Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9186A4B/5DA5C2763EEA11E997B79831C4F9AE02/0E37BE12773E11ECAD064E68C4F9AE02.roa
File: 0E37BE12773E11ECAD064E68C4F9AE02.roa (raw, json)
Hash identifier: SaPDHfkJq6+olJp+pCEwWUsbU8ig75YR7kl23PYTmrE=
Subject key identifier: AC:02:30:31:52:22:53:05:93:47:E5:1C:88:D9:FB:E9:91:D9:54:2D
Certificate issuer: /CN=A9186A4B/serialNumber=1563CCE89C5BAC3C104DED362B39F3B2F259F010
Certificate serial: 102B
Authority key identifier: 15:63:CC:E8:9C:5B:AC:3C:10:4D:ED:36:2B:39:F3:B2:F2:59:F0:10
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FWPM6JxbrDwQTe02KznzsvJZ8BA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9186A4B/5DA5C2763EEA11E997B79831C4F9AE02/0E37BE12773E11ECAD064E68C4F9AE02.roa
Signing time: Wed 02 Apr 2025 17:46:49 +0000
ROA not before: Wed 02 Apr 2025 17:46:49 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 32519
IP address blocks: 2404:8840::/32 maxlen: 128
Validation: Failed, certificate revoked on Wed 23 Jul 2025 20:45:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4139 (0x102b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9186A4B, serialNumber=1563CCE89C5BAC3C104DED362B39F3B2F259F010
Validity
Not Before: Apr 2 17:46:49 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=67ed7809-2fb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:23:17:60:1b:00:c2:b0:4c:ba:5f:49:b7:2d:
4d:ad:da:38:03:12:90:6e:cd:2b:99:71:0a:8c:38:
9f:8a:2e:e4:71:31:d0:1b:2c:9d:e8:34:d0:0a:61:
af:cc:cf:7e:ff:9f:45:54:10:6b:46:41:35:d0:58:
6f:ce:33:be:59:73:37:9b:9d:65:60:b6:cc:6b:9f:
7c:f5:4d:03:6a:bd:a3:92:da:02:31:b2:e7:38:95:
99:c1:f2:2f:55:1a:c0:bd:b3:1c:35:f7:4d:40:14:
17:17:be:b8:0d:9d:47:9c:cb:52:70:a4:b6:33:39:
38:d3:19:7f:5a:db:93:b4:0b:3c:48:d2:ef:db:00:
86:8a:a4:a2:b2:6e:fa:44:65:e9:1f:64:5a:66:89:
97:03:35:3c:1e:16:08:67:f1:ac:86:6d:ec:0c:58:
60:90:9f:c7:45:b0:0b:58:1a:fa:00:05:a8:ab:f2:
c3:c8:ca:fe:b7:fa:d5:67:41:fc:fb:e1:1a:a7:73:
49:1e:6a:7a:5b:fb:ed:59:bc:55:82:a5:6c:46:97:
83:96:33:6a:58:f8:ba:fb:f5:ed:c3:e1:35:32:ba:
7b:eb:54:a2:51:21:13:76:e5:25:ec:6c:87:7c:84:
7e:92:fa:df:3b:39:7b:7f:a4:2c:f5:b7:e5:5c:f1:
03:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:02:30:31:52:22:53:05:93:47:E5:1C:88:D9:FB:E9:91:D9:54:2D
X509v3 Authority Key Identifier:
keyid:15:63:CC:E8:9C:5B:AC:3C:10:4D:ED:36:2B:39:F3:B2:F2:59:F0:10
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9186A4B/5DA5C2763EEA11E997B79831C4F9AE02/FWPM6JxbrDwQTe02KznzsvJZ8BA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FWPM6JxbrDwQTe02KznzsvJZ8BA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9186A4B/5DA5C2763EEA11E997B79831C4F9AE02/0E37BE12773E11ECAD064E68C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2404:8840::/32
Signature Algorithm: sha256WithRSAEncryption
a2:00:6d:1d:ea:f0:ac:9c:cb:6b:f2:d1:86:b8:7c:b9:2d:cb:
09:d3:44:04:dc:0d:fe:7f:a6:07:33:27:3f:bd:14:60:27:e0:
51:3b:2c:6d:d0:63:3b:2c:40:1c:81:ce:52:79:eb:da:41:ea:
78:d1:0d:0c:fc:2b:4f:ba:85:03:bc:37:fd:c2:be:5d:db:85:
58:d0:b3:b9:2d:18:75:f0:d0:c2:89:ae:3a:9e:8b:88:7b:ba:
ce:74:bf:1e:ed:67:65:5a:0e:06:b9:13:9e:70:e2:96:04:e2:
13:0e:0e:31:34:ee:bb:62:12:dd:be:46:ac:a9:76:d0:27:06:
94:04:b0:3b:d7:d7:73:64:55:f2:50:2d:9e:97:0d:11:7a:bb:
93:30:d8:43:40:e9:33:d9:a3:5f:a8:c9:34:52:65:ad:cb:3b:
6b:92:ab:e3:73:f7:1c:93:75:5f:05:61:64:17:c8:d9:ee:a1:
5c:b5:17:f5:61:d1:b7:40:4c:6e:83:dc:18:4f:22:30:bd:1c:
b9:8c:a5:8c:61:7d:d9:50:97:02:82:d5:87:a4:b5:14:b0:be:
78:ef:81:28:08:89:5e:13:95:e7:5b:49:d4:cf:7d:a0:7a:f5:
d9:67:1c:93:b5:f1:12:c8:2d:29:1f:74:57:ec:98:18:c6:f8:
65:0e:d2:db
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgICECswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
ODZBNEIxMTAvBgNVBAUTKDE1NjNDQ0U4OUM1QkFDM0MxMDRERUQzNjJCMzlGM0Iy
RjI1OUYwMTAwHhcNMjUwNDAyMTc0NjQ5WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02N2VkNzgwOS0yZmI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnCMXYBsAwrBMul9Jty1Nrdo4AxKQbs0rmXEKjDifii7kcTHQGyyd6DTQCmGv
zM9+/59FVBBrRkE10FhvzjO+WXM3m51lYLbMa5989U0Dar2jktoCMbLnOJWZwfIv
VRrAvbMcNfdNQBQXF764DZ1HnMtScKS2Mzk40xl/WtuTtAs8SNLv2wCGiqSism76
RGXpH2RaZomXAzU8HhYIZ/Gshm3sDFhgkJ/HRbALWBr6AAWoq/LDyMr+t/rVZ0H8
++Eap3NJHmp6W/vtWbxVgqVsRpeDljNqWPi6+/Xtw+E1Mrp761SiUSETduUl7GyH
fIR+kvrfOzl7f6Qs9bflXPEDlwIDAQABo4ICljCCApIwHQYDVR0OBBYEFKwCMDFS
IlMFk0flHIjZ++mR2VQtMB8GA1UdIwQYMBaAFBVjzOicW6w8EE3tNis587LyWfAQ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NkE0Qi81REE1QzI3NjNF
RUExMUU5OTdCNzk4MzFDNEY5QUUwMi9GV1BNNkp4YnJEd1FUZTAyS3puenN2Slo4
QkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZXUE02SnhickR3UVRlMDJLem56c3ZKWjhCQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
ODZBNEIvNURBNUMyNzYzRUVBMTFFOTk3Qjc5ODMxQzRGOUFFMDIvMEUzN0JFMTI3
NzNFMTFFQ0FEMDY0RTY4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIAYIKwYBBQUHAQcBAf8E
ETAPMA0EAgACMAcDBQAkBIhAMA0GCSqGSIb3DQEBCwUAA4IBAQCiAG0d6vCsnMtr
8tGGuHy5LcsJ00QE3A3+f6YHMyc/vRRgJ+BROyxt0GM7LEAcgc5SeevaQep40Q0M
/CtPuoUDvDf9wr5d24VY0LO5LRh18NDCia46nouIe7rOdL8e7WdlWg4GuROecOKW
BOITDg4xNO67YhLdvkasqXbQJwaUBLA719dzZFXyUC2elw0ReruTMNhDQOkz2aNf
qMk0UmWtyztrkqvjc/cck3VfBWFkF8jZ7qFctRf1YdG3QExug9wYTyIwvRy5jKWM
YX3ZUJcCgtWHpLUUsL5474EoCIleE5XnW0nUz32gevXZZxyTtfESyC0pH3RX7JgY
xvhlDtLb
-----END CERTIFICATE-----
Generated at Thu Jul 24 08:32:53 2025 by rpki-client