Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A7F6A/7A5298760AF011F08531D43CC4F9AE02/DE08EC260AF011F09BE4823DC4F9AE02.roa
File: DE08EC260AF011F09BE4823DC4F9AE02.roa (raw, json)
Hash identifier: T8eSrRo5atqaPJZIb0pOQvyGeFYG9/VhYKlpCe2klKg=
Subject key identifier: 5E:10:1F:DD:D1:22:4E:69:32:86:4A:B9:B6:DD:31:03:34:AF:7F:CD
Certificate issuer: /CN=A91A7F6A/serialNumber=95D42EC2F468B7E38F958C8FBA93180117DC26E0
Certificate serial: 26
Authority key identifier: 95:D4:2E:C2:F4:68:B7:E3:8F:95:8C:8F:BA:93:18:01:17:DC:26:E0
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ldQuwvRot-OPlYyPupMYARfcJuA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A7F6A/7A5298760AF011F08531D43CC4F9AE02/DE08EC260AF011F09BE4823DC4F9AE02.roa
Signing time: Tue 20 May 2025 06:22:39 +0000
ROA not before: Tue 20 May 2025 06:22:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 153737
IP address blocks: 163.223.204.0/23 maxlen: 23
163.223.204.0/24 maxlen: 24
163.223.205.0/24 maxlen: 24
163.223.205.0/25 maxlen: 25
163.223.205.128/25 maxlen: 25
Validation: Failed, certificate revoked on Tue 20 May 2025 16:03:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 38 (0x26)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A7F6A, serialNumber=95D42EC2F468B7E38F958C8FBA93180117DC26E0
Validity
Not Before: May 20 06:22:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=682c1faf-a4db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:1d:3f:37:30:b3:f4:6b:f3:a4:37:e6:93:9c:
2f:bb:a5:32:79:54:8b:9a:30:54:95:da:fc:4a:27:
48:70:05:83:5a:05:25:cd:77:91:90:78:51:21:c9:
45:1e:9a:d7:8f:7a:1e:5c:ec:7b:a6:7c:c3:9a:d7:
0f:1b:1d:44:e0:c1:30:50:29:47:cb:d5:28:21:6b:
95:13:3a:c3:0a:40:7d:85:21:7a:36:5d:da:3b:0e:
0f:fc:dd:50:d3:bb:3e:19:9e:6d:81:1a:7d:23:ff:
70:88:9c:0c:d3:d1:83:5e:06:77:6e:43:e4:ef:81:
59:e8:7c:04:db:7d:59:2e:78:a3:fa:0b:b3:2e:b2:
fe:8a:a3:c2:e1:24:9b:fb:d2:3e:05:88:23:c8:b6:
94:75:fe:d3:45:9d:90:12:19:b5:74:69:26:c0:9e:
6e:55:72:75:27:53:ae:08:2f:9b:da:d1:f4:ed:36:
80:5b:45:c7:33:7e:ad:8e:ee:c8:43:af:0d:23:55:
fa:ea:47:ac:9c:76:82:83:b4:bd:df:79:e9:6f:c1:
cd:14:ef:5f:1b:28:98:6c:2d:06:c8:a9:e1:b8:48:
8e:8f:03:ea:bf:ab:be:b3:24:09:bd:52:aa:33:fd:
d9:ea:0e:90:ff:bf:2d:bb:62:3c:b9:66:db:79:be:
09:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:10:1F:DD:D1:22:4E:69:32:86:4A:B9:B6:DD:31:03:34:AF:7F:CD
X509v3 Authority Key Identifier:
keyid:95:D4:2E:C2:F4:68:B7:E3:8F:95:8C:8F:BA:93:18:01:17:DC:26:E0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A7F6A/7A5298760AF011F08531D43CC4F9AE02/ldQuwvRot-OPlYyPupMYARfcJuA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ldQuwvRot-OPlYyPupMYARfcJuA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A7F6A/7A5298760AF011F08531D43CC4F9AE02/DE08EC260AF011F09BE4823DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
163.223.204.0/23
Signature Algorithm: sha256WithRSAEncryption
68:a8:07:10:75:a8:9a:d9:f1:11:a3:74:6a:f6:50:54:6c:22:
24:d8:a6:0e:ce:b8:d0:8c:dc:55:e9:ce:80:1f:48:da:b3:d6:
28:f5:6f:c2:c6:d5:8d:ab:28:75:32:a6:1d:5a:7b:22:31:a1:
dc:0a:11:59:96:b0:b3:43:82:2e:25:80:60:96:34:67:23:f7:
36:30:4a:44:92:50:04:0e:16:e6:4d:85:de:3d:6e:f5:a8:2d:
88:4a:ab:b8:60:11:ca:41:46:f3:74:81:6e:47:0b:d1:52:5e:
0c:d9:ce:99:75:50:ce:25:a8:d3:b3:6f:59:1f:68:a9:dd:55:
b6:38:94:fb:63:aa:47:34:97:87:7e:de:7d:07:fa:65:1b:21:
37:37:83:bb:b5:ff:5e:68:a8:a4:17:fd:d9:8c:d3:94:ba:7a:
9b:1e:db:52:93:15:e7:4b:da:c4:76:8e:d3:c8:0a:6c:ab:0a:
47:0b:0d:34:25:ca:d9:59:00:85:ca:94:89:4a:ca:50:33:aa:
3d:1c:09:b3:a7:65:41:59:d4:5d:d7:36:ad:59:5d:bd:17:af:
0c:88:40:a8:28:04:24:aa:9e:ca:03:98:8a:9b:d2:5a:43:ac:
69:25:19:df:c9:58:6b:3b:b1:85:6d:7d:30:9a:85:77:ef:72:
97:6a:10:b2
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBJjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB
N0Y2QTExMC8GA1UEBRMoOTVENDJFQzJGNDY4QjdFMzhGOTU4QzhGQkE5MzE4MDEx
N0RDMjZFMDAeFw0yNTA1MjAwNjIyMzlaFw0yNjA3MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY4MmMxZmFmLWE0ZGIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC5HT83MLP0a/OkN+aTnC+7pTJ5VIuaMFSV2vxKJ0hwBYNaBSXNd5GQeFEhyUUe
mtePeh5c7HumfMOa1w8bHUTgwTBQKUfL1Sgha5UTOsMKQH2FIXo2Xdo7Dg/83VDT
uz4Znm2BGn0j/3CInAzT0YNeBnduQ+TvgVnofATbfVkueKP6C7Musv6Ko8LhJJv7
0j4FiCPItpR1/tNFnZASGbV0aSbAnm5VcnUnU64IL5va0fTtNoBbRcczfq2O7shD
rw0jVfrqR6ycdoKDtL3feelvwc0U718bKJhsLQbIqeG4SI6PA+q/q76zJAm9Uqoz
/dnqDpD/vy27Yjy5Ztt5vgnzAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUXhAf3dEi
Tmkyhkq5tt0xAzSvf80wHwYDVR0jBBgwFoAUldQuwvRot+OPlYyPupMYARfcJuAw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUE3RjZBLzdBNTI5ODc2MEFG
MDExRjA4NTMxRDQzQ0M0RjlBRTAyL2xkUXV3dlJvdC1PUGxZeVB1cE1ZQVJmY0p1
QS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvbGRRdXd2Um90LU9QbFl5UHVwTVlBUmZjSnVBLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB
N0Y2QS83QTUyOTg3NjBBRjAxMUYwODUzMUQ0M0NDNEY5QUUwMi9ERTA4RUMyNjBB
RjAxMUYwOUJFNDgyM0RDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAaPfzDANBgkqhkiG9w0BAQsFAAOCAQEAaKgHEHWomtnxEaN0
avZQVGwiJNimDs640IzcVenOgB9I2rPWKPVvwsbVjasodTKmHVp7IjGh3AoRWZaw
s0OCLiWAYJY0ZyP3NjBKRJJQBA4W5k2F3j1u9agtiEqruGARykFG83SBbkcL0VJe
DNnOmXVQziWo07NvWR9oqd1VtjiU+2OqRzSXh37efQf6ZRshNzeDu7X/XmiopBf9
2YzTlLp6mx7bUpMV50vaxHaO08gKbKsKRwsNNCXK2VkAhcqUiUrKUDOqPRwJs6dl
QVnUXdc2rVldvRevDIhAqCgEJKqeygOYipvSWkOsaSUZ38lYazuxhW19MJqFd+9y
l2oQsg==
-----END CERTIFICATE-----
Generated at Tue Jun 3 23:56:12 2025 by rpki-client