Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9170EED/3FF3940E853B11EFA3072349C4F9AE02/4EF4E7F0BB2D11EFA5417B57C4F9AE02.roa
File: 4EF4E7F0BB2D11EFA5417B57C4F9AE02.roa (raw, json)
Hash identifier: IzPz3brwwRUjlnZ6dIHZljy66j7yQtJzpEBJ+UDQJ4U=
Subject key identifier: C0:57:CA:12:91:7B:60:22:28:DE:D6:CC:83:77:12:56:83:0A:FA:67
Certificate issuer: /CN=A9170EED/serialNumber=EDFE706C949B5ECF1DBBE460DBD04EFE7C1E128B
Certificate serial: 2E
Authority key identifier: ED:FE:70:6C:94:9B:5E:CF:1D:BB:E4:60:DB:D0:4E:FE:7C:1E:12:8B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7f5wbJSbXs8du-Rg29BO_nweEos.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9170EED/3FF3940E853B11EFA3072349C4F9AE02/4EF4E7F0BB2D11EFA5417B57C4F9AE02.roa
Signing time: Sun 15 Dec 2024 21:41:14 +0000
ROA not before: Sun 15 Dec 2024 21:41:14 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 64073
IP address blocks: 2001:df4:5e41::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 08 Jan 2025 22:02:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 46 (0x2e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9170EED
Validity
Not Before: Dec 15 21:41:14 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=675f4cfa-b707
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:17:97:d0:cf:95:56:c1:7c:7a:52:43:ea:63:
63:87:2d:d3:6c:d1:84:07:b2:f4:23:fe:6b:c3:d2:
7c:7a:af:b5:c5:d3:10:c5:5f:bc:64:ae:e6:bd:2e:
7f:45:0e:af:58:43:e2:e0:42:e4:b3:3d:38:09:48:
54:7a:1f:7e:7a:13:c9:3c:51:ab:91:ff:51:dd:27:
7f:f5:f2:1b:59:fe:2c:32:5b:74:2d:5d:2e:f7:b6:
d7:0a:85:14:be:f4:b9:03:2a:82:76:42:b2:b9:a8:
20:67:2e:29:02:e3:75:98:2e:d6:5d:28:bf:72:f5:
bb:05:61:85:d5:4d:1b:8f:18:bd:a0:68:94:c6:e9:
7b:61:bc:89:1e:e1:fa:f6:b3:cd:80:79:3c:36:c1:
93:de:1f:fb:ef:27:1c:dc:02:be:a4:74:67:58:af:
8c:3c:05:54:01:14:61:5d:92:b9:f6:3e:91:d8:5a:
ec:e8:f1:58:b5:67:9a:c0:40:98:4c:b3:65:bc:55:
44:16:42:40:6b:cf:a8:2c:f9:a2:4c:cb:df:c2:3f:
f3:cc:90:9b:6d:e4:21:1b:bd:53:33:8c:5d:3f:07:
fe:00:06:a8:5b:fe:db:62:ea:28:a6:10:d4:bf:f3:
a9:cf:b0:19:b6:5d:22:1c:00:3c:85:80:33:3d:7b:
1b:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:57:CA:12:91:7B:60:22:28:DE:D6:CC:83:77:12:56:83:0A:FA:67
X509v3 Authority Key Identifier:
keyid:ED:FE:70:6C:94:9B:5E:CF:1D:BB:E4:60:DB:D0:4E:FE:7C:1E:12:8B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9170EED/3FF3940E853B11EFA3072349C4F9AE02/7f5wbJSbXs8du-Rg29BO_nweEos.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7f5wbJSbXs8du-Rg29BO_nweEos.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9170EED/3FF3940E853B11EFA3072349C4F9AE02/4EF4E7F0BB2D11EFA5417B57C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2001:df4:5e41::/48
Signature Algorithm: sha256WithRSAEncryption
a9:1a:95:1b:6c:49:26:0c:5b:c5:43:a6:f4:cd:0f:7b:cf:89:
ab:69:53:21:b5:b8:33:8c:7e:36:05:b1:16:92:32:d3:9e:1d:
39:b9:64:d1:d5:79:87:4c:bb:53:6b:af:15:b0:fb:d3:12:37:
a5:79:20:41:33:ab:a7:06:de:fc:d4:a6:f9:37:95:d1:39:04:
c6:ef:28:15:94:0d:b6:61:63:33:11:e3:a8:9a:5a:da:d0:cb:
a2:88:a5:9d:3f:8c:74:13:c0:21:86:1c:ca:be:31:32:9c:03:
80:e8:f6:9a:5c:2e:09:76:af:ff:0b:04:9a:40:e0:c0:52:af:
e8:df:6d:d9:2f:4b:39:19:fe:98:89:5d:c4:d5:a5:42:87:fe:
0a:ab:39:84:44:8c:3b:24:4f:96:28:89:36:a0:73:4a:7f:15:
fa:b9:9e:88:a3:cb:88:ca:55:12:76:b2:7a:18:22:e4:71:42:
a2:0c:5f:34:f2:2d:ea:ff:e3:fb:0b:44:f8:6e:37:8c:a2:89:
33:79:61:69:da:ac:32:e0:97:fb:35:e1:fd:e5:fa:1a:7c:0d:
9f:e4:31:39:26:2f:ed:30:16:6f:25:b9:18:38:34:cc:44:d0:
b1:b8:b5:a6:e4:b9:e1:d3:ab:9c:e6:45:47:9c:80:e9:a5:2e:
6b:0b:2d:70
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgIBLjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3
MEVFRDExMC8GA1UEBRMoRURGRTcwNkM5NDlCNUVDRjFEQkJFNDYwREJEMDRFRkU3
QzFFMTI4QjAeFw0yNDEyMTUyMTQxMTRaFw0yNjAxMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3NWY0Y2ZhLWI3MDcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDDF5fQz5VWwXx6UkPqY2OHLdNs0YQHsvQj/mvD0nx6r7XF0xDFX7xkrua9Ln9F
Dq9YQ+LgQuSzPTgJSFR6H356E8k8UauR/1HdJ3/18htZ/iwyW3QtXS73ttcKhRS+
9LkDKoJ2QrK5qCBnLikC43WYLtZdKL9y9bsFYYXVTRuPGL2gaJTG6XthvIke4fr2
s82AeTw2wZPeH/vvJxzcAr6kdGdYr4w8BVQBFGFdkrn2PpHYWuzo8Vi1Z5rAQJhM
s2W8VUQWQkBrz6gs+aJMy9/CP/PMkJtt5CEbvVMzjF0/B/4ABqhb/tti6iimENS/
86nPsBm2XSIcADyFgDM9exs3AgMBAAGjggKYMIIClDAdBgNVHQ4EFgQUwFfKEpF7
YCIo3tbMg3cSVoMK+mcwHwYDVR0jBBgwFoAU7f5wbJSbXs8du+Rg29BO/nweEosw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTcwRUVELzNGRjM5NDBFODUz
QjExRUZBMzA3MjM0OUM0RjlBRTAyLzdmNXdiSlNiWHM4ZHUtUmcyOUJPX253ZUVv
cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvN2Y1d2JKU2JYczhkdS1SZzI5Qk9fbndlRW9zLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
MEVFRC8zRkYzOTQwRTg1M0IxMUVGQTMwNzIzNDlDNEY5QUUwMi80RUY0RTdGMEJC
MkQxMUVGQTU0MTdCNTdDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAiBggrBgEFBQcBBwEB/wQT
MBEwDwQCAAIwCQMHACABDfReQTANBgkqhkiG9w0BAQsFAAOCAQEAqRqVG2xJJgxb
xUOm9M0Pe8+Jq2lTIbW4M4x+NgWxFpIy054dOblk0dV5h0y7U2uvFbD70xI3pXkg
QTOrpwbe/NSm+TeV0TkExu8oFZQNtmFjMxHjqJpa2tDLooilnT+MdBPAIYYcyr4x
MpwDgOj2mlwuCXav/wsEmkDgwFKv6N9t2S9LORn+mIldxNWlQof+Cqs5hESMOyRP
liiJNqBzSn8V+rmeiKPLiMpVEnayehgi5HFCogxfNPIt6v/j+wtE+G43jKKJM3lh
adqsMuCX+zXh/eX6GnwNn+QxOSYv7TAWbyW5GDg0zETQsbi1puS54dOrnOZFR5yA
6aUuawstcA==
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:15:24 2025 by rpki-client