Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9134172/597612649E4D11EA9C23AF1FC4F9AE02/6D837614007411F08E85EE81C4F9AE02.roa
File: 6D837614007411F08E85EE81C4F9AE02.roa (raw, json)
Hash identifier: ogZDbb1ipGWVYOaKXTDIgjxrsLb+IEmbHwW9VsBQhe8=
Subject key identifier: 68:6C:C7:05:50:18:95:EA:76:56:E8:C8:99:1F:96:41:DF:ED:3A:20
Certificate issuer: /CN=A9134172/serialNumber=F45C0F4F467CE1576E5EE9E41E5576F0348C46A7
Certificate serial: 0A09
Authority key identifier: F4:5C:0F:4F:46:7C:E1:57:6E:5E:E9:E4:1E:55:76:F0:34:8C:46:A7
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9FwPT0Z84VduXunkHlV28DSMRqc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9134172/597612649E4D11EA9C23AF1FC4F9AE02/6D837614007411F08E85EE81C4F9AE02.roa
Signing time: Fri 14 Mar 2025 01:35:22 +0000
ROA not before: Fri 14 Mar 2025 01:35:22 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 9908
IP address blocks: 61.10.0.0/16 maxlen: 16
61.10.0.0/17 maxlen: 17
61.10.0.0/18 maxlen: 20
61.10.64.0/18 maxlen: 18
61.10.64.0/19 maxlen: 20
61.10.96.0/19 maxlen: 20
61.10.128.0/17 maxlen: 20
61.15.0.0/16 maxlen: 16
61.15.0.0/17 maxlen: 20
61.15.128.0/17 maxlen: 20
61.18.0.0/16 maxlen: 20
125.59.0.0/16 maxlen: 20
203.83.64.0/18 maxlen: 18
203.168.222.0/23 maxlen: 24
218.252.0.0/16 maxlen: 16
218.252.0.0/17 maxlen: 20
218.252.128.0/17 maxlen: 20
218.253.0.0/18 maxlen: 20
222.166.0.0/16 maxlen: 20
222.167.0.0/18 maxlen: 20
222.167.64.0/19 maxlen: 20
222.167.128.0/17 maxlen: 20
Validation: Failed, certificate revoked on Tue 29 Apr 2025 01:30:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2569 (0xa09)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9134172, serialNumber=F45C0F4F467CE1576E5EE9E41E5576F0348C46A7
Validity
Not Before: Mar 14 01:35:22 2025 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=67d387da-c271
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:68:50:4a:6d:2d:49:62:bd:9a:89:7d:b3:b2:
68:10:9b:a4:82:cf:50:e7:b7:fa:df:78:4a:d4:0e:
a7:9f:d5:73:b2:45:e9:d5:88:53:60:78:b4:71:fc:
ea:40:6e:05:99:7b:84:d8:f3:d9:d3:89:13:83:36:
d6:d5:65:0f:ce:77:4c:6d:c6:8e:a8:2a:4b:d5:9a:
63:ce:52:90:8c:03:db:a2:05:59:46:c4:1f:73:c5:
fa:99:30:42:e0:1c:f6:88:b5:7a:f7:fa:cf:6d:17:
f3:0d:6e:11:55:72:8a:cd:9b:44:a2:04:49:8e:a9:
8a:eb:cd:fc:f9:bc:0e:23:7d:c5:e0:8c:22:e4:6a:
04:46:71:81:45:0b:39:b7:87:26:1d:f4:ce:69:f3:
97:77:81:51:5f:77:36:71:40:d4:21:91:64:0c:71:
09:d0:5b:b9:7e:dd:50:fa:3e:48:15:b5:8f:1c:fe:
40:66:38:95:87:22:cf:24:73:31:7c:6b:41:65:20:
22:d6:31:3e:bf:57:1c:01:3d:5d:a6:34:23:f8:40:
6d:73:c2:1a:9c:f2:9e:c2:c3:b9:0d:65:4a:c0:04:
0f:18:3e:8c:6e:86:4d:1c:9d:f6:86:1b:ff:78:66:
18:9d:85:4f:33:4e:fd:fa:54:19:bd:c5:ff:16:85:
eb:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:6C:C7:05:50:18:95:EA:76:56:E8:C8:99:1F:96:41:DF:ED:3A:20
X509v3 Authority Key Identifier:
keyid:F4:5C:0F:4F:46:7C:E1:57:6E:5E:E9:E4:1E:55:76:F0:34:8C:46:A7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9134172/597612649E4D11EA9C23AF1FC4F9AE02/9FwPT0Z84VduXunkHlV28DSMRqc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9FwPT0Z84VduXunkHlV28DSMRqc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9134172/597612649E4D11EA9C23AF1FC4F9AE02/6D837614007411F08E85EE81C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
61.10.0.0/16
61.15.0.0/16
61.18.0.0/16
125.59.0.0/16
203.83.64.0/18
203.168.222.0/23
218.252.0.0-218.253.63.255
222.166.0.0-222.167.95.255
222.167.128.0/17
Signature Algorithm: sha256WithRSAEncryption
99:3e:64:37:47:49:ab:b6:04:0a:61:93:00:d9:8f:fc:8c:a0:
91:11:db:84:c5:1d:ad:2e:1d:7d:6b:c0:65:fe:0d:81:98:87:
89:7c:70:1e:3a:bf:eb:6b:e3:05:b1:d3:ee:9c:5a:e2:8f:2c:
9d:f3:8f:87:3b:05:81:0b:80:f7:b5:42:68:a0:c8:50:df:5e:
5f:39:32:0b:b3:d2:97:ab:89:20:ae:3d:85:80:c6:71:7a:f9:
fb:c8:44:4d:96:c3:58:0f:89:9d:98:b6:e5:83:6b:1f:c4:c8:
50:80:9d:85:77:83:fb:48:b6:4c:44:06:81:81:b7:eb:52:b1:
aa:f1:1e:ea:b4:96:80:a1:f6:be:c0:a8:60:fd:da:54:25:d0:
a2:55:04:7e:6b:9f:e7:1f:7c:93:64:6a:a7:8e:25:41:5f:54:
12:c1:a7:52:3c:21:53:42:e1:0c:5b:9d:55:65:cd:4f:fc:da:
8a:b4:d7:d3:59:49:f5:cc:77:83:37:93:52:74:6a:3e:95:20:
ac:75:64:69:2a:18:50:62:e6:c8:4d:30:05:55:27:19:57:00:
30:a2:1a:4a:2d:f5:9f:b6:47:f0:f1:ac:1e:8c:c6:98:55:62:
bb:1f:9e:43:8d:77:a7:18:b3:10:43:bc:88:d3:a9:33:90:2e:
68:dc:bd:42
-----BEGIN CERTIFICATE-----
MIIFqzCCBJOgAwIBAgICCgkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzQxNzIxMTAvBgNVBAUTKEY0NUMwRjRGNDY3Q0UxNTc2RTVFRTlFNDFFNTU3NkYw
MzQ4QzQ2QTcwHhcNMjUwMzE0MDEzNTIyWhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02N2QzODdkYS1jMjcxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAu2hQSm0tSWK9mol9s7JoEJukgs9Q57f633hK1A6nn9VzskXp1YhTYHi0cfzq
QG4FmXuE2PPZ04kTgzbW1WUPzndMbcaOqCpL1ZpjzlKQjAPbogVZRsQfc8X6mTBC
4Bz2iLV69/rPbRfzDW4RVXKKzZtEogRJjqmK6838+bwOI33F4Iwi5GoERnGBRQs5
t4cmHfTOafOXd4FRX3c2cUDUIZFkDHEJ0Fu5ft1Q+j5IFbWPHP5AZjiVhyLPJHMx
fGtBZSAi1jE+v1ccAT1dpjQj+EBtc8IanPKewsO5DWVKwAQPGD6MboZNHJ32hhv/
eGYYnYVPM079+lQZvcX/FoXrpwIDAQABo4ICzzCCAsswHQYDVR0OBBYEFGhsxwVQ
GJXqdlboyJkflkHf7TogMB8GA1UdIwQYMBaAFPRcD09GfOFXbl7p5B5VdvA0jEan
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzNDE3Mi81OTc2MTI2NDlF
NEQxMUVBOUMyM0FGMUZDNEY5QUUwMi85RndQVDBaODRWZHVYdW5rSGxWMjhEU01S
cWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzlGd1BUMFo4NFZkdVh1bmtIbFYyOERTTVJxYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzQxNzIvNTk3NjEyNjQ5RTREMTFFQTlDMjNBRjFGQzRGOUFFMDIvNkQ4Mzc2MTQw
MDc0MTFGMDhFODVFRTgxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwWQYIKwYBBQUHAQcBAf8E
SjBIMEYEAgABMEADAwA9CgMDAD0PAwMAPRIDAwB9OwMEBstTQAMEAcuo3jALAwMC
2vwDBAba/QAwCwMDAd6mAwQF3qdAAwQH3qeAMA0GCSqGSIb3DQEBCwUAA4IBAQCZ
PmQ3R0mrtgQKYZMA2Y/8jKCREduExR2tLh19a8Bl/g2BmIeJfHAeOr/ra+MFsdPu
nFrijyyd84+HOwWBC4D3tUJooMhQ315fOTILs9KXq4kgrj2FgMZxevn7yERNlsNY
D4mdmLblg2sfxMhQgJ2Fd4P7SLZMRAaBgbfrUrGq8R7qtJaAofa+wKhg/dpUJdCi
VQR+a5/nH3yTZGqnjiVBX1QSwadSPCFTQuEMW51VZc1P/NqKtNfTWUn1zHeDN5NS
dGo+lSCsdWRpKhhQYubITTAFVScZVwAwohpKLfWftkfw8awejMaYVWK7H55DjXen
GLMQQ7yI06kzkC5o3L1C
-----END CERTIFICATE-----
Generated at Fri May 16 09:37:38 2025 by rpki-client