Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91EA80C/DE98EAF0FB6511EFA376E449C4F9AE02/0AC670F8FB6A11EFB515B073C4F9AE02.roa
File: 0AC670F8FB6A11EFB515B073C4F9AE02.roa (raw, json)
Hash identifier: ivlIdqVGvpxSoec3vhWMSNRTzgIhxgwU1UOQKm74U+A=
Subject key identifier: 87:28:D4:F5:3E:11:0D:46:EF:3C:14:A1:17:AE:67:57:BB:13:36:AA
Certificate issuer: /CN=A91EA80C/serialNumber=312440201B2EF74B7CAC6C31FB85F41E9C4686A0
Certificate serial: 02
Authority key identifier: 31:24:40:20:1B:2E:F7:4B:7C:AC:6C:31:FB:85:F4:1E:9C:46:86:A0
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MSRAIBsu90t8rGwx-4X0HpxGhqA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91EA80C/DE98EAF0FB6511EFA376E449C4F9AE02/0AC670F8FB6A11EFB515B073C4F9AE02.roa
Signing time: Fri 07 Mar 2025 15:37:14 +0000
ROA not before: Fri 07 Mar 2025 15:37:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49304
IP address blocks: 2401:f460:7000::/36 maxlen: 44
2401:f460:b000::/36 maxlen: 44
2401:f460:f000::/36 maxlen: 44
Validation: Failed, certificate revoked on Fri 07 Mar 2025 15:58:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91EA80C, serialNumber=312440201B2EF74B7CAC6C31FB85F41E9C4686A0
Validity
Not Before: Mar 7 15:37:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=67cb12aa-3ad8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:1b:15:b2:2a:7a:4f:52:04:ec:12:f2:27:db:
b3:56:1e:17:d6:be:53:f9:23:2c:4d:07:2e:d2:cb:
81:c4:58:c9:0d:a3:8f:ce:9b:e3:f5:34:a1:cd:eb:
66:b2:4c:16:6c:b2:cc:d1:13:ab:cd:08:85:a6:1a:
ae:c4:ae:31:ae:a6:7f:43:97:b0:02:38:86:db:87:
18:3e:3a:aa:86:3e:87:ba:a6:05:04:28:73:db:51:
34:be:ee:0e:a6:47:77:58:2a:53:42:78:a2:33:4c:
75:41:4a:f6:95:a5:c6:f2:2a:6b:6d:a0:9b:3d:4f:
81:62:24:e6:6f:44:c8:93:a0:75:b2:65:da:2c:5c:
65:6e:36:23:31:3b:6c:d9:fe:de:fc:67:74:04:98:
70:23:50:36:d7:45:12:20:32:b1:54:3d:e9:35:06:
4a:24:95:33:4f:dd:36:67:3a:a4:08:f0:fb:16:9e:
b7:63:1b:38:ce:17:d1:8f:57:c5:61:25:ae:31:03:
5b:5e:be:f8:9e:2f:66:b0:ee:bb:dd:3f:4e:7d:6d:
36:ec:bf:f3:8e:8f:b3:59:18:f7:c7:b2:6b:16:f1:
a0:07:77:db:a8:e1:e4:0c:f9:59:ef:78:a5:c3:e2:
5e:f8:5a:e1:1b:24:52:80:be:d9:5c:be:ca:70:7b:
0e:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:28:D4:F5:3E:11:0D:46:EF:3C:14:A1:17:AE:67:57:BB:13:36:AA
X509v3 Authority Key Identifier:
keyid:31:24:40:20:1B:2E:F7:4B:7C:AC:6C:31:FB:85:F4:1E:9C:46:86:A0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91EA80C/DE98EAF0FB6511EFA376E449C4F9AE02/MSRAIBsu90t8rGwx-4X0HpxGhqA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MSRAIBsu90t8rGwx-4X0HpxGhqA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EA80C/DE98EAF0FB6511EFA376E449C4F9AE02/0AC670F8FB6A11EFB515B073C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2401:f460:7000::/36
2401:f460:b000::/36
2401:f460:f000::/36
Signature Algorithm: sha256WithRSAEncryption
51:f3:ac:a3:50:8f:d5:6f:60:fb:a6:1b:48:a6:09:d0:00:b8:
22:90:d9:8d:a0:15:b6:d2:b0:94:75:af:08:f7:50:3b:70:d3:
03:ce:17:6a:ec:ff:aa:a7:7c:dc:f0:92:cf:00:57:32:25:5d:
88:a6:fe:87:a1:70:14:4f:74:f6:be:ed:da:ed:3d:c8:01:c2:
ff:b3:b0:db:b8:59:c0:93:96:d9:64:5c:12:42:7f:7a:9e:7b:
b6:f7:82:d9:dd:68:62:95:95:94:cf:08:a2:5a:08:d6:8f:f8:
8a:49:b7:da:d1:bb:27:1e:c4:5f:70:24:8f:f8:48:71:24:d6:
87:cd:e0:c2:b6:21:10:af:c7:32:f6:e0:cf:2c:c5:49:14:b6:
9e:fd:e2:a5:b7:e8:38:9f:f4:45:64:bf:91:05:5d:6e:d8:d7:
73:12:bd:6f:a1:9c:1b:db:69:51:60:bb:6e:87:cd:92:ab:2d:
a4:58:6f:45:80:84:9b:78:5f:f3:28:2a:ab:c0:09:41:a1:38:
cd:87:7d:38:96:f3:6c:ed:af:e0:2a:1f:99:1d:0a:b3:7a:8b:
a2:ab:cf:1a:a3:7f:16:a8:d1:f4:43:13:40:a6:23:3a:59:45:
2e:24:6b:8c:d0:cc:54:aa:3f:c5:49:f6:f3:80:90:30:05:77:
20:83:f4:8d
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF
QTgwQzExMC8GA1UEBRMoMzEyNDQwMjAxQjJFRjc0QjdDQUM2QzMxRkI4NUY0MUU5
QzQ2ODZBMDAeFw0yNTAzMDcxNTM3MTRaFw0yNjA3MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3Y2IxMmFhLTNhZDgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCwGxWyKnpPUgTsEvIn27NWHhfWvlP5IyxNBy7Sy4HEWMkNo4/Om+P1NKHN62ay
TBZssszRE6vNCIWmGq7ErjGupn9Dl7ACOIbbhxg+OqqGPoe6pgUEKHPbUTS+7g6m
R3dYKlNCeKIzTHVBSvaVpcbyKmttoJs9T4FiJOZvRMiToHWyZdosXGVuNiMxO2zZ
/t78Z3QEmHAjUDbXRRIgMrFUPek1BkoklTNP3TZnOqQI8PsWnrdjGzjOF9GPV8Vh
Ja4xA1tevvieL2aw7rvdP059bTbsv/OOj7NZGPfHsmsW8aAHd9uo4eQM+VnveKXD
4l74WuEbJFKAvtlcvspwew6hAgMBAAGjggKnMIICozAdBgNVHQ4EFgQUhyjU9T4R
DUbvPBShF65nV7sTNqowHwYDVR0jBBgwFoAUMSRAIBsu90t8rGwx+4X0HpxGhqAw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUVBODBDL0RFOThFQUYwRkI2
NTExRUZBMzc2RTQ0OUM0RjlBRTAyL01TUkFJQnN1OTB0OHJHd3gtNFgwSHB4R2hx
QS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvTVNSQUlCc3U5MHQ4ckd3eC00WDBIcHhHaHFBLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF
QTgwQy9ERTk4RUFGMEZCNjUxMUVGQTM3NkU0NDlDNEY5QUUwMi8wQUM2NzBGOEZC
NkExMUVGQjUxNUIwNzNDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAxBggrBgEFBQcBBwEB/wQi
MCAwHgQCAAIwGAMGBCQB9GBwAwYEJAH0YLADBgQkAfRg8DANBgkqhkiG9w0BAQsF
AAOCAQEAUfOso1CP1W9g+6YbSKYJ0AC4IpDZjaAVttKwlHWvCPdQO3DTA84Xauz/
qqd83PCSzwBXMiVdiKb+h6FwFE909r7t2u09yAHC/7Ow27hZwJOW2WRcEkJ/ep57
tveC2d1oYpWVlM8IoloI1o/4ikm32tG7Jx7EX3Akj/hIcSTWh83gwrYhEK/HMvbg
zyzFSRS2nv3ipbfoOJ/0RWS/kQVdbtjXcxK9b6GcG9tpUWC7bofNkqstpFhvRYCE
m3hf8ygqq8AJQaE4zYd9OJbzbO2v4CofmR0Ks3qLoqvPGqN/FqjR9EMTQKYjOllF
LiRrjNDMVKo/xUn284CQMAV3IIP0jQ==
-----END CERTIFICATE-----
Generated at Sat Apr 26 13:08:30 2025 by rpki-client