Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914BAA2/4DECD080FE6611EF892E5214C4F9AE02/659FB0B6069111F0A1A8A150C4F9AE02.roa
File: 659FB0B6069111F0A1A8A150C4F9AE02.roa (raw, json)
Hash identifier: AQswmge9QzgYJL09C3gR93X/ZQuNTF73AHYn1HI5ygA=
Subject key identifier: DC:F3:95:33:B6:F5:83:2D:B3:53:1B:46:39:7C:66:9F:B3:B6:3A:5D
Certificate issuer: /CN=A914BAA2/serialNumber=EAA483BBBD5CA0E12B3EC0F6E70C5BAAAE34552B
Certificate serial: 10
Authority key identifier: EA:A4:83:BB:BD:5C:A0:E1:2B:3E:C0:F6:E7:0C:5B:AA:AE:34:55:2B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6qSDu71coOErPsD25wxbqq40VSs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914BAA2/4DECD080FE6611EF892E5214C4F9AE02/659FB0B6069111F0A1A8A150C4F9AE02.roa
Signing time: Fri 21 Mar 2025 20:16:39 +0000
ROA not before: Fri 21 Mar 2025 20:16:39 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 153533
IP address blocks: 163.61.0.0/23 maxlen: 23
Validation: Failed, certificate revoked on Fri 21 Mar 2025 20:43:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16 (0x10)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914BAA2, serialNumber=EAA483BBBD5CA0E12B3EC0F6E70C5BAAAE34552B
Validity
Not Before: Mar 21 20:16:39 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=67ddc927-c6c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:c0:d3:69:97:68:ed:6a:e9:ea:a0:17:d4:4c:
26:90:8c:dd:11:ad:74:e8:36:86:93:12:38:51:3d:
e5:d1:35:7f:4d:78:a6:4f:2a:e3:83:21:12:f7:7d:
99:29:b6:2a:4c:c8:ee:53:b4:72:db:69:fa:58:7a:
44:ec:95:ca:94:91:4a:f5:a2:56:8a:12:4e:30:31:
13:bb:0d:e3:d3:b9:e2:4f:7a:32:6b:c7:3b:25:5c:
13:46:c4:6f:d4:02:78:f2:4a:57:a1:f4:89:d4:85:
8b:fa:c2:ab:f5:af:3c:97:07:67:5e:d0:84:e9:62:
5f:ab:97:95:7b:18:4c:97:c3:c3:d1:fb:13:c5:90:
db:0b:83:9f:2e:fc:b5:d9:e1:6b:f7:a5:15:8a:9a:
d6:21:9b:20:9d:ac:31:3a:b7:9a:7d:91:27:69:cc:
cc:28:94:69:1a:3d:1d:fe:79:82:78:79:a7:c6:c2:
15:e7:95:f5:77:09:a8:fe:d1:b7:2a:05:01:4e:88:
48:02:5d:6f:3a:9a:29:08:f9:d2:80:66:33:c4:e7:
20:84:23:7f:be:77:1b:b5:a2:58:9a:89:ea:f3:ee:
b1:92:6e:e8:e5:8e:45:a0:52:7f:90:9a:a5:00:83:
ac:f2:51:81:29:53:ff:f0:f6:ab:69:7e:dd:ea:88:
9a:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:F3:95:33:B6:F5:83:2D:B3:53:1B:46:39:7C:66:9F:B3:B6:3A:5D
X509v3 Authority Key Identifier:
keyid:EA:A4:83:BB:BD:5C:A0:E1:2B:3E:C0:F6:E7:0C:5B:AA:AE:34:55:2B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914BAA2/4DECD080FE6611EF892E5214C4F9AE02/6qSDu71coOErPsD25wxbqq40VSs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6qSDu71coOErPsD25wxbqq40VSs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914BAA2/4DECD080FE6611EF892E5214C4F9AE02/659FB0B6069111F0A1A8A150C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
163.61.0.0/23
Signature Algorithm: sha256WithRSAEncryption
23:f6:37:0c:48:31:db:1b:fe:c4:7d:39:51:dc:c3:88:c0:2e:
96:88:21:df:5d:50:82:af:22:17:b7:d2:0d:b4:5a:3b:dc:1e:
bc:c3:d4:f4:dc:2b:a2:5a:97:47:e8:4b:df:c9:c4:d8:db:70:
e5:a4:d7:20:12:b1:be:cb:ed:0f:72:d5:13:5b:63:6b:31:11:
68:b3:60:c2:ba:fc:1d:12:c8:24:b2:de:3f:7a:b2:a9:bf:52:
2c:a8:ad:cf:f9:dd:25:0b:06:65:33:2d:77:e9:ff:e0:98:ae:
86:4c:0f:97:aa:e4:b8:c6:17:e6:60:25:dd:eb:db:2b:ce:19:
25:55:c9:36:df:e7:08:51:d7:22:a6:5a:c6:31:1a:45:8f:b8:
7e:c6:42:84:1d:1e:45:29:45:70:ff:9e:63:16:ca:c0:0b:d0:
ca:63:de:a7:cb:b6:30:dc:06:f2:7e:80:9c:7c:e9:13:d9:1e:
19:0f:d1:8e:fa:9d:01:e7:15:fd:e8:a9:de:b5:ec:d4:97:47:
de:33:57:e4:03:70:9e:f9:4e:ac:a3:99:86:7c:f8:37:9e:cb:
aa:03:cb:d4:00:3b:61:07:9c:46:c4:bc:7f:dd:9d:27:48:d5:
2f:f6:98:cb:e4:ea:57:b4:d4:31:6a:02:82:e6:a8:a0:e9:20:
13:6c:70:6f
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBEDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0
QkFBMjExMC8GA1UEBRMoRUFBNDgzQkJCRDVDQTBFMTJCM0VDMEY2RTcwQzVCQUFB
RTM0NTUyQjAeFw0yNTAzMjEyMDE2MzlaFw0yNjA1MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3ZGRjOTI3LWM2YzIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDSwNNpl2jtaunqoBfUTCaQjN0RrXToNoaTEjhRPeXRNX9NeKZPKuODIRL3fZkp
tipMyO5TtHLbafpYekTslcqUkUr1olaKEk4wMRO7DePTueJPejJrxzslXBNGxG/U
AnjySleh9InUhYv6wqv1rzyXB2de0ITpYl+rl5V7GEyXw8PR+xPFkNsLg58u/LXZ
4Wv3pRWKmtYhmyCdrDE6t5p9kSdpzMwolGkaPR3+eYJ4eafGwhXnlfV3Caj+0bcq
BQFOiEgCXW86mikI+dKAZjPE5yCEI3++dxu1oliaierz7rGSbujljkWgUn+QmqUA
g6zyUYEpU//w9qtpft3qiJqXAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQU3POVM7b1
gy2zUxtGOXxmn7O2Ol0wHwYDVR0jBBgwFoAU6qSDu71coOErPsD25wxbqq40VSsw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTRCQUEyLzRERUNEMDgwRkU2
NjExRUY4OTJFNTIxNEM0RjlBRTAyLzZxU0R1NzFjb09FclBzRDI1d3hicXE0MFZT
cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvNnFTRHU3MWNvT0VyUHNEMjV3eGJxcTQwVlNzLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0
QkFBMi80REVDRDA4MEZFNjYxMUVGODkyRTUyMTRDNEY5QUUwMi82NTlGQjBCNjA2
OTExMUYwQTFBOEExNTBDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAaM9ADANBgkqhkiG9w0BAQsFAAOCAQEAI/Y3DEgx2xv+xH05
UdzDiMAulogh311Qgq8iF7fSDbRaO9wevMPU9NwrolqXR+hL38nE2Ntw5aTXIBKx
vsvtD3LVE1tjazERaLNgwrr8HRLIJLLeP3qyqb9SLKitz/ndJQsGZTMtd+n/4Jiu
hkwPl6rkuMYX5mAl3evbK84ZJVXJNt/nCFHXIqZaxjEaRY+4fsZChB0eRSlFcP+e
YxbKwAvQymPep8u2MNwG8n6AnHzpE9keGQ/RjvqdAecV/eip3rXs1JdH3jNX5ANw
nvlOrKOZhnz4N57LqgPL1AA7YQecRsS8f92dJ0jVL/aYy+TqV7TUMWoCguaooOkg
E2xwbw==
-----END CERTIFICATE-----
Generated at Mon May 12 23:17:37 2025 by rpki-client