Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EBB2D/965BD57EB89511EC8242D27EC4F9AE02/8FA9D71068D611EEAD2D927FC4F9AE02.roa
File: 8FA9D71068D611EEAD2D927FC4F9AE02.roa (raw, json)
Hash identifier: rgtwh0Uwt2P7Rk64mzU7+vfcFE8Kqym4EzTeoGZpbPY=
Subject key identifier: 97:73:7E:DA:A9:DB:3D:FD:06:80:3D:49:48:72:6F:5C:8D:EA:79:10
Certificate issuer: /CN=A91EBB2D/serialNumber=39DD6335399F12B819211CE91AA7DCF62F6D81BC
Certificate serial: 035E
Authority key identifier: 39:DD:63:35:39:9F:12:B8:19:21:1C:E9:1A:A7:DC:F6:2F:6D:81:BC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Od1jNTmfErgZIRzpGqfc9i9tgbw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EBB2D/965BD57EB89511EC8242D27EC4F9AE02/8FA9D71068D611EEAD2D927FC4F9AE02.roa
Signing time: Sat 31 May 2025 01:46:34 +0000
ROA not before: Sat 31 May 2025 01:46:34 +0000
ROA not after: Thu 30 Jul 2026 00:00:00 +0000
asID: 149774
IP address blocks: 2400:6c60::/32 maxlen: 32
Validation: Failed, certificate revoked on Sun 01 Jun 2025 11:22:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 862 (0x35e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EBB2D, serialNumber=39DD6335399F12B819211CE91AA7DCF62F6D81BC
Validity
Not Before: May 31 01:46:34 2025 GMT
Not After : Jul 30 00:00:00 2026 GMT
Subject: CN=683a5f7a-20e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:f0:53:fa:db:25:93:ff:06:5d:a0:f0:34:4e:
7f:b3:61:85:b4:a1:95:10:90:a9:4a:5d:3e:ae:95:
5b:e3:cb:f3:7c:b9:92:1d:b4:3d:29:0b:15:85:af:
24:0c:94:1f:51:8f:38:31:0b:ea:83:df:30:e4:85:
cf:1a:85:0a:ba:05:17:0f:51:6e:1f:18:b5:bf:0b:
e5:77:04:ed:dd:30:48:db:58:50:0d:28:47:3f:0d:
18:8a:8d:5b:96:fc:04:e1:32:d5:aa:47:0f:b0:92:
73:4e:ac:9f:b6:d1:01:98:27:7d:ef:9b:f7:71:d6:
89:10:b2:a1:dc:52:4e:de:87:bc:a4:d5:52:75:f1:
0a:3b:23:b1:1a:39:6f:98:c5:27:43:2a:01:0b:04:
bf:73:05:fd:1d:26:7b:1a:24:5c:5c:98:c1:a7:18:
54:bd:40:d7:8a:4d:02:71:b1:2a:22:de:6a:4a:90:
49:de:23:ae:9e:a9:58:ea:3b:89:e5:1c:01:53:a6:
a4:a2:7d:96:4b:8b:db:67:85:b0:3d:b0:eb:9e:12:
45:bf:65:a3:9f:8d:b9:07:4f:8a:71:8c:95:87:29:
d9:65:5e:f7:37:43:3c:56:e7:b8:79:54:2a:10:2d:
9c:30:3d:29:61:db:a1:15:f3:2b:14:2a:61:53:c9:
af:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:73:7E:DA:A9:DB:3D:FD:06:80:3D:49:48:72:6F:5C:8D:EA:79:10
X509v3 Authority Key Identifier:
keyid:39:DD:63:35:39:9F:12:B8:19:21:1C:E9:1A:A7:DC:F6:2F:6D:81:BC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EBB2D/965BD57EB89511EC8242D27EC4F9AE02/Od1jNTmfErgZIRzpGqfc9i9tgbw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Od1jNTmfErgZIRzpGqfc9i9tgbw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EBB2D/965BD57EB89511EC8242D27EC4F9AE02/8FA9D71068D611EEAD2D927FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2400:6c60::/32
Signature Algorithm: sha256WithRSAEncryption
80:c5:82:67:47:c3:ce:8a:17:95:4f:2b:df:3d:4b:09:a5:c2:
51:f2:5f:74:07:9d:4c:57:d3:24:26:5b:0d:d5:2a:47:16:6f:
f6:58:c7:58:94:6e:27:fe:0d:d0:ed:53:bc:ba:41:4b:e2:01:
34:ec:b3:ea:82:e3:d7:3b:df:50:66:b2:6d:66:45:67:dd:86:
87:3e:4f:82:3e:6b:eb:24:b1:4b:07:97:81:ce:6c:f0:df:60:
43:b6:a2:93:58:56:61:56:78:39:8d:b9:10:46:e0:97:20:67:
9e:70:27:72:9c:ef:90:a2:91:05:a8:fc:2d:25:c1:80:bb:a3:
86:cd:47:88:5f:34:86:90:80:12:72:03:f9:36:75:9f:ef:3f:
f6:4b:dd:41:a0:ac:cc:65:a5:e5:ac:df:76:cf:f8:5f:a7:64:
3a:ad:75:53:df:b1:53:01:d4:04:0a:bf:4a:43:db:04:33:a4:
27:49:78:99:a5:10:df:9a:6e:46:b5:42:cf:a7:54:d6:83:04:
47:93:0e:8b:5b:09:4e:bc:8f:8c:6f:11:3e:0d:52:97:e7:14:
72:a2:ea:17:c6:38:53:33:b8:46:34:19:4f:20:a0:c3:5e:eb:
63:4e:41:a7:60:3c:58:0d:1d:36:87:c9:94:00:3f:04:d5:d7:
01:bd:92:a6
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgICA14wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUJCMkQxMTAvBgNVBAUTKDM5REQ2MzM1Mzk5RjEyQjgxOTIxMUNFOTFBQTdEQ0Y2
MkY2RDgxQkMwHhcNMjUwNTMxMDE0NjM0WhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02ODNhNWY3YS0yMGU1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3fBT+tslk/8GXaDwNE5/s2GFtKGVEJCpSl0+rpVb48vzfLmSHbQ9KQsVha8k
DJQfUY84MQvqg98w5IXPGoUKugUXD1FuHxi1vwvldwTt3TBI21hQDShHPw0Yio1b
lvwE4TLVqkcPsJJzTqyfttEBmCd975v3cdaJELKh3FJO3oe8pNVSdfEKOyOxGjlv
mMUnQyoBCwS/cwX9HSZ7GiRcXJjBpxhUvUDXik0CcbEqIt5qSpBJ3iOunqlY6juJ
5RwBU6akon2WS4vbZ4WwPbDrnhJFv2Wjn425B0+KcYyVhynZZV73N0M8Vue4eVQq
EC2cMD0pYduhFfMrFCphU8mvqwIDAQABo4ICljCCApIwHQYDVR0OBBYEFJdzftqp
2z39BoA9SUhyb1yN6nkQMB8GA1UdIwQYMBaAFDndYzU5nxK4GSEc6Rqn3PYvbYG8
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQkIyRC85NjVCRDU3RUI4
OTUxMUVDODI0MkQyN0VDNEY5QUUwMi9PZDFqTlRtZkVyZ1pJUnpwR3FmYzlpOXRn
YncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL09kMWpOVG1mRXJnWklSenBHcWZjOWk5dGdidy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUJCMkQvOTY1QkQ1N0VCODk1MTFFQzgyNDJEMjdFQzRGOUFFMDIvOEZBOUQ3MTA2
OEQ2MTFFRUFEMkQ5MjdGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIAYIKwYBBQUHAQcBAf8E
ETAPMA0EAgACMAcDBQAkAGxgMA0GCSqGSIb3DQEBCwUAA4IBAQCAxYJnR8POiheV
TyvfPUsJpcJR8l90B51MV9MkJlsN1SpHFm/2WMdYlG4n/g3Q7VO8ukFL4gE07LPq
guPXO99QZrJtZkVn3YaHPk+CPmvrJLFLB5eBzmzw32BDtqKTWFZhVng5jbkQRuCX
IGeecCdynO+QopEFqPwtJcGAu6OGzUeIXzSGkIAScgP5NnWf7z/2S91BoKzMZaXl
rN92z/hfp2Q6rXVT37FTAdQECr9KQ9sEM6QnSXiZpRDfmm5GtULPp1TWgwRHkw6L
WwlOvI+MbxE+DVKX5xRyouoXxjhTM7hGNBlPIKDDXutjTkGnYDxYDR02h8mUAD8E
1dcBvZKm
-----END CERTIFICATE-----
Generated at Sun Jun 8 21:44:21 2025 by rpki-client