Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91423C1/D0320EF8BF4F11EFBCF68944C4F9AE02/57646DB8E05611EF94B15084C4F9AE02.roa
File: 57646DB8E05611EF94B15084C4F9AE02.roa (raw, json)
Hash identifier: Tg/kXFwdhCVProva7ZZsIlNwjqHS+M/aQbZ+q9ssnMk=
Subject key identifier: B6:11:F5:F0:42:B0:32:DE:C5:91:E0:F8:DF:1D:83:B0:7F:61:D1:D2
Certificate issuer: /CN=A91423C1/serialNumber=4DC7E28B546F2A0B538E8CDF832D9AA1F37CC8E4
Certificate serial: 22
Authority key identifier: 4D:C7:E2:8B:54:6F:2A:0B:53:8E:8C:DF:83:2D:9A:A1:F3:7C:C8:E4
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Tcfii1RvKgtTjozfgy2aofN8yOQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91423C1/D0320EF8BF4F11EFBCF68944C4F9AE02/57646DB8E05611EF94B15084C4F9AE02.roa
Signing time: Mon 03 Feb 2025 04:28:20 +0000
ROA not before: Mon 03 Feb 2025 04:28:20 +0000
ROA not after: Mon 02 Jun 2025 00:00:00 +0000
asID: 152125
IP address blocks: 161.248.10.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 04 Feb 2025 01:17:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 34 (0x22)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91423C1/serialNumber=4DC7E28B546F2A0B538E8CDF832D9AA1F37CC8E4
Validity
Not Before: Feb 3 04:28:20 2025 GMT
Not After : Jun 2 00:00:00 2025 GMT
Subject: CN=67a045e4-1e13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:3e:5c:08:66:90:55:d8:e1:17:45:db:ed:2e:
18:3e:62:2f:fd:0c:7e:74:ae:db:af:d6:6e:f2:18:
dc:e3:11:0b:19:f5:a2:f3:cc:ec:23:7a:a9:25:43:
9d:f4:e1:77:63:a8:cb:37:20:dd:ba:6c:ee:17:49:
87:ad:bb:11:2a:5f:df:b9:54:ba:26:c5:ae:be:16:
86:86:b6:48:9e:ba:55:41:69:67:6c:8e:f7:6e:b8:
c9:3a:de:76:d7:a8:67:20:3c:49:f5:7a:68:d3:b4:
31:1b:95:fd:e5:9e:cf:41:2b:c2:51:97:a6:c7:45:
1b:eb:a4:6f:4c:c2:97:3c:44:ce:f4:cf:bd:4c:52:
d7:dc:10:0c:e7:69:be:cc:0a:c8:93:3b:00:0e:83:
d3:a4:47:bf:92:76:86:99:2d:ca:7a:00:3b:40:3a:
be:83:7c:4a:8b:be:d5:42:34:12:ba:26:e8:fb:61:
32:c8:cf:72:a3:1b:45:40:b0:a1:bb:e6:2c:6a:22:
57:17:2c:04:a4:c8:57:b3:89:36:c0:56:ee:95:62:
41:71:7c:0e:db:5f:52:3f:3a:e0:8c:a9:d6:bb:23:
bc:c1:c1:80:0e:e8:36:04:28:3d:3e:13:48:05:2c:
89:4b:f6:01:fd:1c:02:ab:99:da:d0:17:c0:08:4e:
f6:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:11:F5:F0:42:B0:32:DE:C5:91:E0:F8:DF:1D:83:B0:7F:61:D1:D2
X509v3 Authority Key Identifier:
keyid:4D:C7:E2:8B:54:6F:2A:0B:53:8E:8C:DF:83:2D:9A:A1:F3:7C:C8:E4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91423C1/D0320EF8BF4F11EFBCF68944C4F9AE02/Tcfii1RvKgtTjozfgy2aofN8yOQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Tcfii1RvKgtTjozfgy2aofN8yOQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91423C1/D0320EF8BF4F11EFBCF68944C4F9AE02/57646DB8E05611EF94B15084C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
161.248.10.0/24
Signature Algorithm: sha256WithRSAEncryption
ac:14:41:1d:cd:48:b8:45:aa:26:16:03:83:f5:5f:a2:75:f7:
5c:e3:f7:b2:a3:c8:b8:b6:e3:28:ca:cc:3c:b6:58:bf:36:16:
21:cf:a0:af:c5:e0:60:b8:fc:10:06:a6:a0:21:7e:a8:ef:59:
c8:ad:e7:dc:7c:3f:ad:7b:dd:af:cf:23:a4:27:ed:b1:e1:96:
b2:f7:1d:c9:7c:39:7f:95:ae:75:47:e6:be:8d:40:be:9c:24:
99:bc:40:aa:00:0a:33:18:94:3a:59:de:5f:3b:f4:41:40:7b:
b3:4b:f2:ed:1d:13:03:ea:ad:6f:b8:06:f5:3a:0a:74:8e:6e:
9c:b8:9d:41:02:18:91:aa:53:01:1f:aa:27:8e:b8:2b:0c:08:
47:dd:e9:9f:17:a6:31:a8:a9:39:70:68:6e:e2:55:f7:19:8e:
b9:8b:b6:ff:4f:7e:b0:17:7f:44:1d:56:bf:0a:7e:be:87:3a:
6a:21:a9:83:12:ae:14:5f:87:12:93:63:fd:4c:e0:25:01:b0:
bc:3a:ce:f2:8e:7f:fb:0e:3b:35:2d:81:33:53:20:e4:c7:3a:
b9:1f:79:11:45:3f:3f:ae:b8:f0:5c:44:91:e9:e4:43:ef:ca:
38:b2:d9:2b:83:05:78:6c:4a:3b:43:b3:1a:65:93:5a:31:46:
8e:9c:57:d5
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBIjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0
MjNDMTExMC8GA1UEBRMoNERDN0UyOEI1NDZGMkEwQjUzOEU4Q0RGODMyRDlBQTFG
MzdDQzhFNDAeFw0yNTAyMDMwNDI4MjBaFw0yNTA2MDIwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3YTA0NWU0LTFlMTMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDDPlwIZpBV2OEXRdvtLhg+Yi/9DH50rtuv1m7yGNzjEQsZ9aLzzOwjeqklQ530
4XdjqMs3IN26bO4XSYetuxEqX9+5VLomxa6+FoaGtkieulVBaWdsjvduuMk63nbX
qGcgPEn1emjTtDEblf3lns9BK8JRl6bHRRvrpG9Mwpc8RM70z71MUtfcEAznab7M
CsiTOwAOg9OkR7+SdoaZLcp6ADtAOr6DfEqLvtVCNBK6Juj7YTLIz3KjG0VAsKG7
5ixqIlcXLASkyFeziTbAVu6VYkFxfA7bX1I/OuCMqda7I7zBwYAO6DYEKD0+E0gF
LIlL9gH9HAKrmdrQF8AITvY5AgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUthH18EKw
Mt7FkeD43x2DsH9h0dIwHwYDVR0jBBgwFoAUTcfii1RvKgtTjozfgy2aofN8yOQw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQyM0MxL0QwMzIwRUY4QkY0
RjExRUZCQ0Y2ODk0NEM0RjlBRTAyL1RjZmlpMVJ2S2d0VGpvemZneTJhb2ZOOHlP
US5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvVGNmaWkxUnZLZ3RUam96Zmd5MmFvZk44eU9RLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0
MjNDMS9EMDMyMEVGOEJGNEYxMUVGQkNGNjg5NDRDNEY5QUUwMi81NzY0NkRCOEUw
NTYxMUVGOTRCMTUwODRDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAKH4CjANBgkqhkiG9w0BAQsFAAOCAQEArBRBHc1IuEWqJhYD
g/VfonX3XOP3sqPIuLbjKMrMPLZYvzYWIc+gr8XgYLj8EAamoCF+qO9ZyK3n3Hw/
rXvdr88jpCftseGWsvcdyXw5f5WudUfmvo1AvpwkmbxAqgAKMxiUOlneXzv0QUB7
s0vy7R0TA+qtb7gG9ToKdI5unLidQQIYkapTAR+qJ464KwwIR93pnxemMaipOXBo
buJV9xmOuYu2/09+sBd/RB1Wvwp+voc6aiGpgxKuFF+HEpNj/UzgJQGwvDrO8o5/
+w47NS2BM1Mg5Mc6uR95EUU/P6648FxEkenkQ+/KOLLZK4MFeGxKO0OzGmWTWjFG
jpxX1Q==
-----END CERTIFICATE-----
Generated at Tue Feb 4 04:39:15 2025 by rpki-client on console.sobornost.net