Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9167F95/7D33FD3812E711F0BDB9454DC4F9AE02/03C37DD455D611F09C9C9E5AC4F9AE02.roa
File: 03C37DD455D611F09C9C9E5AC4F9AE02.roa (raw, json)
Hash identifier: 57y3IhyGypTXutkpDPYnE8k715llMj61cKGrPlJ8DRk=
Subject key identifier: 43:FD:55:67:96:85:E3:78:BA:65:C5:18:52:0E:82:B3:31:DD:9D:C0
Certificate issuer: /CN=A9167F95/serialNumber=A83BCF6DB288E96470D34D18AFB3E4A812791867
Certificate serial: 32
Authority key identifier: A8:3B:CF:6D:B2:88:E9:64:70:D3:4D:18:AF:B3:E4:A8:12:79:18:67
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qDvPbbKI6WRw000Yr7PkqBJ5GGc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9167F95/7D33FD3812E711F0BDB9454DC4F9AE02/03C37DD455D611F09C9C9E5AC4F9AE02.roa
Signing time: Mon 30 Jun 2025 17:16:52 +0000
ROA not before: Mon 30 Jun 2025 17:16:52 +0000
ROA not after: Thu 30 Jul 2026 00:00:00 +0000
asID: 153755
IP address blocks: 163.223.241.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 30 Jun 2025 17:46:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 50 (0x32)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9167F95, serialNumber=A83BCF6DB288E96470D34D18AFB3E4A812791867
Validity
Not Before: Jun 30 17:16:52 2025 GMT
Not After : Jul 30 00:00:00 2026 GMT
Subject: CN=6862c684-7b89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:0b:49:25:fa:20:86:16:e5:85:a8:e7:36:35:
6e:6c:59:e0:90:ca:bc:35:ad:a0:9c:47:02:46:c6:
cd:72:c2:1a:db:df:31:46:fe:a6:e5:f4:55:9c:e4:
00:c7:15:80:76:ef:20:62:8e:f2:0f:cc:6e:8f:f3:
0c:53:b1:4c:5d:1e:9e:8a:0c:a5:67:fe:ea:ff:e5:
fc:2a:7e:9a:56:38:cf:8f:b2:db:df:b6:40:1f:b0:
6c:2f:37:98:33:3c:45:48:02:5f:2c:11:de:5b:92:
cc:76:de:40:3b:03:47:30:1a:b9:4b:dd:28:74:78:
78:8d:34:54:e8:0d:66:1d:c2:a3:03:fc:ca:e1:fe:
7d:40:0a:62:bb:42:bc:4f:a3:c2:e1:b5:55:60:8e:
d8:13:87:0e:76:0a:69:00:58:c6:60:2a:2d:df:cb:
f1:cc:5d:e0:ca:de:dc:e3:a2:8d:52:33:69:f0:84:
07:e6:3f:26:f5:1f:20:76:05:a1:db:66:b2:b2:e2:
b5:4e:b6:bd:4a:c5:70:9e:7f:11:69:e5:49:45:d0:
92:43:e5:37:49:e0:f3:24:45:01:76:b8:e7:06:ad:
d5:61:b4:f5:31:08:2d:98:ef:d9:6a:3c:18:22:f4:
b7:af:ed:5d:b0:0d:aa:d4:dd:9f:79:96:95:41:d2:
01:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:FD:55:67:96:85:E3:78:BA:65:C5:18:52:0E:82:B3:31:DD:9D:C0
X509v3 Authority Key Identifier:
keyid:A8:3B:CF:6D:B2:88:E9:64:70:D3:4D:18:AF:B3:E4:A8:12:79:18:67
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9167F95/7D33FD3812E711F0BDB9454DC4F9AE02/qDvPbbKI6WRw000Yr7PkqBJ5GGc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qDvPbbKI6WRw000Yr7PkqBJ5GGc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9167F95/7D33FD3812E711F0BDB9454DC4F9AE02/03C37DD455D611F09C9C9E5AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
163.223.241.0/24
Signature Algorithm: sha256WithRSAEncryption
48:ec:4f:d8:36:74:2f:34:b5:5d:5f:bf:c6:75:0d:4d:e2:ec:
22:71:ab:a8:fd:4e:71:3e:39:46:26:4f:77:c7:0f:8e:22:a1:
68:8d:da:72:f8:bc:69:8e:67:88:09:d0:ab:de:3c:34:f9:cd:
45:75:4a:c1:46:bf:76:91:cb:9f:ad:4c:15:37:f6:c2:69:8f:
07:eb:53:41:ff:3d:2c:4c:66:b5:34:65:35:4b:b9:f4:c0:6d:
d3:77:f9:60:58:75:b0:39:a0:6a:7b:67:48:b9:9a:fe:57:b3:
a0:77:68:41:6a:d4:eb:82:04:f1:84:28:fa:43:ff:06:d4:e1:
b6:7f:2f:e8:7d:4c:60:ed:2a:93:81:60:dd:26:10:a4:3f:b5:
24:dd:45:cd:48:fa:85:c3:2c:f2:04:ce:a3:ca:66:54:ba:da:
fd:a1:cd:b3:db:d5:8e:05:4e:3c:fe:d5:0d:1c:32:72:03:f1:
64:f5:05:54:47:34:1c:a8:ba:12:bf:de:8c:8b:37:6f:9a:69:
aa:bd:00:90:b9:7a:37:ff:e0:63:85:5b:f0:c3:4f:1f:2e:b0:
be:37:29:19:ff:1b:76:d6:20:85:44:06:f2:8e:ab:74:95:cd:
b6:4a:69:5a:81:5c:5b:11:b0:18:b2:d7:32:05:00:57:60:3b:
27:25:71:80
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBMjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE2
N0Y5NTExMC8GA1UEBRMoQTgzQkNGNkRCMjg4RTk2NDcwRDM0RDE4QUZCM0U0QTgx
Mjc5MTg2NzAeFw0yNTA2MzAxNzE2NTJaFw0yNjA3MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY4NjJjNjg0LTdiODkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDTC0kl+iCGFuWFqOc2NW5sWeCQyrw1raCcRwJGxs1ywhrb3zFG/qbl9FWc5ADH
FYB27yBijvIPzG6P8wxTsUxdHp6KDKVn/ur/5fwqfppWOM+PstvftkAfsGwvN5gz
PEVIAl8sEd5bksx23kA7A0cwGrlL3Sh0eHiNNFToDWYdwqMD/Mrh/n1ACmK7QrxP
o8LhtVVgjtgThw52CmkAWMZgKi3fy/HMXeDK3tzjoo1SM2nwhAfmPyb1HyB2BaHb
ZrKy4rVOtr1KxXCefxFp5UlF0JJD5TdJ4PMkRQF2uOcGrdVhtPUxCC2Y79lqPBgi
9Lev7V2wDarU3Z95lpVB0gEnAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUQ/1VZ5aF
43i6ZcUYUg6CszHdncAwHwYDVR0jBBgwFoAUqDvPbbKI6WRw000Yr7PkqBJ5GGcw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTY3Rjk1LzdEMzNGRDM4MTJF
NzExRjBCREI5NDU0REM0RjlBRTAyL3FEdlBiYktJNldSdzAwMFlyN1BrcUJKNUdH
Yy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvcUR2UGJiS0k2V1J3MDAwWXI3UGtxQko1R0djLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2
N0Y5NS83RDMzRkQzODEyRTcxMUYwQkRCOTQ1NERDNEY5QUUwMi8wM0MzN0RENDU1
RDYxMUYwOUM5QzlFNUFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAKPf8TANBgkqhkiG9w0BAQsFAAOCAQEASOxP2DZ0LzS1XV+/
xnUNTeLsInGrqP1OcT45RiZPd8cPjiKhaI3acvi8aY5niAnQq948NPnNRXVKwUa/
dpHLn61MFTf2wmmPB+tTQf89LExmtTRlNUu59MBt03f5YFh1sDmgantnSLma/lez
oHdoQWrU64IE8YQo+kP/BtThtn8v6H1MYO0qk4Fg3SYQpD+1JN1FzUj6hcMs8gTO
o8pmVLra/aHNs9vVjgVOPP7VDRwycgPxZPUFVEc0HKi6Er/ejIs3b5ppqr0AkLl6
N//gY4Vb8MNPHy6wvjcpGf8bdtYghUQG8o6rdJXNtkppWoFcWxGwGLLXMgUAV2A7
JyVxgA==
-----END CERTIFICATE-----
Generated at Sun Jul 20 10:39:59 2025 by rpki-client