Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9172999/B1C1B0DA031E11ED96E25620C4F9AE02/5D4068C0E82411EE92612D7DC4F9AE02.roa
File: 5D4068C0E82411EE92612D7DC4F9AE02.roa (raw, json)
Hash identifier: hCk2AJQI1/wyhqtw+vEuldKkQvZq/uSColea8wbZZEA=
Subject key identifier: 63:13:C0:1C:C1:CE:A7:5E:60:8F:A7:65:96:77:70:30:B6:5B:17:F3
Certificate issuer: /CN=A9172999/serialNumber=2F533EA0E40819DF563E3F7FE3FE87428D52A0D5
Certificate serial: 02AC
Authority key identifier: 2F:53:3E:A0:E4:08:19:DF:56:3E:3F:7F:E3:FE:87:42:8D:52:A0:D5
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/L1M-oOQIGd9WPj9_4_6HQo1SoNU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9172999/B1C1B0DA031E11ED96E25620C4F9AE02/5D4068C0E82411EE92612D7DC4F9AE02.roa
Signing time: Mon 21 Apr 2025 01:26:56 +0000
ROA not before: Mon 21 Apr 2025 01:26:56 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 138415
IP address blocks: 43.248.174.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 21 Apr 2025 07:58:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 684 (0x2ac)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9172999, serialNumber=2F533EA0E40819DF563E3F7FE3FE87428D52A0D5
Validity
Not Before: Apr 21 01:26:56 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=68059edf-32c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:a0:2c:69:da:57:31:77:ab:9f:d2:51:f5:ed:
b7:3a:c5:83:31:17:fd:0e:5f:9b:d4:94:b7:b8:2a:
73:04:64:02:33:80:f2:00:77:66:a1:88:93:3c:81:
6e:69:6f:67:c7:9e:53:4c:e7:d4:99:84:73:49:31:
3e:7a:3b:4f:6a:26:61:e1:44:36:5b:86:ca:44:c4:
e1:88:d8:16:fe:45:c7:0a:9f:d3:2c:fc:eb:8e:42:
49:6f:25:3f:d2:b1:29:0f:77:f8:65:ad:f6:df:29:
53:2e:bd:52:e4:62:13:79:8d:c5:83:5b:fd:47:c7:
a0:df:d2:fd:8b:bf:83:b3:81:8d:62:2c:03:0b:31:
cf:cb:35:4b:1c:0e:b0:8f:93:4e:54:60:cf:dd:a3:
f9:cb:d3:d4:12:d6:26:9d:84:d1:c4:15:75:15:c1:
f6:8e:31:4b:c6:c0:15:8d:34:93:89:36:a1:4c:ee:
c2:40:57:4b:d3:2e:c0:7b:aa:4f:49:83:01:12:b1:
78:00:b4:74:e4:b8:9e:97:1b:64:b7:70:72:2a:39:
dd:bf:9d:c6:c6:b7:c2:b0:25:1e:fb:15:f8:43:3d:
07:9b:2e:86:74:4e:27:df:7e:5d:39:42:1c:a4:d0:
64:d3:0f:de:83:8d:8b:ee:c1:9b:61:96:5b:21:62:
b9:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:13:C0:1C:C1:CE:A7:5E:60:8F:A7:65:96:77:70:30:B6:5B:17:F3
X509v3 Authority Key Identifier:
keyid:2F:53:3E:A0:E4:08:19:DF:56:3E:3F:7F:E3:FE:87:42:8D:52:A0:D5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9172999/B1C1B0DA031E11ED96E25620C4F9AE02/L1M-oOQIGd9WPj9_4_6HQo1SoNU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/L1M-oOQIGd9WPj9_4_6HQo1SoNU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9172999/B1C1B0DA031E11ED96E25620C4F9AE02/5D4068C0E82411EE92612D7DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.248.174.0/24
Signature Algorithm: sha256WithRSAEncryption
22:92:18:b3:2f:9e:e4:d4:b3:ef:7e:a4:12:02:87:73:56:47:
11:32:0c:fb:7f:af:54:8e:6f:4d:2d:17:e5:6b:95:7f:47:c2:
67:2b:4b:22:7e:e3:c8:dc:8c:57:f4:c5:25:d2:de:91:00:a5:
f1:91:47:42:84:c6:50:e2:47:43:4b:05:aa:8b:d3:47:49:f8:
2c:7c:16:f6:bf:6a:04:d8:4f:88:09:89:7f:7e:08:68:6a:54:
8e:19:96:8a:8c:24:fe:00:3b:13:18:e2:a5:d0:ba:75:4c:d9:
13:cf:4a:0d:40:28:73:8a:81:1d:ae:72:cd:67:05:70:1c:7e:
5b:89:6c:db:77:a8:dc:0c:72:a8:bf:04:2e:6b:15:f9:2c:9f:
9c:8c:a9:b7:95:5b:86:69:9b:e0:c2:61:b0:ff:b1:01:8d:a1:
69:92:66:b6:dd:15:25:61:22:69:2b:bd:25:c7:ef:05:80:7b:
19:41:ad:f8:97:e2:70:69:df:19:f6:86:de:b6:e6:dc:44:a8:
fe:52:07:a5:42:b3:16:a3:ec:34:24:5b:04:08:06:a3:62:02:
f0:3f:bd:c0:a6:64:f6:13:30:3d:ef:b0:bf:1f:49:d9:48:c4:
b1:7b:29:bb:4b:fc:ae:52:b2:51:42:fa:3c:a8:3b:d8:50:12:
28:0e:f0:6c
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAqwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzI5OTkxMTAvBgNVBAUTKDJGNTMzRUEwRTQwODE5REY1NjNFM0Y3RkUzRkU4NzQy
OEQ1MkEwRDUwHhcNMjUwNDIxMDEyNjU2WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02ODA1OWVkZi0zMmMxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAw6AsadpXMXern9JR9e23OsWDMRf9Dl+b1JS3uCpzBGQCM4DyAHdmoYiTPIFu
aW9nx55TTOfUmYRzSTE+ejtPaiZh4UQ2W4bKRMThiNgW/kXHCp/TLPzrjkJJbyU/
0rEpD3f4Za323ylTLr1S5GITeY3Fg1v9R8eg39L9i7+Ds4GNYiwDCzHPyzVLHA6w
j5NOVGDP3aP5y9PUEtYmnYTRxBV1FcH2jjFLxsAVjTSTiTahTO7CQFdL0y7Ae6pP
SYMBErF4ALR05Lielxtkt3ByKjndv53GxrfCsCUe+xX4Qz0Hmy6GdE4n335dOUIc
pNBk0w/eg42L7sGbYZZbIWK5qQIDAQABo4IClTCCApEwHQYDVR0OBBYEFGMTwBzB
zqdeYI+nZZZ3cDC2WxfzMB8GA1UdIwQYMBaAFC9TPqDkCBnfVj4/f+P+h0KNUqDV
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3Mjk5OS9CMUMxQjBEQTAz
MUUxMUVEOTZFMjU2MjBDNEY5QUUwMi9MMU0tb09RSUdkOVdQajlfNF82SFFvMVNv
TlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0wxTS1vT1FJR2Q5V1BqOV80XzZIUW8xU29OVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzI5OTkvQjFDMUIwREEwMzFFMTFFRDk2RTI1NjIwQzRGOUFFMDIvNUQ0MDY4QzBF
ODI0MTFFRTkyNjEyRDdEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAAr+K4wDQYJKoZIhvcNAQELBQADggEBACKSGLMvnuTUs+9+
pBICh3NWRxEyDPt/r1SOb00tF+VrlX9HwmcrSyJ+48jcjFf0xSXS3pEApfGRR0KE
xlDiR0NLBaqL00dJ+Cx8Fva/agTYT4gJiX9+CGhqVI4ZloqMJP4AOxMY4qXQunVM
2RPPSg1AKHOKgR2ucs1nBXAcfluJbNt3qNwMcqi/BC5rFfksn5yMqbeVW4Zpm+DC
YbD/sQGNoWmSZrbdFSVhImkrvSXH7wWAexlBrfiX4nBp3xn2ht625txEqP5SB6VC
sxaj7DQkWwQIBqNiAvA/vcCmZPYTMD3vsL8fSdlIxLF7KbtL/K5SslFC+jyoO9hQ
EigO8Gw=
-----END CERTIFICATE-----
Generated at Thu Jun 12 17:07:46 2025 by rpki-client