Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91423C1/0E0DFA988CCF11EE96F4E65AC4F9AE02/E59E21FEE29111EF9EFF9365C4F9AE02.roa
File: E59E21FEE29111EF9EFF9365C4F9AE02.roa (raw, json)
Hash identifier: icuMxYxzKyCQL0/EitwGhVmmz19RWCJG1z2ylGnt9cM=
Subject key identifier: A8:4E:0B:4B:E8:C3:85:A7:4B:C5:7E:E8:0F:CD:4C:17:C3:B2:14:DB
Certificate issuer: /CN=A91423C1/serialNumber=4153BA499A44E7EC1041C60EF7F369AC62357AA8
Certificate serial: EF
Authority key identifier: 41:53:BA:49:9A:44:E7:EC:10:41:C6:0E:F7:F3:69:AC:62:35:7A:A8
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QVO6SZpE5-wQQcYO9_NprGI1eqg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91423C1/0E0DFA988CCF11EE96F4E65AC4F9AE02/E59E21FEE29111EF9EFF9365C4F9AE02.roa
Signing time: Tue 04 Feb 2025 00:49:32 +0000
ROA not before: Tue 04 Feb 2025 00:49:32 +0000
ROA not after: Mon 02 Jun 2025 00:00:00 +0000
asID: 138004
IP address blocks: 2001:df3:3340::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 04 Feb 2025 14:41:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 239 (0xef)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91423C1, serialNumber=4153BA499A44E7EC1041C60EF7F369AC62357AA8
Validity
Not Before: Feb 4 00:49:32 2025 GMT
Not After : Jun 2 00:00:00 2025 GMT
Subject: CN=67a1641c-28d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:a4:75:20:53:81:ff:97:c0:7e:ce:69:3b:d5:
f7:6e:b9:a7:98:e6:1e:77:dc:16:37:ee:fb:04:5e:
83:8d:37:c6:b1:96:6a:8b:48:b2:91:9b:de:a6:45:
91:7d:99:7b:d3:fb:8f:ae:bc:53:31:07:e5:e7:87:
d5:3a:7c:5f:a5:51:37:20:24:09:57:06:59:d7:9e:
88:75:36:79:74:58:c6:74:93:54:d7:36:4a:c2:60:
cb:1c:aa:a2:12:72:50:3f:dc:53:1d:4e:c2:2e:a4:
5d:96:6f:dc:34:1f:8f:cc:60:e0:56:a3:a4:32:10:
67:ac:18:d8:2c:0d:fa:e4:44:48:17:22:de:65:47:
78:ef:a7:ae:6f:79:69:c5:e0:21:07:33:39:02:a7:
87:48:ee:47:2c:2e:b2:45:e2:4f:26:49:5c:06:27:
43:2e:00:9f:f3:bc:3e:88:dd:9d:30:36:d3:86:c7:
89:58:ba:e3:79:6e:b6:ab:18:a7:87:8b:9e:55:95:
41:6f:69:6b:80:41:e7:eb:ac:50:3a:8b:e5:51:55:
aa:ab:13:54:1c:ce:54:01:2a:79:80:26:d7:40:83:
14:f3:a6:1d:96:1b:92:63:24:f8:b9:ff:26:f7:e5:
e4:95:89:c0:0d:1a:24:be:7f:81:62:c6:21:05:da:
90:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:4E:0B:4B:E8:C3:85:A7:4B:C5:7E:E8:0F:CD:4C:17:C3:B2:14:DB
X509v3 Authority Key Identifier:
keyid:41:53:BA:49:9A:44:E7:EC:10:41:C6:0E:F7:F3:69:AC:62:35:7A:A8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91423C1/0E0DFA988CCF11EE96F4E65AC4F9AE02/QVO6SZpE5-wQQcYO9_NprGI1eqg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QVO6SZpE5-wQQcYO9_NprGI1eqg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91423C1/0E0DFA988CCF11EE96F4E65AC4F9AE02/E59E21FEE29111EF9EFF9365C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2001:df3:3340::/48
Signature Algorithm: sha256WithRSAEncryption
5e:4d:95:7a:d4:49:04:48:0c:bc:46:fb:27:27:60:c7:be:13:
d1:b0:50:7c:c0:0a:de:07:8c:88:89:7d:e5:65:24:67:91:56:
1c:09:d0:01:d8:da:9a:46:5a:c4:0a:20:17:d9:19:21:3f:da:
0a:da:7f:69:aa:b0:84:22:20:82:6f:3d:1f:45:e7:47:be:fa:
d2:30:0c:11:79:29:83:d0:93:43:ee:1e:86:94:7e:5e:fc:83:
28:9a:b3:88:53:b6:93:e8:c4:0a:3c:d2:ea:a6:ca:92:8d:fa:
c1:d3:24:52:db:16:1a:23:67:ad:13:32:b1:e7:1c:66:26:ac:
86:8e:36:9d:4d:9d:1f:f8:d8:0d:a3:4f:68:13:32:1c:52:38:
fb:e4:57:1b:8b:5f:13:b2:19:74:06:0e:84:81:c1:f2:1c:ca:
d0:19:61:d1:92:80:0e:a2:60:90:45:05:70:e5:42:7a:44:c5:
52:2a:a5:44:d2:5e:1a:6f:d3:16:b5:98:cd:b5:44:3f:46:52:
78:db:72:ff:c3:68:e4:ab:e0:5b:0e:35:b7:c5:ab:44:bb:13:
51:88:5a:9c:51:8a:2c:a2:80:26:fa:aa:ea:f2:73:5f:c6:79:
0b:a9:11:f8:dd:82:b9:3b:f0:09:17:fe:44:35:2f:9e:76:54:
37:90:32:d6
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgICAO8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDIzQzExMTAvBgNVBAUTKDQxNTNCQTQ5OUE0NEU3RUMxMDQxQzYwRUY3RjM2OUFD
NjIzNTdBQTgwHhcNMjUwMjA0MDA0OTMyWhcNMjUwNjAyMDAwMDAwWjAYMRYwFAYD
VQQDEw02N2ExNjQxYy0yOGQ4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtaR1IFOB/5fAfs5pO9X3brmnmOYed9wWN+77BF6DjTfGsZZqi0iykZvepkWR
fZl70/uPrrxTMQfl54fVOnxfpVE3ICQJVwZZ156IdTZ5dFjGdJNU1zZKwmDLHKqi
EnJQP9xTHU7CLqRdlm/cNB+PzGDgVqOkMhBnrBjYLA365ERIFyLeZUd476eub3lp
xeAhBzM5AqeHSO5HLC6yReJPJklcBidDLgCf87w+iN2dMDbThseJWLrjeW62qxin
h4ueVZVBb2lrgEHn66xQOovlUVWqqxNUHM5UASp5gCbXQIMU86YdlhuSYyT4uf8m
9+XklYnADRokvn+BYsYhBdqQrQIDAQABo4ICmDCCApQwHQYDVR0OBBYEFKhOC0vo
w4WnS8V+6A/NTBfDshTbMB8GA1UdIwQYMBaAFEFTukmaROfsEEHGDvfzaaxiNXqo
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MjNDMS8wRTBERkE5ODhD
Q0YxMUVFOTZGNEU2NUFDNEY5QUUwMi9RVk82U1pwRTUtd1FRY1lPOV9OcHJHSTFl
cWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1FWTzZTWnBFNS13UVFjWU85X05wckdJMWVxZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDIzQzEvMEUwREZBOTg4Q0NGMTFFRTk2RjRFNjVBQzRGOUFFMDIvRTU5RTIxRkVF
MjkxMTFFRjlFRkY5MzY1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwAgAQ3zM0AwDQYJKoZIhvcNAQELBQADggEBAF5NlXrUSQRI
DLxG+ycnYMe+E9GwUHzACt4HjIiJfeVlJGeRVhwJ0AHY2ppGWsQKIBfZGSE/2gra
f2mqsIQiIIJvPR9F50e++tIwDBF5KYPQk0PuHoaUfl78gyias4hTtpPoxAo80uqm
ypKN+sHTJFLbFhojZ60TMrHnHGYmrIaONp1NnR/42A2jT2gTMhxSOPvkVxuLXxOy
GXQGDoSBwfIcytAZYdGSgA6iYJBFBXDlQnpExVIqpUTSXhpv0xa1mM21RD9GUnjb
cv/DaOSr4FsONbfFq0S7E1GIWpxRiiyigCb6quryc1/GeQupEfjdgrk78AkX/kQ1
L552VDeQMtY=
-----END CERTIFICATE-----
Generated at Tue Apr 15 15:27:45 2025 by rpki-client