Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91685E9/C112F55CD17611EF95C5DE5AC4F9AE02/E4C5FC98D48B11EFA7361032C4F9AE02.roa
File: E4C5FC98D48B11EFA7361032C4F9AE02.roa (raw, json)
Hash identifier: VMtHee+ANzB9g1QdTC0H0GzhVMgpf2kYvIrFEgm7/GY=
Subject key identifier: 55:BC:62:DF:86:9F:0C:8D:ED:D9:FB:33:CC:CB:33:E3:07:90:C0:71
Certificate issuer: /CN=A91685E9/serialNumber=624B96E1D665ED78E78DFAF6C220191073DB66CC
Certificate serial: 2B
Authority key identifier: 62:4B:96:E1:D6:65:ED:78:E7:8D:FA:F6:C2:20:19:10:73:DB:66:CC
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YkuW4dZl7Xjnjfr2wiAZEHPbZsw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91685E9/C112F55CD17611EF95C5DE5AC4F9AE02/E4C5FC98D48B11EFA7361032C4F9AE02.roa
Signing time: Fri 17 Jan 2025 04:32:08 +0000
ROA not before: Fri 17 Jan 2025 04:32:08 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 152565
IP address blocks: 161.248.162.0/24 maxlen: 24
161.248.163.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 17 Jan 2025 04:37:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 43 (0x2b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91685E9/serialNumber=624B96E1D665ED78E78DFAF6C220191073DB66CC
Validity
Not Before: Jan 17 04:32:08 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=6789dd48-a1dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:59:47:65:1e:8f:b2:58:80:06:e7:2b:90:e4:
63:33:02:8c:ae:1d:b6:3c:13:7e:f1:7a:2f:e0:d6:
89:b9:13:22:29:e2:6b:84:2f:80:12:4e:73:55:1e:
95:a3:e1:7a:a9:22:f8:41:bd:8c:99:47:17:ca:f2:
84:f3:e8:7c:3f:7f:d9:b3:f8:b1:f9:3c:ff:0b:21:
7f:4b:1f:58:23:5b:20:40:47:30:52:f7:67:85:36:
53:2b:e8:7b:0b:62:48:71:30:51:c3:32:de:44:ef:
f0:16:53:08:80:8b:8f:95:61:01:2a:cc:b2:0b:23:
cf:0a:04:f4:5d:93:ea:f8:dd:02:8a:06:e5:45:f9:
cd:9e:45:53:b5:7b:a6:03:5b:52:cb:33:5b:73:93:
cb:e5:4c:48:8f:9c:e7:03:f4:95:96:e7:b4:0c:88:
00:41:16:11:a0:fb:f5:da:ab:7f:74:24:cc:75:58:
b1:74:e0:f9:b7:2e:95:38:be:81:80:41:55:19:67:
fe:a8:69:65:ed:7e:e8:16:dc:9c:e8:9c:ec:c2:47:
0c:f0:5a:4c:5c:91:06:aa:fa:7e:0d:bd:d4:c7:38:
84:73:bc:e2:b6:76:7e:9b:16:7e:61:f1:10:e4:bd:
08:2d:7d:7f:24:dd:b5:06:c2:7f:f5:53:45:88:6b:
e7:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:BC:62:DF:86:9F:0C:8D:ED:D9:FB:33:CC:CB:33:E3:07:90:C0:71
X509v3 Authority Key Identifier:
keyid:62:4B:96:E1:D6:65:ED:78:E7:8D:FA:F6:C2:20:19:10:73:DB:66:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91685E9/C112F55CD17611EF95C5DE5AC4F9AE02/YkuW4dZl7Xjnjfr2wiAZEHPbZsw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YkuW4dZl7Xjnjfr2wiAZEHPbZsw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91685E9/C112F55CD17611EF95C5DE5AC4F9AE02/E4C5FC98D48B11EFA7361032C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
161.248.162.0/23
Signature Algorithm: sha256WithRSAEncryption
29:47:12:a0:2e:97:c8:70:22:a7:8f:e3:0b:62:3b:f1:0a:f2:
f3:77:e5:3e:03:55:27:36:0f:a8:c0:30:e3:30:d5:b4:cb:68:
9c:6d:06:1d:33:28:2a:af:a4:e0:54:bd:56:42:64:48:59:84:
6a:84:3f:1b:c8:ea:0b:62:59:54:65:5e:a1:5f:45:6a:0d:9a:
56:b0:cf:ee:68:d8:96:b5:56:63:9a:50:80:0f:ee:64:14:55:
a6:86:e8:b7:ef:da:8e:c0:0d:77:91:0a:42:5e:d3:14:d4:bc:
ef:f6:06:dd:f1:f2:94:9a:e6:a4:42:e1:2d:db:e5:f1:c3:cb:
3b:08:bc:12:37:8a:0a:82:0d:f4:59:d1:20:23:2c:dd:a4:e8:
cd:88:13:9c:c7:3a:2f:6d:e1:aa:52:3d:e4:e1:26:92:cd:c1:
c8:30:c3:3d:24:14:d7:96:70:d5:ee:e3:23:1f:af:e9:f7:8f:
ba:fc:ac:6d:28:b5:4e:a8:7c:20:93:97:4e:44:45:94:4d:36:
ed:1c:8a:6d:2e:58:40:4a:f1:b5:11:b0:54:ab:84:e4:2c:90:
be:d3:70:a6:bf:85:71:e6:b3:af:1b:ed:3d:5e:6d:1e:5f:a7:
78:e1:78:89:f2:e0:26:18:f5:b5:00:25:d0:95:78:4c:fe:21:
3f:17:5d:07
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgIBKzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE2
ODVFOTExMC8GA1UEBRMoNjI0Qjk2RTFENjY1RUQ3OEU3OERGQUY2QzIyMDE5MTA3
M0RCNjZDQzAeFw0yNTAxMTcwNDMyMDhaFw0yNjA1MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3ODlkZDQ4LWExZGMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDMWUdlHo+yWIAG5yuQ5GMzAoyuHbY8E37xei/g1om5EyIp4muEL4ASTnNVHpWj
4XqpIvhBvYyZRxfK8oTz6Hw/f9mz+LH5PP8LIX9LH1gjWyBARzBS92eFNlMr6HsL
YkhxMFHDMt5E7/AWUwiAi4+VYQEqzLILI88KBPRdk+r43QKKBuVF+c2eRVO1e6YD
W1LLM1tzk8vlTEiPnOcD9JWW57QMiABBFhGg+/Xaq390JMx1WLF04Pm3LpU4voGA
QVUZZ/6oaWXtfugW3JzonOzCRwzwWkxckQaq+n4NvdTHOIRzvOK2dn6bFn5h8RDk
vQgtfX8k3bUGwn/1U0WIa+fXAgMBAAGjggKVMIICkTAdBgNVHQ4EFgQUVbxi34af
DI3t2fszzMsz4weQwHEwHwYDVR0jBBgwFoAUYkuW4dZl7Xjnjfr2wiAZEHPbZsww
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTY4NUU5L0MxMTJGNTVDRDE3
NjExRUY5NUM1REU1QUM0RjlBRTAyL1lrdVc0ZFpsN1hqbmpmcjJ3aUFaRUhQYlpz
dy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvWWt1VzRkWmw3WGpuamZyMndpQVpFSFBiWnN3LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2
ODVFOS9DMTEyRjU1Q0QxNzYxMUVGOTVDNURFNUFDNEY5QUUwMi9FNEM1RkM5OEQ0
OEIxMUVGQTczNjEwMzJDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAaH4ojANBgkqhkiG9w0BAQsFAAOCAQEAKUcSoC6XyHAip4/j
C2I78Qry83flPgNVJzYPqMAw4zDVtMtonG0GHTMoKq+k4FS9VkJkSFmEaoQ/G8jq
C2JZVGVeoV9Fag2aVrDP7mjYlrVWY5pQgA/uZBRVpobot+/ajsANd5EKQl7TFNS8
7/YG3fHylJrmpELhLdvl8cPLOwi8EjeKCoIN9FnRICMs3aTozYgTnMc6L23hqlI9
5OEmks3ByDDDPSQU15Zw1e7jIx+v6fePuvysbSi1Tqh8IJOXTkRFlE027RyKbS5Y
QErxtRGwVKuE5CyQvtNwpr+FceazrxvtPV5tHl+neOF4ifLgJhj1tQAl0JV4TP4h
PxddBw==
-----END CERTIFICATE-----
Generated at Fri Jan 17 08:40:18 2025 by rpki-client on console.sobornost.net