Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911C28D/BDAB67F63A8011E5AE390155C4F9AE02/2DA98A0AFEC911E88E78993AC4F9AE02.roa
File: 2DA98A0AFEC911E88E78993AC4F9AE02.roa (raw, json)
Hash identifier: fnaQM/QGM5+oXJhX56b0meA4P87OrZMcwnYGRpK9VEg=
Subject key identifier: 63:18:2C:38:A1:44:51:B4:B7:99:EB:C8:63:18:39:2F:4B:48:C6:9A
Certificate issuer: /CN=A911C28D/serialNumber=99DFB6BF7950E6B40195A59024F4B750863D3D93
Certificate serial: 2623
Authority key identifier: 99:DF:B6:BF:79:50:E6:B4:01:95:A5:90:24:F4:B7:50:86:3D:3D:93
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/md-2v3lQ5rQBlaWQJPS3UIY9PZM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911C28D/BDAB67F63A8011E5AE390155C4F9AE02/2DA98A0AFEC911E88E78993AC4F9AE02.roa
Signing time: Sun 06 Aug 2023 16:12:46 +0000
ROA not before: Sun 06 Aug 2023 16:12:46 +0000
ROA not after: Mon 30 Sep 2024 00:00:00 +0000
asID: 138166
IP address blocks: 2402:9e80:27::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9763 (0x2623)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911C28D/serialNumber=99DFB6BF7950E6B40195A59024F4B750863D3D93
Validity
Not Before: Aug 6 16:12:46 2023 GMT
Not After : Sep 30 00:00:00 2024 GMT
Subject: CN=64cfc67e-ff6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:e3:a2:e7:e9:2e:9b:19:a2:ae:6e:9e:de:95:
4e:09:56:e2:6e:96:50:13:5d:69:43:e6:24:0d:0f:
97:4e:fa:eb:dc:ae:b9:d4:78:1a:b3:60:12:80:75:
14:c7:86:3b:10:f2:c2:04:47:84:b8:0a:4b:29:2d:
80:cc:7e:93:d0:6b:7e:09:da:b4:8a:ef:b4:e8:6f:
c8:a4:ba:07:8e:2b:80:9c:55:cb:a2:33:39:36:0b:
0e:cb:58:f4:ae:4b:b5:a4:3a:4f:c2:1c:70:16:b8:
52:28:a3:65:1e:11:f6:15:32:cd:3d:1a:7b:34:a8:
3e:01:87:58:89:58:cd:df:71:6c:cf:32:8d:52:c5:
a8:d7:c8:67:0d:86:74:d1:69:ba:5b:b3:08:14:ee:
f9:df:7e:e6:ff:f1:1d:88:9e:ec:d4:1b:ac:2a:54:
3f:3f:35:96:25:0c:8e:3c:c7:b3:da:1c:70:45:58:
12:18:25:91:38:5c:e6:cb:4f:d5:2e:04:c1:bd:3f:
43:e7:a9:10:9e:b7:85:8d:21:06:27:3d:4b:73:30:
d2:31:c6:c1:c7:f2:b9:e4:99:7f:d2:fd:fa:e3:23:
83:ca:0f:e0:a7:54:35:4a:94:5c:5c:43:ba:76:db:
14:73:be:c9:48:fd:dd:13:db:c1:ed:6e:bb:4c:77:
1b:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:18:2C:38:A1:44:51:B4:B7:99:EB:C8:63:18:39:2F:4B:48:C6:9A
X509v3 Authority Key Identifier:
keyid:99:DF:B6:BF:79:50:E6:B4:01:95:A5:90:24:F4:B7:50:86:3D:3D:93
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911C28D/BDAB67F63A8011E5AE390155C4F9AE02/md-2v3lQ5rQBlaWQJPS3UIY9PZM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/md-2v3lQ5rQBlaWQJPS3UIY9PZM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911C28D/BDAB67F63A8011E5AE390155C4F9AE02/2DA98A0AFEC911E88E78993AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2402:9e80:27::/48
Signature Algorithm: sha256WithRSAEncryption
1f:53:70:2d:28:7d:d3:fa:b5:a1:ef:25:19:cb:15:21:79:c2:
26:9f:cf:72:c8:9f:c5:15:9e:22:b2:df:46:65:ed:f5:d2:5e:
f3:47:42:8f:6b:d9:51:dd:ea:55:bb:11:0a:35:c3:13:d2:f8:
94:14:07:3b:ee:8f:e3:e3:2d:99:f9:7e:f1:35:95:13:67:18:
63:69:4e:05:50:6e:0c:b6:fc:ba:59:cd:af:f0:79:33:71:24:
74:a1:b2:a7:27:fd:7a:ff:af:3c:68:bd:5f:62:f7:47:95:2c:
6b:c6:6e:ee:5c:ee:9b:8a:4e:3c:69:2d:16:fb:a0:3c:0c:44:
37:a0:63:80:44:d9:2b:79:61:0f:f6:9d:9a:39:0d:62:f0:14:
c0:ce:fe:b7:19:2e:dc:2b:0e:2b:c1:67:e1:e8:a8:b0:0d:14:
78:ef:c6:15:98:01:c6:be:3b:3d:52:59:bb:0b:42:91:7c:aa:
be:33:28:db:46:51:b0:01:c5:46:5e:f9:d7:a4:b2:1b:4b:2b:
29:0a:93:88:e4:80:0a:9a:36:29:31:f4:c3:95:df:63:0f:86:
72:b1:2c:8a:aa:f7:45:a0:1e:ec:5b:8b:9f:11:14:cb:e4:d2:
71:c1:10:e8:32:81:bf:52:41:73:5c:dd:1f:a0:3c:80:16:ee:
f9:4e:07:cc
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgICJiMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUMyOEQxMTAvBgNVBAUTKDk5REZCNkJGNzk1MEU2QjQwMTk1QTU5MDI0RjRCNzUw
ODYzRDNEOTMwHhcNMjMwODA2MTYxMjQ2WhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGNmYzY3ZS1mZjZlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAw+Oi5+kumxmirm6e3pVOCVbibpZQE11pQ+YkDQ+XTvrr3K651Hgas2ASgHUU
x4Y7EPLCBEeEuApLKS2AzH6T0Gt+Cdq0iu+06G/IpLoHjiuAnFXLojM5NgsOy1j0
rku1pDpPwhxwFrhSKKNlHhH2FTLNPRp7NKg+AYdYiVjN33FszzKNUsWo18hnDYZ0
0Wm6W7MIFO75337m//EdiJ7s1BusKlQ/PzWWJQyOPMez2hxwRVgSGCWROFzmy0/V
LgTBvT9D56kQnreFjSEGJz1LczDSMcbBx/K55Jl/0v364yODyg/gp1Q1SpRcXEO6
dtsUc77JSP3dE9vB7W67THcbxQIDAQABo4ICmDCCApQwHQYDVR0OBBYEFGMYLDih
RFG0t5nryGMYOS9LSMaaMB8GA1UdIwQYMBaAFJnftr95UOa0AZWlkCT0t1CGPT2T
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQzI4RC9CREFCNjdGNjNB
ODAxMUU1QUUzOTAxNTVDNEY5QUUwMi9tZC0ydjNsUTVyUUJsYVdRSlBTM1VJWTlQ
Wk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL21kLTJ2M2xRNXJRQmxhV1FKUFMzVUlZOVBaTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUMyOEQvQkRBQjY3RjYzQTgwMTFFNUFFMzkwMTU1QzRGOUFFMDIvMkRBOThBMEFG
RUM5MTFFODhFNzg5OTNBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwAkAp6AACcwDQYJKoZIhvcNAQELBQADggEBAB9TcC0ofdP6
taHvJRnLFSF5wiafz3LIn8UVniKy30Zl7fXSXvNHQo9r2VHd6lW7EQo1wxPS+JQU
Bzvuj+PjLZn5fvE1lRNnGGNpTgVQbgy2/LpZza/weTNxJHShsqcn/Xr/rzxovV9i
90eVLGvGbu5c7puKTjxpLRb7oDwMRDegY4BE2St5YQ/2nZo5DWLwFMDO/rcZLtwr
DivBZ+HoqLANFHjvxhWYAca+Oz1SWbsLQpF8qr4zKNtGUbABxUZe+dekshtLKykK
k4jkgAqaNikx9MOV32MPhnKxLIqq90WgHuxbi58RFMvk0nHBEOgygb9SQXNc3R+g
PIAW7vlOB8w=
-----END CERTIFICATE-----
Generated at Mon Sep 25 09:48:01 2023 by rpki-client on console-fra.rpki-client.org