Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911DFC9/8D35E82E302C11F087764A2BC4F9AE02/1F8DE140302D11F0AB73FB2CC4F9AE02.roa
File: 1F8DE140302D11F0AB73FB2CC4F9AE02.roa (raw, json)
Hash identifier: kMIQmRMNnyqmVjWB2ynpYmrLLxtzTSrvj0D/47uFGO4=
Subject key identifier: 1D:A4:B6:52:AB:74:43:AB:0C:B9:BA:91:14:31:2D:78:E7:82:D0:4A
Certificate issuer: /CN=A911DFC9/serialNumber=7665E2835D160085E31EC245222D4B2F7E484409
Certificate serial: 02
Authority key identifier: 76:65:E2:83:5D:16:00:85:E3:1E:C2:45:22:2D:4B:2F:7E:48:44:09
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dmXig10WAIXjHsJFIi1LL35IRAk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911DFC9/8D35E82E302C11F087764A2BC4F9AE02/1F8DE140302D11F0AB73FB2CC4F9AE02.roa
Signing time: Tue 13 May 2025 19:04:41 +0000
ROA not before: Tue 13 May 2025 19:04:41 +0000
ROA not after: Mon 31 Aug 2026 00:00:00 +0000
asID: 137899
IP address blocks: 165.99.42.0/23 maxlen: 24
Validation: Failed, certificate revoked on Wed 14 May 2025 16:34:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911DFC9, serialNumber=7665E2835D160085E31EC245222D4B2F7E484409
Validity
Not Before: May 13 19:04:41 2025 GMT
Not After : Aug 31 00:00:00 2026 GMT
Subject: CN=682397c9-90df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:86:d6:be:96:a5:6b:f3:34:36:26:97:79:61:
9f:62:7d:05:ba:1a:f6:df:a2:3f:30:ed:07:70:55:
b4:d1:26:b3:eb:6b:37:dd:cd:78:c9:ae:73:58:f5:
0f:18:21:63:71:d7:1d:c4:ca:7a:14:9b:5f:2d:bb:
df:51:66:01:13:bd:98:9c:7d:41:e3:cb:97:7f:1e:
02:02:60:89:8b:e4:08:3d:1e:c5:6b:e9:01:be:5e:
2d:92:38:a5:80:04:03:0c:36:ac:89:66:79:ef:7a:
ee:07:37:e0:f3:4c:32:e8:08:89:e2:48:62:e0:db:
79:43:2e:f0:e0:4d:6c:5d:26:8a:17:50:da:11:de:
22:86:1e:f5:f6:f2:0d:a1:3c:df:61:c6:47:31:86:
76:e8:19:69:6c:3a:12:a4:7d:7a:4f:39:e3:14:44:
30:9e:d1:9a:ef:dc:71:b8:6c:ce:20:3a:19:c4:bd:
0c:96:e5:0d:39:83:a7:77:ae:3a:83:65:db:af:cb:
6c:21:5a:35:02:fb:2b:c3:85:2d:eb:fe:55:04:66:
a1:1e:cb:2e:7f:34:ef:5f:0d:0f:ba:8b:e5:7f:66:
70:b4:41:16:22:30:aa:75:f1:2b:b2:d0:91:6c:e2:
30:f8:e5:11:15:fd:43:8f:14:c0:7d:07:4f:84:dd:
7f:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:A4:B6:52:AB:74:43:AB:0C:B9:BA:91:14:31:2D:78:E7:82:D0:4A
X509v3 Authority Key Identifier:
keyid:76:65:E2:83:5D:16:00:85:E3:1E:C2:45:22:2D:4B:2F:7E:48:44:09
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911DFC9/8D35E82E302C11F087764A2BC4F9AE02/dmXig10WAIXjHsJFIi1LL35IRAk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dmXig10WAIXjHsJFIi1LL35IRAk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911DFC9/8D35E82E302C11F087764A2BC4F9AE02/1F8DE140302D11F0AB73FB2CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
165.99.42.0/23
Signature Algorithm: sha256WithRSAEncryption
63:64:c4:3c:23:c5:0f:ee:f2:82:c6:45:c9:31:05:7f:48:e6:
1d:f3:c8:ed:3f:7d:43:18:dd:54:4a:cf:28:29:e9:7f:2e:c0:
9a:83:82:3b:d6:05:41:66:59:b8:03:e5:53:a8:e2:ed:73:7b:
fe:20:07:25:44:8d:59:68:c4:38:2d:c7:97:bc:31:f1:0e:65:
c7:86:d5:71:46:05:2a:2d:67:4c:86:5f:12:f4:de:26:49:3d:
9e:e4:b8:78:8f:c7:37:1e:68:16:12:ef:4b:ce:8b:75:c1:86:
63:df:0c:34:b0:52:10:ac:fb:03:d6:bf:70:68:4a:24:bc:a0:
60:cf:9b:c7:68:39:c6:ce:9a:07:99:9b:cf:fd:db:0b:e5:41:
d4:c0:e9:16:8a:3f:9b:26:88:bf:97:d8:b5:97:43:37:3e:ec:
4f:ad:c6:cc:71:f7:16:e5:40:63:9d:cf:63:1d:14:9d:07:59:
e7:bc:21:dd:1d:15:62:62:66:54:bb:d5:78:32:57:ab:17:8b:
a0:96:b3:bc:d9:5d:73:ce:32:2f:46:64:50:93:17:c9:a1:11:
48:aa:0b:99:b7:54:d8:3f:71:40:00:7e:d4:83:ae:22:fa:71:
11:cd:07:dd:dd:a5:fe:57:12:b3:56:6f:8e:1c:1c:e5:25:1a:
29:d2:c4:c1
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEx
REZDOTExMC8GA1UEBRMoNzY2NUUyODM1RDE2MDA4NUUzMUVDMjQ1MjIyRDRCMkY3
RTQ4NDQwOTAeFw0yNTA1MTMxOTA0NDFaFw0yNjA4MzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY4MjM5N2M5LTkwZGYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCvhta+lqVr8zQ2Jpd5YZ9ifQW6Gvbfoj8w7QdwVbTRJrPrazfdzXjJrnNY9Q8Y
IWNx1x3EynoUm18tu99RZgETvZicfUHjy5d/HgICYImL5Ag9HsVr6QG+Xi2SOKWA
BAMMNqyJZnnveu4HN+DzTDLoCIniSGLg23lDLvDgTWxdJooXUNoR3iKGHvX28g2h
PN9hxkcxhnboGWlsOhKkfXpPOeMURDCe0Zrv3HG4bM4gOhnEvQyW5Q05g6d3rjqD
Zduvy2whWjUC+yvDhS3r/lUEZqEeyy5/NO9fDQ+6i+V/ZnC0QRYiMKp18Suy0JFs
4jD45REV/UOPFMB9B0+E3X9VAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUHaS2Uqt0
Q6sMubqRFDEteOeC0EowHwYDVR0jBBgwFoAUdmXig10WAIXjHsJFIi1LL35IRAkw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTFERkM5LzhEMzVFODJFMzAy
QzExRjA4Nzc2NEEyQkM0RjlBRTAyL2RtWGlnMTBXQUlYakhzSkZJaTFMTDM1SVJB
ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvZG1YaWcxMFdBSVhqSHNKRklpMUxMMzVJUkFrLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx
REZDOS84RDM1RTgyRTMwMkMxMUYwODc3NjRBMkJDNEY5QUUwMi8xRjhERTE0MDMw
MkQxMUYwQUI3M0ZCMkNDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAaVjKjANBgkqhkiG9w0BAQsFAAOCAQEAY2TEPCPFD+7ygsZF
yTEFf0jmHfPI7T99QxjdVErPKCnpfy7AmoOCO9YFQWZZuAPlU6ji7XN7/iAHJUSN
WWjEOC3Hl7wx8Q5lx4bVcUYFKi1nTIZfEvTeJkk9nuS4eI/HNx5oFhLvS86LdcGG
Y98MNLBSEKz7A9a/cGhKJLygYM+bx2g5xs6aB5mbz/3bC+VB1MDpFoo/myaIv5fY
tZdDNz7sT63GzHH3FuVAY53PYx0UnQdZ57wh3R0VYmJmVLvVeDJXqxeLoJazvNld
c84yL0ZkUJMXyaERSKoLmbdU2D9xQAB+1IOuIvpxEc0H3d2l/lcSs1Zvjhwc5SUa
KdLEwQ==
-----END CERTIFICATE-----
Generated at Thu Jun 5 19:14:13 2025 by rpki-client