Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91423C1/D0320EF8BF4F11EFBCF68944C4F9AE02/57646DB8E05611EF94B15084C4F9AE02.roa
File: 57646DB8E05611EF94B15084C4F9AE02.roa (raw, json)
Hash identifier: YijfCILlhQXopSrgAxKnsdpuEW1JxraOEpGUaDdRJDM=
Subject key identifier: E7:9F:2E:DA:C1:0D:CB:19:C8:E1:7C:C4:EC:1C:62:35:B3:F1:A7:9F
Certificate issuer: /CN=A91423C1/serialNumber=4DC7E28B546F2A0B538E8CDF832D9AA1F37CC8E4
Certificate serial: 1E
Authority key identifier: 4D:C7:E2:8B:54:6F:2A:0B:53:8E:8C:DF:83:2D:9A:A1:F3:7C:C8:E4
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Tcfii1RvKgtTjozfgy2aofN8yOQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91423C1/D0320EF8BF4F11EFBCF68944C4F9AE02/57646DB8E05611EF94B15084C4F9AE02.roa
Signing time: Sat 01 Feb 2025 04:38:11 +0000
ROA not before: Sat 01 Feb 2025 04:38:11 +0000
ROA not after: Sun 02 Mar 2025 00:00:00 +0000
asID: 152125
IP address blocks: 161.248.10.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 04 Feb 2025 01:18:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 30 (0x1e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91423C1
Validity
Not Before: Feb 1 04:38:11 2025 GMT
Not After : Mar 2 00:00:00 2025 GMT
Subject: CN=679da533-c027
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:e1:58:26:e7:19:b6:60:18:fc:0c:1d:ac:5d:
7d:c0:c6:6e:f9:02:f1:ef:b2:47:f2:91:9c:9d:0d:
ea:23:83:43:46:00:37:d2:67:fe:f0:0c:05:1e:c8:
d6:eb:d6:9d:13:da:1d:05:20:db:52:10:c0:fc:9f:
c7:9a:ba:e4:30:b0:3a:97:4a:3c:a7:b7:13:22:05:
68:28:4f:fb:c7:5f:5d:28:9b:c5:a9:8d:44:c3:5a:
2d:97:ba:e5:55:77:f1:cc:05:7b:d1:97:eb:49:c4:
18:2c:f3:d8:4f:cf:70:f9:5f:19:89:a8:db:69:54:
44:67:db:e1:bf:77:3d:08:c4:b3:f6:f7:0f:eb:42:
2b:1e:3b:a7:ab:65:f8:3c:4f:f6:a8:72:74:2d:b2:
a4:f6:3b:0a:6d:71:c1:66:0c:02:06:7e:3e:43:97:
42:f7:a6:bf:df:e4:66:b9:7d:56:ce:7f:b3:9c:87:
c3:9d:b3:34:66:8b:28:29:ad:5c:13:0d:ab:8e:ae:
4f:33:2d:ed:42:aa:88:38:56:98:e7:22:8c:4b:91:
6c:f4:73:5b:86:f8:44:b0:27:30:23:fb:19:10:1b:
b3:d7:ec:be:ae:b4:fe:4b:3c:d1:93:19:81:95:38:
94:8f:45:4d:05:97:83:f9:dc:ce:07:21:95:0b:3d:
da:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:9F:2E:DA:C1:0D:CB:19:C8:E1:7C:C4:EC:1C:62:35:B3:F1:A7:9F
X509v3 Authority Key Identifier:
keyid:4D:C7:E2:8B:54:6F:2A:0B:53:8E:8C:DF:83:2D:9A:A1:F3:7C:C8:E4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91423C1/D0320EF8BF4F11EFBCF68944C4F9AE02/Tcfii1RvKgtTjozfgy2aofN8yOQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Tcfii1RvKgtTjozfgy2aofN8yOQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91423C1/D0320EF8BF4F11EFBCF68944C4F9AE02/57646DB8E05611EF94B15084C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
161.248.10.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:77:cf:c5:45:0c:ab:56:c2:a2:df:93:1e:b1:01:4a:9d:45:
2e:84:a1:63:f2:f5:fe:7f:97:06:01:ea:0e:2b:40:e7:95:ef:
9b:19:d9:8f:16:71:87:9b:6f:71:02:74:39:32:73:bd:69:60:
ed:db:02:88:f5:da:68:c8:23:56:e5:cd:8e:b5:d7:6e:87:fe:
dd:60:02:1a:33:d5:05:c1:d5:fe:df:a6:80:9e:a1:f9:43:88:
f6:fc:bc:0f:31:df:96:52:8b:18:ba:39:aa:26:f7:b3:92:97:
1d:9b:40:d3:97:f5:4c:41:41:41:57:81:14:37:ac:a8:17:d5:
58:a6:d3:ec:85:1c:25:4e:01:65:ea:b6:05:a4:35:b6:65:00:
48:df:96:f5:fa:55:7b:77:48:d0:d1:08:c6:c5:31:50:4c:ea:
16:48:c3:6c:46:22:f7:f6:44:d8:fb:4a:2b:90:b9:10:75:3a:
84:1a:75:b4:a5:b3:3c:55:55:ba:82:ee:b8:27:7a:38:4c:c3:
dc:21:a0:d8:98:13:d9:30:b4:03:f7:5b:ba:f7:ef:d4:23:e1:
0e:64:fd:3e:64:af:4a:bf:89:4b:8a:80:ad:51:a1:0e:1b:38:
eb:ac:7f:38:be:52:8f:f5:c7:f0:5d:0e:ea:46:d7:d2:df:2c:
65:64:62:70
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBHjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0
MjNDMTExMC8GA1UEBRMoNERDN0UyOEI1NDZGMkEwQjUzOEU4Q0RGODMyRDlBQTFG
MzdDQzhFNDAeFw0yNTAyMDEwNDM4MTFaFw0yNTAzMDIwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3OWRhNTMzLWMwMjcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCt4Vgm5xm2YBj8DB2sXX3Axm75AvHvskfykZydDeojg0NGADfSZ/7wDAUeyNbr
1p0T2h0FINtSEMD8n8eauuQwsDqXSjyntxMiBWgoT/vHX10om8WpjUTDWi2XuuVV
d/HMBXvRl+tJxBgs89hPz3D5XxmJqNtpVERn2+G/dz0IxLP29w/rQiseO6erZfg8
T/aocnQtsqT2OwptccFmDAIGfj5Dl0L3pr/f5Ga5fVbOf7Och8OdszRmiygprVwT
DauOrk8zLe1Cqog4VpjnIoxLkWz0c1uG+ESwJzAj+xkQG7PX7L6utP5LPNGTGYGV
OJSPRU0Fl4P53M4HIZULPdotAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQU558u2sEN
yxnI4XzE7BxiNbPxp58wHwYDVR0jBBgwFoAUTcfii1RvKgtTjozfgy2aofN8yOQw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQyM0MxL0QwMzIwRUY4QkY0
RjExRUZCQ0Y2ODk0NEM0RjlBRTAyL1RjZmlpMVJ2S2d0VGpvemZneTJhb2ZOOHlP
US5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvVGNmaWkxUnZLZ3RUam96Zmd5MmFvZk44eU9RLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0
MjNDMS9EMDMyMEVGOEJGNEYxMUVGQkNGNjg5NDRDNEY5QUUwMi81NzY0NkRCOEUw
NTYxMUVGOTRCMTUwODRDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAKH4CjANBgkqhkiG9w0BAQsFAAOCAQEAW3fPxUUMq1bCot+T
HrEBSp1FLoShY/L1/n+XBgHqDitA55XvmxnZjxZxh5tvcQJ0OTJzvWlg7dsCiPXa
aMgjVuXNjrXXbof+3WACGjPVBcHV/t+mgJ6h+UOI9vy8DzHfllKLGLo5qib3s5KX
HZtA05f1TEFBQVeBFDesqBfVWKbT7IUcJU4BZeq2BaQ1tmUASN+W9fpVe3dI0NEI
xsUxUEzqFkjDbEYi9/ZE2PtKK5C5EHU6hBp1tKWzPFVVuoLuuCd6OEzD3CGg2JgT
2TC0A/dbuvfv1CPhDmT9PmSvSr+JS4qArVGhDhs466x/OL5Sj/XH8F0O6kbX0t8s
ZWRicA==
-----END CERTIFICATE-----
Generated at Wed Feb 5 22:43:34 2025 by rpki-client