Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9169A9C/C3A804043F8411EEB900A90FC4F9AE02/EE993C6AC8D011EF8465AF51C4F9AE02.roa
File: EE993C6AC8D011EF8465AF51C4F9AE02.roa (raw, json)
Hash identifier: RKx6GMgJNW6SIHdUdpRll5Bqb9pOUpeK9zYQ3bDvW9Y=
Subject key identifier: D3:33:B2:CD:43:13:A7:93:EF:DE:E4:0B:B6:75:86:48:7B:32:DB:E4
Certificate issuer: /CN=A9169A9C/serialNumber=D520192A95AFC8D5F27374D9A34C4633CE7DAC44
Certificate serial: 0119
Authority key identifier: D5:20:19:2A:95:AF:C8:D5:F2:73:74:D9:A3:4C:46:33:CE:7D:AC:44
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1SAZKpWvyNXyc3TZo0xGM859rEQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9169A9C/C3A804043F8411EEB900A90FC4F9AE02/EE993C6AC8D011EF8465AF51C4F9AE02.roa
Signing time: Thu 02 Jan 2025 06:17:21 +0000
ROA not before: Thu 02 Jan 2025 06:17:21 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 151633
IP address blocks: 45.249.226.0/24 maxlen: 28
2401:e560::/32 maxlen: 36
Validation: Failed, certificate revoked on Thu 16 Jan 2025 05:14:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 281 (0x119)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9169A9C
Validity
Not Before: Jan 2 06:17:21 2025 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=67762f70-7fb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:7e:25:c9:c0:87:e0:68:f3:51:36:2f:97:3b:
b9:0a:9c:68:d7:ff:8f:fc:0a:c7:9a:8e:64:8f:74:
7d:02:ac:5e:a3:ba:d4:7a:a2:db:29:b7:de:72:7d:
2b:f9:e3:58:1c:4a:ec:df:0b:41:72:33:80:ea:1b:
dc:fd:eb:e1:f6:8a:fd:67:e6:4b:51:77:62:24:eb:
77:0a:fd:66:23:24:92:d9:04:ae:57:c0:b8:04:9a:
07:9c:9f:d3:b4:df:aa:60:ea:8c:53:33:d4:7c:c9:
d8:42:6e:a5:0f:2e:7c:f7:5b:6b:5e:6a:c1:56:59:
56:19:41:ef:e2:6a:9c:60:2b:24:94:d2:18:8d:2e:
74:d1:79:d7:fb:12:60:d1:64:10:a4:53:69:a1:aa:
ad:98:0d:f4:03:03:a1:3a:0f:8c:36:5c:ba:69:51:
7c:b9:e6:f7:52:2c:50:cf:2c:41:02:ab:3c:61:64:
8c:0f:f0:3d:f1:ca:38:61:03:fc:b4:a9:d1:8b:13:
09:db:86:76:59:38:c2:ad:70:a7:6f:37:64:9a:79:
98:59:0c:7a:7e:49:b1:3e:70:97:36:bd:09:3f:c0:
10:e5:aa:4f:76:05:3c:ad:8b:ca:fc:68:fe:d4:b2:
e4:26:f7:d3:3c:ef:0d:e5:b2:c7:cc:18:9c:b0:51:
06:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:33:B2:CD:43:13:A7:93:EF:DE:E4:0B:B6:75:86:48:7B:32:DB:E4
X509v3 Authority Key Identifier:
keyid:D5:20:19:2A:95:AF:C8:D5:F2:73:74:D9:A3:4C:46:33:CE:7D:AC:44
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9169A9C/C3A804043F8411EEB900A90FC4F9AE02/1SAZKpWvyNXyc3TZo0xGM859rEQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1SAZKpWvyNXyc3TZo0xGM859rEQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9169A9C/C3A804043F8411EEB900A90FC4F9AE02/EE993C6AC8D011EF8465AF51C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.249.226.0/24
IPv6:
2401:e560::/32
Signature Algorithm: sha256WithRSAEncryption
2e:63:61:ef:c8:5d:6e:ce:27:b2:d3:b2:ba:e7:06:b5:9d:b2:
81:37:17:52:63:f0:c8:3c:62:21:13:d6:c7:5b:52:46:23:20:
29:49:36:87:01:3e:08:5b:87:bc:32:5a:a7:b5:fd:90:82:30:
bf:f1:47:bf:11:8c:19:b9:9c:0b:c2:0b:2e:77:00:7c:a0:2e:
7d:7f:fa:b9:3a:33:ae:d6:72:84:7e:a1:2d:4e:86:d4:0e:10:
a8:a2:8d:fb:a5:fd:e7:dd:2d:f2:31:0a:68:d8:2d:08:44:77:
e8:b6:e7:8f:a4:c0:83:f1:88:bd:86:3d:dc:6e:f5:77:1d:df:
81:b4:3d:39:47:f2:34:fd:db:a2:02:3e:83:71:42:e3:a2:67:
65:e4:f9:d3:b2:8b:4a:0d:9f:f7:ea:78:60:64:c7:43:82:a4:
d6:24:3d:79:e0:b9:2c:51:2e:7a:14:c4:2e:68:0f:11:22:59:
68:1d:c3:06:2d:56:ce:c7:81:ae:bc:4d:59:c2:a5:10:66:c7:
ff:c4:cd:47:f7:15:05:8a:c1:cb:e9:c9:fd:b6:da:4d:28:cc:
fe:3a:ff:a6:41:9b:6f:48:a2:83:c8:66:a8:29:78:37:22:1e:
30:f8:ea:b4:15:e9:09:6f:d7:5f:31:48:ac:19:43:9b:e4:08:
e0:f4:a7:60
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICARkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjlBOUMxMTAvBgNVBAUTKEQ1MjAxOTJBOTVBRkM4RDVGMjczNzREOUEzNEM0NjMz
Q0U3REFDNDQwHhcNMjUwMTAyMDYxNzIxWhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02Nzc2MmY3MC03ZmI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzn4lycCH4GjzUTYvlzu5Cpxo1/+P/ArHmo5kj3R9Aqxeo7rUeqLbKbfecn0r
+eNYHErs3wtBcjOA6hvc/evh9or9Z+ZLUXdiJOt3Cv1mIySS2QSuV8C4BJoHnJ/T
tN+qYOqMUzPUfMnYQm6lDy5891trXmrBVllWGUHv4mqcYCsklNIYjS500XnX+xJg
0WQQpFNpoaqtmA30AwOhOg+MNly6aVF8ueb3UixQzyxBAqs8YWSMD/A98co4YQP8
tKnRixMJ24Z2WTjCrXCnbzdkmnmYWQx6fkmxPnCXNr0JP8AQ5apPdgU8rYvK/Gj+
1LLkJvfTPO8N5bLHzBicsFEG+wIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFNMzss1D
E6eT797kC7Z1hkh7MtvkMB8GA1UdIwQYMBaAFNUgGSqVr8jV8nN02aNMRjPOfaxE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2OUE5Qy9DM0E4MDQwNDNG
ODQxMUVFQjkwMEE5MEZDNEY5QUUwMi8xU0FaS3BXdnlOWHljM1RabzB4R004NTly
RVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzFTQVpLcFd2eU5YeWMzVFpvMHhHTTg1OXJFUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjlBOUMvQzNBODA0MDQzRjg0MTFFRUI5MDBBOTBGQzRGOUFFMDIvRUU5OTNDNkFD
OEQwMTFFRjg0NjVBRjUxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAAt+eIwDQQCAAIwBwMFACQB5WAwDQYJKoZIhvcNAQELBQAD
ggEBAC5jYe/IXW7OJ7LTsrrnBrWdsoE3F1Jj8Mg8YiET1sdbUkYjIClJNocBPghb
h7wyWqe1/ZCCML/xR78RjBm5nAvCCy53AHygLn1/+rk6M67WcoR+oS1OhtQOEKii
jful/efdLfIxCmjYLQhEd+i254+kwIPxiL2GPdxu9Xcd34G0PTlH8jT926ICPoNx
QuOiZ2Xk+dOyi0oNn/fqeGBkx0OCpNYkPXnguSxRLnoUxC5oDxEiWWgdwwYtVs7H
ga68TVnCpRBmx//EzUf3FQWKwcvpyf222k0ozP46/6ZBm29IooPIZqgpeDciHjD4
6rQV6Qlv118xSKwZQ5vkCOD0p2A=
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:10:09 2025 by rpki-client