Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C1A14/F7E864468FBC11EAA8C3127BC4F9AE02/7CD5A60E8FBE11EA9797847DC4F9AE02.roa
File: 7CD5A60E8FBE11EA9797847DC4F9AE02.roa (raw, json)
Hash identifier: JD1VwN2qL7tJ+aMVUdn8LHJxUl0l2P5uQxqJg5r4Mak=
Subject key identifier: F3:0C:9C:93:61:52:F6:03:8B:5A:01:E1:CB:CE:EF:EC:EE:9F:AC:22
Certificate issuer: /CN=A91C1A14/serialNumber=598DD5A39AE477658AD5BCBFE36264A1A61D6708
Certificate serial: 094F
Authority key identifier: 59:8D:D5:A3:9A:E4:77:65:8A:D5:BC:BF:E3:62:64:A1:A6:1D:67:08
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WY3Vo5rkd2WK1by_42JkoaYdZwg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C1A14/F7E864468FBC11EAA8C3127BC4F9AE02/7CD5A60E8FBE11EA9797847DC4F9AE02.roa
Signing time: Mon 06 Jan 2025 20:09:39 +0000
ROA not before: Mon 06 Jan 2025 20:09:39 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 9557
IP address blocks: 43.225.99.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 04 Feb 2025 06:14:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2383 (0x94f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C1A14
Validity
Not Before: Jan 6 20:09:39 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=677c3882-88b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:bc:0f:47:60:6d:90:80:c2:32:41:95:ac:c9:
db:bb:04:57:7f:11:7b:0e:ad:1b:7c:9d:17:d1:2a:
ba:1c:5a:a4:d9:81:6e:65:10:4f:58:c8:99:b4:5e:
5e:8e:d2:de:4c:41:44:d2:a1:ef:16:e2:49:4d:b9:
3c:6e:82:64:57:1a:9a:0e:4f:2f:d8:d9:3b:24:e5:
6b:0e:86:80:f5:0d:12:2c:c4:f9:07:92:e7:19:fb:
46:4b:b4:92:9d:0a:87:a9:7e:63:d8:96:b3:f0:17:
d7:76:55:5f:c4:71:de:12:5f:3e:75:58:d2:df:76:
15:5d:79:5e:e5:50:0b:9a:4c:ca:16:f7:f7:7c:14:
5c:7d:c0:54:3c:bc:68:6b:10:97:81:b5:c2:e1:82:
79:32:cc:f5:fd:65:6f:0f:19:f5:27:ee:93:38:13:
c5:fd:2c:5f:a2:dc:65:42:93:3d:3a:31:14:33:25:
9d:64:0a:33:3f:59:c2:ea:61:76:73:db:28:d9:60:
03:68:d1:84:3f:7d:98:e7:69:9d:05:ff:d6:5d:a3:
3d:e2:4e:b7:bc:d3:fe:88:ac:7a:24:0a:98:68:64:
75:ec:de:d0:76:1f:64:04:ee:75:28:e9:81:e5:c7:
ac:9d:27:bc:ee:64:22:17:d1:d3:a4:bb:ad:60:98:
34:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:0C:9C:93:61:52:F6:03:8B:5A:01:E1:CB:CE:EF:EC:EE:9F:AC:22
X509v3 Authority Key Identifier:
keyid:59:8D:D5:A3:9A:E4:77:65:8A:D5:BC:BF:E3:62:64:A1:A6:1D:67:08
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C1A14/F7E864468FBC11EAA8C3127BC4F9AE02/WY3Vo5rkd2WK1by_42JkoaYdZwg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WY3Vo5rkd2WK1by_42JkoaYdZwg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C1A14/F7E864468FBC11EAA8C3127BC4F9AE02/7CD5A60E8FBE11EA9797847DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.225.99.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:e9:e0:d8:01:00:ab:7e:dc:7b:d0:86:c1:7f:e0:fc:4f:bf:
f8:62:26:58:36:e7:b6:a7:59:98:75:54:18:f5:8e:81:28:17:
94:57:53:1c:5a:26:fa:4b:b9:99:55:f3:d3:93:d1:53:d6:17:
f8:6f:e3:92:05:18:fc:23:91:31:02:61:3e:f1:91:c8:19:43:
a1:eb:0c:af:11:d1:24:5d:78:6d:8a:cd:50:d4:d5:e9:ae:a9:
9b:01:2f:1f:74:38:14:3d:19:be:c0:fc:1b:07:47:6e:74:30:
43:87:ef:f5:53:8b:e1:67:68:65:61:c0:c5:20:8e:3d:01:84:
dc:52:9d:ce:65:f0:df:a4:4e:09:8d:df:d9:ed:d1:ca:82:ed:
6c:dc:39:a0:3a:44:15:e8:d9:04:99:4d:a1:3f:66:00:ce:bd:
1d:3b:a9:be:4d:bc:a8:b1:3d:2d:7d:60:c1:da:82:c0:64:f1:
91:61:7f:0e:d7:0a:aa:4c:17:e1:fc:23:ca:64:99:0a:63:57:
40:59:c3:99:b4:3e:5f:01:95:ad:e9:07:ab:e9:c5:a3:6f:2e:
64:df:df:9d:b5:29:f8:d1:f2:19:af:28:8f:85:43:f7:4f:c6:
2d:55:9c:1e:3c:f5:84:c3:30:e6:d3:e4:53:cd:c8:84:50:e4:
fe:c4:3a:90
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCU8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzFBMTQxMTAvBgNVBAUTKDU5OERENUEzOUFFNDc3NjU4QUQ1QkNCRkUzNjI2NEEx
QTYxRDY3MDgwHhcNMjUwMTA2MjAwOTM5WhcNMjYwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzdjMzg4Mi04OGI0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2bwPR2BtkIDCMkGVrMnbuwRXfxF7Dq0bfJ0X0Sq6HFqk2YFuZRBPWMiZtF5e
jtLeTEFE0qHvFuJJTbk8boJkVxqaDk8v2Nk7JOVrDoaA9Q0SLMT5B5LnGftGS7SS
nQqHqX5j2Jaz8BfXdlVfxHHeEl8+dVjS33YVXXle5VALmkzKFvf3fBRcfcBUPLxo
axCXgbXC4YJ5Msz1/WVvDxn1J+6TOBPF/SxfotxlQpM9OjEUMyWdZAozP1nC6mF2
c9so2WADaNGEP32Y52mdBf/WXaM94k63vNP+iKx6JAqYaGR17N7Qdh9kBO51KOmB
5cesnSe87mQiF9HTpLutYJg0hQIDAQABo4IClTCCApEwHQYDVR0OBBYEFPMMnJNh
UvYDi1oB4cvO7+zun6wiMB8GA1UdIwQYMBaAFFmN1aOa5HdlitW8v+NiZKGmHWcI
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMUExNC9GN0U4NjQ0NjhG
QkMxMUVBQThDMzEyN0JDNEY5QUUwMi9XWTNWbzVya2QyV0sxYnlfNDJKa29hWWRa
d2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1dZM1ZvNXJrZDJXSzFieV80Mkprb2FZZFp3Zy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzFBMTQvRjdFODY0NDY4RkJDMTFFQUE4QzMxMjdCQzRGOUFFMDIvN0NENUE2MEU4
RkJFMTFFQTk3OTc4NDdEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAAr4WMwDQYJKoZIhvcNAQELBQADggEBAJvp4NgBAKt+3HvQ
hsF/4PxPv/hiJlg257anWZh1VBj1joEoF5RXUxxaJvpLuZlV89OT0VPWF/hv45IF
GPwjkTECYT7xkcgZQ6HrDK8R0SRdeG2KzVDU1emuqZsBLx90OBQ9Gb7A/BsHR250
MEOH7/VTi+FnaGVhwMUgjj0BhNxSnc5l8N+kTgmN39nt0cqC7WzcOaA6RBXo2QSZ
TaE/ZgDOvR07qb5NvKixPS19YMHagsBk8ZFhfw7XCqpMF+H8I8pkmQpjV0BZw5m0
Pl8Bla3pB6vpxaNvLmTf3521KfjR8hmvKI+FQ/dPxi1VnB489YTDMObT5FPNyIRQ
5P7EOpA=
-----END CERTIFICATE-----
Generated at Sat Apr 5 01:58:03 2025 by rpki-client