Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915E2CC/AF6765FCE58011EC9B9D2B62C4F9AE02/28CFFCECE17311EF908F6A4DC4F9AE02.roa
File: 28CFFCECE17311EF908F6A4DC4F9AE02.roa (raw, json)
Hash identifier: jpGeA7KUUWOA78JueSG3Lcq4pjLhFT9KQdzAw1UJWxw=
Subject key identifier: 12:C2:7B:FA:8E:1D:5C:5D:1F:98:C5:46:0D:60:90:B1:6D:3D:B7:B3
Certificate issuer: /CN=A915E2CC/serialNumber=EC4619A3478AD3BD16AB5668DDD3311E4D2DB22F
Certificate serial: 02BA
Authority key identifier: EC:46:19:A3:47:8A:D3:BD:16:AB:56:68:DD:D3:31:1E:4D:2D:B2:2F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7EYZo0eK070Wq1Zo3dMxHk0tsi8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915E2CC/AF6765FCE58011EC9B9D2B62C4F9AE02/28CFFCECE17311EF908F6A4DC4F9AE02.roa
Signing time: Sun 02 Feb 2025 14:37:00 +0000
ROA not before: Sun 02 Feb 2025 14:37:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3
IP address blocks: 2400:74e0:12::/47 maxlen: 47
Validation: Failed, certificate revoked on Sun 02 Feb 2025 14:48:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 698 (0x2ba)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915E2CC, serialNumber=EC4619A3478AD3BD16AB5668DDD3311E4D2DB22F
Validity
Not Before: Feb 2 14:37:00 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=679f830b-eb26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:9e:89:cf:ac:ff:a3:a7:64:db:cb:a0:3d:9c:
71:6f:ef:96:ec:5c:25:f0:e9:99:2e:b0:2a:1a:c1:
f1:9b:f7:94:77:0c:1f:89:f4:6c:79:84:ba:37:05:
99:dc:51:35:5f:2d:85:d5:d6:f3:bd:57:4a:d4:7e:
e0:5c:7d:80:a6:de:e1:e4:f3:29:f1:70:bd:d2:a9:
ee:4b:99:95:3d:6a:e4:eb:ae:3f:d8:81:c6:87:46:
d5:eb:fd:26:45:54:b7:27:de:d3:b0:e7:09:51:70:
64:9f:ee:79:0e:63:08:9e:86:8d:1b:77:a3:21:a1:
68:3d:ff:87:63:39:a1:81:50:34:6f:66:95:8c:e3:
2c:68:83:b1:e2:9a:35:0e:9c:2a:79:e3:87:0a:9b:
21:6a:ee:6c:5d:f5:b6:54:e1:3c:69:70:6b:f5:4b:
fe:25:df:6a:f3:a8:79:9a:25:34:ed:9c:6f:ff:0e:
9e:09:28:c7:fa:37:5c:13:a2:f1:8e:db:d8:f2:4a:
75:17:c4:c7:ac:88:bd:67:3b:63:1f:09:65:de:3a:
94:fa:59:c7:69:be:4a:ec:23:be:f8:eb:9f:fc:f2:
30:76:17:26:90:c8:7f:96:53:ce:64:fd:97:55:b7:
2c:38:39:55:58:f6:fa:67:99:b2:06:d9:f3:02:9d:
a4:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:C2:7B:FA:8E:1D:5C:5D:1F:98:C5:46:0D:60:90:B1:6D:3D:B7:B3
X509v3 Authority Key Identifier:
keyid:EC:46:19:A3:47:8A:D3:BD:16:AB:56:68:DD:D3:31:1E:4D:2D:B2:2F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915E2CC/AF6765FCE58011EC9B9D2B62C4F9AE02/7EYZo0eK070Wq1Zo3dMxHk0tsi8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7EYZo0eK070Wq1Zo3dMxHk0tsi8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915E2CC/AF6765FCE58011EC9B9D2B62C4F9AE02/28CFFCECE17311EF908F6A4DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2400:74e0:12::/47
Signature Algorithm: sha256WithRSAEncryption
2c:b1:7e:8b:01:d2:12:cc:c4:08:8b:4c:8a:91:56:ec:c5:a7:
d9:36:bb:e5:85:9b:73:a7:ff:fa:e0:9e:8e:8b:d4:d4:6b:f2:
36:7e:b3:6f:a6:83:cc:6f:69:80:1e:ae:64:fe:e3:40:cc:96:
94:d5:40:0f:05:cf:62:a3:d5:15:3a:c8:07:5d:e9:b0:5d:f2:
d6:6a:21:15:b7:24:71:b1:5b:40:e3:e2:3b:be:2e:27:64:6a:
26:a1:4c:57:9c:53:b8:3d:09:0c:10:84:03:6b:c6:04:d6:9b:
a6:7b:07:40:bd:35:6a:76:55:e9:f3:b2:f3:1d:22:14:fd:77:
35:ff:fe:fe:1c:4e:a1:d8:3e:7e:aa:1c:8e:84:ea:f1:b3:9c:
71:d5:61:fc:35:e9:c2:a2:37:14:cd:0f:2e:8d:67:eb:73:46:
e1:5c:4f:43:0a:94:2d:8a:25:a3:d0:62:eb:e1:1d:29:2a:e3:
75:ed:bc:35:63:d8:a0:77:2d:28:dd:92:87:fb:4e:fb:5b:e2:
f6:be:45:92:3d:05:b0:6b:e9:39:e7:74:fe:a5:a9:ee:34:6a:
a4:9b:52:2b:a4:dc:2c:c2:bc:bb:45:aa:7b:3f:f1:0c:a4:5c:
f8:ad:71:24:33:e6:e8:f0:bf:48:c8:75:0d:dd:ae:49:0d:2d:
eb:8e:6b:19
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgICArowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUUyQ0MxMTAvBgNVBAUTKEVDNDYxOUEzNDc4QUQzQkQxNkFCNTY2OERERDMzMTFF
NEQyREIyMkYwHhcNMjUwMjAyMTQzNzAwWhcNMjUwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzlmODMwYi1lYjI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwp6Jz6z/o6dk28ugPZxxb++W7Fwl8OmZLrAqGsHxm/eUdwwfifRseYS6NwWZ
3FE1Xy2F1dbzvVdK1H7gXH2Apt7h5PMp8XC90qnuS5mVPWrk664/2IHGh0bV6/0m
RVS3J97TsOcJUXBkn+55DmMInoaNG3ejIaFoPf+HYzmhgVA0b2aVjOMsaIOx4po1
DpwqeeOHCpshau5sXfW2VOE8aXBr9Uv+Jd9q86h5miU07Zxv/w6eCSjH+jdcE6Lx
jtvY8kp1F8THrIi9ZztjHwll3jqU+lnHab5K7CO++Ouf/PIwdhcmkMh/llPOZP2X
VbcsODlVWPb6Z5myBtnzAp2kbQIDAQABo4ICmDCCApQwHQYDVR0OBBYEFBLCe/qO
HVxdH5jFRg1gkLFtPbezMB8GA1UdIwQYMBaAFOxGGaNHitO9FqtWaN3TMR5NLbIv
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1RTJDQy9BRjY3NjVGQ0U1
ODAxMUVDOUI5RDJCNjJDNEY5QUUwMi83RVlabzBlSzA3MFdxMVpvM2RNeEhrMHRz
aTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzdFWVpvMGVLMDcwV3ExWm8zZE14SGswdHNpOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NUUyQ0MvQUY2NzY1RkNFNTgwMTFFQzlCOUQyQjYyQzRGOUFFMDIvMjhDRkZDRUNF
MTczMTFFRjkwOEY2QTREQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwEkAHTgABIwDQYJKoZIhvcNAQELBQADggEBACyxfosB0hLM
xAiLTIqRVuzFp9k2u+WFm3On//rgno6L1NRr8jZ+s2+mg8xvaYAermT+40DMlpTV
QA8Fz2Kj1RU6yAdd6bBd8tZqIRW3JHGxW0Dj4ju+LidkaiahTFecU7g9CQwQhANr
xgTWm6Z7B0C9NWp2VenzsvMdIhT9dzX//v4cTqHYPn6qHI6E6vGznHHVYfw16cKi
NxTNDy6NZ+tzRuFcT0MKlC2KJaPQYuvhHSkq43XtvDVj2KB3LSjdkof7Tvtb4va+
RZI9BbBr6TnndP6lqe40aqSbUiuk3CzCvLtFqns/8QykXPitcSQz5ujwv0jIdQ3d
rkkNLeuOaxk=
-----END CERTIFICATE-----
Generated at Sat Apr 26 08:05:06 2025 by rpki-client