Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915FDD9/B622FA8AD6DE11EFB0474E1BC4F9AE02/FF9B3372DCBE11EFB730183DC4F9AE02.roa
File: FF9B3372DCBE11EFB730183DC4F9AE02.roa (raw, json)
Hash identifier: ldVh2GgAKqrr6yfsUH2Gw1LFi2MRtCmWR/RojrcjMmQ=
Subject key identifier: 75:48:0D:D0:A2:15:CE:7C:F9:D0:03:95:C5:34:11:B2:7A:E5:31:A0
Certificate issuer: /CN=A915FDD9/serialNumber=967B97D9E311250D82942D27E4C5F90D98138058
Certificate serial: 0C
Authority key identifier: 96:7B:97:D9:E3:11:25:0D:82:94:2D:27:E4:C5:F9:0D:98:13:80:58
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lnuX2eMRJQ2ClC0n5MX5DZgTgFg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915FDD9/B622FA8AD6DE11EFB0474E1BC4F9AE02/FF9B3372DCBE11EFB730183DC4F9AE02.roa
Signing time: Mon 27 Jan 2025 14:57:16 +0000
ROA not before: Mon 27 Jan 2025 14:57:16 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 132335
IP address blocks: 161.248.218.0/23 maxlen: 24
Validation: Failed, certificate revoked on Wed 05 Feb 2025 06:49:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 12 (0xc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915FDD9
Validity
Not Before: Jan 27 14:57:16 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=67979ecc-1971
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:26:27:b8:03:71:67:ec:5b:5f:71:51:47:24:
7f:7f:f0:db:c0:2d:8a:b6:cb:72:c3:cc:78:e7:03:
f1:13:a9:94:0d:b6:68:81:9d:3f:d0:59:57:b3:5d:
02:e9:35:17:20:92:ae:07:bc:a6:26:44:27:71:c4:
d8:3f:7b:26:0d:c7:f4:98:da:17:88:16:55:d7:65:
c5:9a:9d:72:b1:74:c6:ad:d0:b4:68:4a:50:90:c3:
d0:37:57:e1:39:41:c3:76:3f:c3:1e:cd:d1:a1:85:
92:b4:5f:76:31:4b:7c:25:3a:c5:f8:35:8d:55:c9:
d2:5a:e5:3e:11:1e:75:c6:39:1c:72:2e:57:9c:f6:
27:d4:d0:20:4e:38:0e:c7:44:80:1d:10:f8:7d:e1:
7b:32:11:a8:cd:1a:94:83:f9:f4:bb:24:c7:db:23:
8e:f4:96:d1:df:57:58:29:c3:5b:22:45:da:74:30:
75:b3:7f:49:72:39:f9:5a:8b:f0:d5:90:a2:c1:79:
d6:30:ed:ab:df:a2:db:b3:75:c6:cf:59:fa:10:14:
53:7e:2a:f2:14:a1:a6:80:74:86:06:7e:8e:32:f3:
f8:f2:a9:46:0a:f1:4e:ba:16:0d:1a:9a:6e:79:b2:
42:37:28:06:69:1d:b7:19:63:2f:33:7e:25:42:c1:
21:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:48:0D:D0:A2:15:CE:7C:F9:D0:03:95:C5:34:11:B2:7A:E5:31:A0
X509v3 Authority Key Identifier:
keyid:96:7B:97:D9:E3:11:25:0D:82:94:2D:27:E4:C5:F9:0D:98:13:80:58
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915FDD9/B622FA8AD6DE11EFB0474E1BC4F9AE02/lnuX2eMRJQ2ClC0n5MX5DZgTgFg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lnuX2eMRJQ2ClC0n5MX5DZgTgFg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915FDD9/B622FA8AD6DE11EFB0474E1BC4F9AE02/FF9B3372DCBE11EFB730183DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
161.248.218.0/23
Signature Algorithm: sha256WithRSAEncryption
0e:40:42:1b:81:53:15:e5:ab:60:9f:62:82:9e:1e:75:4c:ee:
b4:b3:bc:c9:bc:cb:74:0a:f8:e6:2c:9f:4a:3f:03:00:5f:36:
c8:20:14:a8:30:06:5b:62:de:cf:69:7f:95:83:fe:db:21:b9:
e9:5f:02:9c:7d:77:50:33:13:d3:57:a1:81:a3:fc:ee:d6:c9:
aa:24:16:5e:1a:20:09:ef:d8:6a:f2:24:71:a2:f0:c5:24:d0:
75:95:7f:a8:a6:d0:fa:34:83:5a:88:2e:5b:f1:ff:0f:3a:52:
3b:36:f7:46:02:63:b2:66:e8:2d:f2:7d:dd:cd:c2:ac:16:2a:
de:04:f9:f4:61:5e:8d:cd:1d:d4:f6:a3:44:8c:bd:09:4d:f2:
e1:66:ca:39:91:79:6e:e1:1f:eb:27:9f:6d:a6:93:ae:eb:91:
67:4f:ac:c3:f9:04:8c:5d:2d:ec:e4:8c:33:30:9b:6e:92:ca:
73:5a:92:39:bd:00:28:31:fd:05:64:97:ab:ae:17:5f:3a:9e:
22:32:fc:30:15:ed:34:82:eb:59:25:c2:da:93:93:30:cb:af:
cf:6f:38:67:d3:ad:ce:02:95:f0:ce:c6:3c:8a:f2:8a:ec:b2:
f6:80:b1:2d:f7:4a:db:c0:3f:b2:29:a8:e7:e6:48:d6:85:fe:
02:3b:8c:e4
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBDDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE1
RkREOTExMC8GA1UEBRMoOTY3Qjk3RDlFMzExMjUwRDgyOTQyRDI3RTRDNUY5MEQ5
ODEzODA1ODAeFw0yNTAxMjcxNDU3MTZaFw0yNjAzMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3OTc5ZWNjLTE5NzEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCgJie4A3Fn7FtfcVFHJH9/8NvALYq2y3LDzHjnA/ETqZQNtmiBnT/QWVezXQLp
NRcgkq4HvKYmRCdxxNg/eyYNx/SY2heIFlXXZcWanXKxdMat0LRoSlCQw9A3V+E5
QcN2P8MezdGhhZK0X3YxS3wlOsX4NY1VydJa5T4RHnXGORxyLlec9ifU0CBOOA7H
RIAdEPh94XsyEajNGpSD+fS7JMfbI470ltHfV1gpw1siRdp0MHWzf0lyOflai/DV
kKLBedYw7avfotuzdcbPWfoQFFN+KvIUoaaAdIYGfo4y8/jyqUYK8U66Fg0amm55
skI3KAZpHbcZYy8zfiVCwSGBAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUdUgN0KIV
znz50AOVxTQRsnrlMaAwHwYDVR0jBBgwFoAUlnuX2eMRJQ2ClC0n5MX5DZgTgFgw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTVGREQ5L0I2MjJGQThBRDZE
RTExRUZCMDQ3NEUxQkM0RjlBRTAyL2xudVgyZU1SSlEyQ2xDMG41TVg1RFpnVGdG
Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvbG51WDJlTVJKUTJDbEMwbjVNWDVEWmdUZ0ZnLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1
RkREOS9CNjIyRkE4QUQ2REUxMUVGQjA0NzRFMUJDNEY5QUUwMi9GRjlCMzM3MkRD
QkUxMUVGQjczMDE4M0RDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAaH42jANBgkqhkiG9w0BAQsFAAOCAQEADkBCG4FTFeWrYJ9i
gp4edUzutLO8ybzLdAr45iyfSj8DAF82yCAUqDAGW2Lez2l/lYP+2yG56V8CnH13
UDMT01ehgaP87tbJqiQWXhogCe/YavIkcaLwxSTQdZV/qKbQ+jSDWoguW/H/DzpS
Ozb3RgJjsmboLfJ93c3CrBYq3gT59GFejc0d1PajRIy9CU3y4WbKOZF5buEf6yef
baaTruuRZ0+sw/kEjF0t7OSMMzCbbpLKc1qSOb0AKDH9BWSXq64XXzqeIjL8MBXt
NILrWSXC2pOTMMuvz284Z9OtzgKV8M7GPIryiuyy9oCxLfdK28A/simo5+ZI1oX+
AjuM5A==
-----END CERTIFICATE-----
Generated at Sun Apr 6 01:27:40 2025 by rpki-client