Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911DFC9/8D35E82E302C11F087764A2BC4F9AE02/219C2E24302D11F0AB73FB2CC4F9AE02.roa
File: 219C2E24302D11F0AB73FB2CC4F9AE02.roa (raw, json)
Hash identifier: qyhQGDTSTgz8B3/QciYQ11qcwA+e8nnFktSjfBU+O54=
Subject key identifier: 58:30:C5:C0:DF:A8:68:74:ED:CF:8B:31:9C:0E:1D:86:E1:D7:8B:3E
Certificate issuer: /CN=A911DFC9/serialNumber=7665E2835D160085E31EC245222D4B2F7E484409
Certificate serial: 06
Authority key identifier: 76:65:E2:83:5D:16:00:85:E3:1E:C2:45:22:2D:4B:2F:7E:48:44:09
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dmXig10WAIXjHsJFIi1LL35IRAk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911DFC9/8D35E82E302C11F087764A2BC4F9AE02/219C2E24302D11F0AB73FB2CC4F9AE02.roa
Signing time: Tue 13 May 2025 19:04:44 +0000
ROA not before: Tue 13 May 2025 19:04:44 +0000
ROA not after: Mon 31 Aug 2026 00:00:00 +0000
asID: 40779
IP address blocks: 165.99.42.0/23 maxlen: 24
Validation: Failed, certificate revoked on Wed 14 May 2025 16:34:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6 (0x6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911DFC9, serialNumber=7665E2835D160085E31EC245222D4B2F7E484409
Validity
Not Before: May 13 19:04:44 2025 GMT
Not After : Aug 31 00:00:00 2026 GMT
Subject: CN=682397cc-360e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:47:3e:d0:ac:76:5b:dc:49:0f:1a:96:34:d5:
fa:de:e8:0f:54:d8:0c:03:1b:c5:da:a7:eb:57:b0:
f7:b4:e0:cd:5c:d1:1d:c2:fb:62:41:0b:d3:53:20:
46:c1:e6:02:b6:a8:18:82:95:85:99:5b:f2:df:27:
4b:b6:62:a8:78:df:1e:f6:aa:b3:f7:40:97:8b:c9:
fa:d2:19:0f:fa:34:cf:af:e1:31:b9:4e:83:39:91:
f5:8f:2b:7d:b4:88:9c:f1:b4:04:47:29:75:28:36:
a7:99:d2:55:7e:a0:b9:c4:37:b8:a4:8a:bd:1a:55:
56:82:3e:fc:42:e0:0b:fa:e6:a2:bb:97:b8:ae:00:
d4:a5:37:97:5a:d6:5b:8b:50:51:49:c0:38:26:a5:
d3:94:6e:0c:ad:e9:dd:40:ec:0b:24:81:c0:18:12:
99:14:e4:c4:0c:31:05:cc:4e:c2:0c:8e:d4:56:0c:
92:b7:94:cb:8e:fe:7b:5c:a4:7d:68:57:1b:48:09:
38:db:cd:22:2c:54:4d:63:53:3d:60:ad:f0:8b:83:
61:8a:a7:b1:5f:6c:94:9e:e7:da:6e:9b:f1:2d:77:
38:5f:43:ab:99:bc:a9:5b:81:47:e7:57:62:97:5d:
be:f1:c7:3e:28:57:42:0f:2e:a8:c4:40:42:e6:7b:
f2:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:30:C5:C0:DF:A8:68:74:ED:CF:8B:31:9C:0E:1D:86:E1:D7:8B:3E
X509v3 Authority Key Identifier:
keyid:76:65:E2:83:5D:16:00:85:E3:1E:C2:45:22:2D:4B:2F:7E:48:44:09
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911DFC9/8D35E82E302C11F087764A2BC4F9AE02/dmXig10WAIXjHsJFIi1LL35IRAk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dmXig10WAIXjHsJFIi1LL35IRAk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911DFC9/8D35E82E302C11F087764A2BC4F9AE02/219C2E24302D11F0AB73FB2CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
165.99.42.0/23
Signature Algorithm: sha256WithRSAEncryption
98:6b:84:92:f3:2e:eb:64:84:6e:e0:2f:fd:64:39:b4:1c:cf:
a9:96:68:62:16:91:50:89:a5:90:25:18:4f:5a:31:a6:e7:e1:
3d:fa:3c:3d:60:c8:1e:96:f8:d9:b7:5d:68:0b:8f:44:dd:ea:
6d:b8:ce:66:89:81:30:10:78:13:62:49:a6:da:7e:dd:93:d8:
c5:ed:41:22:7b:b6:88:76:0d:64:ef:38:97:9e:a9:fd:0d:9c:
bb:3a:f6:22:e4:32:29:9b:28:a4:a1:29:d6:57:17:df:74:0e:
f4:23:98:7a:49:7e:1a:cb:05:47:77:ab:32:ab:7b:bf:65:a2:
d1:0c:62:7b:8f:ea:fc:20:40:4d:17:0a:61:a8:2f:b8:87:78:
62:05:fe:56:d1:39:77:99:56:26:ce:d6:90:79:c4:8e:e1:e5:
ae:f2:6e:e5:d6:6d:00:bd:a2:df:90:67:6c:48:f8:84:ea:ca:
8c:72:df:4b:f1:88:2e:be:34:80:29:3c:0f:f3:c9:79:3e:3a:
78:e5:a8:e7:97:24:21:50:06:bb:6b:e4:a9:2b:ba:48:64:42:
2d:3e:97:67:0f:94:67:47:1b:a5:67:e8:23:86:f4:af:70:e1:
0e:99:25:0f:2b:d0:18:12:ba:7b:2f:63:1b:4f:64:d2:cb:18:
04:d5:d5:7b
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBBjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEx
REZDOTExMC8GA1UEBRMoNzY2NUUyODM1RDE2MDA4NUUzMUVDMjQ1MjIyRDRCMkY3
RTQ4NDQwOTAeFw0yNTA1MTMxOTA0NDRaFw0yNjA4MzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY4MjM5N2NjLTM2MGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDyRz7QrHZb3EkPGpY01fre6A9U2AwDG8Xap+tXsPe04M1c0R3C+2JBC9NTIEbB
5gK2qBiClYWZW/LfJ0u2Yqh43x72qrP3QJeLyfrSGQ/6NM+v4TG5ToM5kfWPK320
iJzxtARHKXUoNqeZ0lV+oLnEN7ikir0aVVaCPvxC4Av65qK7l7iuANSlN5da1luL
UFFJwDgmpdOUbgyt6d1A7AskgcAYEpkU5MQMMQXMTsIMjtRWDJK3lMuO/ntcpH1o
VxtICTjbzSIsVE1jUz1grfCLg2GKp7FfbJSe59pum/EtdzhfQ6uZvKlbgUfnV2KX
Xb7xxz4oV0IPLqjEQELme/IPAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUWDDFwN+o
aHTtz4sxnA4dhuHXiz4wHwYDVR0jBBgwFoAUdmXig10WAIXjHsJFIi1LL35IRAkw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTFERkM5LzhEMzVFODJFMzAy
QzExRjA4Nzc2NEEyQkM0RjlBRTAyL2RtWGlnMTBXQUlYakhzSkZJaTFMTDM1SVJB
ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvZG1YaWcxMFdBSVhqSHNKRklpMUxMMzVJUkFrLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx
REZDOS84RDM1RTgyRTMwMkMxMUYwODc3NjRBMkJDNEY5QUUwMi8yMTlDMkUyNDMw
MkQxMUYwQUI3M0ZCMkNDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAaVjKjANBgkqhkiG9w0BAQsFAAOCAQEAmGuEkvMu62SEbuAv
/WQ5tBzPqZZoYhaRUImlkCUYT1oxpufhPfo8PWDIHpb42bddaAuPRN3qbbjOZomB
MBB4E2JJptp+3ZPYxe1BInu2iHYNZO84l56p/Q2cuzr2IuQyKZsopKEp1lcX33QO
9COYekl+GssFR3erMqt7v2Wi0Qxie4/q/CBATRcKYagvuId4YgX+VtE5d5lWJs7W
kHnEjuHlrvJu5dZtAL2i35BnbEj4hOrKjHLfS/GILr40gCk8D/PJeT46eOWo55ck
IVAGu2vkqSu6SGRCLT6XZw+UZ0cbpWfoI4b0r3DhDpklDyvQGBK6ey9jG09k0ssY
BNXVew==
-----END CERTIFICATE-----
Generated at Fri Jun 6 17:19:19 2025 by rpki-client