Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A3AB3/05ED94CE194C11EDAD38F22BC4F9AE02/32136556BE0911EF968E820FC4F9AE02.roa
File: 32136556BE0911EF968E820FC4F9AE02.roa (raw, json)
Hash identifier: 4bCkfy9g2C8ssAnRQuAnEbbQzUJjUI6UXxlQyCaObKQ=
Subject key identifier: D7:56:0E:F4:BB:85:74:C2:87:A6:AB:60:62:3E:A7:4F:4D:59:FD:2C
Certificate issuer: /CN=A91A3AB3/serialNumber=E4A94CFA8D2F9F5B39EF46350591CE312E514FB3
Certificate serial: 022D
Authority key identifier: E4:A9:4C:FA:8D:2F:9F:5B:39:EF:46:35:05:91:CE:31:2E:51:4F:B3
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5KlM-o0vn1s570Y1BZHOMS5RT7M.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A3AB3/05ED94CE194C11EDAD38F22BC4F9AE02/32136556BE0911EF968E820FC4F9AE02.roa
Signing time: Thu 19 Dec 2024 13:00:18 +0000
ROA not before: Thu 19 Dec 2024 13:00:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 2401:93e0:5::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 02 Feb 2025 14:30:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 557 (0x22d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A3AB3
Validity
Not Before: Dec 19 13:00:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=676418e1-a157
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:9b:71:ca:a2:d8:a9:40:61:30:7a:ad:16:dc:
bb:a3:56:f3:da:1e:49:40:01:00:9f:86:96:98:73:
6a:db:88:55:8e:2d:fc:ee:8d:12:bd:73:51:ad:81:
c6:dc:de:d2:a9:e9:61:00:0e:9b:27:76:c7:82:ce:
5b:67:d6:4b:e1:21:cc:88:46:7e:f4:1a:a3:7d:93:
45:6b:79:cf:02:a7:27:bc:27:a7:92:fe:3d:2c:46:
1f:94:61:85:64:4f:5e:4f:13:08:a5:d8:9e:d1:61:
4c:4b:6f:0f:e2:3d:4c:c2:8b:0c:09:68:48:c3:39:
a2:1f:d0:f4:0a:f1:64:60:39:84:06:3d:17:33:77:
ac:42:38:ff:07:ac:6e:db:17:45:7b:66:6a:7d:47:
09:2b:47:51:7c:de:af:e9:14:6b:98:9b:ac:3d:5e:
cf:bd:aa:fa:8a:30:0f:ad:8e:4a:51:dc:f0:03:21:
23:10:64:0c:1f:ce:c7:ff:8f:3f:f0:4a:96:ff:ac:
c9:63:a0:7f:0e:ad:a7:1e:e6:3e:a7:ba:43:fa:e7:
f7:cd:9c:e7:de:08:82:a5:a5:2b:29:f4:3f:5b:2b:
7a:00:d4:03:d5:de:6d:bd:86:bf:3e:f1:bc:69:29:
36:2a:71:11:1e:ed:45:40:1a:37:7a:02:5a:d0:a4:
17:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:56:0E:F4:BB:85:74:C2:87:A6:AB:60:62:3E:A7:4F:4D:59:FD:2C
X509v3 Authority Key Identifier:
keyid:E4:A9:4C:FA:8D:2F:9F:5B:39:EF:46:35:05:91:CE:31:2E:51:4F:B3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A3AB3/05ED94CE194C11EDAD38F22BC4F9AE02/5KlM-o0vn1s570Y1BZHOMS5RT7M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5KlM-o0vn1s570Y1BZHOMS5RT7M.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A3AB3/05ED94CE194C11EDAD38F22BC4F9AE02/32136556BE0911EF968E820FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2401:93e0:5::/48
Signature Algorithm: sha256WithRSAEncryption
4d:ab:c3:09:79:d0:4a:fb:05:4e:c3:09:4c:cd:a0:70:8a:ae:
30:de:c7:9c:a4:f4:42:51:3b:06:e3:51:30:e9:46:da:11:96:
16:5b:82:69:84:ce:5a:62:70:d4:7c:d4:4f:fd:84:ff:ab:9a:
e5:ae:07:f3:a6:a5:75:fc:48:6e:ef:36:66:54:8e:f8:61:d6:
2d:a6:af:83:ac:d8:65:b3:5b:6c:88:6b:e0:33:29:4f:0b:e1:
16:dd:5b:37:f8:32:ac:5a:58:7b:c9:e9:85:ed:7d:5c:11:f8:
2a:fa:81:f4:1c:63:94:f0:f9:ab:0f:79:27:42:77:28:ce:83:
df:5d:02:0e:93:a7:4c:cc:12:15:b8:9b:ca:ba:2b:37:65:ec:
72:26:a3:aa:5c:6f:f0:ac:78:d6:2f:e5:7c:e1:e0:32:27:df:
46:21:87:f2:9d:30:d0:8a:a6:99:4f:3d:c6:f0:d5:19:47:80:
a2:89:07:77:30:ff:d2:f1:01:0a:3d:8b:10:47:84:6f:88:ca:
71:ae:54:f8:40:11:7e:0e:50:5a:f1:70:2f:1c:4b:3f:39:1c:
1b:82:42:19:fc:de:82:7b:6d:5f:13:76:cc:6b:01:d4:39:c4:
fb:36:5e:76:99:87:19:40:83:69:7f:00:b1:7a:ac:5a:cc:9e:
67:14:fd:7c
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgICAi0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTNBQjMxMTAvBgNVBAUTKEU0QTk0Q0ZBOEQyRjlGNUIzOUVGNDYzNTA1OTFDRTMx
MkU1MTRGQjMwHhcNMjQxMjE5MTMwMDE4WhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzY0MThlMS1hMTU3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArJtxyqLYqUBhMHqtFty7o1bz2h5JQAEAn4aWmHNq24hVji387o0SvXNRrYHG
3N7SqelhAA6bJ3bHgs5bZ9ZL4SHMiEZ+9BqjfZNFa3nPAqcnvCenkv49LEYflGGF
ZE9eTxMIpdie0WFMS28P4j1MwosMCWhIwzmiH9D0CvFkYDmEBj0XM3esQjj/B6xu
2xdFe2ZqfUcJK0dRfN6v6RRrmJusPV7Pvar6ijAPrY5KUdzwAyEjEGQMH87H/48/
8EqW/6zJY6B/Dq2nHuY+p7pD+uf3zZzn3giCpaUrKfQ/Wyt6ANQD1d5tvYa/PvG8
aSk2KnERHu1FQBo3egJa0KQX0wIDAQABo4ICmDCCApQwHQYDVR0OBBYEFNdWDvS7
hXTCh6arYGI+p09NWf0sMB8GA1UdIwQYMBaAFOSpTPqNL59bOe9GNQWRzjEuUU+z
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBM0FCMy8wNUVEOTRDRTE5
NEMxMUVEQUQzOEYyMkJDNEY5QUUwMi81S2xNLW8wdm4xczU3MFkxQlpIT01TNVJU
N00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzVLbE0tbzB2bjFzNTcwWTFCWkhPTVM1UlQ3TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTNBQjMvMDVFRDk0Q0UxOTRDMTFFREFEMzhGMjJCQzRGOUFFMDIvMzIxMzY1NTZC
RTA5MTFFRjk2OEU4MjBGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwAkAZPgAAUwDQYJKoZIhvcNAQELBQADggEBAE2rwwl50Er7
BU7DCUzNoHCKrjDex5yk9EJROwbjUTDpRtoRlhZbgmmEzlpicNR81E/9hP+rmuWu
B/OmpXX8SG7vNmZUjvhh1i2mr4Os2GWzW2yIa+AzKU8L4RbdWzf4MqxaWHvJ6YXt
fVwR+Cr6gfQcY5Tw+asPeSdCdyjOg99dAg6Tp0zMEhW4m8q6Kzdl7HImo6pcb/Cs
eNYv5Xzh4DIn30Yhh/KdMNCKpplPPcbw1RlHgKKJB3cw/9LxAQo9ixBHhG+IynGu
VPhAEX4OUFrxcC8cSz85HBuCQhn83oJ7bV8TdsxrAdQ5xPs2XnaZhxlAg2l/ALF6
rFrMnmcU/Xw=
-----END CERTIFICATE-----
Generated at Fri Apr 11 19:52:29 2025 by rpki-client