Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9146944/43BD1C6E8E9511EAA9D73A2EC4F9AE02/AE10A02A825611EC8153D320C4F9AE02.roa
File: AE10A02A825611EC8153D320C4F9AE02.roa (raw, json)
Hash identifier: ZIp37fHuihJ5OAVY6k51NsDfS45wOmsPyVdFwYdhYtI=
Subject key identifier: 18:C5:2F:D4:12:E5:F9:9B:C1:F5:73:F0:42:F6:86:0D:25:7D:33:48
Certificate issuer: /CN=A9146944/serialNumber=ED1F958CB604B576E82214B4CF3CC0FE620EF9F4
Certificate serial: 0857
Authority key identifier: ED:1F:95:8C:B6:04:B5:76:E8:22:14:B4:CF:3C:C0:FE:62:0E:F9:F4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7R-VjLYEtXboIhS0zzzA_mIO-fQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9146944/43BD1C6E8E9511EAA9D73A2EC4F9AE02/AE10A02A825611EC8153D320C4F9AE02.roa
Signing time: Wed 28 Jun 2023 20:41:45 +0000
ROA not before: Wed 28 Jun 2023 20:41:45 +0000
ROA not after: Sat 31 Aug 2024 00:00:00 +0000
asID: 134371
IP address blocks: 2403:6940:f::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 18 Sep 2023 10:50:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2135 (0x857)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9146944/serialNumber=ED1F958CB604B576E82214B4CF3CC0FE620EF9F4
Validity
Not Before: Jun 28 20:41:45 2023 GMT
Not After : Aug 31 00:00:00 2024 GMT
Subject: CN=649c9b09-e58d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:3e:f0:5e:06:fa:66:b6:cd:0e:8b:c4:14:d6:
86:78:01:a9:85:9d:78:d8:6b:da:26:1c:1d:bf:00:
cd:cb:7d:81:10:8d:ef:d0:85:c9:61:9d:c3:15:43:
c3:a3:eb:6f:70:64:17:8a:bf:57:a2:21:a4:79:ae:
b1:95:8b:e8:6a:d7:6b:be:8c:85:e9:fa:0b:f5:79:
31:55:53:04:06:9c:8d:31:20:54:0b:bc:87:77:78:
7a:13:86:f6:a2:85:5e:35:d1:bd:85:a2:92:a1:29:
30:6b:6f:3c:e6:85:26:07:de:fe:1a:bd:99:44:43:
04:61:cb:dd:ed:fa:71:37:ce:44:fa:f5:48:6f:14:
7f:47:28:44:6a:ca:b4:bf:46:35:27:be:7e:72:b9:
9a:82:90:66:9a:d9:2c:be:36:40:9d:d0:48:a8:1e:
3e:75:f6:3c:ed:8a:85:36:55:3d:61:23:e5:56:a7:
b7:05:f2:84:03:3e:b8:5e:a5:2d:4a:a8:9b:2e:35:
10:a4:3b:fd:90:c0:77:6d:1a:8b:0c:69:ee:f7:38:
72:18:28:25:ae:96:a0:41:7f:01:60:65:1c:98:95:
7f:fc:2e:b0:82:69:83:b2:12:8b:66:1c:09:6d:38:
a1:cf:de:52:4d:96:c5:20:8f:39:c6:94:73:fd:9d:
2f:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:C5:2F:D4:12:E5:F9:9B:C1:F5:73:F0:42:F6:86:0D:25:7D:33:48
X509v3 Authority Key Identifier:
keyid:ED:1F:95:8C:B6:04:B5:76:E8:22:14:B4:CF:3C:C0:FE:62:0E:F9:F4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9146944/43BD1C6E8E9511EAA9D73A2EC4F9AE02/7R-VjLYEtXboIhS0zzzA_mIO-fQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7R-VjLYEtXboIhS0zzzA_mIO-fQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9146944/43BD1C6E8E9511EAA9D73A2EC4F9AE02/AE10A02A825611EC8153D320C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2403:6940:f::/48
Signature Algorithm: sha256WithRSAEncryption
77:3b:43:20:61:fa:fd:c2:e3:95:0e:44:31:ae:fb:52:01:b1:
2e:f1:52:1a:d1:34:62:0c:1a:c1:3b:d9:5f:58:48:f6:a9:36:
31:e2:8c:1a:fa:33:f8:a5:c6:fd:8e:f6:27:3e:f5:95:08:57:
a4:45:a2:34:ee:4f:3b:54:53:98:e2:4e:25:f1:c8:14:7c:b3:
3a:ad:9c:18:c2:f7:01:66:e9:c0:fe:28:9c:e3:84:15:27:b8:
09:6d:1d:dd:fc:e7:1e:68:6f:ed:78:0e:fd:00:ef:31:4f:86:
7a:3a:6b:98:73:93:a9:a2:02:53:0d:3b:8e:19:7d:1d:ba:88:
52:7e:f2:62:7b:27:69:0e:b5:49:13:16:a3:71:71:b3:4e:c0:
b9:48:3e:70:f0:17:06:5a:dc:01:85:c8:35:ca:d0:a4:d8:c3:
bc:4e:fd:ca:e9:b0:73:63:63:ef:2b:b7:ce:01:3f:70:aa:6e:
15:3b:d0:4f:0d:22:0a:c7:f9:47:03:d2:6d:35:0c:ac:95:26:
8b:39:d6:36:26:61:27:d9:bf:bf:06:81:fd:20:c7:2c:c9:5d:
dd:c3:e9:f8:34:d4:63:0e:09:05:e6:68:74:83:35:a2:4c:ec:
84:8c:b3:8b:c1:c1:54:f2:92:fe:d4:fc:41:d1:de:2c:c7:21:
52:37:2d:35
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgICCFcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDY5NDQxMTAvBgNVBAUTKEVEMUY5NThDQjYwNEI1NzZFODIyMTRCNENGM0NDMEZF
NjIwRUY5RjQwHhcNMjMwNjI4MjA0MTQ1WhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDljOWIwOS1lNThkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwj7wXgb6ZrbNDovEFNaGeAGphZ142GvaJhwdvwDNy32BEI3v0IXJYZ3DFUPD
o+tvcGQXir9XoiGkea6xlYvoatdrvoyF6foL9XkxVVMEBpyNMSBUC7yHd3h6E4b2
ooVeNdG9haKSoSkwa2885oUmB97+Gr2ZREMEYcvd7fpxN85E+vVIbxR/RyhEasq0
v0Y1J75+crmagpBmmtksvjZAndBIqB4+dfY87YqFNlU9YSPlVqe3BfKEAz64XqUt
SqibLjUQpDv9kMB3bRqLDGnu9zhyGCglrpagQX8BYGUcmJV//C6wgmmDshKLZhwJ
bTihz95STZbFII85xpRz/Z0veQIDAQABo4ICmDCCApQwHQYDVR0OBBYEFBjFL9QS
5fmbwfVz8EL2hg0lfTNIMB8GA1UdIwQYMBaAFO0flYy2BLV26CIUtM88wP5iDvn0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0Njk0NC80M0JEMUM2RThF
OTUxMUVBQTlENzNBMkVDNEY5QUUwMi83Ui1WakxZRXRYYm9JaFMwenp6QV9tSU8t
ZlEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzdSLVZqTFlFdFhib0loUzB6enpBX21JTy1mUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDY5NDQvNDNCRDFDNkU4RTk1MTFFQUE5RDczQTJFQzRGOUFFMDIvQUUxMEEwMkE4
MjU2MTFFQzgxNTNEMzIwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwAkA2lAAA8wDQYJKoZIhvcNAQELBQADggEBAHc7QyBh+v3C
45UORDGu+1IBsS7xUhrRNGIMGsE72V9YSPapNjHijBr6M/ilxv2O9ic+9ZUIV6RF
ojTuTztUU5jiTiXxyBR8szqtnBjC9wFm6cD+KJzjhBUnuAltHd385x5ob+14Dv0A
7zFPhno6a5hzk6miAlMNO44ZfR26iFJ+8mJ7J2kOtUkTFqNxcbNOwLlIPnDwFwZa
3AGFyDXK0KTYw7xO/crpsHNjY+8rt84BP3CqbhU70E8NIgrH+UcD0m01DKyVJos5
1jYmYSfZv78Ggf0gxyzJXd3D6fg01GMOCQXmaHSDNaJM7ISMs4vBwVTykv7U/EHR
3izHIVI3LTU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:57 2024 by rpki-client on console-ams.rpki-client.org