Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91423C1/D0320EF8BF4F11EFBCF68944C4F9AE02/97E68CCCC0E911EF8EF0D685C4F9AE02.roa
File: 97E68CCCC0E911EF8EF0D685C4F9AE02.roa (raw, json)
Hash identifier: In43bFe4ZQz8EikS1Ign6yxJ6NuxvHMQsxIZtwj928U=
Subject key identifier: C2:A7:7A:9F:75:8F:EE:A4:10:79:45:DC:78:AF:42:6B:D6:62:89:1A
Certificate issuer: /CN=A91423C1/serialNumber=4DC7E28B546F2A0B538E8CDF832D9AA1F37CC8E4
Certificate serial: 2A
Authority key identifier: 4D:C7:E2:8B:54:6F:2A:0B:53:8E:8C:DF:83:2D:9A:A1:F3:7C:C8:E4
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Tcfii1RvKgtTjozfgy2aofN8yOQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91423C1/D0320EF8BF4F11EFBCF68944C4F9AE02/97E68CCCC0E911EF8EF0D685C4F9AE02.roa
Signing time: Tue 04 Feb 2025 01:18:45 +0000
ROA not before: Tue 04 Feb 2025 01:18:45 +0000
ROA not after: Mon 02 Jun 2025 00:00:00 +0000
asID: 152125
IP address blocks: 161.248.10.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 04 Feb 2025 14:41:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 42 (0x2a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91423C1
Validity
Not Before: Feb 4 01:18:45 2025 GMT
Not After : Jun 2 00:00:00 2025 GMT
Subject: CN=67a16af4-e0b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:33:be:98:f2:0a:15:5b:f1:ed:62:04:6f:26:
80:94:3c:20:6c:1b:91:ed:d4:e5:42:c8:f5:fd:6e:
a8:0d:df:1d:af:95:da:30:5a:88:53:e8:d9:fc:b7:
22:f8:c0:d3:1a:6d:6f:4a:82:54:f9:f6:2d:89:66:
6a:9c:1f:e2:12:f3:b0:87:ee:af:52:ee:8f:bd:3c:
fb:db:7d:3b:20:e1:5b:79:9b:ce:fa:7f:5e:00:d0:
d2:16:d9:02:2a:21:8f:88:c7:e3:1e:54:70:2a:3c:
70:8e:c6:82:54:6f:75:90:02:81:10:73:d8:d4:d5:
1e:f0:bf:c2:a5:07:52:3f:17:af:84:bc:12:2d:11:
34:f9:b0:c1:74:a8:7f:b8:3a:30:2f:ee:f7:df:97:
9d:56:92:3f:d2:7e:89:3a:eb:36:54:9c:0f:e5:ed:
0f:bc:ec:31:14:6d:27:ed:9e:5e:51:a1:7d:e4:34:
30:cf:3f:4c:2e:df:92:0c:de:9d:2f:d6:aa:e7:38:
52:6c:ea:00:a3:a5:ac:47:d0:02:4b:08:c5:28:c4:
f7:bc:4c:3f:b7:8e:3b:3e:c8:75:ac:2c:dd:00:72:
31:e4:d2:9a:b6:4c:22:58:e9:42:f4:75:7c:a5:32:
76:20:eb:4c:1d:6d:cb:20:bc:af:ca:a3:52:4a:14:
35:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:A7:7A:9F:75:8F:EE:A4:10:79:45:DC:78:AF:42:6B:D6:62:89:1A
X509v3 Authority Key Identifier:
keyid:4D:C7:E2:8B:54:6F:2A:0B:53:8E:8C:DF:83:2D:9A:A1:F3:7C:C8:E4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91423C1/D0320EF8BF4F11EFBCF68944C4F9AE02/Tcfii1RvKgtTjozfgy2aofN8yOQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Tcfii1RvKgtTjozfgy2aofN8yOQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91423C1/D0320EF8BF4F11EFBCF68944C4F9AE02/97E68CCCC0E911EF8EF0D685C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
161.248.10.0/24
Signature Algorithm: sha256WithRSAEncryption
c1:51:1f:39:b3:1a:00:95:87:d8:f8:c7:4a:8e:6b:49:cc:94:
56:83:1f:b2:19:89:19:8f:7c:e6:eb:25:c0:f6:cb:24:56:e4:
05:ae:d9:ae:63:58:c3:1f:83:5f:63:0a:67:0a:94:54:eb:2a:
17:96:b2:36:19:22:d6:6d:21:ad:6a:52:64:be:dd:57:f1:ed:
f3:65:72:31:f3:d3:d7:41:e6:d3:5a:30:4a:35:21:a6:56:ec:
d0:ed:c9:9d:b4:7b:6b:4b:87:8e:7c:f8:06:6b:08:4d:c0:d8:
9a:98:dc:79:51:ab:c6:61:ef:26:ba:12:a4:5c:85:15:56:b6:
81:1a:09:bd:f4:44:a7:80:0f:9a:a2:37:9b:bc:4f:10:eb:de:
bf:00:9a:47:4e:99:dd:0e:26:b7:5b:e9:97:79:00:4e:90:d1:
da:e7:8c:86:32:57:8a:2e:de:98:e4:f5:29:74:1c:1f:2d:db:
07:27:5d:cd:5a:46:ac:a3:15:58:50:e1:d7:bd:a7:ad:a5:39:
eb:cc:76:84:9f:61:f9:ad:37:7a:9c:aa:ff:75:1c:50:b8:88:
8f:92:2d:4c:bb:0d:b1:59:aa:ec:1e:67:10:45:2c:01:4e:b6:
67:b3:ca:3b:fb:e0:31:37:be:f7:2c:c7:c7:fd:c0:23:76:92:
de:3f:5d:c4
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBKjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0
MjNDMTExMC8GA1UEBRMoNERDN0UyOEI1NDZGMkEwQjUzOEU4Q0RGODMyRDlBQTFG
MzdDQzhFNDAeFw0yNTAyMDQwMTE4NDVaFw0yNTA2MDIwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3YTE2YWY0LWUwYjkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDHM76Y8goVW/HtYgRvJoCUPCBsG5Ht1OVCyPX9bqgN3x2vldowWohT6Nn8tyL4
wNMabW9KglT59i2JZmqcH+IS87CH7q9S7o+9PPvbfTsg4Vt5m876f14A0NIW2QIq
IY+Ix+MeVHAqPHCOxoJUb3WQAoEQc9jU1R7wv8KlB1I/F6+EvBItETT5sMF0qH+4
OjAv7vffl51Wkj/Sfok66zZUnA/l7Q+87DEUbSftnl5RoX3kNDDPP0wu35IM3p0v
1qrnOFJs6gCjpaxH0AJLCMUoxPe8TD+3jjs+yHWsLN0AcjHk0pq2TCJY6UL0dXyl
MnYg60wdbcsgvK/Ko1JKFDVHAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUwqd6n3WP
7qQQeUXceK9Ca9ZiiRowHwYDVR0jBBgwFoAUTcfii1RvKgtTjozfgy2aofN8yOQw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQyM0MxL0QwMzIwRUY4QkY0
RjExRUZCQ0Y2ODk0NEM0RjlBRTAyL1RjZmlpMVJ2S2d0VGpvemZneTJhb2ZOOHlP
US5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvVGNmaWkxUnZLZ3RUam96Zmd5MmFvZk44eU9RLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0
MjNDMS9EMDMyMEVGOEJGNEYxMUVGQkNGNjg5NDRDNEY5QUUwMi85N0U2OENDQ0Mw
RTkxMUVGOEVGMEQ2ODVDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAKH4CjANBgkqhkiG9w0BAQsFAAOCAQEAwVEfObMaAJWH2PjH
So5rScyUVoMfshmJGY985uslwPbLJFbkBa7ZrmNYwx+DX2MKZwqUVOsqF5ayNhki
1m0hrWpSZL7dV/Ht82VyMfPT10Hm01owSjUhplbs0O3JnbR7a0uHjnz4BmsITcDY
mpjceVGrxmHvJroSpFyFFVa2gRoJvfREp4APmqI3m7xPEOvevwCaR06Z3Q4mt1vp
l3kATpDR2ueMhjJXii7emOT1KXQcHy3bByddzVpGrKMVWFDh172nraU568x2hJ9h
+a03epyq/3UcULiIj5ItTLsNsVmq7B5nEEUsAU62Z7PKO/vgMTe+9yzHx/3AI3aS
3j9dxA==
-----END CERTIFICATE-----
Generated at Wed Feb 5 22:47:11 2025 by rpki-client