Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9132FD9/7F9A70342BB511F09DE5BA4EC4F9AE02/2EB974AC2BB611F0AA2EDB4FC4F9AE02.roa
File: 2EB974AC2BB611F0AA2EDB4FC4F9AE02.roa (raw, json)
Hash identifier: hFK4DF3I1IC3yqrBLA92dDDt7vT4XWqwsrymxXfDluI=
Subject key identifier: 73:E6:FB:20:06:E9:56:11:FB:79:AF:19:EE:9C:49:BB:ED:A7:C8:F9
Certificate issuer: /CN=A9132FD9/serialNumber=972B90D9C5192256AD96475B392BAB1A7A79CC2D
Certificate serial: 0A
Authority key identifier: 97:2B:90:D9:C5:19:22:56:AD:96:47:5B:39:2B:AB:1A:7A:79:CC:2D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lyuQ2cUZIlatlkdbOSurGnp5zC0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9132FD9/7F9A70342BB511F09DE5BA4EC4F9AE02/2EB974AC2BB611F0AA2EDB4FC4F9AE02.roa
Signing time: Wed 14 May 2025 05:12:20 +0000
ROA not before: Wed 14 May 2025 05:12:20 +0000
ROA not after: Thu 30 Jul 2026 00:00:00 +0000
asID: 153869
IP address blocks: 163.227.167.0/24 maxlen: 24
163.227.167.10/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 15 May 2025 02:03:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10 (0xa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9132FD9, serialNumber=972B90D9C5192256AD96475B392BAB1A7A79CC2D
Validity
Not Before: May 14 05:12:20 2025 GMT
Not After : Jul 30 00:00:00 2026 GMT
Subject: CN=68242634-9cba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:ed:3d:66:8b:41:0d:18:01:e3:8a:7a:0d:c7:
4f:dd:70:1f:9c:61:46:66:38:2b:a2:96:c5:ca:31:
1a:08:59:dd:d7:db:a7:4c:ad:66:9c:d2:f0:0a:9a:
2a:fb:6a:24:7e:0f:ad:31:98:c1:d2:af:a9:e7:f5:
c5:ab:95:52:ea:9a:38:a9:c6:62:0b:6e:43:25:a9:
15:aa:0c:1d:7d:c7:0b:bc:d2:80:68:5f:98:6a:12:
c2:f0:67:87:ad:98:57:3a:e2:22:22:23:24:5d:c0:
cc:f5:10:f3:3c:b5:08:12:c2:5a:8c:3c:c6:26:91:
77:1b:22:77:4b:b5:32:f2:63:e4:7d:98:b2:9a:8b:
3f:66:71:f1:a7:a6:96:ed:f8:33:f5:ad:12:cd:7d:
67:b8:26:23:03:bf:65:17:56:02:1a:fa:6e:72:13:
23:e4:58:d8:e8:f2:6a:50:86:73:68:33:8b:bd:37:
78:47:5a:19:44:04:af:3e:0f:6d:19:32:98:06:dc:
74:16:c8:7b:93:10:40:5e:2f:4d:9f:38:9a:52:46:
af:8f:47:89:95:fe:32:a8:50:16:12:9a:72:b5:31:
12:3f:9c:60:19:69:ee:aa:6a:1f:c3:e3:7a:6f:34:
63:11:6f:35:39:a0:36:a4:c6:49:9e:db:b8:27:4d:
b7:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:E6:FB:20:06:E9:56:11:FB:79:AF:19:EE:9C:49:BB:ED:A7:C8:F9
X509v3 Authority Key Identifier:
keyid:97:2B:90:D9:C5:19:22:56:AD:96:47:5B:39:2B:AB:1A:7A:79:CC:2D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9132FD9/7F9A70342BB511F09DE5BA4EC4F9AE02/lyuQ2cUZIlatlkdbOSurGnp5zC0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lyuQ2cUZIlatlkdbOSurGnp5zC0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9132FD9/7F9A70342BB511F09DE5BA4EC4F9AE02/2EB974AC2BB611F0AA2EDB4FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
163.227.167.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:52:7b:91:af:e7:ce:9a:f1:c6:d2:2b:c4:e4:c5:18:f6:a4:
39:b5:79:1c:93:22:29:61:4b:e8:c5:9a:09:02:34:dc:98:fc:
0e:d2:b2:1c:17:f3:01:fb:e7:08:18:74:a2:5d:e7:b1:6c:e7:
98:c3:1a:0a:f8:00:43:c7:d7:55:d2:93:0f:5e:c5:8a:66:37:
69:e5:0e:68:a9:d5:cf:eb:2e:b1:f0:8f:19:02:c3:f2:7c:b1:
93:14:b7:e7:51:b0:90:9a:3e:e4:f0:8e:95:c6:8b:3f:2f:24:
82:23:34:7a:a6:01:bb:0a:7a:79:4f:2e:fd:7a:bc:f6:3b:4a:
df:55:0c:70:02:3d:8d:9a:3e:27:4b:ff:53:b2:cd:40:c2:1d:
bd:37:5f:20:ad:ce:d4:22:58:5a:49:6f:98:e2:af:26:d2:70:
c0:7e:a0:a9:a7:8a:70:bf:2f:b2:db:24:28:6e:fc:45:8f:c2:
a5:48:d7:fc:da:36:ed:c9:06:4e:b8:3e:4a:40:8e:94:a9:30:
ca:c4:00:03:2f:d2:79:68:18:45:b1:59:fc:b6:b3:ad:2b:2f:
13:7b:37:53:c9:b2:29:9a:ac:29:e5:e7:f7:df:24:ee:b4:b5:
70:0b:2c:f6:5f:ac:7a:c9:98:40:38:f6:94:7f:2b:59:03:66:
15:c0:81:6b
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBCjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEz
MkZEOTExMC8GA1UEBRMoOTcyQjkwRDlDNTE5MjI1NkFEOTY0NzVCMzkyQkFCMUE3
QTc5Q0MyRDAeFw0yNTA1MTQwNTEyMjBaFw0yNjA3MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY4MjQyNjM0LTljYmEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDZ7T1mi0ENGAHjinoNx0/dcB+cYUZmOCuilsXKMRoIWd3X26dMrWac0vAKmir7
aiR+D60xmMHSr6nn9cWrlVLqmjipxmILbkMlqRWqDB19xwu80oBoX5hqEsLwZ4et
mFc64iIiIyRdwMz1EPM8tQgSwlqMPMYmkXcbIndLtTLyY+R9mLKaiz9mcfGnppbt
+DP1rRLNfWe4JiMDv2UXVgIa+m5yEyPkWNjo8mpQhnNoM4u9N3hHWhlEBK8+D20Z
MpgG3HQWyHuTEEBeL02fOJpSRq+PR4mV/jKoUBYSmnK1MRI/nGAZae6qah/D43pv
NGMRbzU5oDakxkme27gnTbfNAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUc+b7IAbp
VhH7ea8Z7pxJu+2nyPkwHwYDVR0jBBgwFoAUlyuQ2cUZIlatlkdbOSurGnp5zC0w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTMyRkQ5LzdGOUE3MDM0MkJC
NTExRjA5REU1QkE0RUM0RjlBRTAyL2x5dVEyY1VaSWxhdGxrZGJPU3VyR25wNXpD
MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvbHl1UTJjVVpJbGF0bGtkYk9TdXJHbnA1ekMwLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz
MkZEOS83RjlBNzAzNDJCQjUxMUYwOURFNUJBNEVDNEY5QUUwMi8yRUI5NzRBQzJC
QjYxMUYwQUEyRURCNEZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAKPjpzANBgkqhkiG9w0BAQsFAAOCAQEAoVJ7ka/nzprxxtIr
xOTFGPakObV5HJMiKWFL6MWaCQI03Jj8DtKyHBfzAfvnCBh0ol3nsWznmMMaCvgA
Q8fXVdKTD17FimY3aeUOaKnVz+susfCPGQLD8nyxkxS351GwkJo+5PCOlcaLPy8k
giM0eqYBuwp6eU8u/Xq89jtK31UMcAI9jZo+J0v/U7LNQMIdvTdfIK3O1CJYWklv
mOKvJtJwwH6gqaeKcL8vstskKG78RY/CpUjX/No27ckGTrg+SkCOlKkwysQAAy/S
eWgYRbFZ/LazrSsvE3s3U8myKZqsKeXn998k7rS1cAss9l+sesmYQDj2lH8rWQNm
FcCBaw==
-----END CERTIFICATE-----
Generated at Mon Jun 2 04:58:44 2025 by rpki-client