Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91991D3/629E8B203B2311EEA43B0219C4F9AE02/A85BF1701F4C11F091945D25C4F9AE02.roa
File: A85BF1701F4C11F091945D25C4F9AE02.roa (raw, json)
Hash identifier: Tyjg31SQyfpHl5vN/TUQHVYMi8e2dEBzBiIfB3eqIaA=
Subject key identifier: 8C:AA:EB:7E:C9:49:E4:77:C9:62:D7:99:E0:ED:13:88:1E:54:FD:FC
Certificate issuer: /CN=A91991D3/serialNumber=19581338A9D63D95A96D1711623E2F660EB0FB17
Certificate serial: 0164
Authority key identifier: 19:58:13:38:A9:D6:3D:95:A9:6D:17:11:62:3E:2F:66:0E:B0:FB:17
Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/GVgTOKnWPZWpbRcRYj4vZg6w-xc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91991D3/629E8B203B2311EEA43B0219C4F9AE02/A85BF1701F4C11F091945D25C4F9AE02.roa
Signing time: Tue 22 Apr 2025 07:38:40 +0000
ROA not before: Tue 22 Apr 2025 07:38:40 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 202736
IP address blocks: 185.254.243.0/24 maxlen: 24
213.139.232.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 23 Apr 2025 16:18:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 356 (0x164)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91991D3, serialNumber=19581338A9D63D95A96D1711623E2F660EB0FB17
Validity
Not Before: Apr 22 07:38:40 2025 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=68074780-eb87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:da:2a:72:eb:aa:68:30:c8:df:b3:6f:bf:0d:
a6:6e:87:5d:44:5a:d4:c2:6c:2d:47:27:16:d5:fa:
7c:81:6d:b4:0d:31:f8:3b:f1:c1:84:30:93:e8:c1:
a4:5d:4e:29:74:25:68:ab:72:f1:ea:83:a6:df:8c:
f4:24:28:aa:c2:a9:0c:3d:59:9b:14:a6:97:f1:6a:
24:11:be:de:97:06:41:c4:a3:11:0b:04:53:47:3e:
cd:0d:f5:3f:7f:54:36:55:cf:72:ce:54:d8:2c:6b:
64:25:b3:3f:e2:18:2e:d4:c8:03:71:44:0e:94:69:
30:ad:3f:fe:bf:e2:af:e6:44:2c:ec:a5:1b:ea:aa:
8d:0d:84:28:7e:53:9d:00:c0:16:dd:69:fb:5f:e5:
d6:fc:dc:6f:e7:e1:41:13:84:33:c8:e4:01:2d:d4:
07:bc:7a:92:50:d3:ee:c6:c0:cd:71:14:79:76:74:
0b:4f:30:2b:4a:60:00:99:2a:2d:50:0c:bf:e5:3b:
99:19:17:f7:92:54:7a:1d:79:c6:20:23:3e:f5:d1:
74:da:a5:34:e1:1f:38:12:62:63:e9:29:5e:11:63:
d1:d0:ce:94:00:a3:77:8a:d3:0d:3c:ca:80:86:78:
b4:36:bb:1c:4d:1b:ba:a4:1b:c8:7a:8e:04:02:81:
a6:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:AA:EB:7E:C9:49:E4:77:C9:62:D7:99:E0:ED:13:88:1E:54:FD:FC
X509v3 Authority Key Identifier:
keyid:19:58:13:38:A9:D6:3D:95:A9:6D:17:11:62:3E:2F:66:0E:B0:FB:17
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91991D3/629E8B203B2311EEA43B0219C4F9AE02/GVgTOKnWPZWpbRcRYj4vZg6w-xc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/GVgTOKnWPZWpbRcRYj4vZg6w-xc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91991D3/629E8B203B2311EEA43B0219C4F9AE02/A85BF1701F4C11F091945D25C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
185.254.243.0/24
213.139.232.0/24
Signature Algorithm: sha256WithRSAEncryption
d2:72:88:a0:ff:ea:51:4f:4a:88:4a:0d:92:1f:2a:2e:2a:6b:
1c:75:de:0f:80:8c:22:67:f4:51:36:fd:02:a9:29:04:66:1b:
15:ae:01:65:6a:64:a2:d0:57:60:8e:5f:de:a6:f1:4f:53:89:
7f:c3:51:b1:63:6f:b3:eb:4a:eb:e8:6f:c7:5b:60:02:12:1f:
51:f7:6f:2b:0b:d9:5d:96:cf:13:7b:e3:2d:86:4f:87:b0:35:
1c:34:e7:e5:1e:81:e0:60:67:39:39:f4:bf:72:67:8d:61:72:
d8:6d:76:2e:c9:ea:31:76:e4:d7:e8:9d:80:9e:24:ce:c0:1b:
ad:4d:e4:64:1d:5d:a3:92:e2:25:ee:86:0c:7d:ca:e9:7e:b7:
89:33:ec:2a:fe:a0:16:ca:77:ef:00:ab:35:43:98:a7:db:1a:
c1:a9:d9:14:2c:ba:ea:14:86:7b:0f:f5:42:e9:37:06:f2:84:
61:1f:9d:47:64:bc:c8:d5:43:1b:6b:56:cc:cb:a9:3e:ec:54:
56:48:07:4b:03:71:0c:16:f2:0c:c0:b5:37:9e:35:bb:9e:e2:
9a:01:7d:cd:32:74:5e:a3:fe:a6:31:e5:ce:62:9f:49:4a:ed:
b9:7a:c9:59:a3:29:c3:95:cd:60:c3:e2:9f:ce:44:60:61:ae:
91:5e:c8:4f
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICAWQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTkxRDMxMTAvBgNVBAUTKDE5NTgxMzM4QTlENjNEOTVBOTZEMTcxMTYyM0UyRjY2
MEVCMEZCMTcwHhcNMjUwNDIyMDczODQwWhcNMjUxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODA3NDc4MC1lYjg3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqdoqcuuqaDDI37Nvvw2mboddRFrUwmwtRycW1fp8gW20DTH4O/HBhDCT6MGk
XU4pdCVoq3Lx6oOm34z0JCiqwqkMPVmbFKaX8WokEb7elwZBxKMRCwRTRz7NDfU/
f1Q2Vc9yzlTYLGtkJbM/4hgu1MgDcUQOlGkwrT/+v+Kv5kQs7KUb6qqNDYQoflOd
AMAW3Wn7X+XW/Nxv5+FBE4QzyOQBLdQHvHqSUNPuxsDNcRR5dnQLTzArSmAAmSot
UAy/5TuZGRf3klR6HXnGICM+9dF02qU04R84EmJj6SleEWPR0M6UAKN3itMNPMqA
hni0NrscTRu6pBvIeo4EAoGmuQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFIyq637J
SeR3yWLXmeDtE4geVP38MB8GA1UdIwQYMBaAFBlYEzip1j2VqW0XEWI+L2YOsPsX
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5OTFEMy82MjlFOEIyMDNC
MjMxMUVFQTQzQjAyMTlDNEY5QUUwMi9HVmdUT0tuV1BaV3BiUmNSWWo0dlpnNnct
eGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy
RkQxRkYyL0dWZ1RPS25XUFpXcGJSY1JZajR2Wmc2dy14Yy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTkxRDMvNjI5RThCMjAzQjIzMTFFRUE0M0IwMjE5QzRGOUFFMDIvQTg1QkYxNzAx
RjRDMTFGMDkxOTQ1RDI1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAC5/vMDBADVi+gwDQYJKoZIhvcNAQELBQADggEBANJyiKD/
6lFPSohKDZIfKi4qaxx13g+AjCJn9FE2/QKpKQRmGxWuAWVqZKLQV2COX96m8U9T
iX/DUbFjb7PrSuvob8dbYAISH1H3bysL2V2WzxN74y2GT4ewNRw05+UegeBgZzk5
9L9yZ41hcthtdi7J6jF25NfonYCeJM7AG61N5GQdXaOS4iXuhgx9yul+t4kz7Cr+
oBbKd+8AqzVDmKfbGsGp2RQsuuoUhnsP9ULpNwbyhGEfnUdkvMjVQxtrVszLqT7s
VFZIB0sDcQwW8gzAtTeeNbue4poBfc0ydF6j/qYx5c5in0lK7bl6yVmjKcOVzWDD
4p/ORGBhrpFeyE8=
Generated at Wed Apr 23 19:54:19 2025 by rpki-client on console.sobornost.net