Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9187BAC/BE318FB0D02C11EFB5584915C4F9AE02/0EC366B4D1B411EFA220A85BC4F9AE02.roa
File: 0EC366B4D1B411EFA220A85BC4F9AE02.roa (raw, json)
Hash identifier: IZWmu3up3Mdd0J0y1Q56YOy456lU1q4nQ0CgAQAVmxU=
Subject key identifier: 5E:B9:ED:56:A5:36:76:D3:2B:D6:F9:68:0B:75:9D:7D:65:0D:11:1C
Certificate issuer: /CN=A9187BAC/serialNumber=7B62620BFEB38CEB64D210C9805DC2480415707D
Certificate serial: 04
Authority key identifier: 7B:62:62:0B:FE:B3:8C:EB:64:D2:10:C9:80:5D:C2:48:04:15:70:7D
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/e2JiC_6zjOtk0hDJgF3CSAQVcH0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9187BAC/BE318FB0D02C11EFB5584915C4F9AE02/0EC366B4D1B411EFA220A85BC4F9AE02.roa
Signing time: Mon 13 Jan 2025 13:41:15 +0000
ROA not before: Mon 13 Jan 2025 13:41:15 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 21859
IP address blocks: 161.248.137.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 14 Jan 2025 16:56:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4 (0x4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9187BAC
Validity
Not Before: Jan 13 13:41:15 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=678517fa-ac4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:58:10:e3:8a:08:2e:6c:91:46:29:bb:48:c9:
d7:45:3d:fb:ef:57:ed:57:9b:9c:3a:8d:41:23:0d:
dd:6b:af:55:34:3a:fe:aa:aa:f4:67:ca:05:d2:a8:
04:82:8a:10:df:a7:58:50:ed:1a:6f:94:4d:a0:16:
42:a0:7e:49:1d:06:c0:62:ca:41:e4:d8:f4:ba:90:
f8:d9:87:67:0c:5c:a0:52:50:f5:b8:06:91:1e:62:
20:ba:08:12:76:30:42:bc:8c:b7:53:40:2f:46:13:
94:88:52:96:cc:89:62:db:c0:93:3d:e2:17:ea:57:
5f:e1:c4:09:db:fd:27:02:61:14:66:ec:3a:91:15:
36:a3:d3:05:a7:8c:a2:da:59:5f:4c:0a:2b:03:ff:
e2:7b:f3:64:f4:f8:9b:17:be:3e:96:af:28:41:04:
e0:63:7e:a5:4f:ba:5b:7a:a3:4e:4c:c0:04:92:d2:
4d:14:b7:cc:d7:09:9c:36:cd:f9:04:db:bc:aa:c4:
38:42:ae:41:02:63:b2:0b:b4:04:70:1d:79:20:ca:
bf:6f:f4:65:f7:15:df:9e:70:93:26:91:e6:41:8f:
e5:4a:42:19:bf:7b:c4:ea:5a:0b:85:57:0a:67:a7:
61:da:33:c8:09:00:ef:0c:a2:51:08:8e:96:39:22:
72:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:B9:ED:56:A5:36:76:D3:2B:D6:F9:68:0B:75:9D:7D:65:0D:11:1C
X509v3 Authority Key Identifier:
keyid:7B:62:62:0B:FE:B3:8C:EB:64:D2:10:C9:80:5D:C2:48:04:15:70:7D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9187BAC/BE318FB0D02C11EFB5584915C4F9AE02/e2JiC_6zjOtk0hDJgF3CSAQVcH0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/e2JiC_6zjOtk0hDJgF3CSAQVcH0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9187BAC/BE318FB0D02C11EFB5584915C4F9AE02/0EC366B4D1B411EFA220A85BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
161.248.137.0/24
Signature Algorithm: sha256WithRSAEncryption
98:ea:bc:4c:20:53:ed:ac:3d:09:5c:02:42:60:7d:34:48:26:
60:e1:e8:c7:89:e4:a2:73:8d:e6:c5:ca:86:ae:94:99:39:3c:
3a:7a:bc:4e:f0:23:30:fe:1b:7d:60:0b:25:e7:a5:6e:41:ef:
c3:c9:18:fa:6f:0f:b6:46:62:55:0f:75:78:1b:ea:5a:9d:6b:
ef:f6:97:5f:f2:14:1b:74:55:2b:38:ab:d1:38:e7:6c:b8:a7:
41:fd:bb:67:11:29:bd:23:1e:40:ae:e2:bf:01:d9:2f:ba:03:
d8:fe:11:cb:d2:4c:71:1b:9c:50:3b:2e:24:eb:e5:da:6f:6d:
54:ef:50:7e:11:fb:c1:0c:4c:f1:e0:63:c6:b9:73:1d:4b:f9:
41:49:d6:dc:d6:28:e4:fb:fe:c9:84:4e:19:fa:8b:5c:4c:aa:
1d:b6:f6:c6:d9:40:b2:c7:23:32:0c:d7:be:59:b5:67:e6:46:
a3:12:9b:87:b2:c2:ae:06:68:55:14:98:78:01:6c:ee:e3:82:
05:f0:d1:36:17:8f:ef:9a:41:00:a3:80:cd:09:49:88:81:c3:
dd:4f:63:8e:fa:a3:d9:12:80:d0:b6:48:6c:f3:e4:8a:2d:e8:
85:b3:e8:b3:8c:db:d3:78:4d:7d:69:56:88:bc:80:33:e7:d2:
3f:36:a2:16
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBBDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE4
N0JBQzExMC8GA1UEBRMoN0I2MjYyMEJGRUIzOENFQjY0RDIxMEM5ODA1REMyNDgw
NDE1NzA3RDAeFw0yNTAxMTMxMzQxMTVaFw0yNjA1MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3ODUxN2ZhLWFjNGYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDBWBDjiggubJFGKbtIyddFPfvvV+1Xm5w6jUEjDd1rr1U0Ov6qqvRnygXSqASC
ihDfp1hQ7RpvlE2gFkKgfkkdBsBiykHk2PS6kPjZh2cMXKBSUPW4BpEeYiC6CBJ2
MEK8jLdTQC9GE5SIUpbMiWLbwJM94hfqV1/hxAnb/ScCYRRm7DqRFTaj0wWnjKLa
WV9MCisD/+J782T0+JsXvj6WryhBBOBjfqVPult6o05MwASS0k0Ut8zXCZw2zfkE
27yqxDhCrkECY7ILtARwHXkgyr9v9GX3Fd+ecJMmkeZBj+VKQhm/e8TqWguFVwpn
p2HaM8gJAO8MolEIjpY5InKbAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUXrntVqU2
dtMr1vloC3WdfWUNERwwHwYDVR0jBBgwFoAUe2JiC/6zjOtk0hDJgF3CSAQVcH0w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTg3QkFDL0JFMzE4RkIwRDAy
QzExRUZCNTU4NDkxNUM0RjlBRTAyL2UySmlDXzZ6ak90azBoREpnRjNDU0FRVmNI
MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvZTJKaUNfNnpqT3RrMGhESmdGM0NTQVFWY0gwLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4
N0JBQy9CRTMxOEZCMEQwMkMxMUVGQjU1ODQ5MTVDNEY5QUUwMi8wRUMzNjZCNEQx
QjQxMUVGQTIyMEE4NUJDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAKH4iTANBgkqhkiG9w0BAQsFAAOCAQEAmOq8TCBT7aw9CVwC
QmB9NEgmYOHox4nkonON5sXKhq6UmTk8Onq8TvAjMP4bfWALJeelbkHvw8kY+m8P
tkZiVQ91eBvqWp1r7/aXX/IUG3RVKzir0TjnbLinQf27ZxEpvSMeQK7ivwHZL7oD
2P4Ry9JMcRucUDsuJOvl2m9tVO9QfhH7wQxM8eBjxrlzHUv5QUnW3NYo5Pv+yYRO
GfqLXEyqHbb2xtlAsscjMgzXvlm1Z+ZGoxKbh7LCrgZoVRSYeAFs7uOCBfDRNheP
75pBAKOAzQlJiIHD3U9jjvqj2RKA0LZIbPPkii3ohbPos4zb03hNfWlWiLyAM+fS
PzaiFg==
-----END CERTIFICATE-----
Generated at Wed Feb 5 22:45:48 2025 by rpki-client