Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9175648/218F268ADC9E11EF8B62DD5FC4F9AE02/5467543220E211F0922B6F1FC4F9AE02.roa
File: 5467543220E211F0922B6F1FC4F9AE02.roa (raw, json)
Hash identifier: gzAm5vilqwSfAPMoJ4fxcWG2nVLltuNznv0ZKbRZc6o=
Subject key identifier: C4:F1:C6:E8:70:E5:B9:BB:64:E8:1F:C0:71:C4:D5:C9:19:4D:77:C3
Certificate issuer: /CN=A9175648/serialNumber=2C1C07D151271969E13E1CFD161B1F60770E290D
Certificate serial: 71
Authority key identifier: 2C:1C:07:D1:51:27:19:69:E1:3E:1C:FD:16:1B:1F:60:77:0E:29:0D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LBwH0VEnGWnhPhz9FhsfYHcOKQ0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9175648/218F268ADC9E11EF8B62DD5FC4F9AE02/5467543220E211F0922B6F1FC4F9AE02.roa
Signing time: Thu 24 Apr 2025 08:01:30 +0000
ROA not before: Thu 24 Apr 2025 08:01:30 +0000
ROA not after: Fri 01 May 2026 00:00:00 +0000
asID: 141385
IP address blocks: 2001:df5:c0::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 24 Apr 2025 08:04:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 113 (0x71)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9175648, serialNumber=2C1C07D151271969E13E1CFD161B1F60770E290D
Validity
Not Before: Apr 24 08:01:30 2025 GMT
Not After : May 1 00:00:00 2026 GMT
Subject: CN=6809efda-8bc4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:a1:d3:5f:f2:55:fb:5f:80:00:c5:60:74:c4:
19:bb:0a:23:7c:22:3f:64:38:85:b1:39:c6:1c:8d:
b7:29:b1:f3:a8:2e:cc:81:d6:a3:53:98:b1:e2:9e:
68:7d:af:d7:d8:9a:0f:07:52:c6:22:a2:83:74:ed:
dd:c8:8a:16:cb:ca:8f:db:3e:e0:bd:85:34:c0:11:
25:2b:ca:89:e3:61:48:99:ae:f8:4f:a1:14:c2:02:
c1:67:63:2f:a5:ac:82:57:98:53:f6:b8:8a:00:b1:
e4:4a:0f:41:9d:68:3a:66:97:e1:ae:21:61:8a:76:
bf:2e:12:89:c4:60:97:fd:8d:d8:c4:7f:bc:71:9c:
a8:a5:7f:24:f9:56:59:23:97:96:99:33:ee:fe:2b:
6c:3b:7b:eb:63:25:9b:be:d0:10:fb:c8:05:9a:ed:
b1:7d:ce:42:6c:21:49:c9:8e:9e:25:0a:c8:92:0f:
a9:cf:14:b4:f8:78:36:ae:01:d6:16:3b:71:c9:b6:
a7:23:b0:dc:7b:32:56:c3:81:0e:1a:d5:1e:51:df:
d2:c1:8b:16:5c:16:fc:a9:b4:2f:7d:0c:18:6f:3b:
1f:1b:ff:90:9b:59:97:3f:19:52:7b:4d:f6:36:71:
56:65:77:b7:9c:f3:2c:1e:34:80:a8:63:a3:18:11:
19:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:F1:C6:E8:70:E5:B9:BB:64:E8:1F:C0:71:C4:D5:C9:19:4D:77:C3
X509v3 Authority Key Identifier:
keyid:2C:1C:07:D1:51:27:19:69:E1:3E:1C:FD:16:1B:1F:60:77:0E:29:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9175648/218F268ADC9E11EF8B62DD5FC4F9AE02/LBwH0VEnGWnhPhz9FhsfYHcOKQ0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LBwH0VEnGWnhPhz9FhsfYHcOKQ0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9175648/218F268ADC9E11EF8B62DD5FC4F9AE02/5467543220E211F0922B6F1FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2001:df5:c0::/48
Signature Algorithm: sha256WithRSAEncryption
63:a2:f0:8b:f8:5d:da:5a:3a:c9:0f:62:17:d7:ec:9b:73:de:
29:52:a5:5a:3c:e0:a7:f4:18:88:5a:02:88:dc:f1:86:ac:87:
16:ba:7c:41:b6:4f:9a:48:d2:23:ed:d8:0b:49:cf:37:a5:3e:
2c:29:cf:23:e8:ab:8d:c8:f7:50:5e:1d:80:27:ca:53:ef:55:
96:62:ee:56:80:e8:a7:a3:2b:f6:83:5b:4f:e6:44:4d:20:02:
e0:56:dc:25:c0:82:68:63:7b:7c:0c:f3:07:2d:70:d6:37:bc:
78:f2:68:d0:e6:32:b3:8c:a8:d5:b6:ca:85:dc:8e:e1:0c:12:
e5:30:11:c2:e3:3c:80:d7:26:5f:92:73:f9:fc:98:a0:29:fd:
16:7b:f6:e0:be:04:90:6a:cc:2b:ac:b4:17:5f:d7:0f:09:43:
63:18:e9:89:3a:c9:dd:c7:9a:3f:98:fd:72:87:58:f7:b1:6e:
1d:2c:f1:06:5d:ff:ae:c1:db:20:fd:96:d5:0d:26:eb:61:c8:
df:3d:0a:26:ba:43:34:f5:4d:e5:06:af:ab:1e:d5:92:70:95:
b6:80:7e:3e:58:9b:37:6e:ab:3a:3b:bb:94:68:7a:e4:c7:99:
15:e8:7b:c5:55:68:dc:27:17:2a:01:44:69:59:2f:6f:2f:15:
29:df:11:42
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgIBcTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3
NTY0ODExMC8GA1UEBRMoMkMxQzA3RDE1MTI3MTk2OUUxM0UxQ0ZEMTYxQjFGNjA3
NzBFMjkwRDAeFw0yNTA0MjQwODAxMzBaFw0yNjA1MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY4MDllZmRhLThiYzQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDDodNf8lX7X4AAxWB0xBm7CiN8Ij9kOIWxOcYcjbcpsfOoLsyB1qNTmLHinmh9
r9fYmg8HUsYiooN07d3IihbLyo/bPuC9hTTAESUryonjYUiZrvhPoRTCAsFnYy+l
rIJXmFP2uIoAseRKD0GdaDpml+GuIWGKdr8uEonEYJf9jdjEf7xxnKilfyT5Vlkj
l5aZM+7+K2w7e+tjJZu+0BD7yAWa7bF9zkJsIUnJjp4lCsiSD6nPFLT4eDauAdYW
O3HJtqcjsNx7MlbDgQ4a1R5R39LBixZcFvyptC99DBhvOx8b/5CbWZc/GVJ7TfY2
cVZld7ec8yweNICoY6MYERlJAgMBAAGjggKYMIIClDAdBgNVHQ4EFgQUxPHG6HDl
ubtk6B/AccTVyRlNd8MwHwYDVR0jBBgwFoAULBwH0VEnGWnhPhz9FhsfYHcOKQ0w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTc1NjQ4LzIxOEYyNjhBREM5
RTExRUY4QjYyREQ1RkM0RjlBRTAyL0xCd0gwVkVuR1duaFBoejlGaHNmWUhjT0tR
MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvTEJ3SDBWRW5HV25oUGh6OUZoc2ZZSGNPS1EwLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
NTY0OC8yMThGMjY4QURDOUUxMUVGOEI2MkRENUZDNEY5QUUwMi81NDY3NTQzMjIw
RTIxMUYwOTIyQjZGMUZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAiBggrBgEFBQcBBwEB/wQT
MBEwDwQCAAIwCQMHACABDfUAwDANBgkqhkiG9w0BAQsFAAOCAQEAY6Lwi/hd2lo6
yQ9iF9fsm3PeKVKlWjzgp/QYiFoCiNzxhqyHFrp8QbZPmkjSI+3YC0nPN6U+LCnP
I+irjcj3UF4dgCfKU+9VlmLuVoDop6Mr9oNbT+ZETSAC4FbcJcCCaGN7fAzzBy1w
1je8ePJo0OYys4yo1bbKhdyO4QwS5TARwuM8gNcmX5Jz+fyYoCn9Fnv24L4EkGrM
K6y0F1/XDwlDYxjpiTrJ3ceaP5j9codY97FuHSzxBl3/rsHbIP2W1Q0m62HI3z0K
JrpDNPVN5Qavqx7VknCVtoB+PlibN26rOju7lGh65MeZFeh7xVVo3CcXKgFEaVkv
by8VKd8RQg==
-----END CERTIFICATE-----
Generated at Fri May 16 22:36:32 2025 by rpki-client