Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9114EF6/8DAE05A0D0D411EFBCD5123EC4F9AE02/B08582F2D16411EF8CCDD331C4F9AE02.roa
File: B08582F2D16411EF8CCDD331C4F9AE02.roa (raw, json)
Hash identifier: xeipjI2sOc0f+/25rfx0+LdlB/abMbHQ/t5872HS8+g=
Subject key identifier: 8A:82:29:42:2A:45:18:FA:97:29:E8:96:66:61:26:0E:65:29:67:3E
Certificate issuer: /CN=A9114EF6/serialNumber=AF461D57A90A335B2FA77A7AAEC16734954923B1
Certificate serial: 0F
Authority key identifier: AF:46:1D:57:A9:0A:33:5B:2F:A7:7A:7A:AE:C1:67:34:95:49:23:B1
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/r0YdV6kKM1svp3p6rsFnNJVJI7E.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9114EF6/8DAE05A0D0D411EFBCD5123EC4F9AE02/B08582F2D16411EF8CCDD331C4F9AE02.roa
Signing time: Mon 13 Jan 2025 04:13:06 +0000
ROA not before: Mon 13 Jan 2025 04:13:06 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 153491
IP address blocks: 161.248.120.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 13 Jan 2025 04:29:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15 (0xf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9114EF6
Validity
Not Before: Jan 13 04:13:06 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=678492d2-e61f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:31:ad:ba:76:a9:b3:aa:4f:03:65:fb:bd:04:
41:f1:da:b0:52:9a:ce:7f:48:99:97:a8:b4:40:7f:
5c:0e:35:e4:82:0c:b5:23:c4:c2:7a:e8:45:32:bf:
0b:74:e5:59:b6:6d:f4:7c:18:83:ef:b4:e8:e8:6b:
e5:aa:de:2a:ce:c2:1c:64:ca:99:13:83:54:cf:75:
73:51:ee:3d:60:1f:b1:1a:b5:a3:d0:bd:35:d9:2e:
26:e6:ea:98:3d:c0:cf:79:59:78:40:de:e0:c3:e3:
c7:0c:1a:83:87:54:75:9e:30:3f:d0:5b:4b:f4:64:
c8:d9:ba:13:35:d5:c3:40:1f:99:aa:6d:e2:0a:95:
29:a4:75:bf:5c:7f:b1:21:97:f0:2d:5b:02:71:92:
56:c8:36:ab:fe:3b:53:50:57:0e:d8:cf:83:cc:9f:
58:97:f0:de:5d:d4:27:31:4a:3e:8d:62:75:46:c7:
ff:6b:bb:8a:20:79:ab:4d:ec:6c:b0:e1:99:59:35:
39:00:3e:81:4f:39:01:84:de:1f:cb:27:ac:39:e5:
a4:5d:24:12:79:e2:8b:43:b0:e4:f7:4f:37:e0:35:
e4:e7:e8:a5:e3:28:d6:54:e1:a7:dd:3a:c4:49:ce:
7b:1f:fc:37:99:bd:0e:56:d2:08:b2:7d:7c:5c:5f:
bc:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:82:29:42:2A:45:18:FA:97:29:E8:96:66:61:26:0E:65:29:67:3E
X509v3 Authority Key Identifier:
keyid:AF:46:1D:57:A9:0A:33:5B:2F:A7:7A:7A:AE:C1:67:34:95:49:23:B1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9114EF6/8DAE05A0D0D411EFBCD5123EC4F9AE02/r0YdV6kKM1svp3p6rsFnNJVJI7E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/r0YdV6kKM1svp3p6rsFnNJVJI7E.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9114EF6/8DAE05A0D0D411EFBCD5123EC4F9AE02/B08582F2D16411EF8CCDD331C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
161.248.120.0/23
Signature Algorithm: sha256WithRSAEncryption
67:79:fd:17:ce:37:63:0f:25:5d:2a:f2:b6:c0:5c:e5:21:9f:
5c:d8:e8:70:ec:e2:c9:e3:67:03:90:0f:a2:c1:d4:5c:51:94:
7f:23:87:a8:ef:c3:3a:15:b5:fc:d9:90:ca:1f:f2:5a:3d:33:
1c:5e:59:eb:c9:32:d2:35:98:b8:26:87:e9:16:9b:8a:2c:f8:
64:b6:d3:bb:23:c0:45:2a:30:ca:3a:f6:ae:23:af:0c:d8:bb:
96:37:87:5c:89:9d:0e:af:70:92:f4:e3:06:0f:9b:6c:d5:a0:
77:5e:47:54:70:cc:4b:28:26:ab:4c:63:e6:0d:5d:33:94:e1:
48:4f:b5:eb:1d:e8:83:09:bc:f0:d3:fb:61:a3:a1:62:87:37:
8f:a8:b3:2c:bd:33:02:1d:cd:15:5e:10:8c:ee:7f:5b:29:df:
b0:87:2d:f5:d4:0d:78:6b:7a:b6:0c:ab:ff:93:91:9f:92:b3:
ab:38:65:48:ad:e4:7d:9f:b4:6a:48:b7:bb:ac:b8:77:1b:d2:
b2:e8:e1:83:c0:a5:db:5c:e3:e2:4d:2b:fb:f8:db:59:4f:f5:
28:79:17:a2:ab:5e:fa:e1:38:ed:3a:27:57:be:4f:51:64:56:
da:f7:c8:35:5e:b8:95:3f:75:46:8c:59:71:61:c2:fc:62:cb:
0c:9c:be:c2
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBDzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEx
NEVGNjExMC8GA1UEBRMoQUY0NjFENTdBOTBBMzM1QjJGQTc3QTdBQUVDMTY3MzQ5
NTQ5MjNCMTAeFw0yNTAxMTMwNDEzMDZaFw0yNjAzMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3ODQ5MmQyLWU2MWYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC+Ma26dqmzqk8DZfu9BEHx2rBSms5/SJmXqLRAf1wONeSCDLUjxMJ66EUyvwt0
5Vm2bfR8GIPvtOjoa+Wq3irOwhxkypkTg1TPdXNR7j1gH7EataPQvTXZLibm6pg9
wM95WXhA3uDD48cMGoOHVHWeMD/QW0v0ZMjZuhM11cNAH5mqbeIKlSmkdb9cf7Eh
l/AtWwJxklbINqv+O1NQVw7Yz4PMn1iX8N5d1CcxSj6NYnVGx/9ru4ogeatN7Gyw
4ZlZNTkAPoFPOQGE3h/LJ6w55aRdJBJ54otDsOT3TzfgNeTn6KXjKNZU4afdOsRJ
znsf/DeZvQ5W0giyfXxcX7xFAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUioIpQipF
GPqXKeiWZmEmDmUpZz4wHwYDVR0jBBgwFoAUr0YdV6kKM1svp3p6rsFnNJVJI7Ew
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTE0RUY2LzhEQUUwNUEwRDBE
NDExRUZCQ0Q1MTIzRUM0RjlBRTAyL3IwWWRWNmtLTTFzdnAzcDZyc0ZuTkpWSkk3
RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvcjBZZFY2a0tNMXN2cDNwNnJzRm5OSlZKSTdFLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx
NEVGNi84REFFMDVBMEQwRDQxMUVGQkNENTEyM0VDNEY5QUUwMi9CMDg1ODJGMkQx
NjQxMUVGOENDREQzMzFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAaH4eDANBgkqhkiG9w0BAQsFAAOCAQEAZ3n9F843Yw8lXSry
tsBc5SGfXNjocOziyeNnA5APosHUXFGUfyOHqO/DOhW1/NmQyh/yWj0zHF5Z68ky
0jWYuCaH6Rabiiz4ZLbTuyPARSowyjr2riOvDNi7ljeHXImdDq9wkvTjBg+bbNWg
d15HVHDMSygmq0xj5g1dM5ThSE+16x3ogwm88NP7YaOhYoc3j6izLL0zAh3NFV4Q
jO5/WynfsIct9dQNeGt6tgyr/5ORn5KzqzhlSK3kfZ+0aki3u6y4dxvSsujhg8Cl
21zj4k0r+/jbWU/1KHkXoqte+uE47TonV75PUWRW2vfINV64lT91RoxZcWHC/GLL
DJy+wg==
-----END CERTIFICATE-----
Generated at Wed Feb 5 22:44:37 2025 by rpki-client