Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/C3C18594DEE011EF89ACD444C4F9AE02.roa
File: C3C18594DEE011EF89ACD444C4F9AE02.roa (raw, json)
Hash identifier: ntospq2kelSdquwHAhSVG2TA+3H1x+9hN45zNa/qvNo=
Subject key identifier: 77:7B:AE:08:B3:50:85:88:9D:ED:C2:9B:91:3A:04:23:11:A3:9B:2C
Certificate issuer: /CN=A91B5D7E/serialNumber=4CAE3AEFB1AC8ABDDB99BCCEE4FA5A916D157B34
Certificate serial: 35BE
Authority key identifier: 4C:AE:3A:EF:B1:AC:8A:BD:DB:99:BC:CE:E4:FA:5A:91:6D:15:7B:34
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TK4677Gsir3bmbzO5PpakW0VezQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/C3C18594DEE011EF89ACD444C4F9AE02.roa
Signing time: Thu 30 Jan 2025 08:04:01 +0000
ROA not before: Thu 30 Jan 2025 08:04:01 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 62425
IP address blocks: 116.90.100.0/24 maxlen: 24
116.90.115.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 12 Feb 2025 11:23:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13758 (0x35be)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B5D7E
Validity
Not Before: Jan 30 08:04:01 2025 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=679b3271-ffb9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:65:f7:a5:d0:17:fd:a7:8c:72:d6:fc:79:6a:
64:02:27:5a:4e:70:82:0e:2b:c2:07:92:f4:85:3e:
c1:7c:7a:6e:e5:68:4d:59:dc:a2:1f:c0:af:eb:45:
80:0c:4b:f5:2b:32:bc:0a:e2:18:b4:f8:e5:cc:9f:
34:ec:6f:d3:fa:3b:d5:6e:c0:07:05:b5:93:cd:2c:
19:d3:87:b9:a5:df:01:bc:d1:1d:ea:35:7d:36:37:
b4:41:a5:69:1a:31:71:15:af:8f:5e:68:e8:56:1e:
2f:d7:ff:c8:f5:38:b5:af:45:c6:9a:c5:32:91:d2:
a6:7d:50:95:eb:7e:cd:0c:b9:49:f4:ff:a9:aa:15:
77:33:72:23:5c:2f:d7:e8:8e:c1:ba:a3:f5:8b:e3:
9b:27:5d:da:ea:65:4d:76:8b:0f:1a:b2:4e:fe:95:
73:51:5e:82:cb:e7:94:3b:6e:9e:74:a8:14:f2:7a:
af:22:95:8e:6f:f9:bc:68:27:c1:59:a3:2e:a8:11:
03:4f:e8:f8:d7:55:04:f6:57:f0:13:81:34:ed:55:
f7:8e:74:b2:12:03:e5:61:9d:6e:13:a1:be:5b:95:
e7:77:24:32:90:b0:f0:4b:a4:e7:cc:63:dc:c8:08:
1b:0f:d9:31:6f:29:78:73:fb:cc:b0:b7:d6:08:4f:
02:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:7B:AE:08:B3:50:85:88:9D:ED:C2:9B:91:3A:04:23:11:A3:9B:2C
X509v3 Authority Key Identifier:
keyid:4C:AE:3A:EF:B1:AC:8A:BD:DB:99:BC:CE:E4:FA:5A:91:6D:15:7B:34
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/TK4677Gsir3bmbzO5PpakW0VezQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TK4677Gsir3bmbzO5PpakW0VezQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B5D7E/ECA682341D8711E298322DE008B02CD2/C3C18594DEE011EF89ACD444C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
116.90.100.0/24
116.90.115.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:7e:ed:f4:34:4e:b2:83:16:56:9a:78:6c:18:12:a7:64:c6:
5b:d4:5d:5c:9a:a5:c6:46:69:91:c6:7c:c4:f2:a0:98:3f:a4:
8c:91:0b:06:82:af:70:d2:0f:da:68:e7:cb:46:13:fc:cd:56:
e6:78:25:78:03:b0:27:06:43:12:56:50:d4:1b:2f:6e:11:9a:
7f:d7:8e:b1:30:3c:2f:52:cb:18:16:d0:87:33:17:fd:a3:93:
ae:d8:9a:66:4a:0c:94:15:22:78:d4:8b:8f:7e:7d:e6:bb:34:
ab:b2:8d:e4:0d:1c:e1:46:05:c8:40:56:c5:d9:ab:2f:43:f4:
bf:29:39:94:64:33:36:87:65:91:dc:3d:41:b2:b3:a2:e0:ef:
07:ed:34:5a:46:7a:46:2a:8b:ad:4b:ee:7f:f7:55:d1:c9:70:
4c:21:ae:1a:63:16:87:25:f0:c7:4e:27:8c:5e:77:b2:b6:b5:
40:dc:f8:d2:2c:6a:55:b0:d7:59:bd:7b:34:85:8e:bd:3c:ed:
db:f7:cb:b9:ed:24:0d:ea:41:46:47:51:bd:9e:43:15:a7:86:
00:39:65:83:93:b5:77:92:57:8b:2b:a0:1d:bd:b7:f4:ad:bc:
60:55:0a:93:58:1f:58:8f:0b:87:12:40:27:5d:48:62:c7:71:
d7:0f:47:92
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICNb4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjVEN0UxMTAvBgNVBAUTKDRDQUUzQUVGQjFBQzhBQkREQjk5QkNDRUU0RkE1QTkx
NkQxNTdCMzQwHhcNMjUwMTMwMDgwNDAxWhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzliMzI3MS1mZmI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvmX3pdAX/aeMctb8eWpkAidaTnCCDivCB5L0hT7BfHpu5WhNWdyiH8Cv60WA
DEv1KzK8CuIYtPjlzJ807G/T+jvVbsAHBbWTzSwZ04e5pd8BvNEd6jV9Nje0QaVp
GjFxFa+PXmjoVh4v1//I9Ti1r0XGmsUykdKmfVCV637NDLlJ9P+pqhV3M3IjXC/X
6I7BuqP1i+ObJ13a6mVNdosPGrJO/pVzUV6Cy+eUO26edKgU8nqvIpWOb/m8aCfB
WaMuqBEDT+j411UE9lfwE4E07VX3jnSyEgPlYZ1uE6G+W5XndyQykLDwS6TnzGPc
yAgbD9kxbyl4c/vMsLfWCE8CFQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFHd7rgiz
UIWIne3Cm5E6BCMRo5ssMB8GA1UdIwQYMBaAFEyuOu+xrIq925m8zuT6WpFtFXs0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNUQ3RS9FQ0E2ODIzNDFE
ODcxMUUyOTgzMjJERTAwOEIwMkNEMi9USzQ2NzdHc2lyM2JtYnpPNVBwYWtXMFZl
elEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1RLNDY3N0dzaXIzYm1iek81UHBha1cwVmV6US5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjVEN0UvRUNBNjgyMzQxRDg3MTFFMjk4MzIyREUwMDhCMDJDRDIvQzNDMTg1OTRE
RUUwMTFFRjg5QUNENDQ0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAB0WmQDBAB0WnMwDQYJKoZIhvcNAQELBQADggEBAGx+7fQ0
TrKDFlaaeGwYEqdkxlvUXVyapcZGaZHGfMTyoJg/pIyRCwaCr3DSD9po58tGE/zN
VuZ4JXgDsCcGQxJWUNQbL24Rmn/XjrEwPC9SyxgW0IczF/2jk67YmmZKDJQVInjU
i49+fea7NKuyjeQNHOFGBchAVsXZqy9D9L8pOZRkMzaHZZHcPUGys6Lg7wftNFpG
ekYqi61L7n/3VdHJcEwhrhpjFocl8MdOJ4xed7K2tUDc+NIsalWw11m9ezSFjr08
7dv3y7ntJA3qQUZHUb2eQxWnhgA5ZYOTtXeSV4sroB29t/StvGBVCpNYH1iPC4cS
QCddSGLHcdcPR5I=
-----END CERTIFICATE-----
Generated at Sat Apr 5 01:40:42 2025 by rpki-client