Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C022C/BA0F2DF2D4B911EF9FA8E24FC4F9AE02/EB1D1EF4D53611EFA051B632C4F9AE02.roa
File: EB1D1EF4D53611EFA051B632C4F9AE02.roa (raw, json)
Hash identifier: RWgbw1Kn1WGBg7A8cFaVP+R7Yzwk3kwa0tY+jiuBOyM=
Subject key identifier: 10:E3:E5:B4:26:50:E6:E8:C4:D2:E7:E1:F6:89:53:07:8C:21:E1:18
Certificate issuer: /CN=A91C022C/serialNumber=D796995A776759C4264317800287EBEEEFB4BA6A
Certificate serial: 03
Authority key identifier: D7:96:99:5A:77:67:59:C4:26:43:17:80:02:87:EB:EE:EF:B4:BA:6A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/15aZWndnWcQmQxeAAofr7u-0umo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C022C/BA0F2DF2D4B911EF9FA8E24FC4F9AE02/EB1D1EF4D53611EFA051B632C4F9AE02.roa
Signing time: Sat 18 Jan 2025 00:55:32 +0000
ROA not before: Sat 18 Jan 2025 00:55:32 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 153377
IP address blocks: 2001:df4:ec40::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 18 Jan 2025 16:05:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3 (0x3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C022C
Validity
Not Before: Jan 18 00:55:32 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=678afc04-cc77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:e4:25:b1:21:89:08:28:7a:6a:1c:bc:e7:82:
5f:c8:c8:f4:95:a6:7b:97:55:2c:a4:dd:f8:d0:8b:
ad:86:da:8f:22:17:13:60:1e:ea:6e:d1:95:2d:25:
4e:2b:81:85:b6:eb:69:76:ba:5b:35:da:9e:80:98:
68:25:b1:8a:34:d6:94:45:b0:ed:c6:37:64:98:5d:
66:f4:35:40:4c:bb:b5:20:16:88:7c:32:3a:72:b8:
ab:f1:b8:b6:57:ce:df:93:ae:dd:15:fe:7d:1b:8d:
b9:17:4f:44:e6:16:66:f9:54:4c:8d:24:91:70:54:
82:b0:4e:cc:2b:78:f7:9c:a0:95:1c:9f:ff:ba:fa:
08:ad:d0:fd:b3:a7:31:0b:f8:85:08:f5:d2:7b:ba:
f2:f2:73:04:42:be:47:8e:9b:68:1c:89:b1:17:a9:
09:81:da:ab:2f:e5:e3:32:a0:bb:8b:e9:ba:14:7c:
f5:fa:d5:35:8c:8e:3a:dc:2c:8d:10:7c:d6:97:2e:
93:e2:e7:b3:8a:b0:b5:69:b4:9b:f7:2e:f6:58:10:
7a:b2:09:26:f5:bd:7b:9d:dd:ee:38:8c:5d:20:6e:
59:d2:ea:27:70:71:9d:28:fa:99:ac:da:6f:7c:08:
05:f6:0f:9c:df:0e:03:3f:46:58:b0:c3:5e:93:43:
80:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:E3:E5:B4:26:50:E6:E8:C4:D2:E7:E1:F6:89:53:07:8C:21:E1:18
X509v3 Authority Key Identifier:
keyid:D7:96:99:5A:77:67:59:C4:26:43:17:80:02:87:EB:EE:EF:B4:BA:6A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C022C/BA0F2DF2D4B911EF9FA8E24FC4F9AE02/15aZWndnWcQmQxeAAofr7u-0umo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/15aZWndnWcQmQxeAAofr7u-0umo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C022C/BA0F2DF2D4B911EF9FA8E24FC4F9AE02/EB1D1EF4D53611EFA051B632C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2001:df4:ec40::/48
Signature Algorithm: sha256WithRSAEncryption
42:3c:4a:e0:2e:da:69:16:4c:3f:4b:cc:0a:65:d0:6a:1c:ef:
9f:0c:d4:4b:5a:cb:ed:0e:7c:e8:93:b6:2f:27:65:22:af:0d:
ad:12:45:3e:c4:6b:e8:57:e9:fb:85:c8:4a:1a:42:74:a7:12:
d8:0b:88:a8:e6:6c:9a:47:fc:fb:a6:8d:59:dd:48:e0:ce:2d:
b3:c6:f1:74:33:4c:82:03:5f:6b:f7:f9:0d:88:7b:f8:d4:e0:
d2:06:0d:07:78:bd:e6:e1:70:82:de:0d:95:a9:17:e9:f0:3b:
1b:dd:22:04:a7:f9:6f:a6:cd:a3:ec:2c:b3:aa:67:cf:a1:b4:
64:e7:d9:f2:5a:5a:0c:8d:df:81:e2:f5:01:b1:c9:4b:81:24:
92:ec:f2:1e:e7:7d:20:ff:bb:a3:10:25:ca:57:b6:37:23:3e:
02:29:0d:fc:4a:ce:42:eb:0e:ef:db:ba:43:dc:2b:45:43:b9:
b3:a5:dc:97:d5:3d:c1:4e:54:25:f3:07:ac:95:80:2f:b6:f8:
f5:fc:5b:71:67:a6:87:ad:2e:8c:bd:e5:70:e9:a3:1e:52:f4:
aa:03:33:cb:7a:4f:97:21:a1:06:dd:07:65:71:66:33:31:62:
60:da:51:86:b5:a8:53:09:8f:69:8d:69:ae:ca:2b:60:8f:46:
2a:8e:d0:22
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgIBAzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD
MDIyQzExMC8GA1UEBRMoRDc5Njk5NUE3NzY3NTlDNDI2NDMxNzgwMDI4N0VCRUVF
RkI0QkE2QTAeFw0yNTAxMTgwMDU1MzJaFw0yNjA1MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3OGFmYzA0LWNjNzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDh5CWxIYkIKHpqHLzngl/IyPSVpnuXVSyk3fjQi62G2o8iFxNgHupu0ZUtJU4r
gYW262l2uls12p6AmGglsYo01pRFsO3GN2SYXWb0NUBMu7UgFoh8MjpyuKvxuLZX
zt+Trt0V/n0bjbkXT0TmFmb5VEyNJJFwVIKwTswrePecoJUcn/+6+git0P2zpzEL
+IUI9dJ7uvLycwRCvkeOm2gcibEXqQmB2qsv5eMyoLuL6boUfPX61TWMjjrcLI0Q
fNaXLpPi57OKsLVptJv3LvZYEHqyCSb1vXud3e44jF0gblnS6idwcZ0o+pms2m98
CAX2D5zfDgM/Rliww16TQ4DZAgMBAAGjggKYMIIClDAdBgNVHQ4EFgQUEOPltCZQ
5ujE0ufh9olTB4wh4RgwHwYDVR0jBBgwFoAU15aZWndnWcQmQxeAAofr7u+0umow
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUMwMjJDL0JBMEYyREYyRDRC
OTExRUY5RkE4RTI0RkM0RjlBRTAyLzE1YVpXbmRuV2NRbVF4ZUFBb2ZyN3UtMHVt
by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvMTVhWlduZG5XY1FtUXhlQUFvZnI3dS0wdW1vLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD
MDIyQy9CQTBGMkRGMkQ0QjkxMUVGOUZBOEUyNEZDNEY5QUUwMi9FQjFEMUVGNEQ1
MzYxMUVGQTA1MUI2MzJDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAiBggrBgEFBQcBBwEB/wQT
MBEwDwQCAAIwCQMHACABDfTsQDANBgkqhkiG9w0BAQsFAAOCAQEAQjxK4C7aaRZM
P0vMCmXQahzvnwzUS1rL7Q586JO2LydlIq8NrRJFPsRr6Ffp+4XIShpCdKcS2AuI
qOZsmkf8+6aNWd1I4M4ts8bxdDNMggNfa/f5DYh7+NTg0gYNB3i95uFwgt4NlakX
6fA7G90iBKf5b6bNo+wss6pnz6G0ZOfZ8lpaDI3fgeL1AbHJS4EkkuzyHud9IP+7
oxAlyle2NyM+AikN/ErOQusO79u6Q9wrRUO5s6Xcl9U9wU5UJfMHrJWAL7b49fxb
cWemh60ujL3lcOmjHlL0qgMzy3pPlyGhBt0HZXFmMzFiYNpRhrWoUwmPaY1prsor
YI9GKo7QIg==
-----END CERTIFICATE-----
Generated at Thu Feb 6 04:34:37 2025 by rpki-client