Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911DFC9/8D35E82E302C11F087764A2BC4F9AE02/20B397C2302D11F0AB73FB2CC4F9AE02.roa
File: 20B397C2302D11F0AB73FB2CC4F9AE02.roa (raw, json)
Hash identifier: eE1KzBuB+kRLunXGSXhP2r/OD9IK+ou1T00/SF5E3r4=
Subject key identifier: 17:54:2D:DB:7D:99:38:9A:B0:E9:60:86:86:49:84:AB:A4:5B:B5:21
Certificate issuer: /CN=A911DFC9/serialNumber=7665E2835D160085E31EC245222D4B2F7E484409
Certificate serial: 04
Authority key identifier: 76:65:E2:83:5D:16:00:85:E3:1E:C2:45:22:2D:4B:2F:7E:48:44:09
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dmXig10WAIXjHsJFIi1LL35IRAk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911DFC9/8D35E82E302C11F087764A2BC4F9AE02/20B397C2302D11F0AB73FB2CC4F9AE02.roa
Signing time: Tue 13 May 2025 19:04:43 +0000
ROA not before: Tue 13 May 2025 19:04:43 +0000
ROA not after: Mon 31 Aug 2026 00:00:00 +0000
asID: 35876
IP address blocks: 165.99.42.0/23 maxlen: 24
Validation: Failed, certificate revoked on Wed 14 May 2025 16:34:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4 (0x4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911DFC9, serialNumber=7665E2835D160085E31EC245222D4B2F7E484409
Validity
Not Before: May 13 19:04:43 2025 GMT
Not After : Aug 31 00:00:00 2026 GMT
Subject: CN=682397cb-0410
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:cf:66:2c:89:1c:17:93:b2:cf:e9:42:6e:da:
9c:f7:a8:77:98:82:db:53:4d:a9:17:b0:9a:99:57:
1e:8f:9a:2e:32:6f:66:16:52:22:c7:a8:9e:e4:8c:
83:98:3f:e0:c8:ec:b2:dd:05:06:af:6b:51:54:13:
91:40:c1:a5:7d:6e:69:bc:f1:57:bd:1b:7c:c1:98:
b6:2c:af:5a:58:b9:bb:3d:d9:6c:90:36:e7:d4:6b:
d0:0e:3f:8a:00:c5:c1:4f:66:f5:fa:bc:21:66:29:
3a:40:4c:a1:fd:00:b8:60:92:28:e0:3a:a9:56:94:
ee:ae:dc:4e:cf:b8:9b:3a:82:e9:c7:65:77:90:16:
cb:86:14:94:ed:23:01:92:84:e9:15:20:cd:28:76:
20:b8:b6:ce:40:67:8f:6e:ad:f4:0e:03:53:d3:85:
e1:09:06:5e:d2:9b:84:d2:44:92:e3:4d:6d:2a:5d:
55:5f:ec:7c:3a:58:28:7b:09:db:8c:05:08:93:80:
c4:48:3c:07:f7:58:5c:0a:3f:26:ca:0c:ff:d3:60:
e1:5f:a7:ba:d4:20:73:03:f1:42:3f:b0:ce:1c:0d:
13:9f:9f:07:ae:0b:ea:21:3c:48:46:da:5b:9f:48:
49:99:9d:37:4a:10:86:35:20:58:fb:77:0a:ba:89:
71:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:54:2D:DB:7D:99:38:9A:B0:E9:60:86:86:49:84:AB:A4:5B:B5:21
X509v3 Authority Key Identifier:
keyid:76:65:E2:83:5D:16:00:85:E3:1E:C2:45:22:2D:4B:2F:7E:48:44:09
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911DFC9/8D35E82E302C11F087764A2BC4F9AE02/dmXig10WAIXjHsJFIi1LL35IRAk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dmXig10WAIXjHsJFIi1LL35IRAk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911DFC9/8D35E82E302C11F087764A2BC4F9AE02/20B397C2302D11F0AB73FB2CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
165.99.42.0/23
Signature Algorithm: sha256WithRSAEncryption
39:29:6a:d4:aa:5d:40:51:3a:05:6a:cb:92:7f:6e:d4:6d:4c:
8a:e9:50:15:a4:2b:08:51:49:4c:92:6c:8d:54:c9:b4:cb:b5:
e9:61:05:6a:b6:15:44:e6:64:3c:87:af:43:9d:fb:62:32:e6:
1a:82:47:50:3c:cf:03:5c:88:f3:c1:7a:1d:68:0c:95:01:cb:
6f:f4:57:4f:33:79:43:eb:85:ca:60:21:3d:b4:6c:50:f6:5d:
49:87:fe:6f:7e:41:50:16:ab:05:88:92:bf:7a:5c:52:0d:b5:
f3:ad:aa:94:a6:b6:02:0d:25:10:89:ef:d5:ac:da:01:d8:f7:
26:18:2f:37:f4:5c:32:5e:41:53:ee:35:dc:66:d9:bc:e3:b7:
94:32:db:08:c6:dd:c4:e7:99:9a:c3:49:0d:36:cd:4e:8d:18:
40:2e:12:6f:4e:92:79:73:83:ee:6d:64:4e:f7:43:17:0f:2b:
3a:0b:ac:97:e9:c3:14:f5:70:65:de:17:22:30:c0:89:9a:b2:
77:8d:8e:67:40:e8:50:cb:36:67:4e:49:e2:bb:94:55:bd:af:
4c:7e:92:7f:5d:ce:38:a3:27:bc:e8:ea:68:86:3e:c7:b1:98:
0a:b7:cd:ac:b6:cf:82:f0:19:32:a8:e2:52:c6:24:95:e2:77:
24:ce:48:05
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBBDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEx
REZDOTExMC8GA1UEBRMoNzY2NUUyODM1RDE2MDA4NUUzMUVDMjQ1MjIyRDRCMkY3
RTQ4NDQwOTAeFw0yNTA1MTMxOTA0NDNaFw0yNjA4MzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY4MjM5N2NiLTA0MTAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC5z2YsiRwXk7LP6UJu2pz3qHeYgttTTakXsJqZVx6Pmi4yb2YWUiLHqJ7kjIOY
P+DI7LLdBQava1FUE5FAwaV9bmm88Ve9G3zBmLYsr1pYubs92WyQNufUa9AOP4oA
xcFPZvX6vCFmKTpATKH9ALhgkijgOqlWlO6u3E7PuJs6gunHZXeQFsuGFJTtIwGS
hOkVIM0odiC4ts5AZ49urfQOA1PTheEJBl7Sm4TSRJLjTW0qXVVf7Hw6WCh7CduM
BQiTgMRIPAf3WFwKPybKDP/TYOFfp7rUIHMD8UI/sM4cDROfnweuC+ohPEhG2luf
SEmZnTdKEIY1IFj7dwq6iXGvAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUF1Qt232Z
OJqw6WCGhkmEq6RbtSEwHwYDVR0jBBgwFoAUdmXig10WAIXjHsJFIi1LL35IRAkw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTFERkM5LzhEMzVFODJFMzAy
QzExRjA4Nzc2NEEyQkM0RjlBRTAyL2RtWGlnMTBXQUlYakhzSkZJaTFMTDM1SVJB
ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvZG1YaWcxMFdBSVhqSHNKRklpMUxMMzVJUkFrLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx
REZDOS84RDM1RTgyRTMwMkMxMUYwODc3NjRBMkJDNEY5QUUwMi8yMEIzOTdDMjMw
MkQxMUYwQUI3M0ZCMkNDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAaVjKjANBgkqhkiG9w0BAQsFAAOCAQEAOSlq1KpdQFE6BWrL
kn9u1G1MiulQFaQrCFFJTJJsjVTJtMu16WEFarYVROZkPIevQ537YjLmGoJHUDzP
A1yI88F6HWgMlQHLb/RXTzN5Q+uFymAhPbRsUPZdSYf+b35BUBarBYiSv3pcUg21
862qlKa2Ag0lEInv1azaAdj3JhgvN/RcMl5BU+413GbZvOO3lDLbCMbdxOeZmsNJ
DTbNTo0YQC4Sb06SeXOD7m1kTvdDFw8rOgusl+nDFPVwZd4XIjDAiZqyd42OZ0Do
UMs2Z05J4ruUVb2vTH6Sf13OOKMnvOjqaIY+x7GYCrfNrLbPgvAZMqjiUsYkleJ3
JM5IBQ==
-----END CERTIFICATE-----
Generated at Sat Jun 7 05:18:16 2025 by rpki-client