Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91685E9/C112F55CD17611EF95C5DE5AC4F9AE02/9CEC2322D26811EF96C4A360C4F9AE02.roa
File: 9CEC2322D26811EF96C4A360C4F9AE02.roa (raw, json)
Hash identifier: OdDYthY5K0QlN0rdf6NYNM0w52eZxZd3NvOGEnfAsQg=
Subject key identifier: A0:DB:28:82:0C:40:17:78:41:A3:DC:EC:C7:2F:EF:94:B5:F7:3C:FA
Certificate issuer: /CN=A91685E9/serialNumber=624B96E1D665ED78E78DFAF6C220191073DB66CC
Certificate serial: 1A
Authority key identifier: 62:4B:96:E1:D6:65:ED:78:E7:8D:FA:F6:C2:20:19:10:73:DB:66:CC
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YkuW4dZl7Xjnjfr2wiAZEHPbZsw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91685E9/C112F55CD17611EF95C5DE5AC4F9AE02/9CEC2322D26811EF96C4A360C4F9AE02.roa
Signing time: Tue 14 Jan 2025 11:13:42 +0000
ROA not before: Tue 14 Jan 2025 11:13:42 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 153522
IP address blocks: 161.248.162.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 14 Jan 2025 11:54:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 26 (0x1a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91685E9/serialNumber=624B96E1D665ED78E78DFAF6C220191073DB66CC
Validity
Not Before: Jan 14 11:13:42 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=678646e6-ab19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:7d:5d:ee:6a:50:36:34:26:0e:12:4f:49:05:
ef:df:ae:0a:d3:41:99:b9:65:c4:a1:dc:b6:b4:48:
d9:a5:78:5e:18:65:f1:2b:d1:e4:a7:c4:8d:1f:68:
73:5e:10:ff:c3:dd:58:8e:84:79:0d:01:b2:c0:4b:
ef:79:72:b6:c2:d8:71:7b:f4:32:e9:c0:0a:a0:77:
d6:d7:9e:2c:f4:39:7c:08:7e:db:fb:07:bd:0d:95:
a1:ea:2f:24:46:b2:f9:f7:1c:d5:3f:e4:e4:41:b5:
6f:fb:73:97:ad:7e:41:64:7b:36:e7:c9:fa:d5:a8:
d8:a1:45:b8:5c:5a:9e:c2:21:9f:25:38:80:c2:48:
f5:ce:a7:f0:dc:06:6a:80:7b:1e:53:e1:de:b2:60:
de:81:b1:44:39:f2:89:c8:aa:c4:9d:38:0d:bd:24:
7d:b6:63:ac:bc:4c:54:6e:eb:0f:5f:40:28:dc:58:
df:58:f0:ce:bd:ab:74:81:8c:a9:16:c7:c6:c1:fe:
72:81:b5:a0:29:db:46:11:29:05:06:46:ed:f4:c2:
1e:9e:ee:7d:11:50:86:f9:65:58:46:de:8e:0a:92:
d8:3c:fa:4e:27:59:33:e7:01:0a:30:53:fe:94:69:
7e:09:1d:95:33:d6:fe:9c:32:35:e5:71:fb:f9:c8:
f6:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:DB:28:82:0C:40:17:78:41:A3:DC:EC:C7:2F:EF:94:B5:F7:3C:FA
X509v3 Authority Key Identifier:
keyid:62:4B:96:E1:D6:65:ED:78:E7:8D:FA:F6:C2:20:19:10:73:DB:66:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91685E9/C112F55CD17611EF95C5DE5AC4F9AE02/YkuW4dZl7Xjnjfr2wiAZEHPbZsw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YkuW4dZl7Xjnjfr2wiAZEHPbZsw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91685E9/C112F55CD17611EF95C5DE5AC4F9AE02/9CEC2322D26811EF96C4A360C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
161.248.162.0/23
Signature Algorithm: sha256WithRSAEncryption
72:f2:85:cf:1b:c0:66:96:d7:2e:f9:43:25:41:a1:cc:5d:cc:
d2:d0:04:ff:1e:5a:3b:f9:80:60:7b:ec:57:f9:72:1f:36:42:
b3:e7:a3:ff:f7:f6:b8:e6:6c:c5:e5:d6:a5:53:f4:a8:58:37:
b1:b6:f0:6c:04:09:4d:d9:e9:5d:d1:60:7d:1a:5f:b7:48:0e:
14:94:16:0f:30:38:72:48:99:48:23:00:50:88:5f:3f:18:40:
f7:bd:67:0f:ad:8c:06:45:93:e0:bc:bf:b4:27:a2:9d:68:fd:
df:85:ec:f7:3a:09:48:0c:65:54:72:c8:f0:86:b3:69:e7:c8:
5f:08:86:1b:09:ad:0c:73:56:2a:20:5e:10:ab:e8:52:78:a2:
4b:df:90:12:8e:5b:c0:e6:2b:2b:fb:43:2d:68:eb:dd:47:e8:
9a:89:19:55:76:5b:be:75:44:64:bd:22:40:63:24:9e:61:5c:
59:8b:bd:a1:7d:e4:f6:5b:3c:d1:ee:5a:a1:d3:f8:b5:1b:b2:
7b:83:4d:c2:b7:b4:48:c9:41:59:06:ba:61:f2:8d:f5:2e:3b:
83:e5:4e:67:0e:4b:08:68:b8:2a:c1:11:4f:c4:ed:d0:64:c2:
93:eb:6e:25:42:70:c0:8e:2d:ac:5d:1a:f7:a8:77:16:82:7b:
3d:9e:77:93
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBGjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE2
ODVFOTExMC8GA1UEBRMoNjI0Qjk2RTFENjY1RUQ3OEU3OERGQUY2QzIyMDE5MTA3
M0RCNjZDQzAeFw0yNTAxMTQxMTEzNDJaFw0yNjA1MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3ODY0NmU2LWFiMTkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDDfV3ualA2NCYOEk9JBe/frgrTQZm5ZcSh3La0SNmleF4YZfEr0eSnxI0faHNe
EP/D3ViOhHkNAbLAS+95crbC2HF79DLpwAqgd9bXniz0OXwIftv7B70NlaHqLyRG
svn3HNU/5ORBtW/7c5etfkFkezbnyfrVqNihRbhcWp7CIZ8lOIDCSPXOp/DcBmqA
ex5T4d6yYN6BsUQ58onIqsSdOA29JH22Y6y8TFRu6w9fQCjcWN9Y8M69q3SBjKkW
x8bB/nKBtaAp20YRKQUGRu30wh6e7n0RUIb5ZVhG3o4Kktg8+k4nWTPnAQowU/6U
aX4JHZUz1v6cMjXlcfv5yPZpAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUoNsoggxA
F3hBo9zsxy/vlLX3PPowHwYDVR0jBBgwFoAUYkuW4dZl7Xjnjfr2wiAZEHPbZsww
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTY4NUU5L0MxMTJGNTVDRDE3
NjExRUY5NUM1REU1QUM0RjlBRTAyL1lrdVc0ZFpsN1hqbmpmcjJ3aUFaRUhQYlpz
dy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvWWt1VzRkWmw3WGpuamZyMndpQVpFSFBiWnN3LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2
ODVFOS9DMTEyRjU1Q0QxNzYxMUVGOTVDNURFNUFDNEY5QUUwMi85Q0VDMjMyMkQy
NjgxMUVGOTZDNEEzNjBDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAaH4ojANBgkqhkiG9w0BAQsFAAOCAQEAcvKFzxvAZpbXLvlD
JUGhzF3M0tAE/x5aO/mAYHvsV/lyHzZCs+ej//f2uOZsxeXWpVP0qFg3sbbwbAQJ
TdnpXdFgfRpft0gOFJQWDzA4ckiZSCMAUIhfPxhA971nD62MBkWT4Ly/tCeinWj9
34Xs9zoJSAxlVHLI8IazaefIXwiGGwmtDHNWKiBeEKvoUniiS9+QEo5bwOYrK/tD
LWjr3UfomokZVXZbvnVEZL0iQGMknmFcWYu9oX3k9ls80e5aodP4tRuye4NNwre0
SMlBWQa6YfKN9S47g+VOZw5LCGi4KsERT8Tt0GTCk+tuJUJwwI4trF0a96h3FoJ7
PZ53kw==
-----END CERTIFICATE-----
Generated at Tue Jan 14 15:02:29 2025 by rpki-client on console.sobornost.net