Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91423C1/D0320EF8BF4F11EFBCF68944C4F9AE02/CE129296E31C11EFA5143E69C4F9AE02.roa
File: CE129296E31C11EFA5143E69C4F9AE02.roa (raw, json)
Hash identifier: uR/fWXOawO9WUdsFwMtvGfiQjVpIIlK0IlBgeg6JhyQ=
Subject key identifier: 3C:6A:A5:99:88:9E:A3:A9:75:DC:DB:43:14:5E:DC:86:69:DB:00:D1
Certificate issuer: /CN=A91423C1/serialNumber=4DC7E28B546F2A0B538E8CDF832D9AA1F37CC8E4
Certificate serial: 33
Authority key identifier: 4D:C7:E2:8B:54:6F:2A:0B:53:8E:8C:DF:83:2D:9A:A1:F3:7C:C8:E4
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Tcfii1RvKgtTjozfgy2aofN8yOQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91423C1/D0320EF8BF4F11EFBCF68944C4F9AE02/CE129296E31C11EFA5143E69C4F9AE02.roa
Signing time: Tue 04 Feb 2025 17:23:53 +0000
ROA not before: Tue 04 Feb 2025 17:23:53 +0000
ROA not after: Mon 02 Jun 2025 00:00:00 +0000
asID: 149994
IP address blocks: 161.248.10.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 05 Feb 2025 02:30:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 51 (0x33)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91423C1
Validity
Not Before: Feb 4 17:23:53 2025 GMT
Not After : Jun 2 00:00:00 2025 GMT
Subject: CN=67a24d29-4c95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:3e:8a:fb:d2:2b:3e:88:bf:a2:16:06:03:82:
eb:ad:ee:27:9a:b5:8b:f4:11:f7:a7:67:e5:6d:48:
5c:5f:6b:2d:6b:e1:7d:e6:1b:e3:4e:01:d1:e9:c2:
a0:91:9d:d7:1a:2e:a0:89:76:3b:83:6b:40:5f:2a:
2e:4e:86:e7:4a:5c:50:ed:16:34:10:da:9d:28:ea:
81:0b:c3:70:9b:bb:57:d3:1e:88:11:2c:51:d4:1d:
7f:cb:e2:8f:d2:0c:61:90:58:ba:25:a0:27:0d:6e:
ed:a6:1e:11:78:46:a0:00:ed:e0:f2:d8:09:d5:8c:
d1:94:2f:2d:23:1d:ae:94:2b:b7:14:7a:9e:6e:cb:
c4:48:95:1d:85:db:a0:fc:cb:3d:76:d1:2a:20:32:
1f:e7:49:6e:10:3b:d5:66:63:89:c0:98:a7:6d:52:
fb:76:74:e1:d8:72:35:ed:6b:80:02:dc:94:4e:96:
3e:d1:b6:c7:aa:58:51:74:cb:83:5e:62:52:3d:f4:
9e:a9:8a:c2:2f:1d:bc:59:3c:9b:e5:c3:68:e9:9a:
8f:4d:e9:a0:79:98:af:cb:ac:7a:04:48:1b:a6:69:
32:4c:2d:2e:53:c9:3d:90:f5:76:c0:f1:45:99:bc:
74:d9:fd:7f:73:aa:31:64:2c:4e:d7:75:a8:92:6d:
81:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:6A:A5:99:88:9E:A3:A9:75:DC:DB:43:14:5E:DC:86:69:DB:00:D1
X509v3 Authority Key Identifier:
keyid:4D:C7:E2:8B:54:6F:2A:0B:53:8E:8C:DF:83:2D:9A:A1:F3:7C:C8:E4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91423C1/D0320EF8BF4F11EFBCF68944C4F9AE02/Tcfii1RvKgtTjozfgy2aofN8yOQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Tcfii1RvKgtTjozfgy2aofN8yOQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91423C1/D0320EF8BF4F11EFBCF68944C4F9AE02/CE129296E31C11EFA5143E69C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
161.248.10.0/24
Signature Algorithm: sha256WithRSAEncryption
ab:2a:56:4d:59:59:8f:d1:ca:1d:eb:c1:bb:84:c9:df:0e:cd:
c7:c5:e5:c1:5f:25:07:5d:aa:7c:95:2d:d6:44:2c:8f:49:ca:
44:d6:ff:5c:db:b2:b7:e0:d2:4c:7f:b8:1f:3e:32:8b:98:f3:
9d:e9:50:f3:72:c1:e7:bd:b9:70:0f:d2:2b:fe:fa:82:c5:20:
45:85:d6:7e:62:49:a8:7e:32:8f:ee:e0:01:4e:a0:40:f8:37:
f2:2e:7a:65:75:a0:30:26:09:31:b2:55:c8:3a:d7:59:30:0b:
a7:c2:0a:2c:3d:6a:88:3a:73:68:05:03:d3:47:0c:82:c4:b1:
da:7a:59:64:38:eb:8a:df:8d:36:66:2a:ca:b6:8f:e7:4d:0c:
c5:41:0e:28:5a:01:ec:1b:fa:c8:71:d5:e7:96:72:16:7b:1a:
93:98:20:c4:36:50:87:6a:6c:c6:3b:59:a0:36:36:39:db:24:
00:4a:2d:71:24:eb:cb:14:53:cc:d6:80:15:2b:1b:10:d6:88:
71:9d:4c:3f:48:52:fd:ad:2f:89:1e:73:25:bf:88:a6:79:85:
cf:1c:1f:05:52:39:29:36:ad:de:3a:71:a2:f2:10:c3:7c:e5:
27:e2:99:b5:57:22:9d:9b:13:a2:f8:8a:98:d4:be:f4:0d:38:
64:72:55:27
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBMzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0
MjNDMTExMC8GA1UEBRMoNERDN0UyOEI1NDZGMkEwQjUzOEU4Q0RGODMyRDlBQTFG
MzdDQzhFNDAeFw0yNTAyMDQxNzIzNTNaFw0yNTA2MDIwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3YTI0ZDI5LTRjOTUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC2Por70is+iL+iFgYDguut7ieatYv0EfenZ+VtSFxfay1r4X3mG+NOAdHpwqCR
ndcaLqCJdjuDa0BfKi5OhudKXFDtFjQQ2p0o6oELw3Cbu1fTHogRLFHUHX/L4o/S
DGGQWLoloCcNbu2mHhF4RqAA7eDy2AnVjNGULy0jHa6UK7cUep5uy8RIlR2F26D8
yz120SogMh/nSW4QO9VmY4nAmKdtUvt2dOHYcjXta4AC3JROlj7RtseqWFF0y4Ne
YlI99J6pisIvHbxZPJvlw2jpmo9N6aB5mK/LrHoESBumaTJMLS5TyT2Q9XbA8UWZ
vHTZ/X9zqjFkLE7XdaiSbYGJAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUPGqlmYie
o6l13NtDFF7chmnbANEwHwYDVR0jBBgwFoAUTcfii1RvKgtTjozfgy2aofN8yOQw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQyM0MxL0QwMzIwRUY4QkY0
RjExRUZCQ0Y2ODk0NEM0RjlBRTAyL1RjZmlpMVJ2S2d0VGpvemZneTJhb2ZOOHlP
US5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvVGNmaWkxUnZLZ3RUam96Zmd5MmFvZk44eU9RLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0
MjNDMS9EMDMyMEVGOEJGNEYxMUVGQkNGNjg5NDRDNEY5QUUwMi9DRTEyOTI5NkUz
MUMxMUVGQTUxNDNFNjlDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAKH4CjANBgkqhkiG9w0BAQsFAAOCAQEAqypWTVlZj9HKHevB
u4TJ3w7Nx8XlwV8lB12qfJUt1kQsj0nKRNb/XNuyt+DSTH+4Hz4yi5jznelQ83LB
5725cA/SK/76gsUgRYXWfmJJqH4yj+7gAU6gQPg38i56ZXWgMCYJMbJVyDrXWTAL
p8IKLD1qiDpzaAUD00cMgsSx2npZZDjrit+NNmYqyraP500MxUEOKFoB7Bv6yHHV
55ZyFnsak5ggxDZQh2psxjtZoDY2OdskAEotcSTryxRTzNaAFSsbENaIcZ1MP0hS
/a0viR5zJb+IpnmFzxwfBVI5KTat3jpxovIQw3zlJ+KZtVcinZsToviKmNS+9A04
ZHJVJw==
-----END CERTIFICATE-----
Generated at Wed Feb 5 23:08:15 2025 by rpki-client