Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91510AD/8B5E75FE1D8711E284B383DF08B02CD2/4C76ED201E1511F0A4939687C4F9AE02.roa
File: 4C76ED201E1511F0A4939687C4F9AE02.roa (raw, json)
Hash identifier: KSqbkdPKZlXCZrReKUmRuzOZlvNdpaHWWrTZ/vRJ+xo=
Subject key identifier: 5B:6F:DB:9F:50:FD:AE:54:98:46:0A:CA:7F:9B:0F:3B:4D:32:65:85
Certificate issuer: /CN=A91510AD/serialNumber=E1E6908A16EC813DAA0BD64797AE9DBDEB092257
Certificate serial: 3625
Authority key identifier: E1:E6:90:8A:16:EC:81:3D:AA:0B:D6:47:97:AE:9D:BD:EB:09:22:57
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4eaQihbsgT2qC9ZHl66dvesJIlc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91510AD/8B5E75FE1D8711E284B383DF08B02CD2/4C76ED201E1511F0A4939687C4F9AE02.roa
Signing time: Sun 20 Apr 2025 18:28:48 +0000
ROA not before: Sun 20 Apr 2025 18:28:48 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 834
IP address blocks: 175.29.17.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 22 Apr 2025 13:26:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13861 (0x3625)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91510AD, serialNumber=E1E6908A16EC813DAA0BD64797AE9DBDEB092257
Validity
Not Before: Apr 20 18:28:48 2025 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=68053cdf-c748
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:10:0c:dd:01:86:42:44:c0:43:7c:f2:19:e0:
6a:43:2a:79:eb:cc:63:fa:72:3a:cd:58:a5:02:ce:
ca:d7:f7:3e:e3:b8:17:3e:ea:6d:7a:4c:43:91:70:
de:74:cb:90:82:ac:34:49:93:db:79:68:34:4c:34:
9c:b3:96:d0:e8:26:2d:9c:1e:59:7d:8d:5c:e1:47:
aa:3f:76:9a:93:69:a8:5b:33:04:a0:9b:4a:dd:8f:
84:ca:59:50:fb:a2:37:4e:2c:2e:1d:bd:e2:ed:d1:
fe:39:3a:a2:a0:e1:64:d2:3c:d6:2a:24:0a:e2:f0:
4a:07:94:30:8e:d3:ff:0d:72:3f:9a:9b:ed:b4:fb:
68:42:d2:a0:a7:a0:58:f6:e6:22:be:c0:0a:5c:8c:
b6:00:d3:df:d0:dd:1c:9a:25:66:74:df:61:4d:e6:
e0:27:1f:99:f1:29:c5:2d:b6:cf:d7:c6:f8:58:5e:
b0:32:b5:d5:ca:54:17:a5:79:da:79:39:e2:ec:ae:
3a:0a:57:3e:40:d6:9b:60:01:5d:28:4e:1a:2e:14:
49:15:00:b3:c5:49:27:4d:64:e1:00:9d:b8:11:37:
f1:8f:62:82:7e:bc:a8:3d:07:aa:23:ff:3a:27:80:
a0:55:ca:ce:46:45:b7:64:bc:a4:63:b2:d9:2a:48:
8d:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:6F:DB:9F:50:FD:AE:54:98:46:0A:CA:7F:9B:0F:3B:4D:32:65:85
X509v3 Authority Key Identifier:
keyid:E1:E6:90:8A:16:EC:81:3D:AA:0B:D6:47:97:AE:9D:BD:EB:09:22:57
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91510AD/8B5E75FE1D8711E284B383DF08B02CD2/4eaQihbsgT2qC9ZHl66dvesJIlc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4eaQihbsgT2qC9ZHl66dvesJIlc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91510AD/8B5E75FE1D8711E284B383DF08B02CD2/4C76ED201E1511F0A4939687C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
175.29.17.0/24
Signature Algorithm: sha256WithRSAEncryption
21:8c:05:1d:45:70:7c:fb:e3:08:6a:fe:32:ff:07:ba:37:d7:
25:4b:e6:6e:f5:fe:4d:9c:e1:e1:26:eb:ef:eb:79:d0:dd:7f:
96:7d:97:19:1f:2a:3a:65:72:b4:49:a2:4c:a4:6d:ce:73:51:
6d:26:1f:c3:db:a8:ce:9c:f8:01:6c:ac:ae:8d:b5:cd:42:37:
d1:6f:5e:ae:70:ad:a0:ee:96:6c:b6:5c:f9:ab:be:2c:e8:b7:
6d:aa:d7:1c:b5:b9:1c:a2:52:d3:e4:af:f4:05:7d:50:3c:87:
0d:ce:b1:e4:73:15:fb:da:4c:ac:f3:1e:57:31:7e:f0:d6:ab:
15:ed:17:bf:8f:ce:3e:37:c5:d4:af:9b:b2:4d:86:8a:89:fe:
7b:b3:b6:e6:b8:c5:e7:e2:71:95:bc:95:ce:2b:86:7f:08:c9:
e6:52:36:ae:20:55:bc:6c:1c:c1:6d:46:1b:f0:96:1a:5b:34:
72:a1:26:b0:5a:6f:ec:65:99:d3:63:cb:99:6a:6b:55:23:84:
e3:4c:fb:f7:73:f5:f9:f4:f9:3d:66:cf:eb:35:76:c0:06:a7:
04:78:c7:03:7b:40:c8:4d:6d:86:e6:26:fe:a7:e1:ba:ae:80:
46:f8:59:7a:a8:e7:8c:81:53:e4:6e:e7:1b:08:76:3b:b5:b5:
13:d9:0c:e6
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICNiUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTEwQUQxMTAvBgNVBAUTKEUxRTY5MDhBMTZFQzgxM0RBQTBCRDY0Nzk3QUU5REJE
RUIwOTIyNTcwHhcNMjUwNDIwMTgyODQ4WhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODA1M2NkZi1jNzQ4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzBAM3QGGQkTAQ3zyGeBqQyp568xj+nI6zVilAs7K1/c+47gXPuptekxDkXDe
dMuQgqw0SZPbeWg0TDScs5bQ6CYtnB5ZfY1c4UeqP3aak2moWzMEoJtK3Y+EyllQ
+6I3TiwuHb3i7dH+OTqioOFk0jzWKiQK4vBKB5QwjtP/DXI/mpvttPtoQtKgp6BY
9uYivsAKXIy2ANPf0N0cmiVmdN9hTebgJx+Z8SnFLbbP18b4WF6wMrXVylQXpXna
eTni7K46Clc+QNabYAFdKE4aLhRJFQCzxUknTWThAJ24ETfxj2KCfryoPQeqI/86
J4CgVcrORkW3ZLykY7LZKkiNOQIDAQABo4IClTCCApEwHQYDVR0OBBYEFFtv259Q
/a5UmEYKyn+bDztNMmWFMB8GA1UdIwQYMBaAFOHmkIoW7IE9qgvWR5eunb3rCSJX
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MTBBRC84QjVFNzVGRTFE
ODcxMUUyODRCMzgzREYwOEIwMkNEMi80ZWFRaWhic2dUMnFDOVpIbDY2ZHZlc0pJ
bGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzRlYVFpaGJzZ1QycUM5WkhsNjZkdmVzSklsYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTEwQUQvOEI1RTc1RkUxRDg3MTFFMjg0QjM4M0RGMDhCMDJDRDIvNEM3NkVEMjAx
RTE1MTFGMEE0OTM5Njg3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBACvHREwDQYJKoZIhvcNAQELBQADggEBACGMBR1FcHz74whq
/jL/B7o31yVL5m71/k2c4eEm6+/redDdf5Z9lxkfKjplcrRJokykbc5zUW0mH8Pb
qM6c+AFsrK6Ntc1CN9FvXq5wraDulmy2XPmrvizot22q1xy1uRyiUtPkr/QFfVA8
hw3OseRzFfvaTKzzHlcxfvDWqxXtF7+Pzj43xdSvm7JNhoqJ/nuztua4xeficZW8
lc4rhn8IyeZSNq4gVbxsHMFtRhvwlhpbNHKhJrBab+xlmdNjy5lqa1UjhONM+/dz
9fn0+T1mz+s1dsAGpwR4xwN7QMhNbYbmJv6n4bqugEb4WXqo54yBU+Ru5xsIdju1
tRPZDOY=
-----END CERTIFICATE-----
Generated at Tue Apr 22 17:01:55 2025 by rpki-client on console.sobornost.net