Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9155810/7BA8D39CC70811EFA89B0C5FC4F9AE02/AAE30992C82B11EF8409A474C4F9AE02.roa
File: AAE30992C82B11EF8409A474C4F9AE02.roa (raw, json)
Hash identifier: PfvOzarAo9/JbSTiXzz90HPihHaX81EppFcwWReJ+Og=
Subject key identifier: F1:49:3E:12:3E:51:24:D3:CC:E5:C8:BF:03:4E:82:B1:AB:CB:0C:B8
Certificate issuer: /CN=A9155810/serialNumber=18EDABB2820CE25F90E8635C13B7F0D45F046376
Certificate serial: 06
Authority key identifier: 18:ED:AB:B2:82:0C:E2:5F:90:E8:63:5C:13:B7:F0:D4:5F:04:63:76
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GO2rsoIM4l-Q6GNcE7fw1F8EY3Y.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9155810/7BA8D39CC70811EFA89B0C5FC4F9AE02/AAE30992C82B11EF8409A474C4F9AE02.roa
Signing time: Wed 01 Jan 2025 10:32:15 +0000
ROA not before: Wed 01 Jan 2025 10:32:15 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 132221
IP address blocks: 2001:df4:d740::/48 maxlen: 48
2001:df4:d740::/50 maxlen: 50
Validation: Failed, certificate revoked on Wed 01 Jan 2025 22:16:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6 (0x6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9155810
Validity
Not Before: Jan 1 10:32:15 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=677519af-666d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:ef:c5:52:d8:1f:18:48:3e:71:ad:a7:5b:91:
82:d5:53:f1:38:87:7b:29:cf:b1:d8:39:c2:7f:94:
b1:77:13:73:41:fb:36:3f:cb:4c:4c:97:ac:48:3a:
8d:bb:2b:66:ac:d1:a1:81:08:68:63:5c:8c:86:09:
10:48:b2:f8:e2:06:89:26:bd:7c:d3:82:18:28:44:
6f:30:ff:8d:6d:e1:4a:c4:02:e3:78:52:1c:11:d6:
19:70:fc:d1:a3:5a:5c:f7:e1:48:20:8d:d7:dc:20:
7d:06:b0:53:21:5b:d8:08:50:ad:40:93:29:20:bd:
29:e3:f9:9d:d0:0b:d6:77:59:6b:c4:7f:40:ea:d9:
2f:6b:3d:50:35:56:4b:fb:e2:ed:b7:e3:7c:e9:90:
ba:5d:fa:25:f7:dd:a9:1a:82:76:65:dd:32:e3:96:
71:5e:79:82:f1:7d:e4:62:9f:dd:4c:1d:c4:a6:ef:
f6:8e:e0:36:45:8f:32:e3:99:9f:e5:37:00:1b:a7:
e8:a1:2d:eb:39:3e:9b:9a:83:94:b5:fa:25:88:95:
e0:7c:f5:74:ee:0e:0c:32:4c:87:82:5f:35:7e:c4:
8d:51:e5:30:c0:4e:ec:5c:fb:c4:13:cc:af:35:3b:
e5:e6:06:3d:b3:c9:69:23:94:c6:24:36:6d:c7:85:
32:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:49:3E:12:3E:51:24:D3:CC:E5:C8:BF:03:4E:82:B1:AB:CB:0C:B8
X509v3 Authority Key Identifier:
keyid:18:ED:AB:B2:82:0C:E2:5F:90:E8:63:5C:13:B7:F0:D4:5F:04:63:76
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9155810/7BA8D39CC70811EFA89B0C5FC4F9AE02/GO2rsoIM4l-Q6GNcE7fw1F8EY3Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GO2rsoIM4l-Q6GNcE7fw1F8EY3Y.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9155810/7BA8D39CC70811EFA89B0C5FC4F9AE02/AAE30992C82B11EF8409A474C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2001:df4:d740::/48
Signature Algorithm: sha256WithRSAEncryption
ad:4f:40:8f:ac:60:bf:ed:fc:06:7d:c1:16:30:30:b6:c4:86:
bc:9d:b9:c2:05:b3:de:33:ed:4b:be:95:25:d7:77:b7:b6:4f:
a1:ba:21:ff:0c:27:78:b9:a2:ac:14:17:bf:a4:21:c7:8c:9e:
87:b8:de:21:e8:c9:8d:18:b2:c8:29:09:23:ab:fd:a9:43:da:
b9:af:dd:a1:9b:1e:74:fb:13:fe:fa:0b:79:75:d9:7c:1a:5a:
ae:54:2d:c9:34:22:12:d9:a0:8b:87:21:23:9b:d8:28:ac:5a:
8b:2b:fe:4c:f4:52:82:a6:b3:2b:1d:8f:96:81:f6:80:02:94:
a4:02:33:ae:d3:96:22:f0:fd:e7:f6:11:55:c1:8b:81:9d:49:
f1:ce:2b:6b:18:8c:d2:ca:67:8c:b3:fb:09:b0:c1:5d:5f:b0:
6d:f7:40:f1:90:7d:5f:9f:80:a1:ba:7d:3e:6c:47:a0:8a:8c:
91:86:19:39:bc:6d:0f:24:18:48:15:a2:fa:35:64:9a:7e:b1:
07:e2:be:65:a8:e1:f3:4e:e2:b9:e1:a9:e8:d6:3d:91:09:40:
cf:96:eb:1c:ff:a8:18:3e:26:99:50:cc:20:b1:c6:11:8f:bd:
a1:d1:32:81:a6:83:ed:20:0d:ba:17:c3:97:7b:5d:8d:ba:ee:
bf:2b:d0:c7
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgIBBjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE1
NTgxMDExMC8GA1UEBRMoMThFREFCQjI4MjBDRTI1RjkwRTg2MzVDMTNCN0YwRDQ1
RjA0NjM3NjAeFw0yNTAxMDExMDMyMTVaFw0yNjAzMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3NzUxOWFmLTY2NmQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDa78VS2B8YSD5xradbkYLVU/E4h3spz7HYOcJ/lLF3E3NB+zY/y0xMl6xIOo27
K2as0aGBCGhjXIyGCRBIsvjiBokmvXzTghgoRG8w/41t4UrEAuN4UhwR1hlw/NGj
Wlz34UggjdfcIH0GsFMhW9gIUK1AkykgvSnj+Z3QC9Z3WWvEf0Dq2S9rPVA1Vkv7
4u2343zpkLpd+iX33akagnZl3TLjlnFeeYLxfeRin91MHcSm7/aO4DZFjzLjmZ/l
NwAbp+ihLes5Ppuag5S1+iWIleB89XTuDgwyTIeCXzV+xI1R5TDATuxc+8QTzK81
O+XmBj2zyWkjlMYkNm3HhTI9AgMBAAGjggKYMIIClDAdBgNVHQ4EFgQU8Uk+Ej5R
JNPM5ci/A06CsavLDLgwHwYDVR0jBBgwFoAUGO2rsoIM4l+Q6GNcE7fw1F8EY3Yw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTU1ODEwLzdCQThEMzlDQzcw
ODExRUZBODlCMEM1RkM0RjlBRTAyL0dPMnJzb0lNNGwtUTZHTmNFN2Z3MUY4RVkz
WS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvR08ycnNvSU00bC1RNkdOY0U3ZncxRjhFWTNZLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1
NTgxMC83QkE4RDM5Q0M3MDgxMUVGQTg5QjBDNUZDNEY5QUUwMi9BQUUzMDk5MkM4
MkIxMUVGODQwOUE0NzRDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAiBggrBgEFBQcBBwEB/wQT
MBEwDwQCAAIwCQMHACABDfTXQDANBgkqhkiG9w0BAQsFAAOCAQEArU9Aj6xgv+38
Bn3BFjAwtsSGvJ25wgWz3jPtS76VJdd3t7ZPoboh/wwneLmirBQXv6Qhx4yeh7je
IejJjRiyyCkJI6v9qUPaua/doZsedPsT/voLeXXZfBparlQtyTQiEtmgi4chI5vY
KKxaiyv+TPRSgqazKx2PloH2gAKUpAIzrtOWIvD95/YRVcGLgZ1J8c4raxiM0spn
jLP7CbDBXV+wbfdA8ZB9X5+Aobp9PmxHoIqMkYYZObxtDyQYSBWi+jVkmn6xB+K+
Zajh807iueGp6NY9kQlAz5brHP+oGD4mmVDMILHGEY+9odEygaaD7SANuhfDl3td
jbruvyvQxw==
-----END CERTIFICATE-----
Generated at Thu Feb 6 04:06:21 2025 by rpki-client