Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917C909/07797FE4C0DC11EF9E871844C4F9AE02/AEFA261CD3D111EFAA9D5437C4F9AE02.roa
File: AEFA261CD3D111EFAA9D5437C4F9AE02.roa (raw, json)
Hash identifier: HpVA0aEQaPxHwSSyV1vSexIe1f509Q+LhSxyOJ/M/Hg=
Subject key identifier: 84:74:AA:AB:78:36:60:61:60:C2:A9:8D:D9:2D:89:3F:40:8F:B1:75
Certificate issuer: /CN=A917C909/serialNumber=AA0B782DB9932E22FDDEF0C3F75596EE0945E12D
Certificate serial: 10
Authority key identifier: AA:0B:78:2D:B9:93:2E:22:FD:DE:F0:C3:F7:55:96:EE:09:45:E1:2D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qgt4LbmTLiL93vDD91WW7glF4S0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917C909/07797FE4C0DC11EF9E871844C4F9AE02/AEFA261CD3D111EFAA9D5437C4F9AE02.roa
Signing time: Thu 16 Jan 2025 06:18:21 +0000
ROA not before: Thu 16 Jan 2025 06:18:21 +0000
ROA not after: Tue 31 Mar 2026 00:00:00 +0000
asID: 133458
IP address blocks: 2401:e260::/32 maxlen: 40
Validation: Failed, certificate revoked on Fri 17 Jan 2025 01:42:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16 (0x10)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917C909
Validity
Not Before: Jan 16 06:18:21 2025 GMT
Not After : Mar 31 00:00:00 2026 GMT
Subject: CN=6788a4ad-f275
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:30:c7:f8:b1:96:33:31:b9:13:7a:30:49:2b:
69:bb:47:72:20:21:2b:1f:ef:66:d0:2a:ae:bd:71:
de:03:26:27:f9:f7:72:54:5c:e2:e6:8a:b2:6f:b0:
c2:10:fb:21:0f:2e:2c:cf:23:06:7a:ac:fd:e7:ca:
16:21:1c:0d:c5:2b:63:fa:ec:d7:95:d6:54:5f:40:
ee:92:c2:46:68:dc:68:e8:e4:e3:24:6b:02:47:a3:
5c:f8:f6:25:d1:45:36:fc:e1:9b:50:8e:3a:c9:c3:
6b:42:a8:e5:1d:b4:66:13:dc:6e:4e:38:7e:fe:e3:
ab:9e:08:ad:b3:8d:d2:c2:e8:5c:08:a3:97:4a:63:
65:d0:b4:c9:65:ee:b1:ba:51:c1:8f:39:0f:64:10:
8f:e1:a0:2e:45:f3:63:e8:b4:fb:79:34:87:0a:fc:
56:84:da:95:1b:53:53:27:23:0e:5e:d3:65:43:c1:
c3:58:3f:eb:57:a8:51:48:2f:f8:57:53:d2:5b:fe:
41:57:9b:dd:d6:44:7f:67:f0:14:70:b5:16:61:7d:
18:f4:0e:e8:90:78:e1:87:51:63:95:c5:d3:cf:43:
ae:08:15:3d:6e:22:58:fe:17:a8:1d:32:4e:52:f9:
cf:68:a1:9b:e3:e6:d0:4a:8c:c4:e4:22:c8:55:b6:
44:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:74:AA:AB:78:36:60:61:60:C2:A9:8D:D9:2D:89:3F:40:8F:B1:75
X509v3 Authority Key Identifier:
keyid:AA:0B:78:2D:B9:93:2E:22:FD:DE:F0:C3:F7:55:96:EE:09:45:E1:2D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917C909/07797FE4C0DC11EF9E871844C4F9AE02/qgt4LbmTLiL93vDD91WW7glF4S0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qgt4LbmTLiL93vDD91WW7glF4S0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917C909/07797FE4C0DC11EF9E871844C4F9AE02/AEFA261CD3D111EFAA9D5437C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2401:e260::/32
Signature Algorithm: sha256WithRSAEncryption
5b:5f:60:9e:12:93:9e:08:cc:47:2e:5a:dc:8c:c0:0b:5e:dc:
d3:98:f2:85:f5:e7:85:16:ce:89:91:73:41:6e:2f:3e:cd:b8:
d9:5b:95:b1:3a:e0:75:d1:14:4e:1d:e2:63:11:9f:73:76:3f:
2a:d1:0e:76:0b:10:d1:8f:15:e8:be:d7:30:0d:79:cf:8b:70:
0e:86:7f:95:90:c6:fa:a5:88:49:57:35:6c:97:00:e2:7f:56:
9a:1f:30:e5:37:7b:bd:fd:47:ca:51:96:cb:bb:89:b9:47:29:
ef:22:5a:3c:29:dd:30:d7:80:f7:6e:ef:c4:1a:d0:5d:4b:fa:
7a:a3:ca:ea:f7:a2:fd:78:cd:f9:c4:31:25:d4:da:7c:99:c5:
dc:d5:5c:fd:52:c8:eb:1a:9b:c4:9b:79:0e:52:cc:b9:c3:8f:
5c:69:c2:7f:c6:0b:dc:65:b9:79:a6:c4:da:fb:31:13:c8:ed:
0a:c6:e3:41:47:9d:17:13:6b:0c:f1:a9:bc:50:19:e7:5e:50:
a9:a9:f5:95:d8:0e:62:b2:fe:08:85:7d:70:f5:01:2a:87:86:
3c:6b:e2:32:91:42:d5:cb:32:86:f7:06:ed:3f:fb:62:bb:b4:
c6:ac:da:82:88:79:68:a0:5c:98:fc:63:50:6a:ea:06:46:aa:
fd:d0:2b:da
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgIBEDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3
QzkwOTExMC8GA1UEBRMoQUEwQjc4MkRCOTkzMkUyMkZEREVGMEMzRjc1NTk2RUUw
OTQ1RTEyRDAeFw0yNTAxMTYwNjE4MjFaFw0yNjAzMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3ODhhNGFkLWYyNzUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDWMMf4sZYzMbkTejBJK2m7R3IgISsf72bQKq69cd4DJif593JUXOLmirJvsMIQ
+yEPLizPIwZ6rP3nyhYhHA3FK2P67NeV1lRfQO6SwkZo3Gjo5OMkawJHo1z49iXR
RTb84ZtQjjrJw2tCqOUdtGYT3G5OOH7+46ueCK2zjdLC6FwIo5dKY2XQtMll7rG6
UcGPOQ9kEI/hoC5F82PotPt5NIcK/FaE2pUbU1MnIw5e02VDwcNYP+tXqFFIL/hX
U9Jb/kFXm93WRH9n8BRwtRZhfRj0DuiQeOGHUWOVxdPPQ64IFT1uIlj+F6gdMk5S
+c9ooZvj5tBKjMTkIshVtkSfAgMBAAGjggKWMIICkjAdBgNVHQ4EFgQUhHSqq3g2
YGFgwqmN2S2JP0CPsXUwHwYDVR0jBBgwFoAUqgt4LbmTLiL93vDD91WW7glF4S0w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTdDOTA5LzA3Nzk3RkU0QzBE
QzExRUY5RTg3MTg0NEM0RjlBRTAyL3FndDRMYm1UTGlMOTN2REQ5MVdXN2dsRjRT
MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvcWd0NExibVRMaUw5M3ZERDkxV1c3Z2xGNFMwLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
QzkwOS8wNzc5N0ZFNEMwREMxMUVGOUU4NzE4NDRDNEY5QUUwMi9BRUZBMjYxQ0Qz
RDExMUVGQUE5RDU0MzdDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAgBggrBgEFBQcBBwEB/wQR
MA8wDQQCAAIwBwMFACQB4mAwDQYJKoZIhvcNAQELBQADggEBAFtfYJ4Sk54IzEcu
WtyMwAte3NOY8oX154UWzomRc0FuLz7NuNlblbE64HXRFE4d4mMRn3N2PyrRDnYL
ENGPFei+1zANec+LcA6Gf5WQxvqliElXNWyXAOJ/VpofMOU3e739R8pRlsu7iblH
Ke8iWjwp3TDXgPdu78Qa0F1L+nqjyur3ov14zfnEMSXU2nyZxdzVXP1SyOsam8Sb
eQ5SzLnDj1xpwn/GC9xluXmmxNr7MRPI7QrG40FHnRcTawzxqbxQGedeUKmp9ZXY
DmKy/giFfXD1ASqHhjxr4jKRQtXLMob3Bu0/+2K7tMas2oKIeWigXJj8Y1Bq6gZG
qv3QK9o=
-----END CERTIFICATE-----
Generated at Thu Feb 6 13:48:11 2025 by rpki-client