Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9175648/218F268ADC9E11EF8B62DD5FC4F9AE02/3B3FA910F1CA11EFBEC31C30C4F9AE02.roa
File: 3B3FA910F1CA11EFBEC31C30C4F9AE02.roa (raw, json)
Hash identifier: 5At0/qGK7BX6QS4mrcSmxpO9sS2SMJ5TMCGC/Pk3f/g=
Subject key identifier: F1:5C:D3:45:B6:64:1A:B0:9D:14:F3:8B:43:63:6F:7A:F5:7E:7C:1A
Certificate issuer: /CN=A9175648/serialNumber=2C1C07D151271969E13E1CFD161B1F60770E290D
Certificate serial: 2D
Authority key identifier: 2C:1C:07:D1:51:27:19:69:E1:3E:1C:FD:16:1B:1F:60:77:0E:29:0D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LBwH0VEnGWnhPhz9FhsfYHcOKQ0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9175648/218F268ADC9E11EF8B62DD5FC4F9AE02/3B3FA910F1CA11EFBEC31C30C4F9AE02.roa
Signing time: Sun 23 Feb 2025 09:47:11 +0000
ROA not before: Sun 23 Feb 2025 09:47:11 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 141385
IP address blocks: 163.61.16.0/24 maxlen: 24
2001:df5:c0::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 01 Mar 2025 08:43:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 45 (0x2d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9175648
Validity
Not Before: Feb 23 09:47:11 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67baee9f-804a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:37:41:68:85:7f:b7:2b:12:80:00:58:f2:ba:
24:bb:a6:f0:b6:56:ad:25:c8:33:11:39:60:da:d9:
49:7a:6f:e8:15:17:42:bd:7a:32:2a:99:97:3f:61:
e6:2b:0b:50:3a:cc:02:71:b5:e6:18:98:4e:e5:e1:
b1:44:32:b9:f8:12:83:f4:cc:4f:1e:b2:28:a6:ff:
23:2c:72:ff:ae:fb:ce:86:f5:d3:ce:bb:0e:1f:2e:
d1:e2:bf:3b:67:79:28:ff:53:7e:ab:44:36:01:b5:
e8:ac:28:f2:c4:30:b6:cf:51:51:a0:37:d9:db:3d:
b6:e6:39:f5:f4:0e:93:f0:95:6f:b3:a0:98:70:65:
db:50:2b:3d:fd:2f:43:1a:19:fc:a9:dd:c6:bb:40:
11:c9:47:22:f3:5e:20:9b:cb:39:55:22:b3:fc:9a:
86:11:43:c9:5b:0c:d7:c9:b2:b6:aa:fe:8f:e5:c7:
24:95:74:35:f8:86:65:5e:ed:e2:49:85:fd:ec:8e:
74:f5:62:1a:bb:fa:59:52:87:0d:a2:f1:f5:75:26:
34:56:7a:c4:74:a9:42:79:1f:9e:6c:77:0d:16:1b:
b7:dc:05:e3:3a:0c:c3:5e:88:5c:42:d1:3c:ac:9a:
48:0c:b7:bb:56:a7:30:77:07:59:3f:e6:ac:48:72:
bf:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:5C:D3:45:B6:64:1A:B0:9D:14:F3:8B:43:63:6F:7A:F5:7E:7C:1A
X509v3 Authority Key Identifier:
keyid:2C:1C:07:D1:51:27:19:69:E1:3E:1C:FD:16:1B:1F:60:77:0E:29:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9175648/218F268ADC9E11EF8B62DD5FC4F9AE02/LBwH0VEnGWnhPhz9FhsfYHcOKQ0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LBwH0VEnGWnhPhz9FhsfYHcOKQ0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9175648/218F268ADC9E11EF8B62DD5FC4F9AE02/3B3FA910F1CA11EFBEC31C30C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
163.61.16.0/24
IPv6:
2001:df5:c0::/48
Signature Algorithm: sha256WithRSAEncryption
76:e0:80:09:a7:ef:59:b0:d9:90:f4:df:bb:54:95:e4:51:5a:
2b:61:df:e9:16:c7:bc:18:2c:80:6b:ec:29:be:cd:81:b7:f9:
65:7f:bc:07:40:65:d0:a7:17:95:f5:79:6b:f8:53:65:f6:c8:
7b:fc:1f:33:33:f2:22:a9:17:40:18:4c:87:d0:7b:05:b0:c5:
b0:31:d9:f7:6d:b6:f5:67:31:c9:15:d3:5b:23:65:90:0e:16:
c7:b9:42:e0:84:f4:f9:02:a5:71:01:75:21:b6:a6:c2:ea:30:
6e:d6:54:ac:2b:00:17:13:f1:6f:fc:39:d6:b4:48:9b:1d:b1:
ff:a8:6e:55:f9:04:d1:f4:e7:cb:93:49:12:ae:69:85:03:6c:
71:aa:67:46:4c:bc:25:28:c6:64:d8:59:fc:d5:16:6e:18:60:
d7:ed:c1:bf:48:36:5c:5c:9f:9c:17:46:8f:34:3a:32:0d:25:
7b:f3:1b:e6:1a:f8:2c:0b:5d:bb:e7:9d:61:c9:a2:b3:c1:0e:
46:63:d6:2a:3c:61:6d:17:59:8f:9a:d4:7a:94:3b:69:17:1a:
aa:33:3b:3a:93:95:86:5d:b2:17:49:a9:32:50:f7:6f:ae:e7:
38:29:24:29:82:88:c0:24:1f:2a:14:5c:b1:17:bd:d6:ed:33:
c8:ed:f6:07
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIBLTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3
NTY0ODExMC8GA1UEBRMoMkMxQzA3RDE1MTI3MTk2OUUxM0UxQ0ZEMTYxQjFGNjA3
NzBFMjkwRDAeFw0yNTAyMjMwOTQ3MTFaFw0yNjA1MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3YmFlZTlmLTgwNGEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCpN0FohX+3KxKAAFjyuiS7pvC2Vq0lyDMROWDa2Ul6b+gVF0K9ejIqmZc/YeYr
C1A6zAJxteYYmE7l4bFEMrn4EoP0zE8esiim/yMscv+u+86G9dPOuw4fLtHivztn
eSj/U36rRDYBteisKPLEMLbPUVGgN9nbPbbmOfX0DpPwlW+zoJhwZdtQKz39L0Ma
Gfyp3ca7QBHJRyLzXiCbyzlVIrP8moYRQ8lbDNfJsraq/o/lxySVdDX4hmVe7eJJ
hf3sjnT1Yhq7+llShw2i8fV1JjRWesR0qUJ5H55sdw0WG7fcBeM6DMNeiFxC0Tys
mkgMt7tWpzB3B1k/5qxIcr83AgMBAAGjggKmMIICojAdBgNVHQ4EFgQU8VzTRbZk
GrCdFPOLQ2NvevV+fBowHwYDVR0jBBgwFoAULBwH0VEnGWnhPhz9FhsfYHcOKQ0w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTc1NjQ4LzIxOEYyNjhBREM5
RTExRUY4QjYyREQ1RkM0RjlBRTAyL0xCd0gwVkVuR1duaFBoejlGaHNmWUhjT0tR
MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvTEJ3SDBWRW5HV25oUGh6OUZoc2ZZSGNPS1EwLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
NTY0OC8yMThGMjY4QURDOUUxMUVGOEI2MkRENUZDNEY5QUUwMi8zQjNGQTkxMEYx
Q0ExMUVGQkVDMzFDMzBDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh
MB8wDAQCAAEwBgMEAKM9EDAPBAIAAjAJAwcAIAEN9QDAMA0GCSqGSIb3DQEBCwUA
A4IBAQB24IAJp+9ZsNmQ9N+7VJXkUVorYd/pFse8GCyAa+wpvs2Bt/llf7wHQGXQ
pxeV9Xlr+FNl9sh7/B8zM/IiqRdAGEyH0HsFsMWwMdn3bbb1ZzHJFdNbI2WQDhbH
uULghPT5AqVxAXUhtqbC6jBu1lSsKwAXE/Fv/DnWtEibHbH/qG5V+QTR9OfLk0kS
rmmFA2xxqmdGTLwlKMZk2Fn81RZuGGDX7cG/SDZcXJ+cF0aPNDoyDSV78xvmGvgs
C127551hyaKzwQ5GY9YqPGFtF1mPmtR6lDtpFxqqMzs6k5WGXbIXSakyUPdvruc4
KSQpgojAJB8qFFyxF73W7TPI7fYH
-----END CERTIFICATE-----
Generated at Mon Apr 7 01:55:14 2025 by rpki-client