Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9113BB0/9FFDAB76323A11F0BF9E1D36C4F9AE02/ED08B528323A11F088AAC436C4F9AE02.roa
File: ED08B528323A11F088AAC436C4F9AE02.roa (raw, json)
Hash identifier: LVr91/2VX5HoxvGvt3r9CLOjhk8RN4bGj2l0dOJd/8M=
Subject key identifier: F6:F9:70:ED:52:7A:17:35:36:68:8A:62:73:E5:F3:8C:A3:F3:F0:32
Certificate issuer: /CN=A9113BB0/serialNumber=45B18E209ECFDDA5CED78CF9D9810D611E6D4124
Certificate serial: 02
Authority key identifier: 45:B1:8E:20:9E:CF:DD:A5:CE:D7:8C:F9:D9:81:0D:61:1E:6D:41:24
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/RbGOIJ7P3aXO14z52YENYR5tQSQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9113BB0/9FFDAB76323A11F0BF9E1D36C4F9AE02/ED08B528323A11F088AAC436C4F9AE02.roa
Signing time: Fri 16 May 2025 09:48:31 +0000
ROA not before: Fri 16 May 2025 09:48:31 +0000
ROA not after: Mon 31 Aug 2026 00:00:00 +0000
asID: 153898
IP address blocks: 165.99.74.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 24 May 2025 05:12:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9113BB0, serialNumber=45B18E209ECFDDA5CED78CF9D9810D611E6D4124
Validity
Not Before: May 16 09:48:31 2025 GMT
Not After : Aug 31 00:00:00 2026 GMT
Subject: CN=682709ef-659f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:b4:61:c5:b6:7f:a5:31:12:24:51:aa:a2:da:
75:a1:fc:f9:d2:de:d0:ac:c2:df:75:fc:1c:24:57:
18:45:36:40:72:90:c5:54:a7:7f:18:6c:f6:13:5b:
82:28:ce:c0:2f:9f:5f:cc:f9:21:e1:d7:2e:ab:db:
01:c7:5c:f7:5d:03:ac:df:33:54:43:4b:9b:bf:fc:
65:32:48:f6:ae:e3:1a:19:0f:b0:cf:d7:fc:f0:db:
2c:4b:05:18:10:00:44:e3:81:a9:4b:87:01:5a:03:
a7:bb:42:92:2f:b1:59:8c:75:6d:ee:a1:21:ba:44:
24:c2:be:1b:94:3a:c7:cb:16:59:8e:4d:8e:a0:6d:
65:b2:c9:52:ba:72:d4:3b:c5:c9:40:cf:eb:63:37:
d6:17:44:68:cd:ac:c2:ad:d4:ce:59:5c:0a:7d:a6:
86:22:58:5d:a6:21:22:0f:85:91:34:d5:68:cb:d9:
e0:cd:c4:ae:6a:38:ec:f5:6b:ff:50:35:93:fe:10:
e8:53:fe:2f:54:d6:ad:27:d8:a6:bb:1f:48:a5:ed:
f1:f7:29:6e:72:97:86:88:7b:5c:b0:5f:8b:b3:d7:
99:f0:07:10:da:c6:2f:66:5c:88:cb:d7:19:f2:2d:
18:e3:13:0a:6f:a4:d9:50:9f:8b:ec:71:bf:ad:8c:
36:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:F9:70:ED:52:7A:17:35:36:68:8A:62:73:E5:F3:8C:A3:F3:F0:32
X509v3 Authority Key Identifier:
keyid:45:B1:8E:20:9E:CF:DD:A5:CE:D7:8C:F9:D9:81:0D:61:1E:6D:41:24
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9113BB0/9FFDAB76323A11F0BF9E1D36C4F9AE02/RbGOIJ7P3aXO14z52YENYR5tQSQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/RbGOIJ7P3aXO14z52YENYR5tQSQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9113BB0/9FFDAB76323A11F0BF9E1D36C4F9AE02/ED08B528323A11F088AAC436C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
165.99.74.0/24
Signature Algorithm: sha256WithRSAEncryption
70:f1:06:16:6a:c9:6d:a7:a5:a7:60:dd:ed:12:2d:96:3c:2e:
9e:bb:c8:f3:97:56:88:14:db:4b:13:0a:10:b0:e9:a4:28:31:
41:a3:f5:db:fe:ed:ff:6e:b0:7a:c2:29:09:20:dc:40:c2:a7:
24:7c:d4:7a:2f:b9:61:d6:24:bc:59:77:e7:7a:a9:bd:19:85:
8c:af:46:34:26:a6:9e:59:54:c7:8e:56:1e:ef:6f:75:a6:ca:
a9:da:74:cf:ee:c0:01:86:bf:db:16:74:e0:9a:ae:d5:98:7f:
e9:e0:9e:69:d1:4d:f7:00:e7:b7:aa:3d:34:5d:7a:a2:a2:72:
6d:1a:b5:39:c3:5c:a2:de:0a:3c:2c:9d:59:82:9d:23:81:b6:
14:16:de:98:62:04:0c:3f:38:a3:d4:41:1e:ed:3f:e0:11:fc:
74:ec:f9:55:ec:97:12:b1:ce:45:75:06:a8:b7:17:b5:9b:4f:
55:7f:d4:87:68:05:0c:10:9c:15:38:d6:96:76:69:53:bc:b7:
86:0a:32:4d:d3:57:1a:31:c5:82:a3:1b:71:dc:d2:25:e0:c7:
60:c7:cd:79:b0:f9:8e:b5:ee:11:c0:82:ce:2f:86:02:b2:eb:
e5:25:3c:5f:39:b3:53:dd:04:6b:58:24:09:03:54:b4:dc:6b:
0a:df:30:40
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEx
M0JCMDExMC8GA1UEBRMoNDVCMThFMjA5RUNGRERBNUNFRDc4Q0Y5RDk4MTBENjEx
RTZENDEyNDAeFw0yNTA1MTYwOTQ4MzFaFw0yNjA4MzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY4MjcwOWVmLTY1OWYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCztGHFtn+lMRIkUaqi2nWh/PnS3tCswt91/BwkVxhFNkBykMVUp38YbPYTW4Io
zsAvn1/M+SHh1y6r2wHHXPddA6zfM1RDS5u//GUySPau4xoZD7DP1/zw2yxLBRgQ
AETjgalLhwFaA6e7QpIvsVmMdW3uoSG6RCTCvhuUOsfLFlmOTY6gbWWyyVK6ctQ7
xclAz+tjN9YXRGjNrMKt1M5ZXAp9poYiWF2mISIPhZE01WjL2eDNxK5qOOz1a/9Q
NZP+EOhT/i9U1q0n2Ka7H0il7fH3KW5yl4aIe1ywX4uz15nwBxDaxi9mXIjL1xny
LRjjEwpvpNlQn4vscb+tjDb3AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQU9vlw7VJ6
FzU2aIpic+XzjKPz8DIwHwYDVR0jBBgwFoAURbGOIJ7P3aXO14z52YENYR5tQSQw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTEzQkIwLzlGRkRBQjc2MzIz
QTExRjBCRjlFMUQzNkM0RjlBRTAyL1JiR09JSjdQM2FYTzE0ejUyWUVOWVI1dFFT
US5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvUmJHT0lKN1AzYVhPMTR6NTJZRU5ZUjV0UVNRLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx
M0JCMC85RkZEQUI3NjMyM0ExMUYwQkY5RTFEMzZDNEY5QUUwMi9FRDA4QjUyODMy
M0ExMUYwODhBQUM0MzZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAKVjSjANBgkqhkiG9w0BAQsFAAOCAQEAcPEGFmrJbaelp2Dd
7RItljwunrvI85dWiBTbSxMKELDppCgxQaP12/7t/26wesIpCSDcQMKnJHzUei+5
YdYkvFl353qpvRmFjK9GNCamnllUx45WHu9vdabKqdp0z+7AAYa/2xZ04Jqu1Zh/
6eCeadFN9wDnt6o9NF16oqJybRq1OcNcot4KPCydWYKdI4G2FBbemGIEDD84o9RB
Hu0/4BH8dOz5VeyXErHORXUGqLcXtZtPVX/Uh2gFDBCcFTjWlnZpU7y3hgoyTdNX
GjHFgqMbcdzSJeDHYMfNebD5jrXuEcCCzi+GArLr5SU8XzmzU90Ea1gkCQNUtNxr
Ct8wQA==
-----END CERTIFICATE-----
Generated at Thu Jun 5 20:06:12 2025 by rpki-client