Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9155810/7BA8D39CC70811EFA89B0C5FC4F9AE02/9A3C4902C70C11EFB4F8FE29C4F9AE02.roa
File: 9A3C4902C70C11EFB4F8FE29C4F9AE02.roa (raw, json)
Hash identifier: jzM2mDYofu7wbM86J0MCQS9QGNRewvgHnBpf5zGRGk8=
Subject key identifier: C5:A9:68:8E:E9:7C:FE:57:7A:62:75:D1:53:02:90:1C:F4:78:92:5A
Certificate issuer: /CN=A9155810/serialNumber=18EDABB2820CE25F90E8635C13B7F0D45F046376
Certificate serial: 03
Authority key identifier: 18:ED:AB:B2:82:0C:E2:5F:90:E8:63:5C:13:B7:F0:D4:5F:04:63:76
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GO2rsoIM4l-Q6GNcE7fw1F8EY3Y.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9155810/7BA8D39CC70811EFA89B0C5FC4F9AE02/9A3C4902C70C11EFB4F8FE29C4F9AE02.roa
Signing time: Tue 31 Dec 2024 00:17:22 +0000
ROA not before: Tue 31 Dec 2024 00:17:22 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 132221
IP address blocks: 2001:df4:d740::/48 maxlen: 50
Validation: Failed, certificate revoked on Wed 01 Jan 2025 10:32:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3 (0x3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9155810
Validity
Not Before: Dec 31 00:17:22 2024 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=67733811-24dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:e4:81:e9:b1:c5:54:3a:e9:7c:13:fc:d6:2d:
c5:03:21:30:ea:d2:05:f1:cf:eb:d6:93:8f:57:28:
f6:73:39:09:7a:42:4e:3c:bc:99:04:fd:f8:64:df:
6d:a9:d9:58:dc:56:7f:51:14:07:72:42:6a:23:ac:
ff:36:28:85:25:e4:89:98:56:53:70:4d:8a:3b:a3:
13:a2:bd:ae:16:d4:82:17:85:ac:03:17:53:db:44:
6f:22:e2:cc:03:82:b1:2b:5b:d1:2f:96:8f:12:7d:
9f:1a:f3:90:8f:33:d1:94:b3:d8:cb:76:ea:95:fd:
cb:da:78:1a:61:cc:36:4f:a9:81:de:49:f2:b8:73:
b1:f9:37:a4:f4:c9:1e:51:42:e3:e5:53:91:65:1b:
b6:88:58:19:68:76:74:ef:8b:ff:bf:02:02:07:46:
ca:f9:db:0a:4a:fd:0d:67:56:bb:f8:e7:48:15:78:
8f:d1:d0:0d:6c:ec:04:5d:ef:5c:d6:fb:44:75:ca:
73:f5:e8:fd:71:2a:3d:8f:52:70:e7:32:c4:88:b3:
be:07:73:98:57:f4:52:2a:70:32:5f:00:d3:13:91:
4c:7c:00:8c:72:85:19:18:e5:4f:ba:0a:d3:94:25:
0d:d8:6e:87:33:19:02:6c:7b:b3:01:a7:2a:62:49:
16:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:A9:68:8E:E9:7C:FE:57:7A:62:75:D1:53:02:90:1C:F4:78:92:5A
X509v3 Authority Key Identifier:
keyid:18:ED:AB:B2:82:0C:E2:5F:90:E8:63:5C:13:B7:F0:D4:5F:04:63:76
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9155810/7BA8D39CC70811EFA89B0C5FC4F9AE02/GO2rsoIM4l-Q6GNcE7fw1F8EY3Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GO2rsoIM4l-Q6GNcE7fw1F8EY3Y.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9155810/7BA8D39CC70811EFA89B0C5FC4F9AE02/9A3C4902C70C11EFB4F8FE29C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2001:df4:d740::/48
Signature Algorithm: sha256WithRSAEncryption
34:4f:55:6c:a7:d1:97:b2:52:69:ee:ae:a2:24:ea:ff:a3:1c:
69:a1:22:2f:9c:1e:c7:ec:0f:db:62:36:4a:07:04:e2:21:9a:
b6:b1:33:0b:73:c8:71:fa:f8:ea:e5:02:d5:16:ef:40:98:9b:
a8:2c:da:e4:f4:4c:d3:fb:be:43:22:85:80:86:c1:f8:81:e8:
32:31:29:21:d8:1e:27:cd:67:6f:50:0d:3f:d9:74:ae:d1:15:
d0:08:ba:fe:bc:3b:3b:f2:a2:54:fe:10:76:49:50:98:61:17:
ec:87:c7:41:aa:4a:2e:56:3b:e8:6e:3d:32:55:6f:64:b0:8e:
4a:57:e6:61:48:a3:f2:19:59:83:c7:58:3f:7b:4c:3f:57:6c:
a1:6a:6a:90:0a:aa:c7:63:20:d0:b8:5c:7c:f7:02:2f:ee:e7:
e0:f4:fb:69:78:ff:31:35:fa:a8:84:a3:d0:63:07:ff:6d:02:
8b:26:f2:60:c0:57:df:85:96:6c:2f:7a:47:f3:5c:ab:fc:8f:
0b:83:28:0c:0e:32:ad:a3:21:b4:51:7f:9a:ac:02:54:79:15:
a0:56:28:b7:0e:5d:17:c0:d4:06:74:e7:c0:44:1b:0e:a9:e3:
5f:bb:48:d0:5f:63:72:c3:bd:c1:6a:d4:5a:d1:71:0e:ae:6b:
d7:91:49:c9
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgIBAzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE1
NTgxMDExMC8GA1UEBRMoMThFREFCQjI4MjBDRTI1RjkwRTg2MzVDMTNCN0YwRDQ1
RjA0NjM3NjAeFw0yNDEyMzEwMDE3MjJaFw0yNjAzMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3NzMzODExLTI0ZGMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCv5IHpscVUOul8E/zWLcUDITDq0gXxz+vWk49XKPZzOQl6Qk48vJkE/fhk322p
2VjcVn9RFAdyQmojrP82KIUl5ImYVlNwTYo7oxOiva4W1IIXhawDF1PbRG8i4swD
grErW9Evlo8SfZ8a85CPM9GUs9jLduqV/cvaeBphzDZPqYHeSfK4c7H5N6T0yR5R
QuPlU5FlG7aIWBlodnTvi/+/AgIHRsr52wpK/Q1nVrv450gVeI/R0A1s7ARd71zW
+0R1ynP16P1xKj2PUnDnMsSIs74Hc5hX9FIqcDJfANMTkUx8AIxyhRkY5U+6CtOU
JQ3YboczGQJse7MBpypiSRaPAgMBAAGjggKYMIIClDAdBgNVHQ4EFgQUxalojul8
/ld6YnXRUwKQHPR4klowHwYDVR0jBBgwFoAUGO2rsoIM4l+Q6GNcE7fw1F8EY3Yw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTU1ODEwLzdCQThEMzlDQzcw
ODExRUZBODlCMEM1RkM0RjlBRTAyL0dPMnJzb0lNNGwtUTZHTmNFN2Z3MUY4RVkz
WS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvR08ycnNvSU00bC1RNkdOY0U3ZncxRjhFWTNZLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1
NTgxMC83QkE4RDM5Q0M3MDgxMUVGQTg5QjBDNUZDNEY5QUUwMi85QTNDNDkwMkM3
MEMxMUVGQjRGOEZFMjlDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAiBggrBgEFBQcBBwEB/wQT
MBEwDwQCAAIwCQMHACABDfTXQDANBgkqhkiG9w0BAQsFAAOCAQEANE9VbKfRl7JS
ae6uoiTq/6McaaEiL5wex+wP22I2SgcE4iGatrEzC3PIcfr46uUC1RbvQJibqCza
5PRM0/u+QyKFgIbB+IHoMjEpIdgeJ81nb1ANP9l0rtEV0Ai6/rw7O/KiVP4QdklQ
mGEX7IfHQapKLlY76G49MlVvZLCOSlfmYUij8hlZg8dYP3tMP1dsoWpqkAqqx2Mg
0LhcfPcCL+7n4PT7aXj/MTX6qISj0GMH/20CiybyYMBX34WWbC96R/Ncq/yPC4Mo
DA4yraMhtFF/mqwCVHkVoFYotw5dF8DUBnTnwEQbDqnjX7tI0F9jcsO9wWrUWtFx
Dq5r15FJyQ==
-----END CERTIFICATE-----
Generated at Thu Feb 6 04:05:15 2025 by rpki-client