Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9114EF6/8DAE05A0D0D411EFBCD5123EC4F9AE02/A0D2CBEAD0D711EFADAC6326C4F9AE02.roa
File: A0D2CBEAD0D711EFADAC6326C4F9AE02.roa (raw, json)
Hash identifier: wIHcsdGPUB+69Emh5BnjsfPaGZkEHckm/MmksTlPEl0=
Subject key identifier: 33:14:56:AA:BF:A5:57:09:43:EF:37:0C:0F:CC:1E:00:1B:17:EF:0A
Certificate issuer: /CN=A9114EF6/serialNumber=AF461D57A90A335B2FA77A7AAEC16734954923B1
Certificate serial: 02
Authority key identifier: AF:46:1D:57:A9:0A:33:5B:2F:A7:7A:7A:AE:C1:67:34:95:49:23:B1
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/r0YdV6kKM1svp3p6rsFnNJVJI7E.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9114EF6/8DAE05A0D0D411EFBCD5123EC4F9AE02/A0D2CBEAD0D711EFADAC6326C4F9AE02.roa
Signing time: Sun 12 Jan 2025 11:23:21 +0000
ROA not before: Sun 12 Jan 2025 11:23:21 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 153491
IP address blocks: 161.248.120.0/23 maxlen: 23
Validation: Failed, certificate revoked on Sun 12 Jan 2025 13:09:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9114EF6/serialNumber=AF461D57A90A335B2FA77A7AAEC16734954923B1
Validity
Not Before: Jan 12 11:23:21 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=6783a628-d35b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:70:ad:9b:c8:53:64:b1:b8:9b:fc:55:d4:48:
ce:6e:ed:e5:17:22:13:4b:da:46:5f:db:d9:74:8a:
f8:69:48:1f:70:a5:26:86:94:12:7b:ba:83:38:80:
97:03:36:ff:35:cb:78:27:7d:1c:f5:c2:af:27:59:
36:16:24:7a:16:b5:6e:b6:1b:48:c0:9b:99:83:4c:
1a:2b:ea:f2:a1:fc:9a:4b:26:f3:5b:5b:df:03:8d:
cd:ee:0a:47:8f:3a:92:29:64:45:61:e2:9d:6a:c1:
8b:51:b6:bd:78:95:cd:84:97:67:a0:55:67:b5:88:
50:ba:10:a7:b4:22:f9:15:4f:d5:66:b1:0a:ec:c3:
ab:d3:b1:79:39:87:ea:55:3b:b8:d1:c7:cc:43:14:
e8:70:07:1a:c0:6f:7e:a3:9f:6c:29:78:f1:a5:4c:
f4:8b:97:52:30:b0:8e:6d:aa:35:b1:30:50:42:46:
16:52:d8:cc:01:66:f1:60:a1:08:c3:81:5a:15:52:
97:50:13:da:c6:d7:cd:0a:88:8c:50:e7:3e:ff:92:
c8:e7:cf:67:c9:58:c5:fa:37:34:ca:b5:ad:5c:32:
b0:ce:93:9c:3f:ca:30:a1:f4:fd:8a:35:71:94:af:
1d:bb:de:ce:84:0b:66:b4:ff:e3:af:cd:9a:77:b4:
2f:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:14:56:AA:BF:A5:57:09:43:EF:37:0C:0F:CC:1E:00:1B:17:EF:0A
X509v3 Authority Key Identifier:
keyid:AF:46:1D:57:A9:0A:33:5B:2F:A7:7A:7A:AE:C1:67:34:95:49:23:B1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9114EF6/8DAE05A0D0D411EFBCD5123EC4F9AE02/r0YdV6kKM1svp3p6rsFnNJVJI7E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/r0YdV6kKM1svp3p6rsFnNJVJI7E.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9114EF6/8DAE05A0D0D411EFBCD5123EC4F9AE02/A0D2CBEAD0D711EFADAC6326C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
161.248.120.0/23
Signature Algorithm: sha256WithRSAEncryption
8b:92:bf:97:05:08:1e:8f:e1:f4:c7:8c:7e:a9:0b:86:6d:f3:
64:18:18:a6:2e:70:34:3a:ce:82:58:25:8c:47:09:40:4a:dc:
f9:2d:97:e0:65:3b:3a:41:b8:77:22:07:e0:17:ba:9e:46:d5:
01:de:de:c6:08:cc:28:ae:42:b4:6c:42:76:7c:77:c3:6b:e0:
ae:e9:41:2d:4a:b5:d7:21:16:a9:a4:e9:03:2d:6e:24:dc:d1:
f3:a6:6a:fd:53:9b:42:e1:ec:9e:b8:1b:bf:d7:1d:e7:bf:47:
85:af:6b:a5:fa:19:e5:b0:77:9c:ec:f2:79:d8:24:d3:af:91:
cb:10:d5:4c:69:4b:84:ad:fa:76:eb:bd:bf:f6:ff:98:be:17:
9c:27:a4:3b:55:ab:10:31:64:6b:40:7b:f9:07:6d:82:b8:8e:
77:43:ca:8a:4c:bf:61:ae:c2:7e:fd:81:30:9a:53:d0:20:2c:
9e:0c:91:fd:f1:27:9f:2b:66:8e:52:75:2a:6f:01:aa:86:8b:
db:97:75:cd:b4:fe:6f:4f:28:a5:d7:11:1c:0d:3b:ad:4c:1f:
f0:4c:e7:dd:7f:15:1d:ec:80:af:bb:41:13:bf:98:96:25:be:
98:c8:a1:b1:31:3a:32:a2:d3:02:fc:70:ff:44:07:98:f8:32:
3a:77:39:42
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEx
NEVGNjExMC8GA1UEBRMoQUY0NjFENTdBOTBBMzM1QjJGQTc3QTdBQUVDMTY3MzQ5
NTQ5MjNCMTAeFw0yNTAxMTIxMTIzMjFaFw0yNjAzMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3ODNhNjI4LWQzNWIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDpcK2byFNksbib/FXUSM5u7eUXIhNL2kZf29l0ivhpSB9wpSaGlBJ7uoM4gJcD
Nv81y3gnfRz1wq8nWTYWJHoWtW62G0jAm5mDTBor6vKh/JpLJvNbW98Djc3uCkeP
OpIpZEVh4p1qwYtRtr14lc2El2egVWe1iFC6EKe0IvkVT9VmsQrsw6vTsXk5h+pV
O7jRx8xDFOhwBxrAb36jn2wpePGlTPSLl1IwsI5tqjWxMFBCRhZS2MwBZvFgoQjD
gVoVUpdQE9rG180KiIxQ5z7/ksjnz2fJWMX6NzTKta1cMrDOk5w/yjCh9P2KNXGU
rx273s6EC2a0/+OvzZp3tC/NAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUMxRWqr+l
VwlD7zcMD8weABsX7wowHwYDVR0jBBgwFoAUr0YdV6kKM1svp3p6rsFnNJVJI7Ew
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTE0RUY2LzhEQUUwNUEwRDBE
NDExRUZCQ0Q1MTIzRUM0RjlBRTAyL3IwWWRWNmtLTTFzdnAzcDZyc0ZuTkpWSkk3
RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvcjBZZFY2a0tNMXN2cDNwNnJzRm5OSlZKSTdFLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx
NEVGNi84REFFMDVBMEQwRDQxMUVGQkNENTEyM0VDNEY5QUUwMi9BMEQyQ0JFQUQw
RDcxMUVGQURBQzYzMjZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAaH4eDANBgkqhkiG9w0BAQsFAAOCAQEAi5K/lwUIHo/h9MeM
fqkLhm3zZBgYpi5wNDrOglgljEcJQErc+S2X4GU7OkG4dyIH4Be6nkbVAd7exgjM
KK5CtGxCdnx3w2vgrulBLUq11yEWqaTpAy1uJNzR86Zq/VObQuHsnrgbv9cd579H
ha9rpfoZ5bB3nOzyedgk06+RyxDVTGlLhK36duu9v/b/mL4XnCekO1WrEDFka0B7
+QdtgriOd0PKiky/Ya7Cfv2BMJpT0CAsngyR/fEnnytmjlJ1Km8BqoaL25d1zbT+
b08opdcRHA07rUwf8Ezn3X8VHeyAr7tBE7+YliW+mMihsTE6MqLTAvxw/0QHmPgy
Onc5Qg==
Generated at Sun Jan 12 16:17:43 2025 by rpki-client on console.sobornost.net