Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9176C8F/FA0E05A46B5A11EFBC99925CC4F9AE02/8272075A718811EFA05C8C34C4F9AE02.roa
File: 8272075A718811EFA05C8C34C4F9AE02.roa (raw, json)
Hash identifier: wNwmsXDrzJb7YL/+/E5XcFjueVQlQetEP90PJRa7DwM=
Subject key identifier: 2E:28:9D:9F:A4:6F:75:BD:8A:9F:9B:0A:A4:D6:5D:B7:E5:8A:6A:85
Certificate issuer: /CN=A9176C8F/serialNumber=057395B4878FB1A67FCBAD582617B7BAAF2C31FF
Certificate serial: 2E
Authority key identifier: 05:73:95:B4:87:8F:B1:A6:7F:CB:AD:58:26:17:B7:BA:AF:2C:31:FF
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BXOVtIePsaZ_y61YJhe3uq8sMf8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9176C8F/FA0E05A46B5A11EFBC99925CC4F9AE02/8272075A718811EFA05C8C34C4F9AE02.roa
Signing time: Thu 07 Nov 2024 08:48:22 +0000
ROA not before: Thu 07 Nov 2024 08:48:22 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 152475
IP address blocks: 2401:bbe0::/32 maxlen: 32
2401:bbe0::/36 maxlen: 36
2401:bbe0::/40 maxlen: 40
2401:bbe0:100::/40 maxlen: 40
2401:bbe0:200::/40 maxlen: 40
2401:bbe0:300::/40 maxlen: 40
Validation: Failed, certificate revoked on Tue 12 Nov 2024 14:28:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 46 (0x2e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9176C8F/serialNumber=057395B4878FB1A67FCBAD582617B7BAAF2C31FF
Validity
Not Before: Nov 7 08:48:22 2024 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=672c7ed6-8074
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:15:0c:92:e4:e9:e8:ac:f9:7f:9f:61:35:5e:
e2:0e:5d:83:ae:5c:38:50:fe:79:85:71:8c:68:14:
dd:87:d0:75:fe:4d:60:36:87:9f:8c:f1:4b:44:0f:
bf:e3:ba:bc:0a:37:a0:a1:c8:ec:1d:e4:75:ad:98:
ef:d0:4e:08:c2:71:f9:ef:ad:70:b5:62:e6:85:e0:
f9:a9:8e:b0:b9:2c:6f:fb:e6:ef:8d:14:c9:d2:f1:
36:84:9e:6c:53:3e:41:b1:40:92:83:fb:86:42:09:
ae:5c:05:58:10:c3:1f:59:93:2c:ec:e0:14:e8:d9:
ef:5f:1d:89:d2:c5:da:a7:75:dd:d1:7d:37:36:dd:
84:34:0b:da:b7:17:04:59:e7:ca:b2:58:de:5f:5d:
20:0e:70:97:53:fe:48:7c:55:93:4d:d3:bb:8f:f5:
2c:94:99:02:90:94:6e:a7:47:8d:23:ff:5d:50:ac:
45:0a:77:8b:67:5c:7d:fb:6c:19:6d:a0:e9:87:f8:
4e:c1:62:99:f2:99:d7:51:04:bb:90:56:7d:e5:c6:
89:9f:7f:7d:24:ed:42:34:bc:2c:41:f6:74:54:2b:
e8:a7:fe:ea:6e:c5:b5:bb:40:5c:27:71:64:82:d3:
24:16:44:eb:78:2c:7f:aa:f7:00:b6:42:65:5b:b6:
72:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:28:9D:9F:A4:6F:75:BD:8A:9F:9B:0A:A4:D6:5D:B7:E5:8A:6A:85
X509v3 Authority Key Identifier:
keyid:05:73:95:B4:87:8F:B1:A6:7F:CB:AD:58:26:17:B7:BA:AF:2C:31:FF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9176C8F/FA0E05A46B5A11EFBC99925CC4F9AE02/BXOVtIePsaZ_y61YJhe3uq8sMf8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BXOVtIePsaZ_y61YJhe3uq8sMf8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9176C8F/FA0E05A46B5A11EFBC99925CC4F9AE02/8272075A718811EFA05C8C34C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2401:bbe0::/32
Signature Algorithm: sha256WithRSAEncryption
64:a1:7e:87:34:3f:01:8f:f7:05:d9:8d:de:67:95:82:10:48:
be:09:e2:5e:8f:98:e6:09:8a:63:ce:60:ad:af:07:47:db:71:
40:0e:17:5a:89:70:c2:9c:c0:8e:9d:a4:51:12:54:3d:2b:ff:
70:0c:3b:07:84:15:38:94:ac:76:c7:36:c1:48:6d:06:50:3e:
c3:07:ed:d6:93:05:f9:78:0d:11:98:af:e8:44:83:9f:0c:35:
f9:bb:38:b6:ff:27:86:8e:59:ba:b8:c1:ef:77:94:16:bb:45:
09:3a:61:7c:ae:d5:db:b6:d9:ce:a9:0d:9a:72:fb:b7:38:25:
1b:3c:89:ca:f5:3d:61:40:27:20:18:bc:00:b5:a9:d8:42:d9:
d1:84:e9:aa:2a:02:62:08:7f:39:e9:47:2e:cd:db:07:6f:24:
82:d9:8e:3d:a9:61:0d:72:8e:6c:89:25:02:84:a0:93:a4:20:
cc:59:1e:5e:5a:73:c7:e8:50:c6:0c:22:78:ab:1f:cf:d2:ed:
1f:aa:a0:8d:34:a4:d2:27:46:06:ee:b2:7e:25:05:33:a4:af:
aa:21:dc:de:b5:af:4f:75:2a:8d:91:87:e0:3a:e8:e3:6b:70:
68:26:74:2e:2f:1a:44:4c:3c:f4:47:46:1f:6f:65:6b:b3:9c:
35:5b:37:a7
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgIBLjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3
NkM4RjExMC8GA1UEBRMoMDU3Mzk1QjQ4NzhGQjFBNjdGQ0JBRDU4MjYxN0I3QkFB
RjJDMzFGRjAeFw0yNDExMDcwODQ4MjJaFw0yNTEyMDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3MmM3ZWQ2LTgwNzQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC6FQyS5OnorPl/n2E1XuIOXYOuXDhQ/nmFcYxoFN2H0HX+TWA2h5+M8UtED7/j
urwKN6ChyOwd5HWtmO/QTgjCcfnvrXC1YuaF4PmpjrC5LG/75u+NFMnS8TaEnmxT
PkGxQJKD+4ZCCa5cBVgQwx9Zkyzs4BTo2e9fHYnSxdqndd3RfTc23YQ0C9q3FwRZ
58qyWN5fXSAOcJdT/kh8VZNN07uP9SyUmQKQlG6nR40j/11QrEUKd4tnXH37bBlt
oOmH+E7BYpnymddRBLuQVn3lxomff30k7UI0vCxB9nRUK+in/upuxbW7QFwncWSC
0yQWROt4LH+q9wC2QmVbtnKdAgMBAAGjggKWMIICkjAdBgNVHQ4EFgQULiidn6Rv
db2Kn5sKpNZdt+WKaoUwHwYDVR0jBBgwFoAUBXOVtIePsaZ/y61YJhe3uq8sMf8w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTc2QzhGL0ZBMEUwNUE0NkI1
QTExRUZCQzk5OTI1Q0M0RjlBRTAyL0JYT1Z0SWVQc2FaX3k2MVlKaGUzdXE4c01m
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvQlhPVnRJZVBzYVpfeTYxWUpoZTN1cThzTWY4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
NkM4Ri9GQTBFMDVBNDZCNUExMUVGQkM5OTkyNUNDNEY5QUUwMi84MjcyMDc1QTcx
ODgxMUVGQTA1QzhDMzRDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAgBggrBgEFBQcBBwEB/wQR
MA8wDQQCAAIwBwMFACQBu+AwDQYJKoZIhvcNAQELBQADggEBAGShfoc0PwGP9wXZ
jd5nlYIQSL4J4l6PmOYJimPOYK2vB0fbcUAOF1qJcMKcwI6dpFESVD0r/3AMOweE
FTiUrHbHNsFIbQZQPsMH7daTBfl4DRGYr+hEg58MNfm7OLb/J4aOWbq4we93lBa7
RQk6YXyu1du22c6pDZpy+7c4JRs8icr1PWFAJyAYvAC1qdhC2dGE6aoqAmIIfznp
Ry7N2wdvJILZjj2pYQ1yjmyJJQKEoJOkIMxZHl5ac8foUMYMInirH8/S7R+qoI00
pNInRgbusn4lBTOkr6oh3N61r091Ko2Rh+A66ONrcGgmdC4vGkRMPPRHRh9vZWuz
nDVbN6c=
-----END CERTIFICATE-----
Generated at Tue Nov 12 19:19:59 2024 by rpki-client on console-ams.rpki-client.org