Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915D03A/1B647710924611E79AAEBE10C4F9AE02/D3F11234E5EB11EEAD1B4222C4F9AE02.roa
File: D3F11234E5EB11EEAD1B4222C4F9AE02.roa (raw, json)
Hash identifier: MbkmB6uOvqUo95Se5DLaiEx7iq8lGGhBub8Lc15pgX4=
Subject key identifier: BA:9D:80:CF:D9:C8:BC:35:6F:93:B6:26:D1:AF:05:8D:79:AF:B3:5F
Certificate issuer: /CN=A915D03A/serialNumber=615ED84C44E657F7095E0212AFEA052C542A0D91
Certificate serial: 1960
Authority key identifier: 61:5E:D8:4C:44:E6:57:F7:09:5E:02:12:AF:EA:05:2C:54:2A:0D:91
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YV7YTETmV_cJXgISr-oFLFQqDZE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915D03A/1B647710924611E79AAEBE10C4F9AE02/D3F11234E5EB11EEAD1B4222C4F9AE02.roa
Signing time: Tue 14 Jan 2025 16:34:24 +0000
ROA not before: Tue 14 Jan 2025 16:34:24 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 4609
IP address blocks: 43.249.215.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 20 Mar 2025 12:35:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6496 (0x1960)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915D03A, serialNumber=615ED84C44E657F7095E0212AFEA052C542A0D91
Validity
Not Before: Jan 14 16:34:24 2025 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=6786920f-3edb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:e7:0a:b1:0f:06:95:cb:88:4b:3a:b6:dc:1c:
71:85:fa:5c:70:2e:b2:d1:85:f7:5a:d5:5b:48:dd:
7c:72:62:00:c7:c3:fe:77:8e:87:0f:f5:2d:6c:e4:
53:e5:a0:1c:2e:cd:40:6b:cb:6b:26:16:17:87:14:
be:1f:20:79:b5:5c:b7:55:2b:73:04:e9:9e:ef:4e:
cf:2e:ae:43:f8:34:42:86:2b:4f:02:7c:d3:b7:6a:
33:b2:d9:c9:c1:85:0c:d8:28:8a:c5:68:48:65:0b:
b7:28:f5:b7:0e:4a:45:b7:7a:87:b9:74:50:0c:52:
81:8a:55:aa:df:d7:b7:34:0d:c7:e3:9a:20:cf:93:
56:67:73:57:cc:b0:c1:23:90:2b:e0:30:cb:63:7e:
41:e1:61:17:d3:7d:8b:72:91:4c:f8:45:ea:8c:3d:
6d:e5:2e:7b:1b:e6:a4:52:1b:f4:c8:be:bb:b6:9b:
be:f0:64:b6:93:d5:45:09:9b:3e:40:4a:51:01:8b:
52:f0:c4:c5:1f:4b:ab:46:11:60:16:6a:84:47:7c:
c6:ac:32:80:b1:d8:06:e5:bc:c9:49:12:d9:4d:d9:
02:2f:84:ca:3a:30:20:69:09:20:27:b4:03:ea:d0:
8d:01:89:c6:2d:1a:e4:36:e8:5b:94:99:0d:7b:25:
ec:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:9D:80:CF:D9:C8:BC:35:6F:93:B6:26:D1:AF:05:8D:79:AF:B3:5F
X509v3 Authority Key Identifier:
keyid:61:5E:D8:4C:44:E6:57:F7:09:5E:02:12:AF:EA:05:2C:54:2A:0D:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915D03A/1B647710924611E79AAEBE10C4F9AE02/YV7YTETmV_cJXgISr-oFLFQqDZE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YV7YTETmV_cJXgISr-oFLFQqDZE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915D03A/1B647710924611E79AAEBE10C4F9AE02/D3F11234E5EB11EEAD1B4222C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.249.215.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:d4:60:be:8d:9d:8c:1c:f1:8f:47:b8:28:ce:24:ff:78:ea:
0b:79:fe:b8:a0:5c:ae:b7:be:41:78:5f:37:3b:84:a9:45:b0:
78:b2:de:90:6b:1c:22:e3:cd:95:c2:c3:f6:68:f8:be:23:d7:
92:ab:10:ec:ab:45:05:9c:6a:72:bd:39:99:bd:5e:81:80:96:
a5:07:27:e8:ab:ec:a5:c2:b0:ed:8d:76:a7:f2:b3:83:88:71:
3c:e5:69:08:12:4a:7c:cc:00:74:9c:48:7d:43:1e:67:29:01:
bb:6a:8a:9b:2f:31:c1:d7:13:5a:16:5e:01:2c:23:00:e5:a8:
25:6e:be:ff:82:79:d9:9a:50:b4:e9:5d:e0:27:0b:2f:6a:87:
88:cb:e4:77:a4:51:81:7d:bf:b9:09:ce:1d:59:a2:0b:9f:cc:
1c:99:a3:60:94:9f:49:c7:25:11:2b:07:4a:19:6b:01:7d:c7:
6e:0a:78:24:31:26:69:8f:3d:1c:f9:94:67:7f:6d:ae:7d:f3:
97:0b:66:83:c8:7d:99:0f:4a:14:c6:44:6b:ac:e0:09:b9:79:
2b:3b:1e:ac:db:a4:72:a1:c5:f8:97:40:c4:76:57:0d:a1:3c:
48:f1:bf:d5:36:c9:60:e3:59:ae:45:27:43:e2:12:0d:d9:5c:
61:01:dd:0f
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICGWAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUQwM0ExMTAvBgNVBAUTKDYxNUVEODRDNDRFNjU3RjcwOTVFMDIxMkFGRUEwNTJD
NTQyQTBEOTEwHhcNMjUwMTE0MTYzNDI0WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzg2OTIwZi0zZWRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAn+cKsQ8GlcuISzq23BxxhfpccC6y0YX3WtVbSN18cmIAx8P+d46HD/UtbORT
5aAcLs1Aa8trJhYXhxS+HyB5tVy3VStzBOme707PLq5D+DRChitPAnzTt2ozstnJ
wYUM2CiKxWhIZQu3KPW3DkpFt3qHuXRQDFKBilWq39e3NA3H45ogz5NWZ3NXzLDB
I5Ar4DDLY35B4WEX032LcpFM+EXqjD1t5S57G+akUhv0yL67tpu+8GS2k9VFCZs+
QEpRAYtS8MTFH0urRhFgFmqER3zGrDKAsdgG5bzJSRLZTdkCL4TKOjAgaQkgJ7QD
6tCNAYnGLRrkNuhblJkNeyXsGQIDAQABo4IClTCCApEwHQYDVR0OBBYEFLqdgM/Z
yLw1b5O2JtGvBY15r7NfMB8GA1UdIwQYMBaAFGFe2ExE5lf3CV4CEq/qBSxUKg2R
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1RDAzQS8xQjY0NzcxMDky
NDYxMUU3OUFBRUJFMTBDNEY5QUUwMi9ZVjdZVEVUbVZfY0pYZ0lTci1vRkxGUXFE
WkUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1lWN1lURVRtVl9jSlhnSVNyLW9GTEZRcURaRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUQwM0EvMUI2NDc3MTA5MjQ2MTFFNzlBQUVCRTEwQzRGOUFFMDIvRDNGMTEyMzRF
NUVCMTFFRUFEMUI0MjIyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAAr+dcwDQYJKoZIhvcNAQELBQADggEBAJ/UYL6NnYwc8Y9H
uCjOJP946gt5/rigXK63vkF4Xzc7hKlFsHiy3pBrHCLjzZXCw/Zo+L4j15KrEOyr
RQWcanK9OZm9XoGAlqUHJ+ir7KXCsO2Ndqfys4OIcTzlaQgSSnzMAHScSH1DHmcp
AbtqipsvMcHXE1oWXgEsIwDlqCVuvv+CedmaULTpXeAnCy9qh4jL5HekUYF9v7kJ
zh1ZogufzByZo2CUn0nHJRErB0oZawF9x24KeCQxJmmPPRz5lGd/ba5985cLZoPI
fZkPShTGRGus4Am5eSs7HqzbpHKhxfiXQMR2Vw2hPEjxv9U2yWDjWa5FJ0PiEg3Z
XGEB3Q8=
-----END CERTIFICATE-----
Generated at Fri Apr 18 10:22:12 2025 by rpki-client