Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/D49DF4F620F011EE9ED14B39C4F9AE02.roa
File: D49DF4F620F011EE9ED14B39C4F9AE02.roa (raw, json)
Hash identifier: 7NEkHuNkr5G59c38OZ+BXTbTzRGiJA/6ztV18U2bN2k=
Subject key identifier: A1:85:3A:3F:3E:C8:7E:A2:3E:E9:E1:EE:D8:18:9A:84:97:BB:41:53
Certificate issuer: /CN=A914F521/serialNumber=2976876753D65562A7CA85E3E9E8DF750797C948
Certificate serial: 0C49
Authority key identifier: 29:76:87:67:53:D6:55:62:A7:CA:85:E3:E9:E8:DF:75:07:97:C9:48
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/D49DF4F620F011EE9ED14B39C4F9AE02.roa
Signing time: Wed 12 Jul 2023 20:15:23 +0000
ROA not before: Wed 12 Jul 2023 20:15:23 +0000
ROA not after: Sat 31 Aug 2024 00:00:00 +0000
asID: 137843
IP address blocks: 2402:e840::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3145 (0xc49)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914F521/serialNumber=2976876753D65562A7CA85E3E9E8DF750797C948
Validity
Not Before: Jul 12 20:15:23 2023 GMT
Not After : Aug 31 00:00:00 2024 GMT
Subject: CN=64af09da-ad3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:c6:e0:2f:8c:c2:b7:52:5e:38:47:8e:d3:1a:
84:ff:b2:89:ff:8d:94:98:a8:2c:62:bb:fc:38:a9:
1f:a2:b4:ce:90:0e:e6:f2:02:88:68:e2:14:d0:58:
47:88:1c:54:d6:4d:97:fb:66:3f:86:07:8d:7e:0c:
ee:c8:a6:4c:f6:ed:bf:26:c4:59:63:2e:9c:ac:32:
9c:5a:95:4e:f5:b3:34:82:7e:6e:95:e4:b4:96:57:
8e:83:b9:db:3a:20:07:e3:c9:2f:99:a8:63:75:c6:
90:1c:e6:24:d7:43:8a:44:c2:6c:bd:85:08:b6:5e:
e0:ce:d2:12:92:0e:85:22:98:91:58:65:99:8b:48:
2e:1e:fa:7d:e6:99:0f:ee:6b:e2:6a:d9:43:84:4e:
36:67:eb:d3:f4:11:20:4e:e8:f5:e3:3a:75:33:fa:
fe:cc:51:2e:03:81:66:dd:b1:ef:9b:fa:ce:1e:eb:
aa:ac:aa:72:ee:5b:6c:85:eb:5f:dc:1c:78:85:88:
09:b5:11:13:31:5f:7d:61:84:96:94:7e:11:68:51:
c0:d0:1c:44:3e:39:08:86:b5:07:e4:af:a8:f9:d2:
09:86:b9:25:98:01:84:fe:df:aa:f6:e0:4e:ea:97:
a9:d0:f8:bf:4a:3f:13:99:b2:a1:fa:34:bd:65:7c:
55:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:85:3A:3F:3E:C8:7E:A2:3E:E9:E1:EE:D8:18:9A:84:97:BB:41:53
X509v3 Authority Key Identifier:
keyid:29:76:87:67:53:D6:55:62:A7:CA:85:E3:E9:E8:DF:75:07:97:C9:48
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/D49DF4F620F011EE9ED14B39C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2402:e840::/32
Signature Algorithm: sha256WithRSAEncryption
51:12:c5:d2:30:26:39:26:9e:09:59:0c:58:f0:8d:b9:ec:4c:
5d:3f:d1:44:e6:07:7b:9b:3c:1d:20:a3:1b:8e:a2:25:a8:11:
5a:fd:76:ff:ca:4b:7c:3d:ce:b4:db:b5:42:a4:b7:d1:ef:f9:
59:f0:b3:86:05:b8:6a:9f:8f:1a:16:80:86:77:94:66:cf:c8:
b6:a5:bb:60:07:0a:4f:cf:7f:38:9f:02:39:4e:ba:4b:e8:f5:
a9:33:5a:64:b8:7a:fa:6e:b4:c8:70:b3:b6:76:c6:b9:47:da:
21:d9:06:dc:8f:bb:b7:da:eb:cc:ce:21:39:00:3d:ea:ec:1f:
cb:7e:0c:ab:e6:ee:c3:4d:8d:17:9f:a6:a7:de:38:50:5a:94:
ba:0d:12:2e:1d:82:5f:90:11:0d:57:c6:b9:d7:da:b5:7d:d4:
f2:65:35:0f:63:27:d4:1b:01:92:96:8a:3d:0c:4a:b2:8b:ad:
83:25:fc:41:0e:65:33:19:bf:46:22:af:a5:6c:a2:98:d3:36:
0d:b4:fb:dc:9b:fd:09:5a:91:c1:6d:81:13:d7:53:d8:ca:9a:
fa:a1:96:5e:3f:8e:92:71:8c:03:7e:0e:b1:d5:42:fc:a5:87:
ee:5a:42:b4:ef:dc:fa:30:d7:78:4e:f9:7d:83:a8:64:f5:7c:
49:82:dc:c5
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgICDEkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NEY1MjExMTAvBgNVBAUTKDI5NzY4NzY3NTNENjU1NjJBN0NBODVFM0U5RThERjc1
MDc5N0M5NDgwHhcNMjMwNzEyMjAxNTIzWhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGFmMDlkYS1hZDNjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArsbgL4zCt1JeOEeO0xqE/7KJ/42UmKgsYrv8OKkforTOkA7m8gKIaOIU0FhH
iBxU1k2X+2Y/hgeNfgzuyKZM9u2/JsRZYy6crDKcWpVO9bM0gn5uleS0lleOg7nb
OiAH48kvmahjdcaQHOYk10OKRMJsvYUItl7gztISkg6FIpiRWGWZi0guHvp95pkP
7mviatlDhE42Z+vT9BEgTuj14zp1M/r+zFEuA4Fm3bHvm/rOHuuqrKpy7ltshetf
3Bx4hYgJtRETMV99YYSWlH4RaFHA0BxEPjkIhrUH5K+o+dIJhrklmAGE/t+q9uBO
6pep0Pi/Sj8TmbKh+jS9ZXxVzwIDAQABo4ICljCCApIwHQYDVR0OBBYEFKGFOj8+
yH6iPunh7tgYmoSXu0FTMB8GA1UdIwQYMBaAFCl2h2dT1lVip8qF4+no33UHl8lI
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RjUyMS8yMTY1ODgyMEM2
N0UxMUU5QUYzQkE3NjVDNEY5QUUwMi9LWGFIWjFQV1ZXS255b1hqNmVqZmRRZVh5
VWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tYYUhaMVBXVldLbnlvWGo2ZWpmZFFlWHlVZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NEY1MjEvMjE2NTg4MjBDNjdFMTFFOUFGM0JBNzY1QzRGOUFFMDIvRDQ5REY0RjYy
MEYwMTFFRTlFRDE0QjM5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIAYIKwYBBQUHAQcBAf8E
ETAPMA0EAgACMAcDBQAkAuhAMA0GCSqGSIb3DQEBCwUAA4IBAQBREsXSMCY5Jp4J
WQxY8I257ExdP9FE5gd7mzwdIKMbjqIlqBFa/Xb/ykt8Pc6027VCpLfR7/lZ8LOG
Bbhqn48aFoCGd5Rmz8i2pbtgBwpPz384nwI5TrpL6PWpM1pkuHr6brTIcLO2dsa5
R9oh2Qbcj7u32uvMziE5AD3q7B/Lfgyr5u7DTY0Xn6an3jhQWpS6DRIuHYJfkBEN
V8a519q1fdTyZTUPYyfUGwGSloo9DEqyi62DJfxBDmUzGb9GIq+lbKKY0zYNtPvc
m/0JWpHBbYET11PYypr6oZZeP46ScYwDfg6x1UL8pYfuWkK079z6MNd4Tvl9g6hk
9XxJgtzF
-----END CERTIFICATE-----
Generated at Sat Jul 29 18:39:19 2023 by rpki-client on console-fra.rpki-client.org