Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915D03A/1B647710924611E79AAEBE10C4F9AE02/D455560EE5EB11EEAD1B4222C4F9AE02.roa
File: D455560EE5EB11EEAD1B4222C4F9AE02.roa (raw, json)
Hash identifier: p5CqDPXLHNBaHJcEuvfdQ8E0JynYz8/n7qAksJWqtbg=
Subject key identifier: AB:9D:43:12:4A:7A:22:F3:37:17:43:E9:0F:16:1C:3D:65:6D:A3:7A
Certificate issuer: /CN=A915D03A/serialNumber=615ED84C44E657F7095E0212AFEA052C542A0D91
Certificate serial: 1966
Authority key identifier: 61:5E:D8:4C:44:E6:57:F7:09:5E:02:12:AF:EA:05:2C:54:2A:0D:91
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YV7YTETmV_cJXgISr-oFLFQqDZE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915D03A/1B647710924611E79AAEBE10C4F9AE02/D455560EE5EB11EEAD1B4222C4F9AE02.roa
Signing time: Tue 14 Jan 2025 16:34:29 +0000
ROA not before: Tue 14 Jan 2025 16:34:29 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 9924
IP address blocks: 43.249.212.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 28 Feb 2025 16:45:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6502 (0x1966)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915D03A, serialNumber=615ED84C44E657F7095E0212AFEA052C542A0D91
Validity
Not Before: Jan 14 16:34:29 2025 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=67869215-f075
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:42:61:1a:92:7b:4d:83:4b:2f:5d:53:1e:25:
d5:7a:6c:2d:06:43:6f:49:94:33:7a:2b:ee:4e:d4:
6b:67:67:b5:f9:3d:d7:69:12:43:38:f5:36:8b:e2:
6a:37:66:26:34:ad:82:ce:3e:d9:c7:3d:67:f9:f3:
d0:47:e9:a8:30:c1:10:bc:ac:57:da:42:77:33:cc:
ad:00:65:02:8a:8d:b0:98:23:bf:97:74:e9:77:25:
53:51:02:d7:e6:af:c9:d7:7d:4c:60:46:d0:69:37:
66:74:4b:46:c6:81:1e:d4:6d:b2:07:4e:39:3d:12:
ff:eb:4c:40:f2:f9:9c:16:44:26:3f:87:12:82:ed:
79:cc:2d:0c:bb:87:8f:d6:3c:56:18:b7:f5:e5:51:
79:33:e4:11:87:e6:37:ed:a5:92:d2:e9:0c:1d:6d:
86:28:7f:ee:0d:0f:6e:fc:66:90:48:9c:71:cc:da:
e4:ac:a2:4b:a5:61:30:d5:b1:58:8c:41:3f:83:b2:
b1:79:ac:47:fd:93:0c:cc:c1:ac:b7:96:19:d2:cb:
2a:37:7c:54:8b:f5:87:e8:ff:f0:17:8f:e5:a4:6b:
bc:fa:94:f7:e7:c8:6d:98:1f:3a:e4:f3:30:14:be:
ef:93:c4:02:2e:ae:3d:23:65:47:a3:f5:36:f6:6d:
c4:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:9D:43:12:4A:7A:22:F3:37:17:43:E9:0F:16:1C:3D:65:6D:A3:7A
X509v3 Authority Key Identifier:
keyid:61:5E:D8:4C:44:E6:57:F7:09:5E:02:12:AF:EA:05:2C:54:2A:0D:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915D03A/1B647710924611E79AAEBE10C4F9AE02/YV7YTETmV_cJXgISr-oFLFQqDZE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YV7YTETmV_cJXgISr-oFLFQqDZE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915D03A/1B647710924611E79AAEBE10C4F9AE02/D455560EE5EB11EEAD1B4222C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.249.212.0/24
Signature Algorithm: sha256WithRSAEncryption
48:35:d3:21:8d:6f:e7:1c:7e:36:38:3b:c0:62:7e:44:9b:4f:
c6:85:82:ad:aa:5d:93:7d:fd:47:28:46:a7:a1:38:45:e5:80:
91:d4:2b:8f:a9:5e:5c:53:fa:81:8f:eb:33:f1:7a:f3:cf:2e:
d6:c7:22:2a:26:af:4c:48:69:b2:0e:cb:64:07:bb:03:d2:94:
1d:d7:84:f7:33:88:a3:7c:be:7e:eb:14:69:8b:54:a6:05:ba:
72:f3:8c:23:db:43:1c:f6:5b:4b:96:46:4d:ea:8a:8f:04:82:
12:e9:75:d8:09:d3:57:67:7b:0b:84:1e:5c:f4:a4:5c:6f:f0:
be:e5:1f:a5:ba:04:da:e9:92:f3:9e:37:95:78:15:81:df:a4:
ba:b8:f6:82:82:c3:48:cc:e0:5b:40:93:47:d0:0e:0d:2a:33:
6b:4d:5c:71:20:68:55:cd:b2:3f:6b:b5:a9:9a:89:ab:2a:6d:
5f:dc:e1:58:44:b8:8f:6c:42:bb:fc:36:01:26:a3:37:a6:ec:
85:af:df:90:0f:1f:aa:44:55:cc:04:c7:96:f6:2e:77:63:93:
be:53:0f:a4:12:62:bf:06:2f:05:85:c2:b9:03:54:30:b7:6f:
7b:32:b2:08:fa:eb:f9:4a:28:0d:b7:d9:dc:43:ea:e7:0c:4f:
01:45:2d:ae
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICGWYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUQwM0ExMTAvBgNVBAUTKDYxNUVEODRDNDRFNjU3RjcwOTVFMDIxMkFGRUEwNTJD
NTQyQTBEOTEwHhcNMjUwMTE0MTYzNDI5WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzg2OTIxNS1mMDc1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnUJhGpJ7TYNLL11THiXVemwtBkNvSZQzeivuTtRrZ2e1+T3XaRJDOPU2i+Jq
N2YmNK2Czj7Zxz1n+fPQR+moMMEQvKxX2kJ3M8ytAGUCio2wmCO/l3TpdyVTUQLX
5q/J131MYEbQaTdmdEtGxoEe1G2yB045PRL/60xA8vmcFkQmP4cSgu15zC0Mu4eP
1jxWGLf15VF5M+QRh+Y37aWS0ukMHW2GKH/uDQ9u/GaQSJxxzNrkrKJLpWEw1bFY
jEE/g7KxeaxH/ZMMzMGst5YZ0ssqN3xUi/WH6P/wF4/lpGu8+pT358htmB865PMw
FL7vk8QCLq49I2VHo/U29m3E3QIDAQABo4IClTCCApEwHQYDVR0OBBYEFKudQxJK
eiLzNxdD6Q8WHD1lbaN6MB8GA1UdIwQYMBaAFGFe2ExE5lf3CV4CEq/qBSxUKg2R
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1RDAzQS8xQjY0NzcxMDky
NDYxMUU3OUFBRUJFMTBDNEY5QUUwMi9ZVjdZVEVUbVZfY0pYZ0lTci1vRkxGUXFE
WkUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1lWN1lURVRtVl9jSlhnSVNyLW9GTEZRcURaRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUQwM0EvMUI2NDc3MTA5MjQ2MTFFNzlBQUVCRTEwQzRGOUFFMDIvRDQ1NTU2MEVF
NUVCMTFFRUFEMUI0MjIyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAAr+dQwDQYJKoZIhvcNAQELBQADggEBAEg10yGNb+ccfjY4
O8BifkSbT8aFgq2qXZN9/UcoRqehOEXlgJHUK4+pXlxT+oGP6zPxevPPLtbHIiom
r0xIabIOy2QHuwPSlB3XhPcziKN8vn7rFGmLVKYFunLzjCPbQxz2W0uWRk3qio8E
ghLpddgJ01dnewuEHlz0pFxv8L7lH6W6BNrpkvOeN5V4FYHfpLq49oKCw0jM4FtA
k0fQDg0qM2tNXHEgaFXNsj9rtamaiasqbV/c4VhEuI9sQrv8NgEmozem7IWv35AP
H6pEVcwEx5b2Lndjk75TD6QSYr8GLwWFwrkDVDC3b3sysgj66/lKKA232dxD6ucM
TwFFLa4=
-----END CERTIFICATE-----
Generated at Fri Apr 18 10:22:05 2025 by rpki-client