Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91ED9F9/6860D5A0C95211EEB7ADDD4EC4F9AE02/D79FB786B26F11EFB2BFFC58C4F9AE02.roa
File: D79FB786B26F11EFB2BFFC58C4F9AE02.roa (raw, json)
Hash identifier: 4UpHBT9iERyff3NfgCk8+japsCZU1QS5RKdCBruMO5Y=
Subject key identifier: EB:01:DF:6B:67:CC:C7:98:25:97:00:A0:8F:B3:7A:6F:95:00:AD:01
Certificate issuer: /CN=A91ED9F9/serialNumber=92EFD5C0B9201A7ED3965F2D98B6D9EB66290530
Certificate serial: D7
Authority key identifier: 92:EF:D5:C0:B9:20:1A:7E:D3:96:5F:2D:98:B6:D9:EB:66:29:05:30
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ku_VwLkgGn7Tll8tmLbZ62YpBTA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91ED9F9/6860D5A0C95211EEB7ADDD4EC4F9AE02/D79FB786B26F11EFB2BFFC58C4F9AE02.roa
Signing time: Sun 23 Mar 2025 05:21:26 +0000
ROA not before: Sun 23 Mar 2025 05:21:26 +0000
ROA not after: Thu 28 May 2026 00:00:00 +0000
asID: 25855
IP address blocks: 2401:7f60::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 14 Apr 2025 07:53:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 215 (0xd7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91ED9F9, serialNumber=92EFD5C0B9201A7ED3965F2D98B6D9EB66290530
Validity
Not Before: Mar 23 05:21:26 2025 GMT
Not After : May 28 00:00:00 2026 GMT
Subject: CN=67df9a56-e7d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:07:ac:6a:9c:df:12:f2:36:24:9f:23:56:5a:
ed:94:b0:ad:b5:06:76:f7:23:e4:cc:50:2e:e1:69:
7b:c6:98:ab:df:97:fc:2a:27:ef:db:0c:9b:27:1d:
6a:f0:d1:74:c6:b4:2f:db:0c:5a:58:1f:a1:42:99:
d1:eb:78:b7:d4:f5:51:a1:af:e6:b6:64:c7:8f:04:
97:43:1c:bc:6b:ae:e8:a5:4f:5c:53:9a:19:54:64:
50:f4:db:05:0a:62:a0:73:3f:a9:5f:b0:57:74:ed:
4a:70:97:d1:aa:c5:71:b8:76:8d:77:e7:f9:27:29:
e6:dc:36:e0:7b:fa:b5:2c:a0:b0:16:24:23:e3:a1:
22:2d:be:7a:86:c8:e2:1c:62:27:97:db:04:79:2e:
3a:7f:73:7c:36:89:a5:71:21:72:8b:16:f0:10:98:
00:0f:16:21:1c:98:86:0a:52:69:5f:37:42:cd:08:
4a:3e:ac:25:ba:d7:13:fb:5e:6c:fc:9a:09:ce:06:
5f:a0:62:c3:13:bf:c0:2c:04:db:4d:cc:94:1b:a1:
ed:df:08:33:4c:10:20:c2:32:70:3e:43:26:24:3c:
47:08:f4:ad:e9:54:7d:d4:fe:9f:87:fd:59:a7:b1:
29:ac:31:24:5f:1c:93:0f:d6:f1:ee:6a:eb:8c:29:
bc:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:01:DF:6B:67:CC:C7:98:25:97:00:A0:8F:B3:7A:6F:95:00:AD:01
X509v3 Authority Key Identifier:
keyid:92:EF:D5:C0:B9:20:1A:7E:D3:96:5F:2D:98:B6:D9:EB:66:29:05:30
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91ED9F9/6860D5A0C95211EEB7ADDD4EC4F9AE02/ku_VwLkgGn7Tll8tmLbZ62YpBTA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ku_VwLkgGn7Tll8tmLbZ62YpBTA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91ED9F9/6860D5A0C95211EEB7ADDD4EC4F9AE02/D79FB786B26F11EFB2BFFC58C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2401:7f60::/32
Signature Algorithm: sha256WithRSAEncryption
94:bf:0d:dd:74:a6:49:78:94:5c:8e:9a:a1:4c:21:00:7d:e2:
95:c0:8d:60:0f:ce:50:d6:1a:e3:e0:83:b3:fa:59:b2:3d:f2:
2c:56:3b:ca:d3:b2:75:10:6d:8f:13:e6:69:1b:85:80:68:6b:
d8:3e:d7:10:7d:48:ff:98:3a:cd:ed:d2:c8:ca:95:90:38:1a:
9f:df:f0:40:1a:63:e5:49:fa:4f:89:bc:45:bf:74:35:04:e8:
7c:95:ca:85:2e:ba:4e:73:e8:d1:79:67:5f:d8:02:37:76:27:
1a:40:89:15:c9:37:e8:cd:f4:39:06:84:c9:02:ca:44:cc:ea:
fe:25:e6:38:13:1e:08:cb:48:e2:32:31:ed:5f:4f:67:cc:04:
a2:52:0b:aa:a0:f7:66:27:8c:87:fc:b3:d1:4b:5c:14:2f:18:
33:b1:25:18:b0:d4:ed:4a:76:5a:bb:40:a4:17:c9:ba:ea:eb:
c3:b1:40:b2:48:b3:1f:55:47:0a:56:b7:02:58:ea:f4:df:9a:
69:25:8a:26:87:c1:89:6b:16:7e:c1:c0:ca:24:d4:a8:de:c9:
c6:ac:8b:89:b2:ef:7f:85:bc:df:6d:21:18:36:1c:9c:45:5a:
9b:0d:0e:e2:ab:bb:d8:d6:0d:8e:ab:25:1d:6e:d4:52:26:de:
2d:f2:8e:51
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgICANcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RUQ5RjkxMTAvBgNVBAUTKDkyRUZENUMwQjkyMDFBN0VEMzk2NUYyRDk4QjZEOUVC
NjYyOTA1MzAwHhcNMjUwMzIzMDUyMTI2WhcNMjYwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02N2RmOWE1Ni1lN2Q1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvwesapzfEvI2JJ8jVlrtlLCttQZ29yPkzFAu4Wl7xpir35f8Kifv2wybJx1q
8NF0xrQv2wxaWB+hQpnR63i31PVRoa/mtmTHjwSXQxy8a67opU9cU5oZVGRQ9NsF
CmKgcz+pX7BXdO1KcJfRqsVxuHaNd+f5Jynm3Dbge/q1LKCwFiQj46EiLb56hsji
HGInl9sEeS46f3N8NomlcSFyixbwEJgADxYhHJiGClJpXzdCzQhKPqwlutcT+15s
/JoJzgZfoGLDE7/ALATbTcyUG6Ht3wgzTBAgwjJwPkMmJDxHCPSt6VR91P6fh/1Z
p7EprDEkXxyTD9bx7mrrjCm8VQIDAQABo4ICljCCApIwHQYDVR0OBBYEFOsB32tn
zMeYJZcAoI+zem+VAK0BMB8GA1UdIwQYMBaAFJLv1cC5IBp+05ZfLZi22etmKQUw
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFRDlGOS82ODYwRDVBMEM5
NTIxMUVFQjdBRERENEVDNEY5QUUwMi9rdV9Wd0xrZ0duN1RsbDh0bUxiWjYyWXBC
VEEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2t1X1Z3TGtnR243VGxsOHRtTGJaNjJZcEJUQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RUQ5RjkvNjg2MEQ1QTBDOTUyMTFFRUI3QURERDRFQzRGOUFFMDIvRDc5RkI3ODZC
MjZGMTFFRkIyQkZGQzU4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIAYIKwYBBQUHAQcBAf8E
ETAPMA0EAgACMAcDBQAkAX9gMA0GCSqGSIb3DQEBCwUAA4IBAQCUvw3ddKZJeJRc
jpqhTCEAfeKVwI1gD85Q1hrj4IOz+lmyPfIsVjvK07J1EG2PE+ZpG4WAaGvYPtcQ
fUj/mDrN7dLIypWQOBqf3/BAGmPlSfpPibxFv3Q1BOh8lcqFLrpOc+jReWdf2AI3
dicaQIkVyTfozfQ5BoTJAspEzOr+JeY4Ex4Iy0jiMjHtX09nzASiUguqoPdmJ4yH
/LPRS1wULxgzsSUYsNTtSnZau0CkF8m66uvDsUCySLMfVUcKVrcCWOr035ppJYom
h8GJaxZ+wcDKJNSo3snGrIuJsu9/hbzfbSEYNhycRVqbDQ7iq7vY1g2OqyUdbtRS
Jt4t8o5R
-----END CERTIFICATE-----
Generated at Sat Apr 26 07:38:20 2025 by rpki-client