Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916DE3D/FD1E4550DE6511EF8243EE30C4F9AE02/1AFE08CCDE7411EFAA938A81C4F9AE02.roa
File: 1AFE08CCDE7411EFAA938A81C4F9AE02.roa (raw, json)
Hash identifier: waYeK92qwyHGSAX1nW8boG4DXcoGCzFffwVkSMPud5U=
Subject key identifier: E4:D6:C5:B8:E9:3B:E8:CF:E4:CF:20:5A:1C:E7:84:A9:E2:90:EC:FA
Certificate issuer: /CN=A916DE3D/serialNumber=69181CF451F8B3FEC64FC8298B522D488CA5C9E6
Certificate serial: 06
Authority key identifier: 69:18:1C:F4:51:F8:B3:FE:C6:4F:C8:29:8B:52:2D:48:8C:A5:C9:E6
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aRgc9FH4s_7GT8gpi1ItSIylyeY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916DE3D/FD1E4550DE6511EF8243EE30C4F9AE02/1AFE08CCDE7411EFAA938A81C4F9AE02.roa
Signing time: Wed 29 Jan 2025 19:07:37 +0000
ROA not before: Wed 29 Jan 2025 19:07:37 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 214375
IP address blocks: 163.61.8.0/23 maxlen: 24
2001:df4:ffc0::/48 maxlen: 52
Validation: Failed, certificate revoked on Mon 10 Mar 2025 07:49:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6 (0x6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916DE3D
Validity
Not Before: Jan 29 19:07:37 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=679a7c79-0bb6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:16:83:92:ea:a6:14:d8:59:5f:de:95:e9:46:
ee:95:6c:f0:c1:09:68:a2:ae:6a:47:97:e9:df:30:
61:91:47:98:f9:ed:de:7e:42:91:84:be:84:0f:cf:
8e:c1:50:4f:8a:45:39:8a:9f:98:fa:16:bf:2c:1a:
bd:11:dc:f1:15:f6:26:83:b8:8f:44:98:2a:69:ec:
91:1c:91:88:c4:90:1a:fa:9e:45:98:aa:96:3e:8e:
02:08:39:a6:64:35:ed:c3:1e:13:00:b1:83:af:60:
63:e3:bd:9d:56:01:38:e4:02:cd:0b:ba:7c:67:09:
d8:f2:32:2f:f2:b6:87:27:5f:e3:52:32:71:15:13:
8b:e4:78:d5:6f:fb:6d:a5:be:80:bc:15:fb:84:0f:
2a:47:e1:d5:70:c0:ca:01:e6:f3:fc:ae:a8:e6:47:
a0:e9:67:26:84:b1:80:bf:71:4b:7d:90:59:14:8e:
41:a9:15:72:36:d9:d5:a7:a4:1b:7d:ad:77:72:06:
f2:df:9e:27:b9:a0:a2:f4:b0:eb:56:b3:06:cc:6d:
a5:51:fd:7a:bd:ee:9d:75:fc:2b:73:f0:f0:c3:39:
2f:1b:23:3c:2b:81:2d:cb:eb:1f:49:27:31:ea:f3:
c0:f2:46:98:90:68:ee:34:b0:6b:7f:bb:d3:d9:67:
5e:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:D6:C5:B8:E9:3B:E8:CF:E4:CF:20:5A:1C:E7:84:A9:E2:90:EC:FA
X509v3 Authority Key Identifier:
keyid:69:18:1C:F4:51:F8:B3:FE:C6:4F:C8:29:8B:52:2D:48:8C:A5:C9:E6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916DE3D/FD1E4550DE6511EF8243EE30C4F9AE02/aRgc9FH4s_7GT8gpi1ItSIylyeY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aRgc9FH4s_7GT8gpi1ItSIylyeY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916DE3D/FD1E4550DE6511EF8243EE30C4F9AE02/1AFE08CCDE7411EFAA938A81C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
163.61.8.0/23
IPv6:
2001:df4:ffc0::/48
Signature Algorithm: sha256WithRSAEncryption
77:0f:f7:45:80:21:7c:02:d4:cf:1c:ff:5a:d6:3e:25:67:8b:
41:0a:e1:85:1c:3d:57:c5:c4:25:57:52:47:aa:17:8a:6a:fe:
fd:f9:17:78:8c:e4:da:ff:84:cf:0a:2d:9e:4c:55:1a:17:41:
58:65:49:6a:a5:02:a8:f0:a9:61:b5:8d:2a:1e:a2:54:7d:da:
0d:07:a1:b7:f9:a8:f2:50:88:5a:d0:66:1b:3b:b4:30:24:8e:
ad:b5:54:95:99:af:eb:d6:a3:b3:2c:49:66:81:8c:b7:77:f6:
cc:4a:d5:1d:b9:3a:45:e8:8f:f8:b2:c8:f3:a6:5a:dd:fb:e9:
fe:5b:b6:88:b3:d6:3f:6b:71:e1:a1:13:85:53:68:47:58:ec:
75:03:44:09:7f:a5:99:13:0a:26:b8:a9:0b:3b:06:8a:4d:4a:
5d:fb:72:b2:fc:8e:37:a3:c0:17:62:32:a7:f5:c1:43:32:57:
3b:73:96:da:3a:2f:22:43:f2:c9:c9:40:25:e4:de:ff:7a:fb:
61:c6:c7:9a:17:17:78:16:a2:8b:2a:e4:f7:28:db:4d:ff:55:
d5:c1:a6:ae:66:1a:37:ba:95:12:3a:be:22:43:80:4c:fc:86:
c2:45:0e:68:6b:79:d7:9f:e8:f5:e4:76:b4:29:af:60:76:6d:
27:0f:11:07
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIBBjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE2
REUzRDExMC8GA1UEBRMoNjkxODFDRjQ1MUY4QjNGRUM2NEZDODI5OEI1MjJENDg4
Q0E1QzlFNjAeFw0yNTAxMjkxOTA3MzdaFw0yNjAzMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3OWE3Yzc5LTBiYjYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDcFoOS6qYU2Flf3pXpRu6VbPDBCWiirmpHl+nfMGGRR5j57d5+QpGEvoQPz47B
UE+KRTmKn5j6Fr8sGr0R3PEV9iaDuI9EmCpp7JEckYjEkBr6nkWYqpY+jgIIOaZk
Ne3DHhMAsYOvYGPjvZ1WATjkAs0LunxnCdjyMi/ytocnX+NSMnEVE4vkeNVv+22l
voC8FfuEDypH4dVwwMoB5vP8rqjmR6DpZyaEsYC/cUt9kFkUjkGpFXI22dWnpBt9
rXdyBvLfnie5oKL0sOtWswbMbaVR/Xq97p11/Ctz8PDDOS8bIzwrgS3L6x9JJzHq
88DyRpiQaO40sGt/u9PZZ16HAgMBAAGjggKmMIICojAdBgNVHQ4EFgQU5NbFuOk7
6M/kzyBaHOeEqeKQ7PowHwYDVR0jBBgwFoAUaRgc9FH4s/7GT8gpi1ItSIylyeYw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTZERTNEL0ZEMUU0NTUwREU2
NTExRUY4MjQzRUUzMEM0RjlBRTAyL2FSZ2M5Rkg0c183R1Q4Z3BpMUl0U0l5bHll
WS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvYVJnYzlGSDRzXzdHVDhncGkxSXRTSXlseWVZLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2
REUzRC9GRDFFNDU1MERFNjUxMUVGODI0M0VFMzBDNEY5QUUwMi8xQUZFMDhDQ0RF
NzQxMUVGQUE5MzhBODFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh
MB8wDAQCAAEwBgMEAaM9CDAPBAIAAjAJAwcAIAEN9P/AMA0GCSqGSIb3DQEBCwUA
A4IBAQB3D/dFgCF8AtTPHP9a1j4lZ4tBCuGFHD1XxcQlV1JHqheKav79+Rd4jOTa
/4TPCi2eTFUaF0FYZUlqpQKo8KlhtY0qHqJUfdoNB6G3+ajyUIha0GYbO7QwJI6t
tVSVma/r1qOzLElmgYy3d/bMStUduTpF6I/4ssjzplrd++n+W7aIs9Y/a3HhoROF
U2hHWOx1A0QJf6WZEwomuKkLOwaKTUpd+3Ky/I43o8AXYjKn9cFDMlc7c5baOi8i
Q/LJyUAl5N7/evthxseaFxd4FqKLKuT3KNtN/1XVwaauZho3upUSOr4iQ4BM/IbC
RQ5oa3nXn+j15Ha0Ka9gdm0nDxEH
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:07:59 2025 by rpki-client