Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/AAFB142CF9B011EF83EC0480C4F9AE02.roa
File: AAFB142CF9B011EF83EC0480C4F9AE02.roa (raw, json)
Hash identifier: rMO17pn3eEE4YnDUQn58ACaMdqFz9uCnPvFVniNJrgE=
Subject key identifier: 03:DD:59:D1:2E:66:0C:F9:86:7F:75:67:5A:E1:FD:2F:0B:8E:0C:CE
Certificate issuer: /CN=A911BD54/serialNumber=BCFAF8D33F18A8D3602029EBCEDE1E36AF20715C
Certificate serial: 29DA
Authority key identifier: BC:FA:F8:D3:3F:18:A8:D3:60:20:29:EB:CE:DE:1E:36:AF:20:71:5C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vPr40z8YqNNgICnrzt4eNq8gcVw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/AAFB142CF9B011EF83EC0480C4F9AE02.roa
Signing time: Wed 05 Mar 2025 10:57:45 +0000
ROA not before: Wed 05 Mar 2025 10:57:45 +0000
ROA not after: Mon 02 Mar 2026 00:00:00 +0000
asID: 131334
IP address blocks: 2405:9800:e0::/44 maxlen: 48
Validation: Failed, certificate revoked on Mon 17 Mar 2025 04:22:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10714 (0x29da)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911BD54
Validity
Not Before: Mar 5 10:57:45 2025 GMT
Not After : Mar 2 00:00:00 2026 GMT
Subject: CN=67c82e29-a1b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:bc:35:15:33:51:03:53:ef:3f:1e:b4:c2:22:
cb:e2:95:00:8a:ad:ed:4a:cf:60:94:d7:56:8f:c7:
ba:66:dc:57:21:b7:43:76:66:15:87:a0:3e:ce:c2:
aa:65:ac:2f:5c:e6:50:5a:07:b3:cf:45:c6:7c:e0:
63:b5:28:85:bd:55:5e:01:25:3a:9f:2b:32:2a:36:
c8:3c:98:2c:75:d1:86:08:b9:9e:a3:7f:b5:ec:08:
de:55:48:71:a1:d0:d5:9a:84:81:d0:ec:c6:87:65:
ee:fc:4a:f6:97:fc:cb:da:87:b0:45:c1:fe:0c:36:
68:85:3c:f4:d2:69:42:e2:92:d8:52:eb:ee:0f:e9:
50:1e:34:e7:de:28:89:49:6a:1d:09:ce:d8:1a:66:
d7:0b:a0:35:ff:5a:5e:e5:02:1d:04:2d:35:2c:eb:
48:6b:6d:dc:b0:30:ba:f6:a5:51:f0:14:e0:d8:ff:
c9:fe:74:3c:67:f3:79:60:e4:ff:61:7b:2a:a8:61:
19:c1:45:c8:d8:a3:5c:3f:6d:86:fe:e2:39:ee:d5:
e6:e6:4f:13:ed:09:40:e2:6b:a8:36:40:40:ba:28:
c5:ba:34:18:c3:20:dd:f5:94:38:f1:35:d5:15:9d:
af:9c:de:a7:4e:fd:8c:4b:d3:20:18:58:ee:51:c1:
ae:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:DD:59:D1:2E:66:0C:F9:86:7F:75:67:5A:E1:FD:2F:0B:8E:0C:CE
X509v3 Authority Key Identifier:
keyid:BC:FA:F8:D3:3F:18:A8:D3:60:20:29:EB:CE:DE:1E:36:AF:20:71:5C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/vPr40z8YqNNgICnrzt4eNq8gcVw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vPr40z8YqNNgICnrzt4eNq8gcVw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911BD54/3E281C98004911E5B4B64F63C4F9AE02/AAFB142CF9B011EF83EC0480C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2405:9800:e0::/44
Signature Algorithm: sha256WithRSAEncryption
58:ca:dd:b1:f2:5a:0d:17:71:21:33:bc:b0:05:f4:77:8a:c6:
7c:3b:f5:6b:52:43:96:0e:34:26:03:6a:23:af:25:e5:9c:72:
37:0b:f2:68:55:34:75:f4:0b:6c:96:c9:77:d6:67:15:35:49:
93:08:28:13:8a:5d:86:1f:7e:49:ff:0f:7f:d2:76:e3:55:c2:
6e:9d:3e:3d:34:d9:f3:0c:51:f7:f2:d6:d3:fd:61:ef:ac:cd:
05:7b:08:71:5b:61:21:1b:b3:ed:23:e5:2d:84:3d:2a:8e:94:
34:c7:89:8c:48:db:5a:0f:43:f8:6d:8b:9e:4d:4a:09:b9:c5:
da:41:ad:b4:63:d7:9f:af:75:67:bd:86:8b:37:3e:75:15:59:
4a:55:03:df:be:9e:40:d7:6e:d0:2a:46:e7:01:89:a0:c2:1e:
cc:c1:1e:c2:d6:f1:b1:9a:c1:5f:31:94:dd:be:d6:bc:8b:b7:
24:60:34:8b:5f:98:2a:9a:c6:26:24:4b:c2:f2:3e:df:83:cf:
77:de:0e:38:98:8f:41:b4:04:50:58:f2:a0:af:54:45:db:55:
cd:14:3f:e1:b1:3e:db:9e:90:9b:77:15:26:4b:39:92:fe:27:
a1:99:ba:f3:88:b7:99:43:8f:1a:a5:a7:47:00:b8:80:68:bf:
2e:38:36:83
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgICKdowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUJENTQxMTAvBgNVBAUTKEJDRkFGOEQzM0YxOEE4RDM2MDIwMjlFQkNFREUxRTM2
QUYyMDcxNUMwHhcNMjUwMzA1MTA1NzQ1WhcNMjYwMzAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2M4MmUyOS1hMWIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzLw1FTNRA1PvPx60wiLL4pUAiq3tSs9glNdWj8e6ZtxXIbdDdmYVh6A+zsKq
ZawvXOZQWgezz0XGfOBjtSiFvVVeASU6nysyKjbIPJgsddGGCLmeo3+17AjeVUhx
odDVmoSB0OzGh2Xu/Er2l/zL2oewRcH+DDZohTz00mlC4pLYUuvuD+lQHjTn3iiJ
SWodCc7YGmbXC6A1/1pe5QIdBC01LOtIa23csDC69qVR8BTg2P/J/nQ8Z/N5YOT/
YXsqqGEZwUXI2KNcP22G/uI57tXm5k8T7QlA4muoNkBAuijFujQYwyDd9ZQ48TXV
FZ2vnN6nTv2MS9MgGFjuUcGunQIDAQABo4ICmDCCApQwHQYDVR0OBBYEFAPdWdEu
Zgz5hn91Z1rh/S8LjgzOMB8GA1UdIwQYMBaAFLz6+NM/GKjTYCAp687eHjavIHFc
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQkQ1NC8zRTI4MUM5ODAw
NDkxMUU1QjRCNjRGNjNDNEY5QUUwMi92UHI0MHo4WXFOTmdJQ25yenQ0ZU5xOGdj
VncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3ZQcjQwejhZcU5OZ0lDbnJ6dDRlTnE4Z2NWdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUJENTQvM0UyODFDOTgwMDQ5MTFFNUI0QjY0RjYzQzRGOUFFMDIvQUFGQjE0MkNG
OUIwMTFFRjgzRUMwNDgwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwQkBZgAAOAwDQYJKoZIhvcNAQELBQADggEBAFjK3bHyWg0X
cSEzvLAF9HeKxnw79WtSQ5YONCYDaiOvJeWccjcL8mhVNHX0C2yWyXfWZxU1SZMI
KBOKXYYffkn/D3/SduNVwm6dPj002fMMUffy1tP9Ye+szQV7CHFbYSEbs+0j5S2E
PSqOlDTHiYxI21oPQ/hti55NSgm5xdpBrbRj15+vdWe9hos3PnUVWUpVA9++nkDX
btAqRucBiaDCHszBHsLW8bGawV8xlN2+1ryLtyRgNItfmCqaxiYkS8LyPt+Dz3fe
DjiYj0G0BFBY8qCvVEXbVc0UP+GxPtuekJt3FSZLOZL+J6GZuvOIt5lDjxqlp0cA
uIBovy44NoM=
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:10:15 2025 by rpki-client