Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B87FC/3978E31686E111EF8F773F82C4F9AE02/4A36AC1A139511F0B1A47C35C4F9AE02.roa
File: 4A36AC1A139511F0B1A47C35C4F9AE02.roa (raw, json)
Hash identifier: XdLIJuJXhBzetTJmarH/Fzi27cB1TKxcbRFsyleBzSo=
Subject key identifier: C7:56:AB:15:F0:3A:C6:ED:FA:D7:D2:A5:A7:97:91:77:47:1C:34:59
Certificate issuer: /CN=A91B87FC/serialNumber=3A87871E3BAE65EDE2F31BB1AD5C59BB7A74ABDD
Certificate serial: 60
Authority key identifier: 3A:87:87:1E:3B:AE:65:ED:E2:F3:1B:B1:AD:5C:59:BB:7A:74:AB:DD
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/OoeHHjuuZe3i8xuxrVxZu3p0q90.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B87FC/3978E31686E111EF8F773F82C4F9AE02/4A36AC1A139511F0B1A47C35C4F9AE02.roa
Signing time: Mon 07 Apr 2025 09:47:16 +0000
ROA not before: Mon 07 Apr 2025 09:47:16 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 17539
IP address blocks: 160.30.109.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 07 May 2025 08:15:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 96 (0x60)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B87FC, serialNumber=3A87871E3BAE65EDE2F31BB1AD5C59BB7A74ABDD
Validity
Not Before: Apr 7 09:47:16 2025 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=67f39f24-a0bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:f5:9b:73:e5:47:5a:4a:fa:be:4d:8c:6d:e4:
86:33:94:00:09:c3:43:95:46:d1:c7:46:cc:54:90:
c1:7a:e0:c8:ed:4a:31:e0:c9:db:bb:5f:96:c9:a5:
64:38:a2:c9:a9:7a:a9:11:33:35:b8:25:93:02:e2:
ef:98:70:78:75:09:cb:12:ac:a2:9a:c2:af:ba:cb:
74:dc:4b:5a:58:4f:34:eb:54:2b:0d:89:19:64:1a:
6f:ac:e6:12:53:bf:01:cf:65:0d:f3:cc:68:d5:3c:
b8:78:f4:e5:da:d0:a7:66:cc:fb:79:23:55:34:e5:
bc:db:c3:c6:62:bf:09:88:f6:a6:2d:b1:4a:29:d8:
60:d3:08:b3:e9:85:98:5a:62:8d:27:4b:7e:db:6d:
ca:57:9d:c3:c4:f7:74:9c:b4:a4:ea:d1:ef:c8:1e:
3c:3e:62:8c:ea:db:2d:90:a5:78:7a:96:4c:82:d5:
a1:5a:d5:c6:7b:50:5b:36:38:cc:09:d1:57:dd:97:
ce:d3:4e:9f:a2:66:90:25:0c:ba:de:d1:be:68:b9:
4e:b3:e6:f5:16:87:45:84:52:53:3c:39:a6:38:bc:
0e:07:57:b2:0b:2a:11:a1:41:1d:c4:68:f9:f6:f5:
62:7a:85:30:87:69:c2:98:bd:1c:38:fe:0a:b0:b5:
08:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:56:AB:15:F0:3A:C6:ED:FA:D7:D2:A5:A7:97:91:77:47:1C:34:59
X509v3 Authority Key Identifier:
keyid:3A:87:87:1E:3B:AE:65:ED:E2:F3:1B:B1:AD:5C:59:BB:7A:74:AB:DD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B87FC/3978E31686E111EF8F773F82C4F9AE02/OoeHHjuuZe3i8xuxrVxZu3p0q90.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/OoeHHjuuZe3i8xuxrVxZu3p0q90.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B87FC/3978E31686E111EF8F773F82C4F9AE02/4A36AC1A139511F0B1A47C35C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
160.30.109.0/24
Signature Algorithm: sha256WithRSAEncryption
96:29:d7:51:9b:49:85:1a:fb:59:b9:29:99:2c:62:78:4f:e7:
00:5a:02:db:5b:5b:83:d1:62:94:6d:ee:a5:fb:2e:36:97:f6:
e5:4c:c0:8e:8f:8d:4b:6e:f3:f3:82:59:e7:1a:ad:d6:ca:81:
eb:bd:5c:b2:b0:26:75:3e:b0:09:56:c5:b1:68:f4:cf:0c:ab:
b8:d4:8d:0a:1e:26:ce:b7:7f:cb:a5:92:bf:05:0d:a0:1a:39:
5d:89:36:81:0e:c4:3a:19:d9:96:94:21:db:0a:80:c2:9d:2d:
8a:3a:47:92:0a:b9:c8:e6:e3:48:b9:d8:3f:bb:72:ae:9b:0c:
5a:06:6f:50:84:b5:01:83:84:24:f8:e5:5f:1e:c4:c7:ca:00:
6b:14:17:8a:7c:5e:06:ac:1a:e7:ad:42:61:76:4b:4f:86:2c:
cb:69:e9:62:8b:79:1e:92:55:6a:71:d1:13:d0:5a:fe:f1:e4:
ab:bd:50:40:29:84:12:1b:3f:0a:fc:f8:c3:df:86:43:39:99:
e4:8e:fa:a1:8d:66:db:be:ed:7c:37:9a:ec:e5:49:82:62:fb:
ff:ae:2d:b5:75:58:bc:95:d2:79:c1:8e:ee:5b:11:e2:99:7f:
bd:dc:c0:0d:83:15:4e:89:71:52:b0:48:65:39:d0:48:4e:ef:
75:fa:c0:ca
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBYDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC
ODdGQzExMC8GA1UEBRMoM0E4Nzg3MUUzQkFFNjVFREUyRjMxQkIxQUQ1QzU5QkI3
QTc0QUJERDAeFw0yNTA0MDcwOTQ3MTZaFw0yNTEwMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3ZjM5ZjI0LWEwYmIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCq9Ztz5UdaSvq+TYxt5IYzlAAJw0OVRtHHRsxUkMF64MjtSjHgydu7X5bJpWQ4
osmpeqkRMzW4JZMC4u+YcHh1CcsSrKKawq+6y3TcS1pYTzTrVCsNiRlkGm+s5hJT
vwHPZQ3zzGjVPLh49OXa0KdmzPt5I1U05bzbw8ZivwmI9qYtsUop2GDTCLPphZha
Yo0nS37bbcpXncPE93SctKTq0e/IHjw+Yozq2y2QpXh6lkyC1aFa1cZ7UFs2OMwJ
0Vfdl87TTp+iZpAlDLre0b5ouU6z5vUWh0WEUlM8OaY4vA4HV7ILKhGhQR3EaPn2
9WJ6hTCHacKYvRw4/gqwtQj7AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUx1arFfA6
xu3619Klp5eRd0ccNFkwHwYDVR0jBBgwFoAUOoeHHjuuZe3i8xuxrVxZu3p0q90w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUI4N0ZDLzM5NzhFMzE2ODZF
MTExRUY4Rjc3M0Y4MkM0RjlBRTAyL09vZUhIanV1WmUzaTh4dXhyVnhadTNwMHE5
MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvT29lSEhqdXVaZTNpOHh1eHJWeFp1M3AwcTkwLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC
ODdGQy8zOTc4RTMxNjg2RTExMUVGOEY3NzNGODJDNEY5QUUwMi80QTM2QUMxQTEz
OTUxMUYwQjFBNDdDMzVDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAKAebTANBgkqhkiG9w0BAQsFAAOCAQEAlinXUZtJhRr7Wbkp
mSxieE/nAFoC21tbg9FilG3upfsuNpf25UzAjo+NS27z84JZ5xqt1sqB671csrAm
dT6wCVbFsWj0zwyruNSNCh4mzrd/y6WSvwUNoBo5XYk2gQ7EOhnZlpQh2wqAwp0t
ijpHkgq5yObjSLnYP7tyrpsMWgZvUIS1AYOEJPjlXx7Ex8oAaxQXinxeBqwa561C
YXZLT4Ysy2npYot5HpJVanHRE9Ba/vHkq71QQCmEEhs/Cvz4w9+GQzmZ5I76oY1m
277tfDea7OVJgmL7/64ttXVYvJXSecGO7lsR4pl/vdzADYMVTolxUrBIZTnQSE7v
dfrAyg==
-----END CERTIFICATE-----
Generated at Mon May 12 18:52:55 2025 by rpki-client