Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A4B39/95074A0AAF5611EEA655B581C4F9AE02/0CCD0DF630BE11F08C0C7785C4F9AE02.roa
File: 0CCD0DF630BE11F08C0C7785C4F9AE02.roa (raw, json)
Hash identifier: kT5YTC/olfEmwIaqmQ52TqNxba5TzceNK19LVFqoecw=
Subject key identifier: 24:3E:28:CA:A9:D0:07:B9:59:C8:78:3E:6D:1A:79:94:EF:D3:B8:12
Certificate issuer: /CN=A91A4B39/serialNumber=BEFFBEF8EFC5027C34DFF704C79FB2812A71331E
Certificate serial: 0111
Authority key identifier: BE:FF:BE:F8:EF:C5:02:7C:34:DF:F7:04:C7:9F:B2:81:2A:71:33:1E
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/vv---O_FAnw03_cEx5-ygSpxMx4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A4B39/95074A0AAF5611EEA655B581C4F9AE02/0CCD0DF630BE11F08C0C7785C4F9AE02.roa
Signing time: Wed 14 May 2025 12:24:32 +0000
ROA not before: Wed 14 May 2025 12:24:32 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 147006
IP address blocks: 157.10.134.0/23 maxlen: 23
157.10.134.0/24 maxlen: 24
157.10.135.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 14 May 2025 15:50:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 273 (0x111)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A4B39, serialNumber=BEFFBEF8EFC5027C34DFF704C79FB2812A71331E
Validity
Not Before: May 14 12:24:32 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=68248b80-e34e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:7b:9e:b9:61:29:38:46:64:06:cb:48:28:f2:
3f:03:cd:31:e6:39:3a:43:e1:02:e5:40:52:2e:4b:
8b:ba:89:10:84:57:bc:c2:c6:71:05:f0:f1:71:fe:
7d:b9:70:bf:f6:a4:dc:b8:5f:82:c7:c8:24:a4:d6:
4d:ef:e9:97:d7:6f:2f:99:54:93:c4:24:db:16:58:
80:bb:f9:86:32:ba:3e:15:7a:b0:37:59:d0:37:1d:
7b:66:c9:ab:a3:99:50:12:f2:8b:3a:02:9b:34:78:
4d:f1:e4:7b:30:5c:17:8a:59:6b:39:8d:9e:4f:48:
f2:54:30:6e:70:a9:e3:8e:7c:88:34:5b:e5:81:94:
18:6b:3c:39:85:a2:17:1e:e1:8b:1d:8c:af:4c:4a:
71:d2:cb:14:a0:99:aa:17:d1:7f:b0:a2:f4:e3:a7:
99:83:d5:fb:17:2c:be:7e:9b:a8:4b:e8:81:2b:ba:
01:1b:a7:98:13:ca:8d:a9:5d:f2:da:8e:39:fa:fd:
ea:6f:8b:98:6e:4e:ba:4c:26:8a:3f:14:34:98:b2:
19:c0:e5:e5:f2:e4:af:5e:f5:6a:b7:66:67:08:9e:
79:61:8c:6f:71:99:4e:70:a6:c9:4e:03:fd:4f:4e:
30:f0:1f:3a:0f:4b:23:f9:60:b6:bd:d2:df:bc:e6:
48:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:3E:28:CA:A9:D0:07:B9:59:C8:78:3E:6D:1A:79:94:EF:D3:B8:12
X509v3 Authority Key Identifier:
keyid:BE:FF:BE:F8:EF:C5:02:7C:34:DF:F7:04:C7:9F:B2:81:2A:71:33:1E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A4B39/95074A0AAF5611EEA655B581C4F9AE02/vv---O_FAnw03_cEx5-ygSpxMx4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/vv---O_FAnw03_cEx5-ygSpxMx4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A4B39/95074A0AAF5611EEA655B581C4F9AE02/0CCD0DF630BE11F08C0C7785C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
157.10.134.0/23
Signature Algorithm: sha256WithRSAEncryption
2d:56:ef:ed:41:79:fe:8d:f0:85:63:01:e1:78:c4:29:54:74:
f9:ca:ca:d7:41:f5:42:8d:d6:8f:97:96:c9:35:73:a8:37:17:
e8:97:03:2a:4f:6f:08:b6:10:8a:f1:b5:d8:4d:fb:fd:22:bc:
a9:67:45:1d:9d:7f:fc:82:9d:ae:53:9c:cd:64:33:8d:c7:06:
1d:83:be:e8:92:8c:60:24:ab:44:75:66:8b:32:b6:f0:71:2e:
32:e5:7a:62:6f:d9:28:f0:ec:0c:83:94:0a:a0:8b:dd:4b:73:
97:40:17:8e:51:17:df:21:ef:57:c8:d0:44:92:6b:1c:a1:ee:
cd:5e:fe:71:b2:24:a4:ff:c5:f6:16:4c:0b:fd:ad:f6:a9:4d:
cd:2f:e1:cf:55:05:c5:b3:ef:0b:4b:dd:90:26:6c:0a:ad:13:
3d:d9:0d:60:c9:81:f5:81:e9:97:03:b5:05:46:5c:a5:2e:f1:
4b:2f:ae:34:71:ec:8f:57:5a:54:39:c9:0e:ef:ec:7f:9b:5e:
8a:07:8a:99:02:28:21:81:d6:a1:2c:1e:83:02:47:45:a7:ab:
e1:74:d4:54:bd:ac:3e:57:f2:5a:6d:89:e5:8f:26:b0:69:3b:
71:1c:d1:6b:19:70:44:df:e5:3a:b8:34:59:3f:b0:a5:e0:20:
0a:c4:a4:d3
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAREwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTRCMzkxMTAvBgNVBAUTKEJFRkZCRUY4RUZDNTAyN0MzNERGRjcwNEM3OUZCMjgx
MkE3MTMzMUUwHhcNMjUwNTE0MTIyNDMyWhcNMjYwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODI0OGI4MC1lMzRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzHueuWEpOEZkBstIKPI/A80x5jk6Q+EC5UBSLkuLuokQhFe8wsZxBfDxcf59
uXC/9qTcuF+Cx8gkpNZN7+mX128vmVSTxCTbFliAu/mGMro+FXqwN1nQNx17Zsmr
o5lQEvKLOgKbNHhN8eR7MFwXillrOY2eT0jyVDBucKnjjnyINFvlgZQYazw5haIX
HuGLHYyvTEpx0ssUoJmqF9F/sKL046eZg9X7Fyy+fpuoS+iBK7oBG6eYE8qNqV3y
2o45+v3qb4uYbk66TCaKPxQ0mLIZwOXl8uSvXvVqt2ZnCJ55YYxvcZlOcKbJTgP9
T04w8B86D0sj+WC2vdLfvOZIYwIDAQABo4IClTCCApEwHQYDVR0OBBYEFCQ+KMqp
0Ae5Wch4Pm0aeZTv07gSMB8GA1UdIwQYMBaAFL7/vvjvxQJ8NN/3BMefsoEqcTMe
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNEIzOS85NTA3NEEwQUFG
NTYxMUVFQTY1NUI1ODFDNEY5QUUwMi92di0tLU9fRkFudzAzX2NFeDUteWdTcHhN
eDQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL3Z2LS0tT19GQW53MDNfY0V4NS15Z1NweE14NC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTRCMzkvOTUwNzRBMEFBRjU2MTFFRUE2NTVCNTgxQzRGOUFFMDIvMENDRDBERjYz
MEJFMTFGMDhDMEM3Nzg1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAGdCoYwDQYJKoZIhvcNAQELBQADggEBAC1W7+1Bef6N8IVj
AeF4xClUdPnKytdB9UKN1o+Xlsk1c6g3F+iXAypPbwi2EIrxtdhN+/0ivKlnRR2d
f/yCna5TnM1kM43HBh2DvuiSjGAkq0R1ZosytvBxLjLlemJv2Sjw7AyDlAqgi91L
c5dAF45RF98h71fI0ESSaxyh7s1e/nGyJKT/xfYWTAv9rfapTc0v4c9VBcWz7wtL
3ZAmbAqtEz3ZDWDJgfWB6ZcDtQVGXKUu8UsvrjRx7I9XWlQ5yQ7v7H+bXooHipkC
KCGB1qEsHoMCR0Wnq+F01FS9rD5X8lptieWPJrBpO3Ec0WsZcETf5Tq4NFk/sKXg
IArEpNM=
-----END CERTIFICATE-----
Generated at Tue Jun 10 13:47:45 2025 by rpki-client