Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9179F64/80938464624B11EFAB120F4FC4F9AE02/D576AD08624B11EF8EB1D47DC4F9AE02.roa
File: D576AD08624B11EF8EB1D47DC4F9AE02.roa (raw, json)
Hash identifier: svrrbXLIMpvHuKxzttHm3N6UqrMX/nndWv+OePsm+to=
Subject key identifier: F0:A2:BF:7A:C0:A5:F7:5F:36:23:86:1F:A2:9F:38:EF:11:EB:AE:F0
Certificate issuer: /CN=A9179F64/serialNumber=BDC4A5163317F73097F027A342B860A792D7F1DC
Certificate serial: 02
Authority key identifier: BD:C4:A5:16:33:17:F7:30:97:F0:27:A3:42:B8:60:A7:92:D7:F1:DC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vcSlFjMX9zCX8CejQrhgp5LX8dw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9179F64/80938464624B11EFAB120F4FC4F9AE02/D576AD08624B11EF8EB1D47DC4F9AE02.roa
Signing time: Sat 24 Aug 2024 19:05:31 +0000
ROA not before: Sat 24 Aug 2024 19:05:31 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 153307
IP address blocks: 2001:df4:3340::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 24 Aug 2024 19:44:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9179F64, serialNumber=BDC4A5163317F73097F027A342B860A792D7F1DC
Validity
Not Before: Aug 24 19:05:31 2024 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=66ca2efb-a819
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:ef:ca:4a:2c:ca:ef:ee:39:c0:7b:1c:96:f9:
af:99:a2:09:26:bd:2b:5d:b7:ea:48:e8:8a:f9:38:
24:ca:4d:bb:51:5b:3e:ad:40:fb:80:f3:4a:26:65:
7a:95:eb:2b:ec:9e:a6:82:42:27:ea:b6:fc:28:96:
9d:30:f4:8b:a0:c3:12:b1:90:f2:c6:19:c1:d8:a7:
40:6d:fe:52:11:ed:4e:95:0a:04:cb:0d:fc:bd:68:
7f:3b:e1:de:b7:82:81:df:05:70:ba:52:80:9c:05:
f5:1a:27:b1:20:c7:02:5b:bf:98:35:02:a5:5c:ee:
e4:03:1c:9d:30:f2:ed:37:0a:20:41:ca:bf:44:f1:
b7:17:33:80:de:67:1e:54:2c:65:19:95:76:7f:1c:
9e:7e:fc:e9:50:af:84:5c:de:15:73:43:99:6c:ea:
f9:28:2f:c6:09:94:fe:68:28:06:11:37:14:32:5d:
19:54:e0:e8:e6:5b:60:56:f4:ba:5c:df:da:ac:90:
ad:d5:68:f4:c4:88:af:cb:55:37:3f:c9:c9:ba:9f:
fc:ff:27:9f:ef:e2:e9:51:2b:9a:67:d8:a2:a3:c7:
da:c3:d5:ae:6b:5c:60:12:3d:f7:5c:11:ef:8c:af:
cb:29:00:78:7e:6e:e7:9f:cf:00:b6:4c:9e:a1:89:
33:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:A2:BF:7A:C0:A5:F7:5F:36:23:86:1F:A2:9F:38:EF:11:EB:AE:F0
X509v3 Authority Key Identifier:
keyid:BD:C4:A5:16:33:17:F7:30:97:F0:27:A3:42:B8:60:A7:92:D7:F1:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9179F64/80938464624B11EFAB120F4FC4F9AE02/vcSlFjMX9zCX8CejQrhgp5LX8dw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vcSlFjMX9zCX8CejQrhgp5LX8dw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9179F64/80938464624B11EFAB120F4FC4F9AE02/D576AD08624B11EF8EB1D47DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2001:df4:3340::/48
Signature Algorithm: sha256WithRSAEncryption
5a:4c:12:4b:25:3e:b7:33:19:a2:aa:5c:18:e8:a7:e6:9f:90:
23:99:9b:f5:4a:7a:98:d0:49:20:97:17:a9:72:00:7a:a2:13:
65:a4:be:3e:41:85:8f:60:25:ef:e7:67:04:0c:19:24:42:fd:
68:33:73:42:5a:13:09:bd:b6:ce:3c:a7:1e:6f:80:7c:55:ed:
a3:d7:21:91:25:ef:ce:a1:64:7d:d7:1c:b0:fa:69:74:e5:b5:
09:79:01:66:f7:f1:53:6f:7e:e2:c1:12:ee:5d:a3:34:4b:07:
b8:25:fa:1c:48:2e:c2:22:34:14:3c:e2:8e:66:9e:dc:44:24:
ab:98:a8:6d:b2:d2:bb:59:09:d3:3e:3c:19:e6:e1:1d:a0:dd:
a7:b2:7b:d4:09:37:0d:e8:77:ba:f8:5d:e2:0b:cd:d3:71:87:
70:38:61:44:54:86:56:77:d6:cc:b6:eb:11:38:a5:0e:6a:2d:
25:3a:9f:f1:82:ba:4e:27:c3:ca:b5:b4:3d:d0:bd:bc:5a:ae:
da:da:8a:c3:67:ad:a1:43:99:11:eb:93:cd:10:da:c2:19:ea:
9c:07:c3:5e:c2:fa:2a:e4:00:78:21:1a:a7:99:96:19:dd:30:
26:da:da:3e:25:e5:f0:86:fe:e3:0d:3f:7d:ef:d5:40:83:a6:
ea:4a:15:fd
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3
OUY2NDExMC8GA1UEBRMoQkRDNEE1MTYzMzE3RjczMDk3RjAyN0EzNDJCODYwQTc5
MkQ3RjFEQzAeFw0yNDA4MjQxOTA1MzFaFw0yNTEyMDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2Y2EyZWZiLWE4MTkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDN78pKLMrv7jnAexyW+a+ZogkmvStdt+pI6Ir5OCTKTbtRWz6tQPuA80omZXqV
6yvsnqaCQifqtvwolp0w9IugwxKxkPLGGcHYp0Bt/lIR7U6VCgTLDfy9aH874d63
goHfBXC6UoCcBfUaJ7EgxwJbv5g1AqVc7uQDHJ0w8u03CiBByr9E8bcXM4DeZx5U
LGUZlXZ/HJ5+/OlQr4Rc3hVzQ5ls6vkoL8YJlP5oKAYRNxQyXRlU4OjmW2BW9Lpc
39qskK3VaPTEiK/LVTc/ycm6n/z/J5/v4ulRK5pn2KKjx9rD1a5rXGASPfdcEe+M
r8spAHh+buefzwC2TJ6hiTMlAgMBAAGjggKYMIIClDAdBgNVHQ4EFgQU8KK/esCl
9182I4Yfop847xHrrvAwHwYDVR0jBBgwFoAUvcSlFjMX9zCX8CejQrhgp5LX8dww
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTc5RjY0LzgwOTM4NDY0NjI0
QjExRUZBQjEyMEY0RkM0RjlBRTAyL3ZjU2xGak1YOXpDWDhDZWpRcmhncDVMWDhk
dy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvdmNTbEZqTVg5ekNYOENlalFyaGdwNUxYOGR3LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
OUY2NC84MDkzODQ2NDYyNEIxMUVGQUIxMjBGNEZDNEY5QUUwMi9ENTc2QUQwODYy
NEIxMUVGOEVCMUQ0N0RDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAiBggrBgEFBQcBBwEB/wQT
MBEwDwQCAAIwCQMHACABDfQzQDANBgkqhkiG9w0BAQsFAAOCAQEAWkwSSyU+tzMZ
oqpcGOin5p+QI5mb9Up6mNBJIJcXqXIAeqITZaS+PkGFj2Al7+dnBAwZJEL9aDNz
QloTCb22zjynHm+AfFXto9chkSXvzqFkfdccsPppdOW1CXkBZvfxU29+4sES7l2j
NEsHuCX6HEguwiI0FDzijmae3EQkq5iobbLSu1kJ0z48GebhHaDdp7J71Ak3Deh3
uvhd4gvN03GHcDhhRFSGVnfWzLbrETilDmotJTqf8YK6TifDyrW0PdC9vFqu2tqK
w2etoUOZEeuTzRDawhnqnAfDXsL6KuQAeCEap5mWGd0wJtraPiXl8Ib+4w0/fe/V
QIOm6koV/Q==
-----END CERTIFICATE-----
Generated at Sat Apr 26 09:34:25 2025 by rpki-client