Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9133CD2/45F3AA7EAC1611EDB947B860C4F9AE02/0F605ED67C9311EFAFCC6256C4F9AE02.roa
File: 0F605ED67C9311EFAFCC6256C4F9AE02.roa (raw, json)
Hash identifier: A1DD0Yg290/qbNE0iIl5KMvWaa5FB7GhPRjVd1nvIwo=
Subject key identifier: BD:74:79:ED:93:20:90:6C:F8:34:7A:76:41:83:FF:4C:63:53:6D:BD
Certificate issuer: /CN=A9133CD2/serialNumber=9AAC156FA918B4305741DAE9D5DBA2933746CE87
Certificate serial: 013E
Authority key identifier: 9A:AC:15:6F:A9:18:B4:30:57:41:DA:E9:D5:DB:A2:93:37:46:CE:87
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mqwVb6kYtDBXQdrp1duikzdGzoc.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9133CD2/45F3AA7EAC1611EDB947B860C4F9AE02/0F605ED67C9311EFAFCC6256C4F9AE02.roa
Signing time: Fri 27 Sep 2024 05:40:53 +0000
ROA not before: Fri 27 Sep 2024 05:40:53 +0000
ROA not after: Thu 01 May 2025 00:00:00 +0000
asID: 135345
IP address blocks: 2400:4ce0::/32 maxlen: 48
Validation: Failed, certificate revoked on Sat 28 Sep 2024 01:23:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 318 (0x13e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9133CD2/serialNumber=9AAC156FA918B4305741DAE9D5DBA2933746CE87
Validity
Not Before: Sep 27 05:40:53 2024 GMT
Not After : May 1 00:00:00 2025 GMT
Subject: CN=66f64565-a421
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:7a:4b:6a:f9:b4:76:25:ca:45:0a:d8:43:26:
dd:47:64:71:e2:11:3f:fc:fe:28:b7:de:19:8c:82:
99:64:c2:c0:5a:08:03:6c:c3:d1:1e:7e:9a:67:b8:
b5:01:0f:74:01:2a:cb:ed:62:6a:2c:34:4e:b2:de:
d2:09:20:76:8a:11:7f:34:4b:0d:d5:4f:fc:40:37:
e8:1e:bc:4c:86:a9:96:58:78:77:b1:89:bc:76:36:
dd:31:5b:e1:9a:26:73:0f:ff:7d:43:b5:b2:c8:0b:
48:c9:e6:df:b5:ff:a6:39:b2:87:1d:f5:6e:f9:e6:
36:22:d5:80:d4:eb:01:ac:2c:c4:11:c9:ee:4c:63:
e1:c0:3f:ad:85:51:cd:fa:f1:eb:07:fa:48:3d:fe:
4d:9d:b3:49:0a:e2:ea:6a:e5:3f:ba:b6:01:d6:df:
0d:a5:27:51:e2:2f:52:be:91:19:34:2e:f5:ab:16:
af:37:e3:34:a7:b6:a5:8e:4d:b8:1a:ac:ad:25:58:
e7:46:e2:e2:85:3b:f7:70:3d:02:de:af:09:78:c8:
2c:61:e2:b1:63:2c:43:4d:45:11:5b:82:51:bc:ae:
19:4e:0c:da:9f:65:7d:fd:fd:07:20:2c:09:93:e8:
e2:aa:cb:90:dc:76:b4:77:38:a8:95:5b:89:f6:54:
d4:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:74:79:ED:93:20:90:6C:F8:34:7A:76:41:83:FF:4C:63:53:6D:BD
X509v3 Authority Key Identifier:
keyid:9A:AC:15:6F:A9:18:B4:30:57:41:DA:E9:D5:DB:A2:93:37:46:CE:87
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9133CD2/45F3AA7EAC1611EDB947B860C4F9AE02/mqwVb6kYtDBXQdrp1duikzdGzoc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mqwVb6kYtDBXQdrp1duikzdGzoc.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9133CD2/45F3AA7EAC1611EDB947B860C4F9AE02/0F605ED67C9311EFAFCC6256C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2400:4ce0::/32
Signature Algorithm: sha256WithRSAEncryption
cd:c1:e3:b1:78:0b:52:06:67:6f:34:f9:6d:4a:29:9d:47:74:
b9:ee:fb:7f:c5:34:9a:ac:a9:50:a1:e2:d4:5f:d2:03:f7:2e:
db:77:2f:8c:e8:51:fb:19:c0:9d:7e:13:67:20:83:31:a8:80:
67:7d:90:d4:ba:28:4c:89:4d:13:3d:79:22:21:6d:02:6d:58:
f4:89:1a:2d:96:22:47:21:57:6a:45:4b:f3:2f:86:ef:60:91:
ce:0c:83:3f:8f:c9:be:c5:f1:3d:45:de:23:84:57:0e:ae:0a:
1b:6c:ef:c8:20:21:7c:90:79:70:e0:97:7b:85:86:86:7c:ef:
83:7d:15:9e:7c:93:d2:45:fa:ef:94:a5:ec:5e:53:d2:24:4d:
f0:35:4f:19:d0:da:c9:10:dc:72:22:ee:56:34:88:e1:ec:31:
b6:15:9c:f3:5d:8f:84:c6:81:dd:19:bb:5f:42:95:66:76:11:
93:9b:55:fe:30:5b:69:9e:9d:3a:fe:c5:f7:a5:49:e8:98:0d:
0e:09:1d:be:cc:bf:16:68:a6:fb:1f:9c:20:da:d5:de:f0:87:
1b:71:11:fb:31:6a:66:c7:c7:31:44:54:63:6d:eb:06:c5:7a:
20:4c:0c:9d:48:5e:ac:d8:d7:88:8d:9f:41:ae:b3:b4:35:ed:
43:33:81:05
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgICAT4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzNDRDIxMTAvBgNVBAUTKDlBQUMxNTZGQTkxOEI0MzA1NzQxREFFOUQ1REJBMjkz
Mzc0NkNFODcwHhcNMjQwOTI3MDU0MDUzWhcNMjUwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmY2NDU2NS1hNDIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvnpLavm0diXKRQrYQybdR2Rx4hE//P4ot94ZjIKZZMLAWggDbMPRHn6aZ7i1
AQ90ASrL7WJqLDROst7SCSB2ihF/NEsN1U/8QDfoHrxMhqmWWHh3sYm8djbdMVvh
miZzD/99Q7WyyAtIyebftf+mObKHHfVu+eY2ItWA1OsBrCzEEcnuTGPhwD+thVHN
+vHrB/pIPf5NnbNJCuLqauU/urYB1t8NpSdR4i9SvpEZNC71qxavN+M0p7aljk24
GqytJVjnRuLihTv3cD0C3q8JeMgsYeKxYyxDTUURW4JRvK4ZTgzan2V9/f0HICwJ
k+jiqsuQ3Ha0dziolVuJ9lTUEwIDAQABo4ICljCCApIwHQYDVR0OBBYEFL10ee2T
IJBs+DR6dkGD/0xjU229MB8GA1UdIwQYMBaAFJqsFW+pGLQwV0Ha6dXbopM3Rs6H
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzM0NEMi80NUYzQUE3RUFD
MTYxMUVEQjk0N0I4NjBDNEY5QUUwMi9tcXdWYjZrWXREQlhRZHJwMWR1aWt6ZEd6
b2MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL21xd1ZiNmtZdERCWFFkcnAxZHVpa3pkR3pvYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzNDRDIvNDVGM0FBN0VBQzE2MTFFREI5NDdCODYwQzRGOUFFMDIvMEY2MDVFRDY3
QzkzMTFFRkFGQ0M2MjU2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIAYIKwYBBQUHAQcBAf8E
ETAPMA0EAgACMAcDBQAkAEzgMA0GCSqGSIb3DQEBCwUAA4IBAQDNweOxeAtSBmdv
NPltSimdR3S57vt/xTSarKlQoeLUX9ID9y7bdy+M6FH7GcCdfhNnIIMxqIBnfZDU
uihMiU0TPXkiIW0CbVj0iRotliJHIVdqRUvzL4bvYJHODIM/j8m+xfE9Rd4jhFcO
rgobbO/IICF8kHlw4Jd7hYaGfO+DfRWefJPSRfrvlKXsXlPSJE3wNU8Z0NrJENxy
Iu5WNIjh7DG2FZzzXY+ExoHdGbtfQpVmdhGTm1X+MFtpnp06/sX3pUnomA0OCR2+
zL8WaKb7H5wg2tXe8IcbcRH7MWpmx8cxRFRjbesGxXogTAydSF6s2NeIjZ9BrrO0
Ne1DM4EF
-----END CERTIFICATE-----
Generated at Sat Sep 28 02:58:43 2024 by rpki-client on console-fra.rpki-client.org