Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91423C1/D0320EF8BF4F11EFBCF68944C4F9AE02/BBE40B40E29011EFAB6BDF63C4F9AE02.roa
File: BBE40B40E29011EFAB6BDF63C4F9AE02.roa (raw, json)
Hash identifier: Ko2nGvKftcNq9E2M8xXXKp+tgwz/dmTBOzzQq3DKQCI=
Subject key identifier: 6A:94:FB:CC:3D:6F:BC:67:10:D0:89:C7:A1:0A:52:DA:E6:4D:3B:B3
Certificate issuer: /CN=A91423C1/serialNumber=4DC7E28B546F2A0B538E8CDF832D9AA1F37CC8E4
Certificate serial: 26
Authority key identifier: 4D:C7:E2:8B:54:6F:2A:0B:53:8E:8C:DF:83:2D:9A:A1:F3:7C:C8:E4
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Tcfii1RvKgtTjozfgy2aofN8yOQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91423C1/D0320EF8BF4F11EFBCF68944C4F9AE02/BBE40B40E29011EFAB6BDF63C4F9AE02.roa
Signing time: Tue 04 Feb 2025 01:15:39 +0000
ROA not before: Tue 04 Feb 2025 01:15:39 +0000
ROA not after: Mon 02 Jun 2025 00:00:00 +0000
asID: 138004
IP address blocks: 161.248.10.0/24 maxlen: 24
161.248.10.0/26 maxlen: 26
Validation: Failed, certificate revoked on Tue 04 Feb 2025 01:20:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 38 (0x26)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91423C1, serialNumber=4DC7E28B546F2A0B538E8CDF832D9AA1F37CC8E4
Validity
Not Before: Feb 4 01:15:39 2025 GMT
Not After : Jun 2 00:00:00 2025 GMT
Subject: CN=67a16a3a-6b5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:36:b4:a3:21:19:5c:48:19:35:dc:e2:09:bf:
6f:71:93:dc:cc:39:f2:f7:18:9d:91:d2:de:ce:40:
55:94:3c:aa:7f:85:a2:67:3f:05:51:1a:5a:d7:25:
be:3c:ad:63:b6:53:9b:58:d6:ca:28:62:c1:ba:aa:
79:1e:a4:5e:0f:33:54:f6:23:a1:ef:43:6e:6f:79:
c5:8a:4a:4c:cf:66:ad:79:5f:ff:60:ae:95:23:2e:
57:8b:f1:57:ed:08:30:4f:c8:f4:81:79:d9:01:58:
6f:d8:89:9f:f5:45:52:93:e3:33:0e:48:d7:d7:5c:
6f:ba:03:08:3e:35:d0:02:ff:71:ec:73:a2:20:04:
1d:30:48:f0:d3:9e:ba:02:67:3f:88:eb:95:30:ae:
89:90:a2:ea:cf:75:bd:67:d0:f7:01:25:55:56:d0:
88:c5:c1:23:8b:d0:5d:2a:bf:ad:5e:1a:e1:bc:60:
e9:e0:b3:1a:83:c6:0d:44:bf:45:68:90:9d:43:94:
3a:89:d8:41:d7:7b:ff:39:ed:de:43:56:d7:fa:5c:
9e:e1:f2:eb:12:f6:f0:88:a9:e9:0b:4b:ae:70:06:
d6:0b:ae:7f:a6:e8:8e:a5:94:a2:4c:0c:55:fa:16:
6f:71:fb:67:2e:b3:05:95:3b:18:3c:06:27:52:ff:
bf:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:94:FB:CC:3D:6F:BC:67:10:D0:89:C7:A1:0A:52:DA:E6:4D:3B:B3
X509v3 Authority Key Identifier:
keyid:4D:C7:E2:8B:54:6F:2A:0B:53:8E:8C:DF:83:2D:9A:A1:F3:7C:C8:E4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91423C1/D0320EF8BF4F11EFBCF68944C4F9AE02/Tcfii1RvKgtTjozfgy2aofN8yOQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Tcfii1RvKgtTjozfgy2aofN8yOQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91423C1/D0320EF8BF4F11EFBCF68944C4F9AE02/BBE40B40E29011EFAB6BDF63C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
161.248.10.0/24
Signature Algorithm: sha256WithRSAEncryption
24:ab:10:dc:6e:c2:80:ff:df:8b:0a:dd:77:e8:c1:69:02:8e:
f1:67:70:e8:57:fc:56:5c:fa:cd:e1:cf:ce:ea:38:cd:4b:fa:
1e:4b:95:6e:bc:e9:73:b6:83:8b:39:75:4f:c8:11:eb:bc:dc:
76:ff:c0:92:52:8d:fb:63:53:da:10:73:ca:2e:44:3a:c0:0d:
c2:d2:b4:5c:41:c0:63:ce:0e:fb:36:89:96:88:bb:b0:79:ed:
d5:2b:d9:8a:4e:84:d8:a5:d1:14:39:54:94:2a:e9:ee:f7:18:
c5:e3:a6:46:4b:61:83:a7:77:f1:e6:44:a4:25:e2:52:8e:40:
db:4a:1d:d0:88:39:b4:48:69:18:61:b1:3d:a1:83:39:09:de:
c2:ab:b0:86:a2:96:48:11:d9:ea:9e:59:26:7b:8b:b8:ae:ed:
ca:b6:ad:5e:72:6b:c0:53:2c:4b:81:29:2d:00:8a:04:d4:63:
44:94:c8:c9:c4:cd:3c:e2:98:58:ab:69:8f:4e:0a:eb:d0:34:
24:e7:f6:bf:6f:5d:10:05:ad:1d:2d:93:e2:f4:01:e3:3a:68:
3f:3f:22:c0:50:74:7f:97:bc:ea:7e:ef:69:6a:3c:15:a2:c6:
4c:24:72:a5:fc:29:f5:c8:07:96:77:c3:db:09:8b:0e:83:ab:
57:a6:71:85
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBJjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0
MjNDMTExMC8GA1UEBRMoNERDN0UyOEI1NDZGMkEwQjUzOEU4Q0RGODMyRDlBQTFG
MzdDQzhFNDAeFw0yNTAyMDQwMTE1MzlaFw0yNTA2MDIwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3YTE2YTNhLTZiNWEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCvNrSjIRlcSBk13OIJv29xk9zMOfL3GJ2R0t7OQFWUPKp/haJnPwVRGlrXJb48
rWO2U5tY1sooYsG6qnkepF4PM1T2I6HvQ25vecWKSkzPZq15X/9grpUjLleL8Vft
CDBPyPSBedkBWG/YiZ/1RVKT4zMOSNfXXG+6Awg+NdAC/3Hsc6IgBB0wSPDTnroC
Zz+I65UwromQourPdb1n0PcBJVVW0IjFwSOL0F0qv61eGuG8YOngsxqDxg1Ev0Vo
kJ1DlDqJ2EHXe/857d5DVtf6XJ7h8usS9vCIqekLS65wBtYLrn+m6I6llKJMDFX6
Fm9x+2cuswWVOxg8BidS/79LAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUapT7zD1v
vGcQ0InHoQpS2uZNO7MwHwYDVR0jBBgwFoAUTcfii1RvKgtTjozfgy2aofN8yOQw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQyM0MxL0QwMzIwRUY4QkY0
RjExRUZCQ0Y2ODk0NEM0RjlBRTAyL1RjZmlpMVJ2S2d0VGpvemZneTJhb2ZOOHlP
US5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvVGNmaWkxUnZLZ3RUam96Zmd5MmFvZk44eU9RLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0
MjNDMS9EMDMyMEVGOEJGNEYxMUVGQkNGNjg5NDRDNEY5QUUwMi9CQkU0MEI0MEUy
OTAxMUVGQUI2QkRGNjNDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAKH4CjANBgkqhkiG9w0BAQsFAAOCAQEAJKsQ3G7CgP/fiwrd
d+jBaQKO8Wdw6Ff8Vlz6zeHPzuo4zUv6HkuVbrzpc7aDizl1T8gR67zcdv/AklKN
+2NT2hBzyi5EOsANwtK0XEHAY84O+zaJloi7sHnt1SvZik6E2KXRFDlUlCrp7vcY
xeOmRkthg6d38eZEpCXiUo5A20od0Ig5tEhpGGGxPaGDOQnewquwhqKWSBHZ6p5Z
JnuLuK7tyratXnJrwFMsS4EpLQCKBNRjRJTIycTNPOKYWKtpj04K69A0JOf2v29d
EAWtHS2T4vQB4zpoPz8iwFB0f5e86n7vaWo8FaLGTCRypfwp9cgHlnfD2wmLDoOr
V6ZxhQ==
-----END CERTIFICATE-----
Generated at Wed May 14 16:15:56 2025 by rpki-client