Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91FB68C/17D103A8EAB211EF846F1337C4F9AE02/EBF7F498277A11F0B969A23DC4F9AE02.roa
File: EBF7F498277A11F0B969A23DC4F9AE02.roa (raw, json)
Hash identifier: 1HKCGskfFtaFZ6j9WtihOV5XCZ2r7Stlx6r8udkKpc8=
Subject key identifier: 66:57:9B:C1:F8:C6:DC:AF:F9:69:0D:09:5F:84:88:32:65:E5:95:00
Certificate issuer: /CN=A91FB68C/serialNumber=A2288F8964D6169A8795F2F4EF05E0D5E6E13B09
Certificate serial: 39
Authority key identifier: A2:28:8F:89:64:D6:16:9A:87:95:F2:F4:EF:05:E0:D5:E6:E1:3B:09
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oiiPiWTWFpqHlfL07wXg1ebhOwk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91FB68C/17D103A8EAB211EF846F1337C4F9AE02/EBF7F498277A11F0B969A23DC4F9AE02.roa
Signing time: Fri 02 May 2025 17:39:15 +0000
ROA not before: Fri 02 May 2025 17:39:15 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 150696
IP address blocks: 163.61.138.0/24 maxlen: 24
2001:df5:1740::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 02 May 2025 19:06:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 57 (0x39)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91FB68C, serialNumber=A2288F8964D6169A8795F2F4EF05E0D5E6E13B09
Validity
Not Before: May 2 17:39:15 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=68150343-4491
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:ce:df:d5:04:6b:e1:d3:07:41:c9:72:bb:68:
62:a1:e8:d2:59:c3:7a:5c:d0:56:87:6d:3f:66:f8:
72:0d:1e:12:eb:40:9f:a2:a7:45:19:3d:d6:2c:af:
2b:17:56:15:6a:fe:ca:f7:05:03:ce:8d:1d:de:e2:
ac:4b:6f:d8:71:d4:d0:1b:21:57:a9:02:cc:3d:2b:
e0:69:c3:83:89:4a:14:86:36:3d:c1:ba:d1:52:40:
2d:56:21:f2:06:06:df:6d:bc:93:d8:13:ac:e8:8b:
41:f9:56:a7:f6:53:72:87:a3:d2:bd:12:63:40:70:
69:b5:5d:89:71:86:cb:2e:f1:63:b3:a8:bc:2a:53:
43:ad:28:b6:ab:28:4b:b6:c9:65:e8:c5:85:ad:9c:
b3:0e:ea:9b:ca:e2:e3:d6:af:51:9d:39:3f:cd:51:
fb:3c:fd:03:56:bf:b0:f0:48:14:d6:b7:cc:27:e6:
7c:fe:1b:2c:21:f6:42:26:6e:31:7a:58:6c:a9:c2:
bd:7e:9d:75:ce:71:bb:67:b7:9a:46:c2:55:57:05:
e9:53:39:85:e7:81:79:5a:cf:53:69:87:14:14:db:
c5:b3:ab:3f:90:69:a8:f9:c6:ec:53:dc:c9:59:62:
ef:60:6c:77:78:b5:80:7b:ba:43:62:d9:1b:53:1a:
e3:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:57:9B:C1:F8:C6:DC:AF:F9:69:0D:09:5F:84:88:32:65:E5:95:00
X509v3 Authority Key Identifier:
keyid:A2:28:8F:89:64:D6:16:9A:87:95:F2:F4:EF:05:E0:D5:E6:E1:3B:09
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91FB68C/17D103A8EAB211EF846F1337C4F9AE02/oiiPiWTWFpqHlfL07wXg1ebhOwk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oiiPiWTWFpqHlfL07wXg1ebhOwk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FB68C/17D103A8EAB211EF846F1337C4F9AE02/EBF7F498277A11F0B969A23DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
163.61.138.0/24
IPv6:
2001:df5:1740::/48
Signature Algorithm: sha256WithRSAEncryption
7f:a3:18:29:bf:49:9e:c4:bd:25:52:f6:99:a3:95:a5:30:d6:
45:48:c4:35:a8:55:03:37:bd:27:fe:31:8e:0a:c5:2e:86:da:
92:83:4f:ad:90:65:64:bf:9d:81:bf:70:9e:35:33:26:dd:26:
35:72:55:83:0b:11:d0:7b:85:71:62:55:de:ad:2d:44:d4:ab:
7a:e4:9c:1c:af:5e:f3:fc:0a:b3:56:f4:d6:9d:b9:8a:30:e9:
0f:b8:5a:7a:91:79:7f:8e:d3:6c:8a:0c:65:dc:2f:a0:db:4f:
ec:e6:76:a9:fa:e8:69:fe:e2:3a:24:22:4e:49:9b:ff:a5:71:
f3:e8:c3:9d:68:9b:17:e0:9a:f4:2b:2a:26:2e:3d:fa:d1:70:
9a:0b:bd:fe:64:74:11:24:42:80:16:e0:b3:88:fe:ed:bf:ab:
34:da:97:55:e9:c2:29:c9:fc:73:38:09:d8:a1:a6:4d:21:4b:
13:a0:8d:c8:99:65:54:aa:b0:62:61:e4:85:a9:81:b0:96:cc:
a5:2a:cc:f1:13:d6:5b:dd:41:7a:8f:9f:7d:a5:fe:01:95:cf:
1a:ac:9b:0c:86:ca:5b:86:6f:8b:7f:1a:d8:85:25:08:bf:f1:
de:7e:ef:21:ec:8d:90:1e:3b:76:fa:7f:1a:38:fe:ae:d1:4b:
7f:0c:7b:0b
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIBOTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG
QjY4QzExMC8GA1UEBRMoQTIyODhGODk2NEQ2MTY5QTg3OTVGMkY0RUYwNUUwRDVF
NkUxM0IwOTAeFw0yNTA1MDIxNzM5MTVaFw0yNjA1MjgwMDAwMDBaMBgxFjAUBgNV
BAMTDTY4MTUwMzQzLTQ0OTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCjzt/VBGvh0wdByXK7aGKh6NJZw3pc0FaHbT9m+HINHhLrQJ+ip0UZPdYsrysX
VhVq/sr3BQPOjR3e4qxLb9hx1NAbIVepAsw9K+Bpw4OJShSGNj3ButFSQC1WIfIG
Bt9tvJPYE6zoi0H5Vqf2U3KHo9K9EmNAcGm1XYlxhssu8WOzqLwqU0OtKLarKEu2
yWXoxYWtnLMO6pvK4uPWr1GdOT/NUfs8/QNWv7DwSBTWt8wn5nz+Gywh9kImbjF6
WGypwr1+nXXOcbtnt5pGwlVXBelTOYXngXlaz1NphxQU28Wzqz+Qaaj5xuxT3MlZ
Yu9gbHd4tYB7ukNi2RtTGuPLAgMBAAGjggKmMIICojAdBgNVHQ4EFgQUZlebwfjG
3K/5aQ0JX4SIMmXllQAwHwYDVR0jBBgwFoAUoiiPiWTWFpqHlfL07wXg1ebhOwkw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUZCNjhDLzE3RDEwM0E4RUFC
MjExRUY4NDZGMTMzN0M0RjlBRTAyL29paVBpV1RXRnBxSGxmTDA3d1hnMWViaE93
ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvb2lpUGlXVFdGcHFIbGZMMDd3WGcxZWJoT3drLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG
QjY4Qy8xN0QxMDNBOEVBQjIxMUVGODQ2RjEzMzdDNEY5QUUwMi9FQkY3RjQ5ODI3
N0ExMUYwQjk2OUEyM0RDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAwBggrBgEFBQcBBwEB/wQh
MB8wDAQCAAEwBgMEAKM9ijAPBAIAAjAJAwcAIAEN9RdAMA0GCSqGSIb3DQEBCwUA
A4IBAQB/oxgpv0mexL0lUvaZo5WlMNZFSMQ1qFUDN70n/jGOCsUuhtqSg0+tkGVk
v52Bv3CeNTMm3SY1clWDCxHQe4VxYlXerS1E1Kt65Jwcr17z/AqzVvTWnbmKMOkP
uFp6kXl/jtNsigxl3C+g20/s5nap+uhp/uI6JCJOSZv/pXHz6MOdaJsX4Jr0Kyom
Lj360XCaC73+ZHQRJEKAFuCziP7tv6s02pdV6cIpyfxzOAnYoaZNIUsToI3ImWVU
qrBiYeSFqYGwlsylKszxE9Zb3UF6j599pf4Blc8arJsMhspbhm+LfxrYhSUIv/He
fu8h7I2QHjt2+n8aOP6u0Ut/DHsL
-----END CERTIFICATE-----
Generated at Tue May 13 02:22:35 2025 by rpki-client