Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915BC98/ABAFF5EA061211F08E9AE529C4F9AE02/E19D7C7A061411F0AA8E8A32C4F9AE02.roa
File: E19D7C7A061411F0AA8E8A32C4F9AE02.roa (raw, json)
Hash identifier: 4BD0O+wo6Qb0zKBGCGx/3Us4WchD1yuURpSMDoeB/HY=
Subject key identifier: 35:25:4C:FD:0A:1C:37:F0:E8:4D:BD:C6:26:95:CC:41:10:8A:42:3F
Certificate issuer: /CN=A915BC98/serialNumber=FF8CCBE618755A1F5199BD0C82760E8EDB8F85BA
Certificate serial: 0A
Authority key identifier: FF:8C:CB:E6:18:75:5A:1F:51:99:BD:0C:82:76:0E:8E:DB:8F:85:BA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_4zL5hh1Wh9Rmb0MgnYOjtuPhbo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915BC98/ABAFF5EA061211F08E9AE529C4F9AE02/E19D7C7A061411F0AA8E8A32C4F9AE02.roa
Signing time: Fri 21 Mar 2025 06:20:59 +0000
ROA not before: Fri 21 Mar 2025 06:20:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215750
IP address blocks: 163.223.178.0/24 maxlen: 24
163.223.179.0/24 maxlen: 24
2401:f860::/44 maxlen: 44
Validation: Failed, certificate revoked on Fri 21 Mar 2025 19:51:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10 (0xa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915BC98, serialNumber=FF8CCBE618755A1F5199BD0C82760E8EDB8F85BA
Validity
Not Before: Mar 21 06:20:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=67dd054b-5ce4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:a7:40:58:81:37:a3:8f:8f:ba:e5:15:3e:97:
77:1f:b4:3d:ef:11:f8:fd:bb:90:88:b1:f0:eb:95:
2c:2e:75:c0:8e:3d:fc:9b:92:e6:a3:40:30:02:eb:
05:93:cf:34:6e:9b:05:78:bc:83:cc:e3:61:d5:1a:
89:46:4f:a4:61:55:19:34:1a:5e:3f:0c:4c:19:75:
fe:a5:39:1b:4d:7d:34:39:b0:ed:16:1e:71:10:9d:
30:bb:cf:1f:4e:7f:c5:03:df:4e:72:d9:00:d2:e2:
a8:2c:27:05:3b:f1:80:dd:bc:9b:6a:d0:12:f9:fc:
44:83:39:7f:0a:f7:81:c6:67:40:c8:48:b3:a4:2d:
ce:dd:8c:3c:11:67:ca:2b:78:33:72:24:17:fb:a6:
39:0e:6e:a6:6e:5c:ac:e9:b5:80:df:d6:2c:68:0e:
b5:a3:72:cf:e4:0c:46:c0:78:51:5a:a5:63:05:54:
77:69:10:eb:37:04:16:6b:10:be:8d:5e:04:e4:74:
84:e1:89:40:ef:89:33:ae:04:54:5d:ec:d6:a4:0f:
91:03:02:a4:43:04:6c:0b:6b:b9:27:95:b9:87:80:
9c:c3:13:1a:af:50:9f:f5:1a:60:a5:9e:6a:03:12:
23:a4:a9:d5:2f:a3:26:e2:d0:52:27:66:a5:d7:61:
ab:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:25:4C:FD:0A:1C:37:F0:E8:4D:BD:C6:26:95:CC:41:10:8A:42:3F
X509v3 Authority Key Identifier:
keyid:FF:8C:CB:E6:18:75:5A:1F:51:99:BD:0C:82:76:0E:8E:DB:8F:85:BA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915BC98/ABAFF5EA061211F08E9AE529C4F9AE02/_4zL5hh1Wh9Rmb0MgnYOjtuPhbo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_4zL5hh1Wh9Rmb0MgnYOjtuPhbo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915BC98/ABAFF5EA061211F08E9AE529C4F9AE02/E19D7C7A061411F0AA8E8A32C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
163.223.178.0/23
IPv6:
2401:f860::/44
Signature Algorithm: sha256WithRSAEncryption
33:09:08:f7:0e:13:85:84:8e:c9:5e:d7:a1:1e:8c:11:c5:f8:
23:80:4d:97:74:42:5f:f0:c2:1a:b0:e2:fd:05:5d:d8:76:68:
ac:c1:93:6b:41:65:2e:c2:3d:b3:3d:f4:4f:cf:7c:f9:0c:4d:
6c:99:f1:d5:1f:1a:50:77:c1:03:51:e8:80:22:4e:1d:4a:5d:
af:eb:c8:5b:03:39:34:d2:36:94:2e:6d:1b:dc:b7:82:28:0c:
1b:9b:1c:64:01:6e:9e:54:2f:e9:23:fe:ff:a3:3d:68:57:71:
d9:89:ff:02:a7:bf:12:b8:1c:97:8e:50:f8:72:99:9d:6e:c6:
74:a2:f0:af:fb:0e:13:85:46:a8:e6:28:2d:77:1e:04:3d:4d:
22:c0:3f:b9:19:03:33:cb:63:db:76:3b:db:a1:8c:55:3e:d0:
60:d5:44:2a:14:de:7d:2f:4e:9e:61:8a:0e:2d:e4:b9:44:59:
48:f4:f9:68:d1:8e:2c:43:5e:59:79:23:83:df:e2:44:81:f9:
97:d7:80:40:fa:44:05:6f:8a:d8:4b:1e:91:45:3c:a3:0a:8c:
b4:6b:0a:3f:f7:60:f6:14:25:5d:2c:f3:eb:18:31:9f:10:7c:
c5:53:64:b9:aa:de:04:d9:1a:9e:b1:2e:38:f3:49:a9:e1:d3:
61:49:06:58
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIBCjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE1
QkM5ODExMC8GA1UEBRMoRkY4Q0NCRTYxODc1NUExRjUxOTlCRDBDODI3NjBFOEVE
QjhGODVCQTAeFw0yNTAzMjEwNjIwNTlaFw0yNjA3MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3ZGQwNTRiLTVjZTQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDAp0BYgTejj4+65RU+l3cftD3vEfj9u5CIsfDrlSwudcCOPfybkuajQDAC6wWT
zzRumwV4vIPM42HVGolGT6RhVRk0Gl4/DEwZdf6lORtNfTQ5sO0WHnEQnTC7zx9O
f8UD305y2QDS4qgsJwU78YDdvJtq0BL5/ESDOX8K94HGZ0DISLOkLc7djDwRZ8or
eDNyJBf7pjkObqZuXKzptYDf1ixoDrWjcs/kDEbAeFFapWMFVHdpEOs3BBZrEL6N
XgTkdIThiUDviTOuBFRd7NakD5EDAqRDBGwLa7knlbmHgJzDExqvUJ/1GmClnmoD
EiOkqdUvoybi0FInZqXXYaulAgMBAAGjggKmMIICojAdBgNVHQ4EFgQUNSVM/Qoc
N/DoTb3GJpXMQRCKQj8wHwYDVR0jBBgwFoAU/4zL5hh1Wh9Rmb0MgnYOjtuPhbow
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTVCQzk4L0FCQUZGNUVBMDYx
MjExRjA4RTlBRTUyOUM0RjlBRTAyL180ekw1aGgxV2g5Um1iME1nbllPanR1UGhi
by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvXzR6TDVoaDFXaDlSbWIwTWduWU9qdHVQaGJvLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1
QkM5OC9BQkFGRjVFQTA2MTIxMUYwOEU5QUU1MjlDNEY5QUUwMi9FMTlEN0M3QTA2
MTQxMUYwQUE4RThBMzJDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh
MB8wDAQCAAEwBgMEAaPfsjAPBAIAAjAJAwcEJAH4YAAAMA0GCSqGSIb3DQEBCwUA
A4IBAQAzCQj3DhOFhI7JXtehHowRxfgjgE2XdEJf8MIasOL9BV3YdmiswZNrQWUu
wj2zPfRPz3z5DE1smfHVHxpQd8EDUeiAIk4dSl2v68hbAzk00jaULm0b3LeCKAwb
mxxkAW6eVC/pI/7/oz1oV3HZif8Cp78SuByXjlD4cpmdbsZ0ovCv+w4ThUao5igt
dx4EPU0iwD+5GQMzy2PbdjvboYxVPtBg1UQqFN59L06eYYoOLeS5RFlI9Plo0Y4s
Q15ZeSOD3+JEgfmX14BA+kQFb4rYSx6RRTyjCoy0awo/92D2FCVdLPPrGDGfEHzF
U2S5qt4E2RqesS4480mp4dNhSQZY
-----END CERTIFICATE-----
Generated at Sun Apr 13 00:17:05 2025 by rpki-client