Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911DFC9/8D35E82E302C11F087764A2BC4F9AE02/2111AE8E302D11F0AB73FB2CC4F9AE02.roa
File: 2111AE8E302D11F0AB73FB2CC4F9AE02.roa (raw, json)
Hash identifier: y9bQoOqXZ5RH2LrbxU3PJwVahOXOe9klSDHW5gPgb4Y=
Subject key identifier: D7:39:43:3C:A3:7F:B7:42:6B:FC:3A:6B:64:50:39:E6:3D:AE:A1:B3
Certificate issuer: /CN=A911DFC9/serialNumber=7665E2835D160085E31EC245222D4B2F7E484409
Certificate serial: 05
Authority key identifier: 76:65:E2:83:5D:16:00:85:E3:1E:C2:45:22:2D:4B:2F:7E:48:44:09
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dmXig10WAIXjHsJFIi1LL35IRAk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911DFC9/8D35E82E302C11F087764A2BC4F9AE02/2111AE8E302D11F0AB73FB2CC4F9AE02.roa
Signing time: Tue 13 May 2025 19:04:44 +0000
ROA not before: Tue 13 May 2025 19:04:44 +0000
ROA not after: Mon 31 Aug 2026 00:00:00 +0000
asID: 36642
IP address blocks: 165.99.42.0/23 maxlen: 24
Validation: Failed, certificate revoked on Wed 14 May 2025 16:34:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5 (0x5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911DFC9, serialNumber=7665E2835D160085E31EC245222D4B2F7E484409
Validity
Not Before: May 13 19:04:44 2025 GMT
Not After : Aug 31 00:00:00 2026 GMT
Subject: CN=682397cb-1590
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:c4:d2:c8:c4:31:6b:a0:55:ee:16:18:86:a5:
d1:65:be:15:2d:87:c8:8c:cd:d6:11:92:21:27:e4:
e3:bc:90:36:d8:3f:0d:87:b8:84:e7:3a:15:4f:b8:
65:30:1f:40:1b:2c:be:63:73:70:c3:09:e1:ea:64:
b9:d2:64:27:f6:b3:73:25:33:14:34:3b:fd:32:47:
34:65:e7:26:b1:cb:be:fe:3b:73:d4:e1:c3:e6:6b:
58:66:fa:e6:2f:ab:7d:6c:ec:ac:f8:ce:bb:ce:75:
8b:f1:fb:a3:12:d5:57:99:a4:5d:31:a2:5a:b5:d5:
df:df:df:99:d2:6b:a5:c1:b0:87:fb:c5:3e:01:a7:
fa:31:1a:5f:c7:73:db:3c:4d:a7:b1:de:9d:10:fd:
c9:5d:ce:48:5f:52:88:a6:d8:94:68:c7:64:65:f1:
73:44:9a:b3:67:54:d3:d3:2b:0a:c7:42:f1:18:7e:
be:85:cc:32:2f:cf:dd:b2:10:c4:9f:23:39:a7:7c:
8e:fe:3d:1f:66:dc:ea:34:e4:44:cb:11:30:81:db:
f9:d8:ff:54:45:91:fd:40:f0:72:f9:d2:d1:3c:73:
86:a2:41:45:33:1d:79:3a:05:21:e4:15:23:7e:c0:
e2:e0:1e:f4:f7:21:2c:84:b5:2b:39:c5:49:88:9a:
c6:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:39:43:3C:A3:7F:B7:42:6B:FC:3A:6B:64:50:39:E6:3D:AE:A1:B3
X509v3 Authority Key Identifier:
keyid:76:65:E2:83:5D:16:00:85:E3:1E:C2:45:22:2D:4B:2F:7E:48:44:09
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911DFC9/8D35E82E302C11F087764A2BC4F9AE02/dmXig10WAIXjHsJFIi1LL35IRAk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dmXig10WAIXjHsJFIi1LL35IRAk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911DFC9/8D35E82E302C11F087764A2BC4F9AE02/2111AE8E302D11F0AB73FB2CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
165.99.42.0/23
Signature Algorithm: sha256WithRSAEncryption
90:0d:96:70:53:18:af:0f:e7:67:f4:fd:2b:0e:ba:fd:67:6e:
7a:39:b6:03:7b:7c:4a:bb:44:74:a2:22:ff:5e:d4:68:af:1f:
fd:84:08:c8:ba:f2:53:ef:a0:6c:ad:a9:51:c9:31:1d:81:c4:
73:49:5f:7c:53:52:b3:02:94:38:35:42:37:f6:ca:62:c3:f9:
d0:19:86:94:1f:01:88:15:d1:d1:6c:81:3c:2a:70:a8:b8:0a:
4d:d4:90:49:ad:ed:9a:84:30:d1:b1:bc:64:d8:1c:1a:54:62:
c0:af:d3:44:3f:0e:01:be:38:80:46:36:7c:96:9d:af:fa:db:
59:22:7f:54:22:5d:e6:80:76:60:df:bd:34:4b:79:ad:44:09:
ee:fe:51:d0:25:5b:46:3f:1f:51:39:b6:2b:35:6e:b0:40:9a:
d9:65:4b:dc:0b:05:35:29:b1:84:37:23:c7:7e:30:c6:aa:a0:
86:81:93:97:50:5e:f5:fc:a4:da:91:b4:56:08:0c:e5:81:70:
72:50:b9:e4:07:c6:81:53:91:d3:24:6f:69:00:81:01:6c:71:
d7:90:c4:f2:4c:e7:34:f9:d7:ff:49:1e:08:cc:38:cb:e5:35:
41:39:9e:c6:cb:29:8d:a6:0d:06:e2:22:b5:02:1b:5e:8b:ee:
12:23:14:e9
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBBTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEx
REZDOTExMC8GA1UEBRMoNzY2NUUyODM1RDE2MDA4NUUzMUVDMjQ1MjIyRDRCMkY3
RTQ4NDQwOTAeFw0yNTA1MTMxOTA0NDRaFw0yNjA4MzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY4MjM5N2NiLTE1OTAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC2xNLIxDFroFXuFhiGpdFlvhUth8iMzdYRkiEn5OO8kDbYPw2HuITnOhVPuGUw
H0AbLL5jc3DDCeHqZLnSZCf2s3MlMxQ0O/0yRzRl5yaxy77+O3PU4cPma1hm+uYv
q31s7Kz4zrvOdYvx+6MS1VeZpF0xolq11d/f35nSa6XBsIf7xT4Bp/oxGl/Hc9s8
Taex3p0Q/cldzkhfUoim2JRox2Rl8XNEmrNnVNPTKwrHQvEYfr6FzDIvz92yEMSf
IzmnfI7+PR9m3Oo05ETLETCB2/nY/1RFkf1A8HL50tE8c4aiQUUzHXk6BSHkFSN+
wOLgHvT3ISyEtSs5xUmImsbjAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQU1zlDPKN/
t0Jr/DprZFA55j2uobMwHwYDVR0jBBgwFoAUdmXig10WAIXjHsJFIi1LL35IRAkw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTFERkM5LzhEMzVFODJFMzAy
QzExRjA4Nzc2NEEyQkM0RjlBRTAyL2RtWGlnMTBXQUlYakhzSkZJaTFMTDM1SVJB
ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvZG1YaWcxMFdBSVhqSHNKRklpMUxMMzVJUkFrLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx
REZDOS84RDM1RTgyRTMwMkMxMUYwODc3NjRBMkJDNEY5QUUwMi8yMTExQUU4RTMw
MkQxMUYwQUI3M0ZCMkNDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAaVjKjANBgkqhkiG9w0BAQsFAAOCAQEAkA2WcFMYrw/nZ/T9
Kw66/Wduejm2A3t8SrtEdKIi/17UaK8f/YQIyLryU++gbK2pUckxHYHEc0lffFNS
swKUODVCN/bKYsP50BmGlB8BiBXR0WyBPCpwqLgKTdSQSa3tmoQw0bG8ZNgcGlRi
wK/TRD8OAb44gEY2fJadr/rbWSJ/VCJd5oB2YN+9NEt5rUQJ7v5R0CVbRj8fUTm2
KzVusECa2WVL3AsFNSmxhDcjx34wxqqghoGTl1Be9fyk2pG0VggM5YFwclC55AfG
gVOR0yRvaQCBAWxx15DE8kznNPnX/0keCMw4y+U1QTmexsspjaYNBuIitQIbXovu
EiMU6Q==
-----END CERTIFICATE-----
Generated at Thu Jun 5 19:19:33 2025 by rpki-client