Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916F0E8/2D306B34F44511EFA8C52646C4F9AE02/F3229F38F44511EFB636B464C4F9AE02.roa
File: F3229F38F44511EFB636B464C4F9AE02.roa (raw, json)
Hash identifier: B0q4cUX8VVB8XcPWLSJob9ZUavvkIS4gZAdv8DWQNPk=
Subject key identifier: 0C:4A:8A:D5:C3:B1:6B:89:DD:74:B0:29:35:B4:34:DC:20:7A:6A:3A
Certificate issuer: /CN=A916F0E8/serialNumber=EC2EC1E59910683A3ED5E7A94F89F674D967CB90
Certificate serial: 02
Authority key identifier: EC:2E:C1:E5:99:10:68:3A:3E:D5:E7:A9:4F:89:F6:74:D9:67:CB:90
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7C7B5ZkQaDo-1eepT4n2dNlny5A.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916F0E8/2D306B34F44511EFA8C52646C4F9AE02/F3229F38F44511EFB636B464C4F9AE02.roa
Signing time: Wed 26 Feb 2025 13:31:15 +0000
ROA not before: Wed 26 Feb 2025 13:31:15 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 134732
IP address blocks: 163.61.240.0/23 maxlen: 24
Validation: Failed, certificate revoked on Sat 28 Jun 2025 07:46:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916F0E8, serialNumber=EC2EC1E59910683A3ED5E7A94F89F674D967CB90
Validity
Not Before: Feb 26 13:31:15 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=67bf17a2-8d06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:1b:64:6c:1d:6a:63:bd:37:76:a4:c5:b5:b3:
b0:32:d5:05:0d:d0:e7:80:48:0a:bf:3e:71:f3:0e:
50:43:04:d7:79:9a:ff:fc:81:37:0a:51:28:33:93:
c3:37:f8:8d:f4:40:8c:2c:8d:95:d1:59:78:ff:2d:
66:13:cc:43:23:e0:40:a0:18:40:3d:42:5e:1d:60:
6f:95:13:0c:eb:bb:ac:a4:a4:06:5c:9b:f5:b3:44:
cf:b4:76:d0:85:74:54:09:3f:de:ac:04:a0:0b:e3:
2b:76:91:50:e7:e1:43:7a:f8:9e:21:f6:c0:85:3b:
ed:fe:4a:0f:f3:7b:29:51:56:fa:e8:8a:2a:11:44:
71:30:58:36:73:30:98:24:fb:78:6f:08:b6:23:20:
62:5c:08:10:7e:1e:0a:ea:5e:b8:46:97:02:3e:15:
fb:46:da:05:05:f6:a4:ba:f6:9d:4c:42:d0:9d:52:
cc:b9:7b:48:63:06:10:8a:b5:b8:32:85:56:7f:e4:
35:0e:37:f4:4c:0a:99:c2:10:0a:17:e1:0a:08:6f:
4d:2f:5e:7f:cb:f1:a1:3e:95:98:1d:a5:1d:fb:8e:
c2:1d:69:65:fa:99:9b:31:ff:70:b0:4e:2b:a2:0e:
80:9f:87:33:5b:e0:14:c0:d7:21:25:65:d8:98:f2:
fc:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:4A:8A:D5:C3:B1:6B:89:DD:74:B0:29:35:B4:34:DC:20:7A:6A:3A
X509v3 Authority Key Identifier:
keyid:EC:2E:C1:E5:99:10:68:3A:3E:D5:E7:A9:4F:89:F6:74:D9:67:CB:90
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916F0E8/2D306B34F44511EFA8C52646C4F9AE02/7C7B5ZkQaDo-1eepT4n2dNlny5A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7C7B5ZkQaDo-1eepT4n2dNlny5A.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916F0E8/2D306B34F44511EFA8C52646C4F9AE02/F3229F38F44511EFB636B464C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
163.61.240.0/23
Signature Algorithm: sha256WithRSAEncryption
0a:f3:60:16:63:87:33:3e:f6:69:b4:31:52:01:b3:c7:03:e8:
ff:a5:aa:66:e2:fe:b8:62:d4:84:9b:61:97:9d:97:22:ec:aa:
aa:9c:ed:d2:0c:51:3d:a8:fa:84:d0:7b:9e:27:b3:66:74:93:
df:56:ba:50:cd:c6:8f:2e:81:23:78:1e:fe:f7:d0:d8:3e:a0:
17:a2:83:77:49:34:06:50:6c:20:92:2f:dc:a7:15:62:41:91:
71:42:45:d7:e7:20:77:8a:3e:04:e1:bb:2a:4c:44:f5:d3:c8:
a7:5d:94:ac:73:78:24:35:cf:68:44:cd:e5:84:a5:f6:65:21:
33:23:00:55:d9:dd:e2:24:d1:f1:74:b9:64:6b:79:5a:c0:32:
07:4a:b1:ef:0c:39:57:67:88:51:5d:d5:c4:5a:ec:26:14:a3:
85:95:9c:20:97:a0:10:24:52:cd:ec:49:90:7e:b1:b9:d1:c2:
de:f3:b7:eb:99:5e:62:55:d3:dd:c4:67:a6:26:5c:0f:18:31:
a2:02:07:b7:b2:58:10:ca:f5:0c:f7:6f:4c:a7:80:57:f3:9e:
ad:35:39:d5:d2:05:89:81:dc:92:bd:6e:bd:39:1b:56:f9:da:
56:ee:f1:91:2c:8e:63:f6:35:4a:a0:aa:0a:a9:22:01:1f:ff:
93:c8:c3:b4
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE2
RjBFODExMC8GA1UEBRMoRUMyRUMxRTU5OTEwNjgzQTNFRDVFN0E5NEY4OUY2NzRE
OTY3Q0I5MDAeFw0yNTAyMjYxMzMxMTVaFw0yNjA1MjgwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3YmYxN2EyLThkMDYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDBG2RsHWpjvTd2pMW1s7Ay1QUN0OeASAq/PnHzDlBDBNd5mv/8gTcKUSgzk8M3
+I30QIwsjZXRWXj/LWYTzEMj4ECgGEA9Ql4dYG+VEwzru6ykpAZcm/WzRM+0dtCF
dFQJP96sBKAL4yt2kVDn4UN6+J4h9sCFO+3+Sg/zeylRVvroiioRRHEwWDZzMJgk
+3hvCLYjIGJcCBB+HgrqXrhGlwI+FftG2gUF9qS69p1MQtCdUsy5e0hjBhCKtbgy
hVZ/5DUON/RMCpnCEAoX4QoIb00vXn/L8aE+lZgdpR37jsIdaWX6mZsx/3CwTiui
DoCfhzNb4BTA1yElZdiY8vy3AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUDEqK1cOx
a4nddLApNbQ03CB6ajowHwYDVR0jBBgwFoAU7C7B5ZkQaDo+1eepT4n2dNlny5Aw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTZGMEU4LzJEMzA2QjM0RjQ0
NTExRUZBOEM1MjY0NkM0RjlBRTAyLzdDN0I1WmtRYURvLTFlZXBUNG4yZE5sbnk1
QS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvN0M3QjVaa1FhRG8tMWVlcFQ0bjJkTmxueTVBLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2
RjBFOC8yRDMwNkIzNEY0NDUxMUVGQThDNTI2NDZDNEY5QUUwMi9GMzIyOUYzOEY0
NDUxMUVGQjYzNkI0NjRDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAaM98DANBgkqhkiG9w0BAQsFAAOCAQEACvNgFmOHMz72abQx
UgGzxwPo/6WqZuL+uGLUhJthl52XIuyqqpzt0gxRPaj6hNB7niezZnST31a6UM3G
jy6BI3ge/vfQ2D6gF6KDd0k0BlBsIJIv3KcVYkGRcUJF1+cgd4o+BOG7KkxE9dPI
p12UrHN4JDXPaETN5YSl9mUhMyMAVdnd4iTR8XS5ZGt5WsAyB0qx7ww5V2eIUV3V
xFrsJhSjhZWcIJegECRSzexJkH6xudHC3vO365leYlXT3cRnpiZcDxgxogIHt7JY
EMr1DPdvTKeAV/OerTU51dIFiYHckr1uvTkbVvnaVu7xkSyOY/Y1SqCqCqkiAR//
k8jDtA==
-----END CERTIFICATE-----
Generated at Mon Jul 21 18:22:12 2025 by rpki-client