Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91685E9/C928043AD17611EF95C5DE5AC4F9AE02/101AC3BAD58111EFAEDD0B54C4F9AE02.roa
File: 101AC3BAD58111EFAEDD0B54C4F9AE02.roa (raw, json)
Hash identifier: wusv6gjmIh5fCBdYsR7TXn9ZwYnz06d9iC4xHNhTYuY=
Subject key identifier: F1:DC:9E:5A:11:B0:C2:27:7A:A2:97:C7:7D:C3:27:4B:70:2C:6A:3B
Certificate issuer: /CN=A91685E9/serialNumber=F698B5B47A06D5307DEC608969063074B68FF5CA
Certificate serial: 0E
Authority key identifier: F6:98:B5:B4:7A:06:D5:30:7D:EC:60:89:69:06:30:74:B6:8F:F5:CA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9pi1tHoG1TB97GCJaQYwdLaP9co.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91685E9/C928043AD17611EF95C5DE5AC4F9AE02/101AC3BAD58111EFAEDD0B54C4F9AE02.roa
Signing time: Sat 18 Jan 2025 09:46:17 +0000
ROA not before: Sat 18 Jan 2025 09:46:17 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 152565
IP address blocks: 2401:e920::/33 maxlen: 33
2401:e920:8000::/33 maxlen: 40
Validation: Failed, certificate revoked on Mon 27 Jan 2025 09:24:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14 (0xe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91685E9
Validity
Not Before: Jan 18 09:46:17 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=678b7869-8708
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:6d:b5:cc:b2:2c:90:8b:4e:1e:bf:3d:40:37:
8e:ea:69:54:fe:49:42:64:f8:dc:27:da:2b:26:7d:
26:fd:8c:95:28:3b:63:30:67:df:8d:52:cc:6a:b6:
fc:ce:a6:99:8b:22:ad:b2:b1:90:68:90:23:89:ae:
41:a9:e3:bb:80:8b:de:e6:0e:a9:69:50:0e:37:d0:
f0:93:95:fe:bf:e2:71:d8:b7:3e:de:17:d0:3e:73:
cd:40:d3:d3:85:ad:0c:4d:2c:42:81:93:30:b5:5f:
b3:ae:db:3d:98:ca:08:76:dc:db:f0:80:da:71:42:
a9:31:8e:1a:1e:a9:8e:d1:0b:c5:35:11:ac:86:53:
4a:fd:49:f2:16:2c:58:08:58:dc:5b:9c:8f:c6:c4:
e0:81:41:a2:fd:90:87:cb:2d:e6:f1:52:fd:f5:08:
a3:63:27:c9:3b:47:54:dc:83:c1:ef:d3:c5:de:13:
0c:49:7d:fb:17:1c:09:e5:97:c3:f0:48:05:6a:dc:
4a:4e:bd:47:f5:0a:46:91:cc:2c:b3:c1:69:5d:37:
e3:07:59:a7:6d:01:13:b2:6c:77:74:6b:e6:5b:16:
0b:87:55:a8:5a:97:94:2a:cc:e1:83:69:dd:a8:f3:
43:0b:d5:c0:24:0b:5e:54:a8:45:06:b5:f9:0a:a2:
71:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:DC:9E:5A:11:B0:C2:27:7A:A2:97:C7:7D:C3:27:4B:70:2C:6A:3B
X509v3 Authority Key Identifier:
keyid:F6:98:B5:B4:7A:06:D5:30:7D:EC:60:89:69:06:30:74:B6:8F:F5:CA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91685E9/C928043AD17611EF95C5DE5AC4F9AE02/9pi1tHoG1TB97GCJaQYwdLaP9co.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9pi1tHoG1TB97GCJaQYwdLaP9co.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91685E9/C928043AD17611EF95C5DE5AC4F9AE02/101AC3BAD58111EFAEDD0B54C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2401:e920::/32
Signature Algorithm: sha256WithRSAEncryption
9d:6b:8d:a7:ec:38:41:af:0f:55:70:24:0c:8c:56:7a:42:41:
00:31:0f:f5:61:c2:98:c5:78:af:21:3f:2e:38:15:48:cc:7f:
07:46:d9:ce:1b:f8:8c:7c:08:f9:61:67:aa:00:c3:9b:55:81:
a1:1b:d6:ba:0b:c4:c6:79:b6:1d:fa:37:32:64:6c:37:f0:96:
55:92:2e:94:e6:40:d5:28:69:10:b5:2e:18:6c:53:b1:86:89:
d3:67:77:33:13:59:e5:99:60:19:b8:24:1a:29:ef:f6:17:74:
cf:de:9a:b8:33:38:eb:4d:74:ad:9d:3c:03:f5:98:35:f6:7f:
58:8b:b9:2c:80:51:da:02:b4:24:09:80:4f:dd:24:73:b7:fa:
f5:be:a2:78:ce:6c:38:50:3d:10:44:ff:13:fb:f9:45:5e:9d:
04:1c:fe:d5:ea:50:78:45:ad:99:e1:24:e1:59:95:dd:91:70:
7d:66:23:b1:74:06:21:a6:c4:11:ba:6c:e6:dc:fc:dc:e4:39:
f3:cf:e1:29:43:d4:d5:49:f5:77:f2:d5:4f:e8:2b:7e:a1:2e:
07:a6:5f:ab:5d:41:71:b6:ed:dc:8c:4a:c6:c3:ab:f9:31:28:
61:bb:bf:b9:da:66:71:53:7e:78:0f:29:af:2b:f6:9e:25:a5:
43:6f:04:9b
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgIBDjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE2
ODVFOTExMC8GA1UEBRMoRjY5OEI1QjQ3QTA2RDUzMDdERUM2MDg5NjkwNjMwNzRC
NjhGRjVDQTAeFw0yNTAxMTgwOTQ2MTdaFw0yNjA1MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3OGI3ODY5LTg3MDgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCkbbXMsiyQi04evz1AN47qaVT+SUJk+Nwn2ismfSb9jJUoO2MwZ9+NUsxqtvzO
ppmLIq2ysZBokCOJrkGp47uAi97mDqlpUA430PCTlf6/4nHYtz7eF9A+c81A09OF
rQxNLEKBkzC1X7Ou2z2Yygh23NvwgNpxQqkxjhoeqY7RC8U1EayGU0r9SfIWLFgI
WNxbnI/GxOCBQaL9kIfLLebxUv31CKNjJ8k7R1Tcg8Hv08XeEwxJffsXHAnll8Pw
SAVq3EpOvUf1CkaRzCyzwWldN+MHWadtAROybHd0a+ZbFguHVahal5QqzOGDad2o
80ML1cAkC15UqEUGtfkKonGBAgMBAAGjggKWMIICkjAdBgNVHQ4EFgQU8dyeWhGw
wid6opfHfcMnS3AsajswHwYDVR0jBBgwFoAU9pi1tHoG1TB97GCJaQYwdLaP9cow
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTY4NUU5L0M5MjgwNDNBRDE3
NjExRUY5NUM1REU1QUM0RjlBRTAyLzlwaTF0SG9HMVRCOTdHQ0phUVl3ZExhUDlj
by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvOXBpMXRIb0cxVEI5N0dDSmFRWXdkTGFQOWNvLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2
ODVFOS9DOTI4MDQzQUQxNzYxMUVGOTVDNURFNUFDNEY5QUUwMi8xMDFBQzNCQUQ1
ODExMUVGQUVERDBCNTRDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAgBggrBgEFBQcBBwEB/wQR
MA8wDQQCAAIwBwMFACQB6SAwDQYJKoZIhvcNAQELBQADggEBAJ1rjafsOEGvD1Vw
JAyMVnpCQQAxD/VhwpjFeK8hPy44FUjMfwdG2c4b+Ix8CPlhZ6oAw5tVgaEb1roL
xMZ5th36NzJkbDfwllWSLpTmQNUoaRC1LhhsU7GGidNndzMTWeWZYBm4JBop7/YX
dM/emrgzOOtNdK2dPAP1mDX2f1iLuSyAUdoCtCQJgE/dJHO3+vW+onjObDhQPRBE
/xP7+UVenQQc/tXqUHhFrZnhJOFZld2RcH1mI7F0BiGmxBG6bObc/NzkOfPP4SlD
1NVJ9Xfy1U/oK36hLgemX6tdQXG27dyMSsbDq/kxKGG7v7naZnFTfngPKa8r9p4l
pUNvBJs=
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:53:59 2025 by rpki-client