Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914EBB2/F37F246E329511EF9A482F55C4F9AE02/9954FB38E37711EF90F2E16BC4F9AE02.roa
File: 9954FB38E37711EF90F2E16BC4F9AE02.roa (raw, json)
Hash identifier: sVsoixfs4Pm209H+QhyDDaN4KjsYoyu4eChIfhhVoMQ=
Subject key identifier: 86:F4:07:1E:00:B7:B6:66:5A:F9:6F:C6:F6:E0:D6:A2:BF:DC:25:E6
Certificate issuer: /CN=A914EBB2/serialNumber=CD3DF53AA0E9A398595E957015155BCCAC568D15
Certificate serial: BC
Authority key identifier: CD:3D:F5:3A:A0:E9:A3:98:59:5E:95:70:15:15:5B:CC:AC:56:8D:15
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zT31OqDpo5hZXpVwFRVbzKxWjRU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914EBB2/F37F246E329511EF9A482F55C4F9AE02/9954FB38E37711EF90F2E16BC4F9AE02.roa
Signing time: Tue 29 Apr 2025 11:57:22 +0000
ROA not before: Tue 29 Apr 2025 11:57:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 17476
IP address blocks: 183.90.185.0/24 maxlen: 24
202.36.160.0/23 maxlen: 24
2401:ada0::/32 maxlen: 40
2401:ada0:10::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 30 Apr 2025 09:52:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 188 (0xbc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914EBB2, serialNumber=CD3DF53AA0E9A398595E957015155BCCAC568D15
Validity
Not Before: Apr 29 11:57:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6810bea2-24c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:18:db:3d:21:d6:13:a3:9a:04:e5:65:b0:a4:
58:0e:79:9f:47:f8:f9:ce:6b:d3:f1:9c:c4:b3:c2:
4c:b3:5c:83:1a:e1:d0:7f:0c:79:5c:ca:51:1f:af:
c8:bb:35:7d:2a:fc:0f:70:23:ee:5f:59:2e:f0:cc:
a5:41:79:35:e1:7d:2b:90:33:da:bc:76:9b:70:b1:
97:8c:5a:94:49:15:36:35:0c:0f:9e:b6:e5:d0:2a:
2b:35:8e:90:5a:82:ea:27:01:42:c1:6a:44:8e:a3:
26:ee:f2:5f:11:3a:cf:10:e2:ff:35:99:a3:8c:db:
6a:a7:01:30:bf:81:f6:c0:70:8a:d2:c4:98:80:6c:
ed:ca:6b:72:00:a1:e0:14:61:8f:01:85:ff:5e:d0:
73:b0:0e:4c:77:66:28:78:94:87:aa:2a:34:8d:db:
ca:4d:c6:c8:2d:52:1d:59:c3:46:ed:d5:1b:dc:7e:
cc:04:bf:5f:56:e8:40:b8:76:f2:e2:bc:03:af:7e:
04:21:ed:ee:03:7a:43:19:fa:5a:bc:e3:da:8a:78:
06:02:0b:19:ee:ce:7f:40:8f:c8:e3:93:74:28:0d:
4a:4a:4e:33:d0:ab:55:cf:d4:8e:75:d1:02:28:d8:
2c:37:bf:01:55:d0:4f:46:21:ac:d2:d2:ee:df:b9:
7f:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:F4:07:1E:00:B7:B6:66:5A:F9:6F:C6:F6:E0:D6:A2:BF:DC:25:E6
X509v3 Authority Key Identifier:
keyid:CD:3D:F5:3A:A0:E9:A3:98:59:5E:95:70:15:15:5B:CC:AC:56:8D:15
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914EBB2/F37F246E329511EF9A482F55C4F9AE02/zT31OqDpo5hZXpVwFRVbzKxWjRU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zT31OqDpo5hZXpVwFRVbzKxWjRU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914EBB2/F37F246E329511EF9A482F55C4F9AE02/9954FB38E37711EF90F2E16BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
183.90.185.0/24
202.36.160.0/23
IPv6:
2401:ada0::/32
Signature Algorithm: sha256WithRSAEncryption
8f:0d:74:26:32:d5:a8:bf:2d:82:cb:36:ec:3a:6f:7a:99:e7:
70:65:62:9a:fa:28:a3:1e:21:7d:cd:2c:b0:56:dd:6c:bd:58:
34:a4:8e:f1:08:b6:36:d6:a1:c8:c3:66:20:1a:00:60:4b:36:
ec:c0:93:ba:8c:0e:a9:75:00:a5:2a:6b:4b:c9:d5:02:64:05:
4e:a9:f9:59:ee:27:ff:d8:b2:9f:c4:1d:02:a1:6e:4e:31:a7:
90:f4:37:ca:07:c9:0c:ca:cc:2c:eb:6a:cf:a5:f1:ac:1d:dd:
d5:7b:3d:b7:ae:a5:d3:51:3c:ae:38:df:d9:b2:27:0e:d8:17:
5d:dc:69:56:72:13:c2:b9:5a:fc:42:65:16:c1:00:f7:fa:94:
d3:75:b5:84:e2:9b:b0:08:e7:b0:1d:17:53:2c:ef:7f:0b:3d:
c8:70:ac:50:ad:1b:b2:3b:43:56:b7:a0:29:40:c9:50:aa:47:
c6:bd:40:f8:b7:0e:2d:1c:70:cc:46:e0:be:cc:b9:ab:a5:07:
f3:e5:9a:38:0f:f7:7e:97:57:eb:bb:ef:4a:55:97:fd:40:24:
66:84:10:3f:78:a4:55:db:f5:ed:c2:dd:6f:d1:11:76:1f:b9:
76:a6:8e:f1:20:3a:af:3b:45:9f:bf:9a:5a:d4:03:6f:40:d4:
ab:74:a1:e7
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICALwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NEVCQjIxMTAvBgNVBAUTKENEM0RGNTNBQTBFOUEzOTg1OTVFOTU3MDE1MTU1QkND
QUM1NjhEMTUwHhcNMjUwNDI5MTE1NzIyWhcNMjYwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODEwYmVhMi0yNGMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAoxjbPSHWE6OaBOVlsKRYDnmfR/j5zmvT8ZzEs8JMs1yDGuHQfwx5XMpRH6/I
uzV9KvwPcCPuX1ku8MylQXk14X0rkDPavHabcLGXjFqUSRU2NQwPnrbl0CorNY6Q
WoLqJwFCwWpEjqMm7vJfETrPEOL/NZmjjNtqpwEwv4H2wHCK0sSYgGztymtyAKHg
FGGPAYX/XtBzsA5Md2YoeJSHqio0jdvKTcbILVIdWcNG7dUb3H7MBL9fVuhAuHby
4rwDr34EIe3uA3pDGfpavOPaingGAgsZ7s5/QI/I45N0KA1KSk4z0KtVz9SOddEC
KNgsN78BVdBPRiGs0tLu37l/BQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFIb0Bx4A
t7ZmWvlvxvbg1qK/3CXmMB8GA1UdIwQYMBaAFM099Tqg6aOYWV6VcBUVW8ysVo0V
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RUJCMi9GMzdGMjQ2RTMy
OTUxMUVGOUE0ODJGNTVDNEY5QUUwMi96VDMxT3FEcG81aFpYcFZ3RlJWYnpLeFdq
UlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3pUMzFPcURwbzVoWlhwVndGUlZiekt4V2pSVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NEVCQjIvRjM3RjI0NkUzMjk1MTFFRjlBNDgyRjU1QzRGOUFFMDIvOTk1NEZCMzhF
Mzc3MTFFRjkwRjJFMTZCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMBIEAgABMAwDBAC3WrkDBAHKJKAwDQQCAAIwBwMFACQBraAwDQYJKoZIhvcN
AQELBQADggEBAI8NdCYy1ai/LYLLNuw6b3qZ53BlYpr6KKMeIX3NLLBW3Wy9WDSk
jvEItjbWocjDZiAaAGBLNuzAk7qMDql1AKUqa0vJ1QJkBU6p+VnuJ//Ysp/EHQKh
bk4xp5D0N8oHyQzKzCzras+l8awd3dV7PbeupdNRPK4439myJw7YF13caVZyE8K5
WvxCZRbBAPf6lNN1tYTim7AI57AdF1Ms738LPchwrFCtG7I7Q1a3oClAyVCqR8a9
QPi3Di0ccMxG4L7MuaulB/PlmjgP936XV+u770pVl/1AJGaEED94pFXb9e3C3W/R
EXYfuXamjvEgOq87RZ+/mlrUA29A1Kt0oec=
-----END CERTIFICATE-----
Generated at Mon Jun 2 07:20:48 2025 by rpki-client