Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B89AA/85D0F346BC6211EF9A783751C4F9AE02/9B20929E267811F08BDB437DC4F9AE02.roa
File: 9B20929E267811F08BDB437DC4F9AE02.roa (raw, json)
Hash identifier: 0J0Y1QeUh2r76aRopfuvdPXq6r9aFzddbKezp1exgTQ=
Subject key identifier: 04:09:E9:0B:55:27:7B:FF:6B:7F:DB:C6:7B:C2:5A:F1:87:CB:D7:44
Certificate issuer: /CN=A91B89AA/serialNumber=277F12244A50BC654EE563FE739FE4EB719966B6
Certificate serial: 58
Authority key identifier: 27:7F:12:24:4A:50:BC:65:4E:E5:63:FE:73:9F:E4:EB:71:99:66:B6
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/J38SJEpQvGVO5WP-c5_k63GZZrY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B89AA/85D0F346BC6211EF9A783751C4F9AE02/9B20929E267811F08BDB437DC4F9AE02.roa
Signing time: Thu 01 May 2025 10:39:49 +0000
ROA not before: Thu 01 May 2025 10:39:49 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 152181
IP address blocks: 36.50.144.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 01 May 2025 11:14:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 88 (0x58)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B89AA, serialNumber=277F12244A50BC654EE563FE739FE4EB719966B6
Validity
Not Before: May 1 10:39:49 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=68134f75-2a1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:1c:dc:8d:85:d2:f0:6d:a0:c7:dc:af:ee:30:
12:9b:4f:83:87:6c:79:8d:26:38:71:15:f5:21:a2:
53:c8:7d:94:2e:5f:ae:b5:4d:6a:89:31:98:cb:45:
39:4a:af:df:60:32:ba:40:2b:7e:6d:c3:a7:0b:9b:
01:66:aa:1f:3f:ed:29:63:c2:1b:04:16:4d:76:d7:
ce:ec:a1:51:ff:eb:84:20:49:cf:13:a9:ff:42:11:
99:16:48:43:db:64:31:bb:b2:53:44:2c:5f:0c:74:
6f:d1:7f:5f:eb:be:da:c0:37:8b:27:90:65:41:d1:
e2:f5:32:63:46:b3:39:19:5f:5d:3c:39:ce:b4:d1:
b5:c1:61:10:0a:0c:63:38:7d:5a:42:f1:a8:dd:f2:
88:3f:59:ec:70:e1:fc:73:b3:29:1f:60:03:f4:6c:
46:73:cd:44:9b:65:b3:99:75:2b:1e:ae:20:9a:d5:
52:cb:84:ce:9e:50:3a:8c:22:ca:a7:20:a2:c4:7f:
15:47:e1:e4:c9:03:07:29:32:30:a1:84:f3:93:79:
4d:ce:58:76:4e:49:eb:e2:34:8a:13:da:2d:86:47:
0e:c0:7e:59:85:11:15:d0:fc:9f:19:8b:4e:5b:62:
91:b2:81:74:f2:a4:e4:a2:2f:4f:9c:df:f3:e2:8d:
e1:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:09:E9:0B:55:27:7B:FF:6B:7F:DB:C6:7B:C2:5A:F1:87:CB:D7:44
X509v3 Authority Key Identifier:
keyid:27:7F:12:24:4A:50:BC:65:4E:E5:63:FE:73:9F:E4:EB:71:99:66:B6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B89AA/85D0F346BC6211EF9A783751C4F9AE02/J38SJEpQvGVO5WP-c5_k63GZZrY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/J38SJEpQvGVO5WP-c5_k63GZZrY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B89AA/85D0F346BC6211EF9A783751C4F9AE02/9B20929E267811F08BDB437DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
36.50.144.0/23
Signature Algorithm: sha256WithRSAEncryption
3e:b8:a5:b7:ce:f8:f0:e9:75:dc:f4:bd:f6:1d:e1:f0:1d:d9:
a9:76:f1:04:b4:85:ba:25:2b:9c:cc:9d:25:12:ac:1c:e0:50:
13:71:5b:23:42:7f:92:84:c9:d0:9a:fa:29:51:83:30:3d:44:
39:6d:03:ca:55:0f:30:76:55:e0:73:05:57:4c:09:43:04:55:
35:46:f3:d1:cd:4e:eb:f6:98:4e:75:eb:1c:d1:a3:b1:de:89:
16:5b:94:0b:ec:5b:87:7a:ed:cd:fc:f7:11:d6:dd:56:0f:0f:
c4:91:c4:af:1e:13:96:ac:25:e6:4b:a9:71:aa:da:c2:c8:23:
2b:a4:f5:ea:d4:1d:5c:6c:6f:3d:44:d7:cd:6c:bc:15:93:05:
44:81:9c:08:ab:01:de:7c:b9:a0:d5:22:96:84:30:8e:02:0d:
72:14:92:b1:f5:bd:c5:ee:78:d3:8a:ef:20:c0:a4:5a:52:1a:
2e:95:9f:b3:b5:51:4b:63:d3:df:b4:97:e4:4e:33:ac:6d:62:
01:14:09:05:bb:ac:ab:a3:e7:9f:0a:5c:c4:59:8e:31:11:9b:
d1:0a:16:4c:9c:2b:0c:6d:81:10:6b:a0:02:70:02:7d:20:77:
d3:10:8b:ef:1a:32:df:ec:a8:e1:05:b2:86:52:2f:86:bb:19:
32:d5:1e:5c
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBWDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC
ODlBQTExMC8GA1UEBRMoMjc3RjEyMjQ0QTUwQkM2NTRFRTU2M0ZFNzM5RkU0RUI3
MTk5NjZCNjAeFw0yNTA1MDExMDM5NDlaFw0yNjAzMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY4MTM0Zjc1LTJhMWEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDRHNyNhdLwbaDH3K/uMBKbT4OHbHmNJjhxFfUholPIfZQuX661TWqJMZjLRTlK
r99gMrpAK35tw6cLmwFmqh8/7SljwhsEFk12187soVH/64QgSc8Tqf9CEZkWSEPb
ZDG7slNELF8MdG/Rf1/rvtrAN4snkGVB0eL1MmNGszkZX108Oc600bXBYRAKDGM4
fVpC8ajd8og/Wexw4fxzsykfYAP0bEZzzUSbZbOZdSseriCa1VLLhM6eUDqMIsqn
IKLEfxVH4eTJAwcpMjChhPOTeU3OWHZOSeviNIoT2i2GRw7AflmFERXQ/J8Zi05b
YpGygXTypOSiL0+c3/PijeFvAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUBAnpC1Un
e/9rf9vGe8Ja8YfL10QwHwYDVR0jBBgwFoAUJ38SJEpQvGVO5WP+c5/k63GZZrYw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUI4OUFBLzg1RDBGMzQ2QkM2
MjExRUY5QTc4Mzc1MUM0RjlBRTAyL0ozOFNKRXBRdkdWTzVXUC1jNV9rNjNHWlpy
WS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvSjM4U0pFcFF2R1ZPNVdQLWM1X2s2M0daWnJZLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC
ODlBQS84NUQwRjM0NkJDNjIxMUVGOUE3ODM3NTFDNEY5QUUwMi85QjIwOTI5RTI2
NzgxMUYwOEJEQjQzN0RDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEASQykDANBgkqhkiG9w0BAQsFAAOCAQEAPrilt8748Ol13PS9
9h3h8B3ZqXbxBLSFuiUrnMydJRKsHOBQE3FbI0J/koTJ0Jr6KVGDMD1EOW0DylUP
MHZV4HMFV0wJQwRVNUbz0c1O6/aYTnXrHNGjsd6JFluUC+xbh3rtzfz3EdbdVg8P
xJHErx4Tlqwl5kupcarawsgjK6T16tQdXGxvPUTXzWy8FZMFRIGcCKsB3ny5oNUi
loQwjgINchSSsfW9xe5404rvIMCkWlIaLpWfs7VRS2PT37SX5E4zrG1iARQJBbus
q6PnnwpcxFmOMRGb0QoWTJwrDG2BEGugAnACfSB30xCL7xoy3+yo4QWyhlIvhrsZ
MtUeXA==
-----END CERTIFICATE-----
Generated at Thu May 15 09:40:55 2025 by rpki-client