b:1e:9b:09:a6:94:cf:37:90:f6:82:63:
2c:60:6c:a4:42:7c:61:00:f8:e6:50:ad:ec:21:1d:7b:74:45:
a5:c9:91:00:34:03:58:95:14:23:5a:28:af:42:6a:00:a3:09:
3d:44:1f:3f:3c:43:4a:2f:02:5b:ee:24:72:b9:12:1e:f7:a4:
4f:57:1c:d5:5b:01:5d:03:04:f4:c6:66:38:c4:11:1f:48:f0:
46:0d:26:c8:76:5d:a7:8c:62:d3:72:12:47:96:d5:77:83:e6:
c8:a0:f9:89:7d:ee:c3:98:d3:f6:b8:e4:89:39:5c:e3:99:01:
d2:d9:9a:1a:64:c9:2d:35:dd:49:6e:69:95:7f:79:84:a1:4c:
c9:c5:90:69:e0:48:0a:31:1a:4e:3b:4e:5b:06:aa:5e:3a:d6:
74:a8:24:fa:d0:22:b5:2d:c4:fa:96:85:58:a7:14:c7:3c:2b:
36:13:6c:ba:82:02:18:ef:ea:e0:d7:b7:fb:15:17:6f:9c:95:
f7:d8:7f:10:11:d4:25:f0:f0:eb:a0:d5:49:31:7c:a5:33:9a:
09:d8:01:28
-----BEGIN CERTIFICATE-----
MIIFnTCCBIWgAwIBAgIBJzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE1
QkM5ODExMC8GA1UEBRMoRkY4Q0NCRTYxODc1NUExRjUxOTlCRDBDODI3NjBFOEVE
QjhGODVCQTAeFw0yNTAzMjUxNDQ5MDRaFw0yNjA3MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3ZTJjMjYwLTkxNDAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCzs+InQSEoa4DMN2eMx2rAotRLfvLbwPTwfTPhqqEJCvIAB1d7e4AtjKcRmdiO
ESabgCBSsTjvkB/+wFBlyBQxZq3gpPuzu3lYzablaiSUUB0yuf9LQ5uwghzoKsCh
aTBELbSrTcSK/1Ry8HrQTT8mP4eyueeebDG3Q12fvn45D/D6gY+nlGtjY/vU7Ggf
5/0SgoM1JEGskM73pcrnJXMRgdEWtbxFeNdCD/5nLWMUTKeaPozmAN4jo6cmpRrC
nrzsgOjWXi/qTcnBtfjXWAzojzpcjpkcfGkPUW1iEYKVL3tKjJrwdx8JABokuyiO
qMjo2Cb84DCoQsFu7GHp/NeRAgMBAAGjggLCMIICvjAdBgNVHQ4EFgQU4KmjLbU9
E/tbgddN+GIuRQ0O5nswHwYDVR0jBBgwFoAU/4zL5hh1Wh9Rmb0MgnYOjtuPhbow
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTVCQzk4L0FCQUZGNUVBMDYx
MjExRjA4RTlBRTUyOUM0RjlBRTAyL180ekw1aGgxV2g5Um1iME1nbllPanR1UGhi
by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvXzR6TDVoaDFXaDlSbWIwTWduWU9qdHVQaGJvLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1
QkM5OC9BQkFGRjVFQTA2MTIxMUYwOEU5QUU1MjlDNEY5QUUwMi80QkZDQUEzRTA5
ODgxMUYwOTBERDMwM0JDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDBMBggrBgEFBQcBBwEB/wQ9
MDswDAQCAAEwBgMEAaPfsjArBAIAAjAlMBIDBwAkAfhgAIcDBwEkAfhgAIgDBwAk
AfhgAJADBgAkAfhgATANBgkqhkiG9w0BAQsFAAOCAQEAP2Pwxd+I/Ha1EpF+afZ2
aq3zWlKx/+Ob3HEcTI9IttsVUkjSe5RzOg+IKx6bCaaUzzeQ9oJjLGBspEJ8YQD4
5lCt7CEde3RFpcmRADQDWJUUI1oor0JqAKMJPUQfPzxDSi8CW+4kcrkSHvekT1cc
1VsBXQME9MZmOMQRH0jwRg0myHZdp4xi03ISR5bVd4PmyKD5iX3uw5jT9rjkiTlc
45kB0tmaGmTJLTXdSW5plX95hKFMycWQaeBICjEaTjtOWwaqXjrWdKgk+tAitS3E
+paFWKcUxzwrNhNsuoICGO/q4Ne3+xUXb5yV99h/EBHUJfDw66DVSTF8pTOaCdgB
KA==
-----END CERTIFICATE-----
Generated at Sat Apr 12 23:45:04 2025 by rpki-client