Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/3D6EC980F49C11EF9C4E450CC4F9AE02.roa
File: 3D6EC980F49C11EF9C4E450CC4F9AE02.roa (raw, json)
Hash identifier: u7YW4Mdm7UuJjLM/OJoYQmzj2NNvEBWEY8Itdqdz3H4=
Subject key identifier: E2:18:BB:3C:52:DA:4C:CF:9D:97:07:B4:4F:A2:C5:3F:9E:3B:54:B0
Certificate issuer: /CN=A91A560A/serialNumber=8AC721298F92E10A2EE3051AFBC9114284F80E12
Certificate serial: 0547
Authority key identifier: 8A:C7:21:29:8F:92:E1:0A:2E:E3:05:1A:FB:C9:11:42:84:F8:0E:12
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ischKY-S4Qou4wUa-8kRQoT4DhI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/3D6EC980F49C11EF9C4E450CC4F9AE02.roa
Signing time: Wed 26 Feb 2025 23:48:55 +0000
ROA not before: Wed 26 Feb 2025 23:48:55 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 45538
IP address blocks: 157.10.198.0/23 maxlen: 24
157.66.81.0/24 maxlen: 24
160.191.248.0/23 maxlen: 24
Validation: Failed, certificate revoked on Wed 05 Mar 2025 15:28:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1351 (0x547)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A560A, serialNumber=8AC721298F92E10A2EE3051AFBC9114284F80E12
Validity
Not Before: Feb 26 23:48:55 2025 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=67bfa867-6893
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:34:6c:a4:f0:71:06:2e:7b:80:f3:b1:aa:90:
33:43:7f:65:0e:e2:d8:0c:d4:c4:18:16:9d:14:f6:
d0:a1:64:2e:59:ff:f2:aa:42:41:31:fc:11:89:2e:
96:f8:f7:18:84:81:30:68:e4:54:66:9f:52:26:4a:
51:65:49:0a:50:88:dd:c6:7c:e9:d3:6c:fc:8b:f4:
24:97:08:c5:cd:ab:09:e0:74:3d:5e:02:93:27:5d:
7c:4e:13:a8:0f:ee:49:10:e8:5f:2f:fa:6f:c7:ca:
ee:ca:56:62:5f:83:8c:62:15:a9:fb:54:07:6b:e4:
d2:ec:92:8f:98:76:c5:6b:cd:7e:c8:8b:99:22:c8:
5b:3e:18:fa:5b:bc:ab:c5:ff:d4:60:46:c2:6f:af:
35:03:c6:f9:5b:05:88:ed:ec:39:37:92:3f:30:59:
17:40:be:76:b8:a6:39:cb:fc:50:1a:f2:cf:69:da:
19:c9:45:ca:18:a6:19:6d:bc:65:0d:b9:a6:a3:e2:
ac:a6:34:2d:31:51:53:b6:72:f3:1a:fe:0e:21:b9:
6f:86:dd:90:c9:5a:5f:03:41:a2:25:16:3f:60:3a:
05:5f:be:27:d1:96:b5:36:fe:85:8f:71:31:1b:d8:
4d:ed:de:96:33:13:27:2b:ff:09:23:a2:6d:45:76:
26:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:18:BB:3C:52:DA:4C:CF:9D:97:07:B4:4F:A2:C5:3F:9E:3B:54:B0
X509v3 Authority Key Identifier:
keyid:8A:C7:21:29:8F:92:E1:0A:2E:E3:05:1A:FB:C9:11:42:84:F8:0E:12
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/ischKY-S4Qou4wUa-8kRQoT4DhI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ischKY-S4Qou4wUa-8kRQoT4DhI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/20958618A9DF11EEA356A43EC4F9AE02/3D6EC980F49C11EF9C4E450CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
157.10.198.0/23
157.66.81.0/24
160.191.248.0/23
Signature Algorithm: sha256WithRSAEncryption
50:05:11:3a:ab:ec:1f:f3:72:dd:33:7f:27:6e:ad:77:1f:ed:
4d:ae:8d:9a:28:5d:92:f1:e6:11:c2:98:a5:8b:d6:7d:d9:77:
87:9b:2c:a9:e5:ba:e2:98:f1:5a:bc:6d:fe:2b:72:c9:fc:f9:
11:f3:4d:b7:ae:9c:58:2f:77:d9:44:0a:51:d8:9f:e6:43:88:
14:29:e6:1e:cf:5e:cb:18:e8:c4:6b:e1:9b:fd:af:e5:3a:ab:
dc:b7:c4:1a:2e:e0:43:2b:87:e7:e7:4f:5a:b7:83:31:33:98:
1d:65:84:26:58:e5:1c:0d:af:be:85:56:b2:43:e0:20:76:ef:
d5:b5:1c:07:88:3c:a3:e7:61:a4:85:f1:df:09:1d:af:4c:d3:
80:8d:1c:d6:28:dd:fe:4e:4c:11:06:a7:aa:83:82:a0:ac:0a:
da:2d:76:30:1c:4a:b8:23:81:db:bb:e2:78:ed:51:b5:f8:33:
12:e7:9f:4f:c5:2e:cf:de:b9:0b:ca:00:ee:64:9a:a7:ea:98:
47:35:5d:60:38:29:03:b9:88:0f:69:ea:6d:e9:ef:09:fc:a3:
83:71:6b:1b:85:6a:d7:5b:bf:bf:cd:33:a5:dc:c7:ca:c9:8c:
6b:6e:a5:a2:be:27:95:77:1e:d1:0b:c4:ca:e8:35:47:f5:ae:
09:a0:c6:56
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICBUcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDhBQzcyMTI5OEY5MkUxMEEyRUUzMDUxQUZCQzkxMTQy
ODRGODBFMTIwHhcNMjUwMjI2MjM0ODU1WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2JmYTg2Ny02ODkzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqDRspPBxBi57gPOxqpAzQ39lDuLYDNTEGBadFPbQoWQuWf/yqkJBMfwRiS6W
+PcYhIEwaORUZp9SJkpRZUkKUIjdxnzp02z8i/QklwjFzasJ4HQ9XgKTJ118ThOo
D+5JEOhfL/pvx8ruylZiX4OMYhWp+1QHa+TS7JKPmHbFa81+yIuZIshbPhj6W7yr
xf/UYEbCb681A8b5WwWI7ew5N5I/MFkXQL52uKY5y/xQGvLPadoZyUXKGKYZbbxl
Dbmmo+KspjQtMVFTtnLzGv4OIblvht2QyVpfA0GiJRY/YDoFX74n0Za1Nv6Fj3Ex
G9hN7d6WMxMnK/8JI6JtRXYmcQIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFOIYuzxS
2kzPnZcHtE+ixT+eO1SwMB8GA1UdIwQYMBaAFIrHISmPkuEKLuMFGvvJEUKE+A4S
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS8yMDk1ODYxOEE5
REYxMUVFQTM1NkE0M0VDNEY5QUUwMi9pc2NoS1ktUzRRb3U0d1VhLThrUlFvVDRE
aEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL2lzY2hLWS1TNFFvdTR3VWEtOGtSUW9UNERoSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvMjA5NTg2MThBOURGMTFFRUEzNTZBNDNFQzRGOUFFMDIvM0Q2RUM5ODBG
NDlDMTFFRjlDNEU0NTBDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgABMBIDBAGdCsYDBACdQlEDBAGgv/gwDQYJKoZIhvcNAQELBQADggEB
AFAFETqr7B/zct0zfydurXcf7U2ujZooXZLx5hHCmKWL1n3Zd4ebLKnluuKY8Vq8
bf4rcsn8+RHzTbeunFgvd9lEClHYn+ZDiBQp5h7PXssY6MRr4Zv9r+U6q9y3xBou
4EMrh+fnT1q3gzEzmB1lhCZY5RwNr76FVrJD4CB279W1HAeIPKPnYaSF8d8JHa9M
04CNHNYo3f5OTBEGp6qDgqCsCtotdjAcSrgjgdu74njtUbX4MxLnn0/FLs/euQvK
AO5kmqfqmEc1XWA4KQO5iA9p6m3p7wn8o4NxaxuFatdbv7/NM6Xcx8rJjGtupaK+
J5V3HtELxMroNUf1rgmgxlY=
-----END CERTIFICATE-----
Generated at Tue Apr 22 12:21:14 2025 by rpki-client