Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911E509/79EA591EA7BD11EAAAA62948C4F9AE02/1D9E809C087811F08D5C704AC4F9AE02.roa
File: 1D9E809C087811F08D5C704AC4F9AE02.roa (raw, json)
Hash identifier: Ld+pk5wLRs/ZZgpNpY3+WdvDTGOiyIrPD7PS/25QyKc=
Subject key identifier: F1:A8:8A:E9:07:DB:9C:E8:14:87:48:66:40:86:78:68:40:B2:AB:E1
Certificate issuer: /CN=A911E509/serialNumber=AA8E1BE3624240DC3302047FB41A7D4E47808EF8
Certificate serial: 0917
Authority key identifier: AA:8E:1B:E3:62:42:40:DC:33:02:04:7F:B4:1A:7D:4E:47:80:8E:F8
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qo4b42JCQNwzAgR_tBp9TkeAjvg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911E509/79EA591EA7BD11EAAAA62948C4F9AE02/1D9E809C087811F08D5C704AC4F9AE02.roa
Signing time: Mon 24 Mar 2025 06:20:43 +0000
ROA not before: Mon 24 Mar 2025 06:20:43 +0000
ROA not after: Wed 30 Jul 2025 00:00:00 +0000
asID: 17497
IP address blocks: 45.253.244.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 24 Mar 2025 06:37:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2327 (0x917)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911E509, serialNumber=AA8E1BE3624240DC3302047FB41A7D4E47808EF8
Validity
Not Before: Mar 24 06:20:43 2025 GMT
Not After : Jul 30 00:00:00 2025 GMT
Subject: CN=67e0f9bb-21fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:65:37:47:5c:4d:84:17:19:59:c7:38:2f:00:
16:2a:92:13:25:3e:31:ba:95:7c:d9:2d:4b:e6:1a:
e4:0f:ae:91:6d:03:95:2e:64:6b:e6:4f:44:46:0d:
78:d3:08:5d:d8:10:e5:1b:55:97:35:74:d7:fd:54:
7e:3c:a8:09:83:88:a8:da:23:37:9b:fe:bb:2e:22:
72:73:3f:44:90:83:3f:95:41:69:37:f8:2f:3b:02:
7f:db:a1:b0:a9:24:c4:90:98:4a:d9:1a:3b:d7:6c:
1e:e5:83:e9:b9:a4:bd:9c:17:f8:fa:1f:ac:58:8a:
42:a9:e7:83:00:ab:10:de:98:e1:a6:85:9d:bd:9f:
c9:b9:01:91:c9:63:33:19:ac:c8:25:84:7f:f4:a1:
9f:82:68:4e:45:01:d3:c6:89:6f:0f:87:5c:9a:12:
7e:1e:90:40:e1:d5:fb:7e:f3:9e:71:fd:ae:62:90:
07:85:35:a4:e7:6a:6f:13:88:fa:86:92:9c:cb:13:
9f:46:7d:28:38:98:07:2d:16:6e:52:84:a0:37:0b:
f2:fc:86:ac:5a:3e:30:41:62:c6:08:3f:60:73:f5:
aa:f5:4d:e1:7d:22:a1:5a:91:04:8d:82:b4:e2:f8:
73:18:a0:11:6b:c5:bd:22:b0:fd:6e:7f:82:df:bb:
b7:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:A8:8A:E9:07:DB:9C:E8:14:87:48:66:40:86:78:68:40:B2:AB:E1
X509v3 Authority Key Identifier:
keyid:AA:8E:1B:E3:62:42:40:DC:33:02:04:7F:B4:1A:7D:4E:47:80:8E:F8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911E509/79EA591EA7BD11EAAAA62948C4F9AE02/qo4b42JCQNwzAgR_tBp9TkeAjvg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qo4b42JCQNwzAgR_tBp9TkeAjvg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911E509/79EA591EA7BD11EAAAA62948C4F9AE02/1D9E809C087811F08D5C704AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.253.244.0/23
Signature Algorithm: sha256WithRSAEncryption
55:25:fd:da:f9:92:38:1d:33:bd:2e:2c:f1:fe:6d:1e:6e:23:
13:64:73:97:91:fe:d3:b2:c9:48:14:27:b5:2f:39:bf:da:ca:
d5:52:c0:37:64:60:cd:fc:27:d8:b1:72:fa:eb:ab:d8:39:7c:
23:fb:85:49:df:5a:1a:12:85:29:37:04:f9:8d:42:ba:86:f3:
d9:07:92:ac:e2:8c:96:72:e3:41:20:a0:e1:47:e6:12:ab:8c:
1c:15:26:fb:4d:93:5c:ca:1c:b9:41:58:8b:be:72:64:e7:27:
2e:7d:0b:88:35:10:25:22:87:c8:c3:4b:46:4f:26:fd:d4:79:
51:52:ae:81:af:01:0f:cd:c8:59:9b:8e:2a:41:84:34:8a:ff:
da:a3:af:c1:82:03:23:e0:0c:e8:eb:bf:fc:b3:85:99:a2:5e:
0b:4b:31:db:b4:92:0a:53:99:0f:00:be:96:00:ec:34:39:a8:
bb:2f:66:d3:a7:dc:99:41:d8:54:50:e6:dc:16:a2:a7:ee:5d:
e0:6e:cf:80:f8:41:62:5c:37:66:6b:12:22:62:d1:13:a2:79:
b2:98:62:25:58:8a:86:b7:b3:18:d0:4e:0d:d8:6f:a2:65:8a:
3d:02:5d:7f:d3:e9:ca:56:58:32:01:9b:70:95:d6:65:53:43:
84:86:11:70
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCRcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUU1MDkxMTAvBgNVBAUTKEFBOEUxQkUzNjI0MjQwREMzMzAyMDQ3RkI0MUE3RDRF
NDc4MDhFRjgwHhcNMjUwMzI0MDYyMDQzWhcNMjUwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2UwZjliYi0yMWZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqmU3R1xNhBcZWcc4LwAWKpITJT4xupV82S1L5hrkD66RbQOVLmRr5k9ERg14
0whd2BDlG1WXNXTX/VR+PKgJg4io2iM3m/67LiJycz9EkIM/lUFpN/gvOwJ/26Gw
qSTEkJhK2Ro712we5YPpuaS9nBf4+h+sWIpCqeeDAKsQ3pjhpoWdvZ/JuQGRyWMz
GazIJYR/9KGfgmhORQHTxolvD4dcmhJ+HpBA4dX7fvOecf2uYpAHhTWk52pvE4j6
hpKcyxOfRn0oOJgHLRZuUoSgNwvy/IasWj4wQWLGCD9gc/Wq9U3hfSKhWpEEjYK0
4vhzGKARa8W9IrD9bn+C37u3iwIDAQABo4IClTCCApEwHQYDVR0OBBYEFPGoiukH
25zoFIdIZkCGeGhAsqvhMB8GA1UdIwQYMBaAFKqOG+NiQkDcMwIEf7QafU5HgI74
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExRTUwOS83OUVBNTkxRUE3
QkQxMUVBQUFBNjI5NDhDNEY5QUUwMi9xbzRiNDJKQ1FOd3pBZ1JfdEJwOVRrZUFq
dmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3FvNGI0MkpDUU53ekFnUl90QnA5VGtlQWp2Zy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUU1MDkvNzlFQTU5MUVBN0JEMTFFQUFBQTYyOTQ4QzRGOUFFMDIvMUQ5RTgwOUMw
ODc4MTFGMDhENUM3MDRBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAEt/fQwDQYJKoZIhvcNAQELBQADggEBAFUl/dr5kjgdM70u
LPH+bR5uIxNkc5eR/tOyyUgUJ7UvOb/aytVSwDdkYM38J9ixcvrrq9g5fCP7hUnf
WhoShSk3BPmNQrqG89kHkqzijJZy40EgoOFH5hKrjBwVJvtNk1zKHLlBWIu+cmTn
Jy59C4g1ECUih8jDS0ZPJv3UeVFSroGvAQ/NyFmbjipBhDSK/9qjr8GCAyPgDOjr
v/yzhZmiXgtLMdu0kgpTmQ8AvpYA7DQ5qLsvZtOn3JlB2FRQ5twWoqfuXeBuz4D4
QWJcN2ZrEiJi0ROiebKYYiVYioa3sxjQTg3Yb6Jlij0CXX/T6cpWWDIBm3CV1mVT
Q4SGEXA=
-----END CERTIFICATE-----
Generated at Sun May 18 04:45:25 2025 by rpki-client