Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91FF1CC/3AFC33E2EF6311EFBF64AB6AC4F9AE02/9E5B7C40EF6311EF93DD7172C4F9AE02.roa
File: 9E5B7C40EF6311EF93DD7172C4F9AE02.roa (raw, json)
Hash identifier: v4SZbKm0QQdFAz2+lkR6Uc/QYEXsm7QHYywdlmMH7fI=
Subject key identifier: 71:EF:7A:3C:7B:AD:F3:5A:20:80:E2:D6:9A:1F:03:B9:11:F6:81:1F
Certificate issuer: /CN=A91FF1CC/serialNumber=446FAF923BEBAF96357287FE250991C75491454D
Certificate serial: 02
Authority key identifier: 44:6F:AF:92:3B:EB:AF:96:35:72:87:FE:25:09:91:C7:54:91:45:4D
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/RG-vkjvrr5Y1cof-JQmRx1SRRU0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91FF1CC/3AFC33E2EF6311EFBF64AB6AC4F9AE02/9E5B7C40EF6311EF93DD7172C4F9AE02.roa
Signing time: Thu 20 Feb 2025 08:21:02 +0000
ROA not before: Thu 20 Feb 2025 08:21:01 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 138346
IP address blocks: 161.248.56.0/23 maxlen: 23
161.248.56.0/24 maxlen: 24
161.248.57.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 16 Mar 2025 08:50:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91FF1CC
Validity
Not Before: Feb 20 08:21:01 2025 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=67b6e5ed-1fef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:d7:bc:6e:53:91:09:58:16:5f:6b:27:31:75:
5c:6c:26:09:3d:ae:41:20:dc:c7:09:50:45:f2:6a:
b8:f3:33:02:6e:2c:68:0f:0e:bc:9d:9d:7f:09:c2:
a9:6c:ea:58:51:2c:a9:28:08:92:7a:7c:2e:3d:54:
83:da:ab:92:e0:a6:fb:59:d6:0c:81:1a:10:e2:67:
8c:e6:7f:18:49:b1:74:37:49:3a:a0:76:9a:41:1d:
ee:cf:c3:dc:29:96:e1:e1:05:46:ef:51:04:c7:ee:
9f:e8:0b:8d:a0:76:ed:8e:86:31:52:a5:d7:31:f7:
09:9f:9a:e4:e4:56:43:e8:da:24:38:20:f9:84:e1:
c4:45:cd:cf:1f:e3:c5:e3:dc:69:ef:ae:e1:2a:5b:
62:89:7d:24:54:84:5b:b3:d9:45:d7:26:19:25:75:
5f:05:76:f9:65:d2:dd:dc:54:ad:d6:86:87:7d:7c:
c9:38:48:7b:34:37:5b:3b:1f:6b:81:29:2c:02:37:
6a:20:f4:cd:56:b6:72:eb:fb:c2:a7:df:d8:17:b6:
05:ec:0c:ee:8b:9f:2b:30:88:94:e0:62:f1:69:9b:
f8:78:8f:74:92:94:0c:53:a4:00:b5:a6:ed:a0:f1:
83:9a:33:2a:ae:d8:97:b6:5d:73:54:6f:0f:9c:16:
d3:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:EF:7A:3C:7B:AD:F3:5A:20:80:E2:D6:9A:1F:03:B9:11:F6:81:1F
X509v3 Authority Key Identifier:
keyid:44:6F:AF:92:3B:EB:AF:96:35:72:87:FE:25:09:91:C7:54:91:45:4D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91FF1CC/3AFC33E2EF6311EFBF64AB6AC4F9AE02/RG-vkjvrr5Y1cof-JQmRx1SRRU0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/RG-vkjvrr5Y1cof-JQmRx1SRRU0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FF1CC/3AFC33E2EF6311EFBF64AB6AC4F9AE02/9E5B7C40EF6311EF93DD7172C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
161.248.56.0/23
Signature Algorithm: sha256WithRSAEncryption
a0:c0:44:11:73:1c:fd:38:0c:87:01:97:b0:7f:04:2f:82:14:
ea:8d:90:97:bb:b4:7e:81:78:34:e9:90:ba:79:0d:c4:3f:d7:
19:61:fa:98:7d:ca:8e:16:45:14:b9:d2:ce:61:ba:1f:b9:7f:
64:06:c6:72:90:9f:46:da:f2:f1:8e:53:78:3b:4e:58:5f:aa:
c8:bc:e8:c6:38:72:72:68:c1:9f:33:a6:23:db:29:e8:76:68:
60:fa:08:bb:21:db:9e:72:82:75:76:f1:db:c1:8c:a5:46:d4:
f8:0f:67:aa:68:45:8e:e6:7f:6e:d4:73:00:87:64:cb:77:74:
9c:39:90:4c:8d:69:bb:d0:18:c2:bf:20:6c:a9:03:50:45:0a:
a3:24:14:40:49:2e:cb:03:a7:f8:7c:3f:66:71:b6:8d:da:ef:
a2:d1:7c:43:32:ba:00:4a:3e:b5:a4:43:da:f5:4d:b7:c9:e1:
cd:59:dd:07:fe:71:78:b5:33:97:25:68:57:12:04:47:8e:17:
4a:d6:59:5a:4e:d4:d2:b0:54:4d:9e:fd:82:fa:15:fc:5e:74:
f7:9d:4b:3c:e0:75:21:1b:1d:00:5b:89:40:2a:17:db:b6:bf:
1c:28:64:77:6f:0d:fe:02:88:25:d5:40:e7:cc:6b:47:74:fe:
90:1e:c1:06
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG
RjFDQzExMC8GA1UEBRMoNDQ2RkFGOTIzQkVCQUY5NjM1NzI4N0ZFMjUwOTkxQzc1
NDkxNDU0RDAeFw0yNTAyMjAwODIxMDFaFw0yNjAxMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3YjZlNWVkLTFmZWYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDS17xuU5EJWBZfaycxdVxsJgk9rkEg3McJUEXyarjzMwJuLGgPDrydnX8Jwqls
6lhRLKkoCJJ6fC49VIPaq5LgpvtZ1gyBGhDiZ4zmfxhJsXQ3STqgdppBHe7Pw9wp
luHhBUbvUQTH7p/oC42gdu2OhjFSpdcx9wmfmuTkVkPo2iQ4IPmE4cRFzc8f48Xj
3GnvruEqW2KJfSRUhFuz2UXXJhkldV8Fdvll0t3cVK3Whod9fMk4SHs0N1s7H2uB
KSwCN2og9M1WtnLr+8Kn39gXtgXsDO6LnyswiJTgYvFpm/h4j3SSlAxTpAC1pu2g
8YOaMyqu2Je2XXNUbw+cFtO/AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUce96PHut
81oggOLWmh8DuRH2gR8wHwYDVR0jBBgwFoAURG+vkjvrr5Y1cof+JQmRx1SRRU0w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUZGMUNDLzNBRkMzM0UyRUY2
MzExRUZCRjY0QUI2QUM0RjlBRTAyL1JHLXZranZycjVZMWNvZi1KUW1SeDFTUlJV
MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvUkctdmtqdnJyNVkxY29mLUpRbVJ4MVNSUlUwLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG
RjFDQy8zQUZDMzNFMkVGNjMxMUVGQkY2NEFCNkFDNEY5QUUwMi85RTVCN0M0MEVG
NjMxMUVGOTNERDcxNzJDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAaH4ODANBgkqhkiG9w0BAQsFAAOCAQEAoMBEEXMc/TgMhwGX
sH8EL4IU6o2Ql7u0foF4NOmQunkNxD/XGWH6mH3KjhZFFLnSzmG6H7l/ZAbGcpCf
Rtry8Y5TeDtOWF+qyLzoxjhycmjBnzOmI9sp6HZoYPoIuyHbnnKCdXbx28GMpUbU
+A9nqmhFjuZ/btRzAIdky3d0nDmQTI1pu9AYwr8gbKkDUEUKoyQUQEkuywOn+Hw/
ZnG2jdrvotF8QzK6AEo+taRD2vVNt8nhzVndB/5xeLUzlyVoVxIER44XStZZWk7U
0rBUTZ79gvoV/F50951LPOB1IRsdAFuJQCoX27a/HChkd28N/gKIJdVA58xrR3T+
kB7BBg==
-----END CERTIFICATE-----
Generated at Sun Apr 6 15:25:05 2025 by rpki-client