![](/console.gif)
Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9126A3C/7BFB4CACC6A011EF928B7960C4F9AE02/507396ECC6A111EFAB2F7E64C4F9AE02.roa
File: 507396ECC6A111EFAB2F7E64C4F9AE02.roa (raw, json)
Hash identifier: bXGvcyVkEzsPx80RY/HT8ApoXyk4U3xgvi1N/6AqftM=
Subject key identifier: A9:D7:18:AD:70:4B:CF:3C:F4:E0:29:D4:16:A7:6F:4D:18:9C:A2:1C
Certificate issuer: /CN=A9126A3C/serialNumber=EE819A49B8C8A84413EE8FE8326EF137F5185C66
Certificate serial: 02
Authority key identifier: EE:81:9A:49:B8:C8:A8:44:13:EE:8F:E8:32:6E:F1:37:F5:18:5C:66
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7oGaSbjIqEQT7o_oMm7xN_UYXGY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9126A3C/7BFB4CACC6A011EF928B7960C4F9AE02/507396ECC6A111EFAB2F7E64C4F9AE02.roa
Signing time: Mon 30 Dec 2024 11:29:21 +0000
ROA not before: Mon 30 Dec 2024 11:29:21 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 153476
IP address blocks: 2401:e4e0::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 30 Dec 2024 18:14:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9126A3C
Validity
Not Before: Dec 30 11:29:21 2024 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=67728411-d4c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:1a:96:87:18:26:a5:bd:65:f7:74:cb:81:3a:
85:ca:18:97:21:c9:5a:a9:1f:af:cc:b8:4d:22:36:
9d:38:9f:43:d1:26:bd:3a:d7:59:ef:70:85:6a:c3:
97:bf:d9:01:5c:d8:0d:8b:a2:61:28:62:2e:a8:e8:
75:31:ae:c0:46:67:fa:8e:c8:44:73:97:0f:d4:e0:
4e:dd:95:bb:82:d9:e0:b3:b1:aa:f2:46:07:48:11:
36:44:c0:03:2a:51:0f:b5:f2:4a:d5:97:04:10:66:
5c:3f:e0:c0:17:b4:e2:1e:85:80:b0:ac:6f:11:2e:
69:ef:27:6f:cf:1a:db:11:88:47:92:78:65:94:be:
55:ed:4c:24:88:cb:ac:62:33:3e:87:60:75:ed:77:
59:38:26:2a:9e:16:a4:e8:eb:63:5c:be:f9:30:46:
d0:f1:2c:0c:b2:8d:7b:69:c1:4a:98:f0:32:9a:4b:
76:77:0d:6a:e2:b2:1e:fd:ad:84:5e:f8:12:5e:c5:
f3:80:11:4a:04:ca:1e:6b:f6:c6:86:2a:2e:5c:47:
85:ed:1c:d1:8d:08:5d:c5:2c:3e:ff:60:e8:11:b1:
5c:94:bc:af:8c:0d:1f:24:df:bb:29:3d:ee:8b:1e:
51:1c:53:3a:21:60:ae:d7:c2:b6:cb:73:49:1f:97:
53:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:D7:18:AD:70:4B:CF:3C:F4:E0:29:D4:16:A7:6F:4D:18:9C:A2:1C
X509v3 Authority Key Identifier:
keyid:EE:81:9A:49:B8:C8:A8:44:13:EE:8F:E8:32:6E:F1:37:F5:18:5C:66
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9126A3C/7BFB4CACC6A011EF928B7960C4F9AE02/7oGaSbjIqEQT7o_oMm7xN_UYXGY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7oGaSbjIqEQT7o_oMm7xN_UYXGY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9126A3C/7BFB4CACC6A011EF928B7960C4F9AE02/507396ECC6A111EFAB2F7E64C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2401:e4e0::/32
Signature Algorithm: sha256WithRSAEncryption
c3:4f:0c:eb:64:a3:30:44:84:c7:67:03:91:1e:2f:74:a3:7c:
b4:be:27:40:24:19:ab:52:a4:21:fe:90:21:1d:5f:f0:f3:d5:
37:f6:c8:53:ca:6e:6f:cd:45:61:9b:06:84:8b:26:93:06:38:
fe:2c:34:df:65:5f:af:18:c1:fd:9e:bc:f5:f1:30:09:25:27:
e2:a3:b5:4a:95:06:cc:75:a8:97:5c:46:ce:d8:4e:a2:22:29:
28:f9:9a:ef:ab:5b:5c:8b:c5:f5:ec:eb:cf:37:59:ac:26:41:
7f:e2:ce:5e:e1:38:c8:df:13:54:b9:3b:d3:50:ff:37:80:aa:
67:3b:99:93:0d:3e:c7:cf:ea:54:bc:d2:53:e2:73:9c:90:df:
d0:31:2b:79:d8:dd:9b:bf:78:ba:a5:57:d8:c0:33:56:49:98:
ae:ef:ed:83:c1:da:64:37:f8:b7:47:f4:79:8e:12:4a:36:f0:
7f:6d:83:e1:6f:94:e8:23:a4:6b:82:75:61:8f:6e:5f:3a:e5:
50:5d:a3:23:8d:62:65:32:fc:e9:1d:45:d8:de:b7:4e:c8:81:
32:57:a4:b4:d8:52:85:a9:2f:0b:0e:f0:0c:29:a2:36:df:f4:
57:f1:73:d0:8b:5d:6f:61:0d:68:3b:69:b5:a8:db:41:b6:3b:
f2:fe:1b:f1
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEy
NkEzQzExMC8GA1UEBRMoRUU4MTlBNDlCOEM4QTg0NDEzRUU4RkU4MzI2RUYxMzdG
NTE4NUM2NjAeFw0yNDEyMzAxMTI5MjFaFw0yNjAzMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3NzI4NDExLWQ0YzgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC9GpaHGCalvWX3dMuBOoXKGJchyVqpH6/MuE0iNp04n0PRJr0611nvcIVqw5e/
2QFc2A2LomEoYi6o6HUxrsBGZ/qOyERzlw/U4E7dlbuC2eCzsaryRgdIETZEwAMq
UQ+18krVlwQQZlw/4MAXtOIehYCwrG8RLmnvJ2/PGtsRiEeSeGWUvlXtTCSIy6xi
Mz6HYHXtd1k4JiqeFqTo62NcvvkwRtDxLAyyjXtpwUqY8DKaS3Z3DWrish79rYRe
+BJexfOAEUoEyh5r9saGKi5cR4XtHNGNCF3FLD7/YOgRsVyUvK+MDR8k37spPe6L
HlEcUzohYK7XwrbLc0kfl1MNAgMBAAGjggKWMIICkjAdBgNVHQ4EFgQUqdcYrXBL
zzz04CnUFqdvTRicohwwHwYDVR0jBBgwFoAU7oGaSbjIqEQT7o/oMm7xN/UYXGYw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTI2QTNDLzdCRkI0Q0FDQzZB
MDExRUY5MjhCNzk2MEM0RjlBRTAyLzdvR2FTYmpJcUVRVDdvX29NbTd4Tl9VWVhH
WS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvN29HYVNiaklxRVFUN29fb01tN3hOX1VZWEdZLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy
NkEzQy83QkZCNENBQ0M2QTAxMUVGOTI4Qjc5NjBDNEY5QUUwMi81MDczOTZFQ0M2
QTExMUVGQUIyRjdFNjRDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAgBggrBgEFBQcBBwEB/wQR
MA8wDQQCAAIwBwMFACQB5OAwDQYJKoZIhvcNAQELBQADggEBAMNPDOtkozBEhMdn
A5EeL3SjfLS+J0AkGatSpCH+kCEdX/Dz1Tf2yFPKbm/NRWGbBoSLJpMGOP4sNN9l
X68Ywf2evPXxMAklJ+KjtUqVBsx1qJdcRs7YTqIiKSj5mu+rW1yLxfXs6883Wawm
QX/izl7hOMjfE1S5O9NQ/zeAqmc7mZMNPsfP6lS80lPic5yQ39AxK3nY3Zu/eLql
V9jAM1ZJmK7v7YPB2mQ3+LdH9HmOEko28H9tg+FvlOgjpGuCdWGPbl865VBdoyON
YmUy/OkdRdjet07IgTJXpLTYUoWpLwsO8Awpojbf9Ffxc9CLXW9hDWg7abWo20G2
O/L+G/E=
-----END CERTIFICATE-----
Generated at Thu Feb 6 04:48:55 2025 by rpki-client