Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91FEC1E/DE51EC40353A11F08C95C067C4F9AE02/3FC05002353B11F0A66F6368C4F9AE02.roa
File: 3FC05002353B11F0A66F6368C4F9AE02.roa (raw, json)
Hash identifier: YMBk11+5JTC2vAmcYcvy9f7Gl/6rAtQnQS5iwZWgWC4=
Subject key identifier: D3:01:0C:48:91:98:2F:34:4D:C0:FC:4F:11:D5:39:FA:10:38:62:D1
Certificate issuer: /CN=A91FEC1E/serialNumber=3441BD3B69ED73734DFB73505A95F24821A61E81
Certificate serial: 02
Authority key identifier: 34:41:BD:3B:69:ED:73:73:4D:FB:73:50:5A:95:F2:48:21:A6:1E:81
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/NEG9O2ntc3NN-3NQWpXySCGmHoE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91FEC1E/DE51EC40353A11F08C95C067C4F9AE02/3FC05002353B11F0A66F6368C4F9AE02.roa
Signing time: Tue 20 May 2025 05:28:24 +0000
ROA not before: Tue 20 May 2025 05:28:24 +0000
ROA not after: Mon 31 Aug 2026 00:00:00 +0000
asID: 136436
IP address blocks: 165.99.92.0/24 maxlen: 24
165.99.93.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 21 May 2025 11:37:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91FEC1E, serialNumber=3441BD3B69ED73734DFB73505A95F24821A61E81
Validity
Not Before: May 20 05:28:24 2025 GMT
Not After : Aug 31 00:00:00 2026 GMT
Subject: CN=682c12f7-6d4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:02:5c:38:4b:cb:81:d5:43:6b:7a:4d:db:d1:
79:7d:73:b9:60:12:d4:cb:a2:32:f5:fd:7b:b1:2b:
f1:4d:b8:2d:ea:71:86:82:82:ec:36:82:d8:a9:79:
8c:87:6a:bb:02:59:24:25:05:cc:3e:0e:31:32:91:
83:62:67:16:7d:95:81:af:a5:91:30:44:d5:a9:cd:
66:64:5b:39:8c:71:a5:2b:34:03:a8:e3:a8:f0:69:
89:c1:3d:15:2d:90:5e:28:b0:6a:b5:54:06:72:b7:
51:9c:55:61:b0:0c:47:4e:c9:fc:b5:06:f9:98:53:
0c:35:c4:dc:2e:98:56:25:9c:c7:c8:12:fb:14:fd:
91:8e:43:b3:f5:5a:08:54:3d:e2:b1:d1:44:de:f9:
92:d4:3d:6b:8f:61:82:3c:21:37:7c:10:d1:5b:44:
81:00:fd:80:22:ca:4c:c3:22:4a:ff:21:1b:93:7f:
04:67:22:f8:3f:96:63:f3:c4:41:7c:8b:04:50:a0:
83:0f:02:5f:ef:69:e0:24:59:0d:7c:ec:e3:50:80:
96:ef:06:59:68:ad:78:c2:01:b4:62:3c:b3:21:67:
b9:6a:06:d0:85:87:4a:b1:42:1e:20:2d:f2:81:10:
b6:aa:ca:0f:03:32:da:9a:f9:c4:a3:6c:99:f4:fe:
cf:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:01:0C:48:91:98:2F:34:4D:C0:FC:4F:11:D5:39:FA:10:38:62:D1
X509v3 Authority Key Identifier:
keyid:34:41:BD:3B:69:ED:73:73:4D:FB:73:50:5A:95:F2:48:21:A6:1E:81
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91FEC1E/DE51EC40353A11F08C95C067C4F9AE02/NEG9O2ntc3NN-3NQWpXySCGmHoE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/NEG9O2ntc3NN-3NQWpXySCGmHoE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FEC1E/DE51EC40353A11F08C95C067C4F9AE02/3FC05002353B11F0A66F6368C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
165.99.92.0/23
Signature Algorithm: sha256WithRSAEncryption
8c:73:21:f1:71:fa:23:43:3d:41:72:51:e1:5c:c5:01:ec:ea:
26:ef:dd:63:63:54:40:0b:0d:01:9b:07:e7:5b:e3:9f:10:b1:
a7:2d:d6:81:e0:ad:23:33:c5:2a:44:9e:f4:f3:39:5d:0f:7a:
90:82:e3:0f:f6:2e:0c:39:76:b6:8b:eb:42:48:62:ba:2c:d4:
9b:c0:29:2c:77:7b:a2:21:54:2c:6b:06:c4:48:00:1c:b2:04:
16:6b:1b:c9:61:5b:7f:25:c2:e1:d2:7e:ca:bd:13:16:9c:39:
6f:c2:ab:6d:8c:1f:fd:c0:6d:33:c9:86:72:61:d1:fc:e5:28:
41:2a:2a:bb:6f:b9:92:d7:a0:c3:a4:49:dc:c9:7e:ca:1b:9f:
fa:62:68:9b:93:17:1a:33:4d:1c:b2:a9:68:c0:fe:de:bf:ec:
2f:75:7b:c9:1d:dc:a8:7b:cf:54:29:bb:d0:c4:62:5f:86:ae:
75:47:bc:82:a7:6e:0c:d8:0f:0e:5c:88:f9:4b:99:88:7e:11:
11:32:68:0b:a8:06:67:46:eb:f8:3a:ba:60:8a:71:35:97:85:
38:a1:ea:bc:90:5d:1f:b1:8f:e4:61:62:c8:ad:11:5c:4d:2d:
13:4a:6e:c2:56:1a:94:dc:41:b5:d9:27:dc:9e:5f:c9:78:a1:
4d:24:7a:9d
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG
RUMxRTExMC8GA1UEBRMoMzQ0MUJEM0I2OUVENzM3MzRERkI3MzUwNUE5NUYyNDgy
MUE2MUU4MTAeFw0yNTA1MjAwNTI4MjRaFw0yNjA4MzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY4MmMxMmY3LTZkNGEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCYAlw4S8uB1UNrek3b0Xl9c7lgEtTLojL1/XuxK/FNuC3qcYaCguw2gtipeYyH
arsCWSQlBcw+DjEykYNiZxZ9lYGvpZEwRNWpzWZkWzmMcaUrNAOo46jwaYnBPRUt
kF4osGq1VAZyt1GcVWGwDEdOyfy1BvmYUww1xNwumFYlnMfIEvsU/ZGOQ7P1WghU
PeKx0UTe+ZLUPWuPYYI8ITd8ENFbRIEA/YAiykzDIkr/IRuTfwRnIvg/lmPzxEF8
iwRQoIMPAl/vaeAkWQ187ONQgJbvBllorXjCAbRiPLMhZ7lqBtCFh0qxQh4gLfKB
ELaqyg8DMtqa+cSjbJn0/s/FAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQU0wEMSJGY
LzRNwPxPEdU5+hA4YtEwHwYDVR0jBBgwFoAUNEG9O2ntc3NN+3NQWpXySCGmHoEw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUZFQzFFL0RFNTFFQzQwMzUz
QTExRjA4Qzk1QzA2N0M0RjlBRTAyL05FRzlPMm50YzNOTi0zTlFXcFh5U0NHbUhv
RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvTkVHOU8ybnRjM05OLTNOUVdwWHlTQ0dtSG9FLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG
RUMxRS9ERTUxRUM0MDM1M0ExMUYwOEM5NUMwNjdDNEY5QUUwMi8zRkMwNTAwMjM1
M0IxMUYwQTY2RjYzNjhDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAaVjXDANBgkqhkiG9w0BAQsFAAOCAQEAjHMh8XH6I0M9QXJR
4VzFAezqJu/dY2NUQAsNAZsH51vjnxCxpy3WgeCtIzPFKkSe9PM5XQ96kILjD/Yu
DDl2tovrQkhiuizUm8ApLHd7oiFULGsGxEgAHLIEFmsbyWFbfyXC4dJ+yr0TFpw5
b8KrbYwf/cBtM8mGcmHR/OUoQSoqu2+5ktegw6RJ3Ml+yhuf+mJom5MXGjNNHLKp
aMD+3r/sL3V7yR3cqHvPVCm70MRiX4audUe8gqduDNgPDlyI+UuZiH4RETJoC6gG
Z0br+Dq6YIpxNZeFOKHqvJBdH7GP5GFiyK0RXE0tE0puwlYalNxBtdkn3J5fyXih
TSR6nQ==
-----END CERTIFICATE-----
Generated at Sat Jun 7 12:48:00 2025 by rpki-client