Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911112F/964DC69ABA8D11EE828A8946C4F9AE02/B9450EACEDB811EE9D7A8D4DC4F9AE02.roa
File: B9450EACEDB811EE9D7A8D4DC4F9AE02.roa (raw, json)
Hash identifier: 8Hg5Gx+mEmw7VCHsC+8QXzfVkNwJsJh4pEfhouwiIQE=
Subject key identifier: DB:AA:52:10:B0:4D:A3:EE:45:94:3B:55:90:BC:AF:0C:B0:F4:FC:9A
Certificate issuer: /CN=A911112F/serialNumber=1E57B43F044D4ABA8222A409786614280AA739A1
Certificate serial: 2A
Authority key identifier: 1E:57:B4:3F:04:4D:4A:BA:82:22:A4:09:78:66:14:28:0A:A7:39:A1
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Hle0PwRNSrqCIqQJeGYUKAqnOaE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911112F/964DC69ABA8D11EE828A8946C4F9AE02/B9450EACEDB811EE9D7A8D4DC4F9AE02.roa
Signing time: Fri 29 Mar 2024 10:40:13 +0000
ROA not before: Fri 29 Mar 2024 10:40:13 +0000
ROA not after: Sat 31 Aug 2024 00:00:00 +0000
asID: 142297
IP address blocks: 2001:df6:bb80::/64 maxlen: 64
Validation: Failed, certificate revoked on Fri 29 Mar 2024 13:09:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 42 (0x2a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911112F/serialNumber=1E57B43F044D4ABA8222A409786614280AA739A1
Validity
Not Before: Mar 29 10:40:13 2024 GMT
Not After : Aug 31 00:00:00 2024 GMT
Subject: CN=66069a8d-36e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:c4:4c:b8:25:65:75:f7:17:3f:ad:f0:6a:91:
87:6a:a4:95:b8:f1:22:07:23:73:fb:b7:1c:72:54:
d4:c9:bb:35:67:ae:75:62:81:1b:a4:4d:ce:f0:28:
36:e0:bd:11:d8:1b:87:b1:29:ac:c9:f3:e3:c7:95:
87:5e:bd:f5:11:28:42:36:5c:19:57:1f:b4:bb:d5:
50:c7:ec:04:94:98:47:20:60:80:f6:83:e6:97:ec:
67:42:76:01:6e:95:0a:5f:d8:07:56:fc:c2:a5:73:
0f:90:72:51:25:6a:3f:2a:f2:88:90:d2:0f:1a:b9:
79:c2:2f:01:94:e1:55:3a:b5:81:f9:5a:11:a7:4b:
4d:fa:20:db:06:a2:26:4e:09:38:62:57:e8:23:d8:
c9:b9:fb:a2:64:79:b2:4c:98:c1:f6:c5:44:b9:da:
42:af:ae:58:50:15:80:c4:41:d7:c3:b4:d7:92:fd:
c7:5f:c0:46:a9:d9:cf:fa:c2:78:d0:af:a2:5f:b0:
ec:86:e9:31:f5:79:4d:94:95:4a:9d:cc:86:75:77:
45:68:12:07:97:2e:9c:7d:8f:2c:b0:ac:e6:fd:e6:
f6:1a:5f:c2:ae:ae:56:fd:8f:b3:03:1e:fb:f8:23:
81:44:9e:92:a9:2b:0f:f5:8d:b9:06:9c:1b:fe:59:
4d:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:AA:52:10:B0:4D:A3:EE:45:94:3B:55:90:BC:AF:0C:B0:F4:FC:9A
X509v3 Authority Key Identifier:
keyid:1E:57:B4:3F:04:4D:4A:BA:82:22:A4:09:78:66:14:28:0A:A7:39:A1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911112F/964DC69ABA8D11EE828A8946C4F9AE02/Hle0PwRNSrqCIqQJeGYUKAqnOaE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Hle0PwRNSrqCIqQJeGYUKAqnOaE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911112F/964DC69ABA8D11EE828A8946C4F9AE02/B9450EACEDB811EE9D7A8D4DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2001:df6:bb80::/64
Signature Algorithm: sha256WithRSAEncryption
82:c9:b4:0b:38:99:b6:c9:bd:a3:fe:36:9c:3f:5f:b6:34:da:
d8:27:77:d5:5c:75:00:c8:fd:a6:ab:40:1d:7f:b1:aa:d3:16:
c7:ee:8c:20:d8:72:d4:58:8a:a6:c0:cf:8b:f8:df:aa:1b:f8:
74:c2:e1:13:c2:b2:83:70:e0:27:0c:e9:a4:5c:b6:e8:4f:99:
5b:fc:27:db:b3:74:c3:29:c1:30:3a:d7:58:e0:77:e2:fa:a5:
dd:6a:09:a7:7f:b7:2f:b8:a5:98:c0:a7:4d:df:8d:c0:a1:78:
4e:62:86:26:fd:45:4f:61:ab:eb:3b:39:25:c0:0f:a6:14:0a:
8a:6a:7f:72:e5:2b:81:c0:bc:e7:b2:55:8b:de:4c:11:7e:24:
79:9e:68:a7:fc:2c:7b:d9:b2:39:ff:71:05:4f:41:6c:3e:73:
7c:21:e4:30:d7:50:98:95:1f:f7:de:40:cc:e6:9a:a1:2f:84:
08:06:ad:ef:89:2d:2d:16:df:29:a1:be:2e:c0:a2:c2:7b:85:
68:94:a1:f5:44:2d:d1:0b:a0:3a:00:d7:fe:6b:42:72:c8:52:
59:b7:e4:17:96:c0:bd:25:4f:ce:5c:11:2b:9e:29:ea:b7:43:
ad:59:21:50:ef:08:e0:bc:3f:c7:55:84:87:12:c0:bf:ca:6b:
47:62:ff:2d
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgIBKjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEx
MTEyRjExMC8GA1UEBRMoMUU1N0I0M0YwNDRENEFCQTgyMjJBNDA5Nzg2NjE0Mjgw
QUE3MzlBMTAeFw0yNDAzMjkxMDQwMTNaFw0yNDA4MzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2MDY5YThkLTM2ZTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDZxEy4JWV19xc/rfBqkYdqpJW48SIHI3P7txxyVNTJuzVnrnVigRukTc7wKDbg
vRHYG4exKazJ8+PHlYdevfURKEI2XBlXH7S71VDH7ASUmEcgYID2g+aX7GdCdgFu
lQpf2AdW/MKlcw+QclElaj8q8oiQ0g8auXnCLwGU4VU6tYH5WhGnS036INsGoiZO
CThiV+gj2Mm5+6JkebJMmMH2xUS52kKvrlhQFYDEQdfDtNeS/cdfwEap2c/6wnjQ
r6JfsOyG6TH1eU2UlUqdzIZ1d0VoEgeXLpx9jyywrOb95vYaX8Kurlb9j7MDHvv4
I4FEnpKpKw/1jbkGnBv+WU0TAgMBAAGjggKaMIICljAdBgNVHQ4EFgQU26pSELBN
o+5FlDtVkLyvDLD0/JowHwYDVR0jBBgwFoAUHle0PwRNSrqCIqQJeGYUKAqnOaEw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTExMTJGLzk2NERDNjlBQkE4
RDExRUU4MjhBODk0NkM0RjlBRTAyL0hsZTBQd1JOU3JxQ0lxUUplR1lVS0Fxbk9h
RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvSGxlMFB3Uk5TcnFDSXFRSmVHWVVLQXFuT2FFLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx
MTEyRi85NjREQzY5QUJBOEQxMUVFODI4QTg5NDZDNEY5QUUwMi9COTQ1MEVBQ0VE
QjgxMUVFOUQ3QThENERDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAkBggrBgEFBQcBBwEB/wQV
MBMwEQQCAAIwCwMJACABDfa7gAAAMA0GCSqGSIb3DQEBCwUAA4IBAQCCybQLOJm2
yb2j/jacP1+2NNrYJ3fVXHUAyP2mq0Adf7Gq0xbH7owg2HLUWIqmwM+L+N+qG/h0
wuETwrKDcOAnDOmkXLboT5lb/Cfbs3TDKcEwOtdY4Hfi+qXdagmnf7cvuKWYwKdN
343AoXhOYoYm/UVPYavrOzklwA+mFAqKan9y5SuBwLznslWL3kwRfiR5nmin/Cx7
2bI5/3EFT0FsPnN8IeQw11CYlR/33kDM5pqhL4QIBq3viS0tFt8pob4uwKLCe4Vo
lKH1RC3RC6A6ANf+a0JyyFJZt+QXlsC9JU/OXBErninqt0OtWSFQ7wjgvD/HVYSH
EsC/ymtHYv8t
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:50:54 2024 by rpki-client on console-fra.rpki-client.org