Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91423C1/D0320EF8BF4F11EFBCF68944C4F9AE02/38DD4CDCE2F611EF9A803076C4F9AE02.roa
File: 38DD4CDCE2F611EF9A803076C4F9AE02.roa (raw, json)
Hash identifier: oXvLgArucm6g3oo6SNdFf+ys0FSoaRFYEArExUF+Tbo=
Subject key identifier: B9:AE:1C:A2:E4:2E:21:2C:72:61:68:A6:11:D6:40:65:14:D2:FE:D9
Certificate issuer: /CN=A91423C1/serialNumber=4DC7E28B546F2A0B538E8CDF832D9AA1F37CC8E4
Certificate serial: 2E
Authority key identifier: 4D:C7:E2:8B:54:6F:2A:0B:53:8E:8C:DF:83:2D:9A:A1:F3:7C:C8:E4
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Tcfii1RvKgtTjozfgy2aofN8yOQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91423C1/D0320EF8BF4F11EFBCF68944C4F9AE02/38DD4CDCE2F611EF9A803076C4F9AE02.roa
Signing time: Tue 04 Feb 2025 12:47:42 +0000
ROA not before: Tue 04 Feb 2025 12:47:42 +0000
ROA not after: Mon 02 Jun 2025 00:00:00 +0000
asID: 149994
IP address blocks: 161.248.10.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 04 Feb 2025 14:40:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 46 (0x2e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91423C1
Validity
Not Before: Feb 4 12:47:42 2025 GMT
Not After : Jun 2 00:00:00 2025 GMT
Subject: CN=67a20c6d-98a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:c5:d1:85:0d:e7:52:fc:30:ab:1f:ca:aa:ec:
fb:7d:cb:8b:c3:b9:e2:d1:b8:a9:30:10:ff:1a:01:
61:4d:cc:85:28:8c:1e:db:bc:00:06:44:fd:45:61:
d6:e4:9f:13:fc:59:ad:be:96:98:53:24:6a:4e:10:
33:28:43:6e:0f:1d:e1:88:57:e3:a3:ef:f8:9e:c2:
97:f0:01:3c:f9:42:0b:8e:e1:4f:ac:d8:4e:46:56:
04:74:a0:b1:86:72:3d:b5:97:6b:1e:ec:2b:72:57:
6b:5f:18:38:aa:01:e7:8e:3f:f3:1a:a7:01:b5:10:
31:29:e5:2b:e8:22:83:49:14:84:ab:5b:6d:9d:99:
dd:b1:ef:32:c4:fa:c6:4d:05:73:08:dd:f6:90:42:
cb:51:36:f4:ad:e9:ef:37:3c:cd:26:4d:fc:1f:63:
2e:1f:bc:99:a7:76:e0:55:dd:f2:dc:ec:b1:55:0d:
9f:61:35:34:17:8b:8b:ea:6d:43:3e:06:c1:a6:02:
61:ba:78:4e:d0:dd:3f:20:81:f1:34:81:e9:0d:a8:
6f:4f:30:2d:ee:b7:43:8e:78:5e:fc:b7:81:0f:7c:
b2:72:f6:af:70:5b:f0:d3:67:ea:82:e4:fc:ec:a1:
3b:32:af:ad:18:49:b0:67:04:74:d9:15:3f:22:77:
11:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:AE:1C:A2:E4:2E:21:2C:72:61:68:A6:11:D6:40:65:14:D2:FE:D9
X509v3 Authority Key Identifier:
keyid:4D:C7:E2:8B:54:6F:2A:0B:53:8E:8C:DF:83:2D:9A:A1:F3:7C:C8:E4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91423C1/D0320EF8BF4F11EFBCF68944C4F9AE02/Tcfii1RvKgtTjozfgy2aofN8yOQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Tcfii1RvKgtTjozfgy2aofN8yOQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91423C1/D0320EF8BF4F11EFBCF68944C4F9AE02/38DD4CDCE2F611EF9A803076C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
161.248.10.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:c6:dd:3e:df:05:78:59:dc:83:98:a0:ec:76:c9:89:e1:04:
2b:96:29:b1:13:58:6f:5f:7f:2f:da:cd:38:e7:5c:67:27:3e:
61:5f:d2:9c:23:0e:95:26:1b:cc:9c:b7:9f:08:dc:1f:f8:bd:
f6:3b:44:d6:3d:78:d0:fd:ae:f4:1b:41:26:6d:f8:a1:40:8a:
fc:f6:00:c9:68:dc:43:90:63:7f:d4:85:40:e9:00:db:dd:c0:
d6:c4:a3:84:bb:64:6d:2d:b6:cb:df:42:27:35:5b:1c:85:54:
14:9a:23:4f:02:cc:8a:94:28:6a:7b:74:6e:4e:af:66:11:ee:
c2:8c:25:3e:f0:2c:e4:de:1b:38:75:0c:39:41:83:41:04:d2:
6c:ab:3a:c2:0e:7a:91:c5:46:e9:ea:0b:f2:7d:73:6f:06:2f:
6d:1d:bb:0b:7f:84:c0:6e:c4:57:6f:d3:64:59:e4:21:58:07:
1d:47:59:c6:ff:90:64:94:3e:41:9a:6f:b6:a3:ce:d8:ed:f0:
c5:a4:4b:bc:c2:a7:7e:7e:25:78:68:3a:2f:a0:50:83:30:d0:
2f:ed:3b:ea:c7:a9:8c:a8:cd:b4:b9:37:fc:58:a1:9d:72:13:
2f:5a:ac:e8:01:78:fb:f0:e7:81:c8:d8:b5:a1:6b:e8:fe:37:
92:49:eb:bb
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBLjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0
MjNDMTExMC8GA1UEBRMoNERDN0UyOEI1NDZGMkEwQjUzOEU4Q0RGODMyRDlBQTFG
MzdDQzhFNDAeFw0yNTAyMDQxMjQ3NDJaFw0yNTA2MDIwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3YTIwYzZkLTk4YTgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDOxdGFDedS/DCrH8qq7Pt9y4vDueLRuKkwEP8aAWFNzIUojB7bvAAGRP1FYdbk
nxP8Wa2+lphTJGpOEDMoQ24PHeGIV+Oj7/iewpfwATz5QguO4U+s2E5GVgR0oLGG
cj21l2se7CtyV2tfGDiqAeeOP/MapwG1EDEp5SvoIoNJFISrW22dmd2x7zLE+sZN
BXMI3faQQstRNvSt6e83PM0mTfwfYy4fvJmnduBV3fLc7LFVDZ9hNTQXi4vqbUM+
BsGmAmG6eE7Q3T8ggfE0gekNqG9PMC3ut0OOeF78t4EPfLJy9q9wW/DTZ+qC5Pzs
oTsyr60YSbBnBHTZFT8idxEBAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUua4couQu
ISxyYWimEdZAZRTS/tkwHwYDVR0jBBgwFoAUTcfii1RvKgtTjozfgy2aofN8yOQw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQyM0MxL0QwMzIwRUY4QkY0
RjExRUZCQ0Y2ODk0NEM0RjlBRTAyL1RjZmlpMVJ2S2d0VGpvemZneTJhb2ZOOHlP
US5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvVGNmaWkxUnZLZ3RUam96Zmd5MmFvZk44eU9RLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0
MjNDMS9EMDMyMEVGOEJGNEYxMUVGQkNGNjg5NDRDNEY5QUUwMi8zOERENENEQ0Uy
RjYxMUVGOUE4MDMwNzZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAKH4CjANBgkqhkiG9w0BAQsFAAOCAQEAmsbdPt8FeFncg5ig
7HbJieEEK5YpsRNYb19/L9rNOOdcZyc+YV/SnCMOlSYbzJy3nwjcH/i99jtE1j14
0P2u9BtBJm34oUCK/PYAyWjcQ5Bjf9SFQOkA293A1sSjhLtkbS22y99CJzVbHIVU
FJojTwLMipQoant0bk6vZhHuwowlPvAs5N4bOHUMOUGDQQTSbKs6wg56kcVG6eoL
8n1zbwYvbR27C3+EwG7EV2/TZFnkIVgHHUdZxv+QZJQ+QZpvtqPO2O3wxaRLvMKn
fn4leGg6L6BQgzDQL+076sepjKjNtLk3/FihnXITL1qs6AF4+/DngcjYtaFr6P43
kknruw==
-----END CERTIFICATE-----
Generated at Wed Feb 5 22:50:55 2025 by rpki-client