Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9170927/C106D33C04DC11F0B6B25A43C4F9AE02/7CB8088004DD11F08217FC57C4F9AE02.roa
File: 7CB8088004DD11F08217FC57C4F9AE02.roa (raw, json)
Hash identifier: LHLCz+FueKfUiKbc4ydjno3K+hI6+PqlkmtWb10plhI=
Subject key identifier: 73:5C:51:FF:72:F0:DE:55:DD:B9:66:C8:1B:7A:4E:CF:3B:1F:BB:83
Certificate issuer: /CN=A9170927/serialNumber=279C9D79824BA2046F138AF6CDB8A3B08F03BEB3
Certificate serial: 02
Authority key identifier: 27:9C:9D:79:82:4B:A2:04:6F:13:8A:F6:CD:B8:A3:B0:8F:03:BE:B3
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/J5ydeYJLogRvE4r2zbijsI8DvrM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9170927/C106D33C04DC11F0B6B25A43C4F9AE02/7CB8088004DD11F08217FC57C4F9AE02.roa
Signing time: Wed 19 Mar 2025 16:16:18 +0000
ROA not before: Wed 19 Mar 2025 16:16:18 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 149507
IP address blocks: 163.223.120.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 20 Mar 2025 05:22:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9170927
Validity
Not Before: Mar 19 16:16:18 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=67daedd1-7daf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:b3:f3:5d:38:94:8d:59:d6:c2:77:20:af:a1:
c1:ee:77:4a:24:0d:b7:01:9b:9d:29:78:45:99:b2:
ba:03:08:0c:c8:08:dd:96:3f:c7:c1:01:e7:0a:ab:
88:65:c4:bd:fc:78:6c:5c:ae:55:1e:3d:e8:a2:59:
cd:1a:93:1f:2c:fe:ab:87:18:8a:a0:0e:65:d0:97:
92:50:8a:89:9a:a9:be:e8:f6:e7:4a:ac:f8:4b:dd:
98:6f:77:8d:d9:b5:13:aa:7e:6d:d4:dd:72:95:2e:
aa:8e:44:f4:c2:8b:ae:7d:b0:9b:22:d8:0c:b7:97:
27:58:eb:a5:4f:e1:08:c9:6d:86:f1:a8:5a:25:58:
cd:cb:af:68:85:f5:6e:83:5a:fa:93:d7:97:7f:d1:
04:74:29:95:68:2c:17:a9:c8:8a:c8:a1:15:c5:e2:
27:54:88:cd:ab:62:c9:14:ca:1f:a7:fe:5d:24:ba:
d1:f0:30:6c:fe:4b:31:29:23:5c:6f:16:f5:38:ba:
a6:05:37:60:13:40:b0:bd:63:c1:dd:38:20:c9:2f:
71:9a:86:c3:e3:e2:25:f7:ae:3b:0e:8b:db:f3:1b:
1e:4d:d1:04:95:6e:9c:83:a8:e2:b6:6b:69:6e:00:
7f:88:cf:8b:63:72:ba:a1:e3:5d:6f:8b:f2:7a:f1:
33:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:5C:51:FF:72:F0:DE:55:DD:B9:66:C8:1B:7A:4E:CF:3B:1F:BB:83
X509v3 Authority Key Identifier:
keyid:27:9C:9D:79:82:4B:A2:04:6F:13:8A:F6:CD:B8:A3:B0:8F:03:BE:B3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9170927/C106D33C04DC11F0B6B25A43C4F9AE02/J5ydeYJLogRvE4r2zbijsI8DvrM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/J5ydeYJLogRvE4r2zbijsI8DvrM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9170927/C106D33C04DC11F0B6B25A43C4F9AE02/7CB8088004DD11F08217FC57C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
163.223.120.0/23
Signature Algorithm: sha256WithRSAEncryption
4c:aa:c6:29:cc:ff:3b:45:fe:67:8a:0e:09:60:1b:6b:29:6d:
28:9d:5a:b7:c7:33:b6:55:89:33:81:db:32:16:73:44:ab:ba:
ba:62:c4:8c:c9:e9:2f:13:fd:e6:98:6e:2d:40:ca:53:a8:1b:
53:26:f9:1b:c1:e5:46:6c:49:01:ad:cc:b8:06:0e:98:29:d8:
e0:7d:a3:76:d6:51:16:9b:75:55:60:c2:c9:53:51:af:bb:1f:
81:ec:74:34:2f:1c:76:41:d4:1a:bb:6c:aa:49:6c:99:a1:a1:
0d:96:8e:66:d8:0a:b6:23:40:54:10:7b:c2:66:df:5a:5e:39:
a7:85:ce:85:5a:a3:20:7a:f5:d6:f9:0a:1c:6a:78:60:41:a7:
3c:e3:0d:f5:da:5b:3f:a7:5e:f0:4d:b2:b3:c7:0e:76:9b:7c:
ef:44:37:27:4c:a1:3e:f4:9c:90:88:e4:84:59:1f:66:00:a8:
96:44:45:72:9d:30:ef:0a:5e:ce:0c:56:f8:b8:81:02:30:9a:
6b:6a:0e:69:df:1d:2b:bb:48:76:68:f7:91:9f:14:b9:a2:10:
c3:56:40:ef:36:61:0a:93:ae:2b:bb:23:88:31:24:19:5b:5f:
0a:29:02:46:cd:d3:c1:a1:19:a6:5d:f1:71:c5:70:f5:07:7d:
98:95:13:c9
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3
MDkyNzExMC8GA1UEBRMoMjc5QzlENzk4MjRCQTIwNDZGMTM4QUY2Q0RCOEEzQjA4
RjAzQkVCMzAeFw0yNTAzMTkxNjE2MThaFw0yNjA1MjgwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3ZGFlZGQxLTdkYWYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC1s/NdOJSNWdbCdyCvocHud0okDbcBm50peEWZsroDCAzICN2WP8fBAecKq4hl
xL38eGxcrlUePeiiWc0akx8s/quHGIqgDmXQl5JQiomaqb7o9udKrPhL3Zhvd43Z
tROqfm3U3XKVLqqORPTCi659sJsi2Ay3lydY66VP4QjJbYbxqFolWM3Lr2iF9W6D
WvqT15d/0QR0KZVoLBepyIrIoRXF4idUiM2rYskUyh+n/l0kutHwMGz+SzEpI1xv
FvU4uqYFN2ATQLC9Y8HdOCDJL3GahsPj4iX3rjsOi9vzGx5N0QSVbpyDqOK2a2lu
AH+Iz4tjcrqh411vi/J68TPdAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUc1xR/3Lw
3lXduWbIG3pOzzsfu4MwHwYDVR0jBBgwFoAUJ5ydeYJLogRvE4r2zbijsI8DvrMw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTcwOTI3L0MxMDZEMzNDMDRE
QzExRjBCNkIyNUE0M0M0RjlBRTAyL0o1eWRlWUpMb2dSdkU0cjJ6Ymlqc0k4RHZy
TS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvSjV5ZGVZSkxvZ1J2RTRyMnpiaWpzSThEdnJNLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
MDkyNy9DMTA2RDMzQzA0REMxMUYwQjZCMjVBNDNDNEY5QUUwMi83Q0I4MDg4MDA0
REQxMUYwODIxN0ZDNTdDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAaPfeDANBgkqhkiG9w0BAQsFAAOCAQEATKrGKcz/O0X+Z4oO
CWAbayltKJ1at8cztlWJM4HbMhZzRKu6umLEjMnpLxP95phuLUDKU6gbUyb5G8Hl
RmxJAa3MuAYOmCnY4H2jdtZRFpt1VWDCyVNRr7sfgex0NC8cdkHUGrtsqklsmaGh
DZaOZtgKtiNAVBB7wmbfWl45p4XOhVqjIHr11vkKHGp4YEGnPOMN9dpbP6de8E2y
s8cOdpt870Q3J0yhPvSckIjkhFkfZgColkRFcp0w7wpezgxW+LiBAjCaa2oOad8d
K7tIdmj3kZ8UuaIQw1ZA7zZhCpOuK7sjiDEkGVtfCikCRs3TwaEZpl3xccVw9Qd9
mJUTyQ==
-----END CERTIFICATE-----
Generated at Sat Apr 5 13:48:42 2025 by rpki-client