Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918E269/393BA8CE2B6F11F086ADE54EC4F9AE02/8E29D2702B6F11F0A4E71379C4F9AE02.roa
File: 8E29D2702B6F11F0A4E71379C4F9AE02.roa (raw, json)
Hash identifier: SZf8uLx+dbbqnDddROTRg8RS/VkvC5/vVXJ5GE2/m8g=
Subject key identifier: DD:09:83:7B:4A:E0:C7:86:7A:5D:FB:8A:3D:D6:20:90:7E:42:30:F6
Certificate issuer: /CN=A918E269/serialNumber=4BE1073936252E3CF072F989D7FDC4E7E7C66274
Certificate serial: 02
Authority key identifier: 4B:E1:07:39:36:25:2E:3C:F0:72:F9:89:D7:FD:C4:E7:E7:C6:62:74
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/S-EHOTYlLjzwcvmJ1_3E5-fGYnQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918E269/393BA8CE2B6F11F086ADE54EC4F9AE02/8E29D2702B6F11F0A4E71379C4F9AE02.roa
Signing time: Wed 07 May 2025 18:17:37 +0000
ROA not before: Wed 07 May 2025 18:17:37 +0000
ROA not after: Mon 31 Aug 2026 00:00:00 +0000
asID: 153853
IP address blocks: 163.227.238.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 13 May 2025 18:43:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918E269, serialNumber=4BE1073936252E3CF072F989D7FDC4E7E7C66274
Validity
Not Before: May 7 18:17:37 2025 GMT
Not After : Aug 31 00:00:00 2026 GMT
Subject: CN=681ba3c1-eeb2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:62:ae:e4:81:75:b2:4e:2d:3f:b4:6c:bb:3a:
11:3d:90:b7:54:69:d1:22:94:c5:79:12:a7:5b:ab:
02:7f:37:29:55:80:f3:21:be:66:bf:ec:aa:3b:cb:
a1:e9:7c:80:4f:70:3d:e7:36:d5:be:c2:20:41:66:
a6:d5:13:0e:bd:c4:38:5f:5c:8d:93:d9:88:e3:17:
06:36:d4:14:26:6f:ff:d0:9d:c9:b1:66:2f:31:a9:
62:87:e0:1d:96:0f:2e:2a:55:6e:61:f1:1a:a2:d8:
23:0a:e6:4f:27:f6:a4:57:f2:e7:28:43:10:34:0c:
4c:b2:c9:83:6b:5a:dc:f1:10:21:c4:24:e6:1b:55:
35:9c:d8:23:8c:68:20:58:87:a5:fe:3d:a4:9f:75:
d1:3f:e9:6f:62:06:fb:fc:db:df:84:82:6f:1e:15:
11:a9:ec:04:39:45:33:af:39:6b:01:95:00:e3:4e:
f2:cf:1b:ea:34:2f:30:37:41:74:c0:02:fb:8d:d4:
6a:59:7a:8f:f6:4c:1a:0d:89:99:9d:d6:96:9b:01:
f4:34:7c:10:8a:60:71:d3:3b:e5:32:0a:96:da:1d:
5a:4f:fb:8c:83:e7:69:43:45:5b:9a:e2:f8:be:b0:
3d:09:39:e2:88:7f:bf:38:46:c3:2a:f9:ad:24:04:
80:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:09:83:7B:4A:E0:C7:86:7A:5D:FB:8A:3D:D6:20:90:7E:42:30:F6
X509v3 Authority Key Identifier:
keyid:4B:E1:07:39:36:25:2E:3C:F0:72:F9:89:D7:FD:C4:E7:E7:C6:62:74
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918E269/393BA8CE2B6F11F086ADE54EC4F9AE02/S-EHOTYlLjzwcvmJ1_3E5-fGYnQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/S-EHOTYlLjzwcvmJ1_3E5-fGYnQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918E269/393BA8CE2B6F11F086ADE54EC4F9AE02/8E29D2702B6F11F0A4E71379C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
163.227.238.0/24
Signature Algorithm: sha256WithRSAEncryption
be:f0:36:4e:39:56:3e:49:16:68:5a:6d:fd:35:8d:ea:9a:1e:
9f:07:95:60:7c:86:07:9a:80:b6:a0:8d:97:e6:ad:98:23:54:
5f:52:83:d3:65:23:1c:f4:fb:03:9d:86:12:5c:df:3a:c8:c4:
90:da:0d:3f:72:11:32:2f:f8:ae:ee:0d:7a:8a:34:e9:0f:5e:
1b:d8:ae:48:69:a7:6d:f3:2d:3c:da:b8:5f:11:15:d9:d5:7c:
8c:7b:8a:fc:03:3d:8e:b7:95:7b:98:80:fc:38:42:fa:8b:57:
be:63:2f:b7:c7:23:0d:a4:f9:69:ef:ee:2c:b1:01:da:6f:f8:
b5:ec:36:e3:65:9f:5a:d7:ef:bd:b8:81:3f:dc:57:d7:76:9d:
18:c5:87:42:2b:73:1a:83:91:ac:b2:6f:ff:a4:93:21:d6:93:
21:e4:b5:78:32:52:46:e1:ac:b6:d7:89:d3:77:4d:a5:24:ef:
c0:68:01:55:5a:d0:7b:11:f4:5b:fe:99:bb:a6:84:04:05:aa:
82:79:46:a9:74:85:d5:24:7b:06:19:f5:fe:ea:c2:d4:60:68:
d9:e2:91:2d:a3:9a:34:84:80:78:00:2c:67:b3:99:07:74:3c:
57:ae:40:f8:29:65:7b:d8:fc:66:40:18:b5:8f:3b:d9:9f:87:
03:94:07:c6
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE4
RTI2OTExMC8GA1UEBRMoNEJFMTA3MzkzNjI1MkUzQ0YwNzJGOTg5RDdGREM0RTdF
N0M2NjI3NDAeFw0yNTA1MDcxODE3MzdaFw0yNjA4MzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY4MWJhM2MxLWVlYjIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDoYq7kgXWyTi0/tGy7OhE9kLdUadEilMV5EqdbqwJ/NylVgPMhvma/7Ko7y6Hp
fIBPcD3nNtW+wiBBZqbVEw69xDhfXI2T2YjjFwY21BQmb//QncmxZi8xqWKH4B2W
Dy4qVW5h8Rqi2CMK5k8n9qRX8ucoQxA0DEyyyYNrWtzxECHEJOYbVTWc2COMaCBY
h6X+PaSfddE/6W9iBvv829+Egm8eFRGp7AQ5RTOvOWsBlQDjTvLPG+o0LzA3QXTA
AvuN1GpZeo/2TBoNiZmd1pabAfQ0fBCKYHHTO+UyCpbaHVpP+4yD52lDRVua4vi+
sD0JOeKIf784RsMq+a0kBIBdAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQU3QmDe0rg
x4Z6XfuKPdYgkH5CMPYwHwYDVR0jBBgwFoAUS+EHOTYlLjzwcvmJ1/3E5+fGYnQw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MThFMjY5LzM5M0JBOENFMkI2
RjExRjA4NkFERTU0RUM0RjlBRTAyL1MtRUhPVFlsTGp6d2N2bUoxXzNFNS1mR1lu
US5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvUy1FSE9UWWxManp3Y3ZtSjFfM0U1LWZHWW5RLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4
RTI2OS8zOTNCQThDRTJCNkYxMUYwODZBREU1NEVDNEY5QUUwMi84RTI5RDI3MDJC
NkYxMUYwQTRFNzEzNzlDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAKPj7jANBgkqhkiG9w0BAQsFAAOCAQEAvvA2TjlWPkkWaFpt
/TWN6poenweVYHyGB5qAtqCNl+atmCNUX1KD02UjHPT7A52GElzfOsjEkNoNP3IR
Mi/4ru4Neoo06Q9eG9iuSGmnbfMtPNq4XxEV2dV8jHuK/AM9jreVe5iA/DhC+otX
vmMvt8cjDaT5ae/uLLEB2m/4tew242WfWtfvvbiBP9xX13adGMWHQitzGoORrLJv
/6STIdaTIeS1eDJSRuGstteJ03dNpSTvwGgBVVrQexH0W/6Zu6aEBAWqgnlGqXSF
1SR7Bhn1/urC1GBo2eKRLaOaNISAeAAsZ7OZB3Q8V65A+Clle9j8ZkAYtY872Z+H
A5QHxg==
-----END CERTIFICATE-----
Generated at Mon Jun 2 07:09:40 2025 by rpki-client