Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9178C1E/C286032EC64711EE9D68EB7FC4F9AE02/29B88346C64811EE848C3F2FC4F9AE02.roa
File: 29B88346C64811EE848C3F2FC4F9AE02.roa (raw, json)
Hash identifier: ibdGo8wY0FmzSdIl6vLdCu9XypLUqgt/X+TrUZEvfnA=
Subject key identifier: 3A:8E:62:95:74:72:6A:EC:DC:0D:34:02:31:AE:EB:63:17:4D:60:A5
Certificate issuer: /CN=A9178C1E/serialNumber=1DF9C0CEF9A77DCD15BB51F93FD342999BE11658
Certificate serial: 02
Authority key identifier: 1D:F9:C0:CE:F9:A7:7D:CD:15:BB:51:F9:3F:D3:42:99:9B:E1:16:58
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HfnAzvmnfc0Vu1H5P9NCmZvhFlg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9178C1E/C286032EC64711EE9D68EB7FC4F9AE02/29B88346C64811EE848C3F2FC4F9AE02.roa
Signing time: Thu 08 Feb 2024 06:06:13 +0000
ROA not before: Thu 08 Feb 2024 06:06:13 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 63801
IP address blocks: 2001:df3:6c40::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 17 Feb 2024 20:07:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9178C1E/serialNumber=1DF9C0CEF9A77DCD15BB51F93FD342999BE11658
Validity
Not Before: Feb 8 06:06:13 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=65c46f55-2a00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:e1:50:e5:64:a0:ac:85:be:50:03:ba:d3:1d:
38:61:2a:a8:d0:a0:c3:8f:a6:b5:29:bb:7d:5f:56:
0a:9d:54:a6:e7:8a:8e:4e:e3:af:d3:40:73:72:42:
e3:87:42:e2:d6:b8:02:a7:6b:d7:c0:7d:e0:81:4a:
91:04:34:5f:67:92:1d:15:1f:43:35:26:f8:35:8d:
28:a2:c7:94:36:f8:05:58:32:ea:5a:db:07:a1:39:
3b:fc:12:1e:e4:11:24:4f:c3:d9:80:73:01:73:97:
f0:7b:1f:34:49:76:f4:2d:4e:15:8a:a9:a8:40:c2:
15:93:4d:f5:8a:87:b8:3f:c6:48:89:be:f1:57:55:
9b:d6:d3:b8:af:e0:a2:99:9f:ac:4c:70:2f:58:06:
78:b3:ae:9c:57:be:e9:e4:de:a8:1d:7a:26:4d:93:
4c:cd:4b:06:b3:06:78:1b:61:1c:2c:16:aa:60:d7:
b9:99:85:dc:f1:c4:00:3d:36:0d:07:c6:87:11:4c:
e8:39:21:17:c8:4e:b0:f1:a6:86:6a:77:fb:75:3e:
5c:44:59:b9:44:2d:8b:0a:68:2f:56:73:6d:71:8f:
d1:c2:b3:c9:55:1a:d8:e9:4a:ca:99:fc:b9:46:c2:
a5:87:a9:3f:84:3b:4c:9b:c5:5a:08:84:ee:ac:92:
cf:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:8E:62:95:74:72:6A:EC:DC:0D:34:02:31:AE:EB:63:17:4D:60:A5
X509v3 Authority Key Identifier:
keyid:1D:F9:C0:CE:F9:A7:7D:CD:15:BB:51:F9:3F:D3:42:99:9B:E1:16:58
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9178C1E/C286032EC64711EE9D68EB7FC4F9AE02/HfnAzvmnfc0Vu1H5P9NCmZvhFlg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HfnAzvmnfc0Vu1H5P9NCmZvhFlg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9178C1E/C286032EC64711EE9D68EB7FC4F9AE02/29B88346C64811EE848C3F2FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2001:df3:6c40::/48
Signature Algorithm: sha256WithRSAEncryption
71:ae:5b:98:1d:b8:f5:88:08:a0:0e:8c:a7:74:87:e4:14:4f:
da:6b:c5:5a:4d:56:93:70:bd:e1:7b:c3:ce:8f:7b:43:43:f6:
4e:c7:11:2c:65:bc:34:2d:a0:ad:4b:b7:a1:96:dc:36:7e:da:
c2:a0:07:c2:b9:84:f0:a2:ef:a5:77:c6:9f:2b:aa:b5:0e:2a:
35:c8:7d:09:88:67:51:81:2c:79:65:14:40:9c:37:9d:3c:89:
94:fe:ea:6e:b8:85:25:57:03:b1:48:bc:38:75:bf:8e:5b:ba:
b9:fd:2d:53:ab:3a:37:fe:74:7e:e1:39:82:57:f7:2e:6e:45:
39:d7:86:4d:d2:7d:2c:2d:5f:ec:b4:49:e0:d7:62:60:17:4d:
e9:da:b7:dd:49:0a:cc:9e:25:6f:5d:3e:ce:2f:64:b1:84:49:
79:3e:36:66:29:76:f3:bb:47:d8:2a:b4:32:3f:9d:60:74:dd:
1c:e5:ff:c9:5c:5c:33:57:44:20:14:59:5d:1c:1e:8f:01:3f:
ce:60:3f:05:dc:1f:64:c5:f9:65:ab:55:a2:7d:f9:89:74:61:
87:75:63:dd:24:df:4a:7b:93:a3:c1:17:7b:f3:16:a8:f7:35:
ea:73:0e:72:55:f8:14:c7:59:89:d6:a1:70:15:e4:dd:c0:4e:
a1:42:fc:a5
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3
OEMxRTExMC8GA1UEBRMoMURGOUMwQ0VGOUE3N0RDRDE1QkI1MUY5M0ZEMzQyOTk5
QkUxMTY1ODAeFw0yNDAyMDgwNjA2MTNaFw0yNTA1MjgwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1YzQ2ZjU1LTJhMDAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCw4VDlZKCshb5QA7rTHThhKqjQoMOPprUpu31fVgqdVKbnio5O46/TQHNyQuOH
QuLWuAKna9fAfeCBSpEENF9nkh0VH0M1Jvg1jSiix5Q2+AVYMupa2wehOTv8Eh7k
ESRPw9mAcwFzl/B7HzRJdvQtThWKqahAwhWTTfWKh7g/xkiJvvFXVZvW07iv4KKZ
n6xMcC9YBnizrpxXvunk3qgdeiZNk0zNSwazBngbYRwsFqpg17mZhdzxxAA9Ng0H
xocRTOg5IRfITrDxpoZqd/t1PlxEWblELYsKaC9Wc21xj9HCs8lVGtjpSsqZ/LlG
wqWHqT+EO0ybxVoIhO6sks+ZAgMBAAGjggKYMIIClDAdBgNVHQ4EFgQUOo5ilXRy
auzcDTQCMa7rYxdNYKUwHwYDVR0jBBgwFoAUHfnAzvmnfc0Vu1H5P9NCmZvhFlgw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTc4QzFFL0MyODYwMzJFQzY0
NzExRUU5RDY4RUI3RkM0RjlBRTAyL0hmbkF6dm1uZmMwVnUxSDVQOU5DbVp2aEZs
Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvSGZuQXp2bW5mYzBWdTFINVA5TkNtWnZoRmxnLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
OEMxRS9DMjg2MDMyRUM2NDcxMUVFOUQ2OEVCN0ZDNEY5QUUwMi8yOUI4ODM0NkM2
NDgxMUVFODQ4QzNGMkZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAiBggrBgEFBQcBBwEB/wQT
MBEwDwQCAAIwCQMHACABDfNsQDANBgkqhkiG9w0BAQsFAAOCAQEAca5bmB249YgI
oA6Mp3SH5BRP2mvFWk1Wk3C94XvDzo97Q0P2TscRLGW8NC2grUu3oZbcNn7awqAH
wrmE8KLvpXfGnyuqtQ4qNch9CYhnUYEseWUUQJw3nTyJlP7qbriFJVcDsUi8OHW/
jlu6uf0tU6s6N/50fuE5glf3Lm5FOdeGTdJ9LC1f7LRJ4NdiYBdN6dq33UkKzJ4l
b10+zi9ksYRJeT42Zil287tH2Cq0Mj+dYHTdHOX/yVxcM1dEIBRZXRwejwE/zmA/
BdwfZMX5ZatVon35iXRhh3Vj3STfSnuTo8EXe/MWqPc16nMOclX4FMdZidahcBXk
3cBOoUL8pQ==
-----END CERTIFICATE-----
Generated at Sat Feb 17 21:05:24 2024 by rpki-client on console-fra.rpki-client.org