Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917BAC5/470A6204153011EDBAA3D027C4F9AE02/AD5001146C6911EDB692846DC4F9AE02.roa
File: AD5001146C6911EDB692846DC4F9AE02.roa (raw, json)
Hash identifier: xSA8X4CkxZfC9mZM8RhIVpXDqa7brCHdcM+Kuj5E91g=
Subject key identifier: 00:BE:C8:90:EA:76:3B:90:C4:69:4C:7A:48:C4:7A:10:E7:C5:F1:ED
Certificate issuer: /CN=A917BAC5/serialNumber=E1088187F64094263DDA6749A95F73AA6C1AB063
Certificate serial: 0140
Authority key identifier: E1:08:81:87:F6:40:94:26:3D:DA:67:49:A9:5F:73:AA:6C:1A:B0:63
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4QiBh_ZAlCY92mdJqV9zqmwasGM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917BAC5/470A6204153011EDBAA3D027C4F9AE02/AD5001146C6911EDB692846DC4F9AE02.roa
Signing time: Thu 17 Aug 2023 03:43:39 +0000
ROA not before: Thu 17 Aug 2023 03:43:39 +0000
ROA not after: Thu 31 Oct 2024 00:00:00 +0000
asID: 150154
IP address blocks: 2400:9ce0:1000::/36 maxlen: 36
Validation: Failed, certificate revoked on Thu 17 Aug 2023 15:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 320 (0x140)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917BAC5/serialNumber=E1088187F64094263DDA6749A95F73AA6C1AB063
Validity
Not Before: Aug 17 03:43:39 2023 GMT
Not After : Oct 31 00:00:00 2024 GMT
Subject: CN=64dd976b-1c54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:44:25:af:43:1c:a2:ce:22:c0:bc:44:fb:45:
d4:40:fa:99:79:e1:7d:93:e4:2c:d2:38:21:7e:64:
ec:27:45:97:61:22:f1:92:33:7f:49:a3:ca:aa:4e:
c5:ce:f1:39:15:34:50:f8:ab:37:c2:60:41:4b:64:
75:a5:2d:55:e2:42:53:fe:22:fc:82:84:90:ed:d9:
fa:a7:c7:80:47:ea:31:2e:03:bb:69:1e:8d:23:2c:
ee:65:d6:20:f4:b6:77:69:b0:40:19:ce:55:22:05:
83:91:d4:58:90:4f:90:81:da:7c:64:00:08:a5:0c:
4a:37:26:3f:f4:0a:97:25:e7:09:1d:d5:2d:b4:2d:
a4:d4:f9:e7:a1:0b:5b:9a:c0:91:de:f2:38:48:03:
d0:10:4b:5d:4a:2a:bf:e6:0d:37:dd:e8:7f:ed:a9:
70:2f:55:93:ff:e5:ff:5b:d5:30:c4:7a:cd:71:8f:
07:57:65:63:ed:b2:aa:5f:ed:cc:e8:2c:ca:7b:6d:
46:4a:2a:0b:37:81:3a:69:0f:f4:4f:a1:5b:5d:ed:
e9:84:00:79:4f:22:69:fc:32:4e:96:2d:c5:fc:11:
b8:88:69:e2:0b:b3:5e:09:8c:47:e4:0f:f5:0d:1e:
e8:74:55:3c:ef:7c:23:ee:2a:a8:bf:2f:1b:25:19:
8b:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:BE:C8:90:EA:76:3B:90:C4:69:4C:7A:48:C4:7A:10:E7:C5:F1:ED
X509v3 Authority Key Identifier:
keyid:E1:08:81:87:F6:40:94:26:3D:DA:67:49:A9:5F:73:AA:6C:1A:B0:63
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917BAC5/470A6204153011EDBAA3D027C4F9AE02/4QiBh_ZAlCY92mdJqV9zqmwasGM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4QiBh_ZAlCY92mdJqV9zqmwasGM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917BAC5/470A6204153011EDBAA3D027C4F9AE02/AD5001146C6911EDB692846DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2400:9ce0:1000::/36
Signature Algorithm: sha256WithRSAEncryption
40:4b:28:94:87:6e:1d:05:e4:b4:d0:36:ee:f0:59:53:ce:30:
e6:aa:f1:1e:65:a8:87:9d:b5:d5:e8:bc:2f:88:53:4c:c1:28:
f4:7d:1b:d8:94:8c:d9:8d:34:47:53:a0:c2:3a:05:84:9e:22:
0d:0a:dc:c0:3d:6d:6c:8d:1b:07:22:b4:99:85:b3:cf:80:87:
b6:b4:54:ec:ae:b7:15:f4:df:68:82:bd:b1:7b:d2:c8:7f:0b:
4b:74:3b:90:e4:4e:19:5f:49:dc:86:c6:4d:13:1e:55:d5:2f:
69:05:26:55:5d:36:33:42:71:43:8a:c9:06:e7:7f:62:1f:20:
f3:75:60:9a:6f:e4:21:b8:be:13:12:7e:40:18:7a:d3:5b:20:
a4:46:18:35:5e:90:da:4b:82:4f:75:b8:98:5d:11:31:55:54:
d3:f4:9c:55:31:6d:13:66:68:3d:46:0d:0e:f6:11:83:bc:d5:
42:a7:bb:59:2b:aa:0c:6c:26:a1:05:f5:cf:5c:5b:5b:de:7e:
8f:5b:13:ae:8a:7f:d4:4f:b6:58:69:0d:72:c4:52:71:11:24:
78:8f:34:26:69:28:e0:0d:55:08:9e:d4:8c:a8:2f:eb:17:7b:
92:2a:e3:fd:20:87:a8:19:37:1c:15:d1:c7:25:94:b7:8c:a6:
a3:c0:8b:93
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgICAUAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0JBQzUxMTAvBgNVBAUTKEUxMDg4MTg3RjY0MDk0MjYzRERBNjc0OUE5NUY3M0FB
NkMxQUIwNjMwHhcNMjMwODE3MDM0MzM5WhcNMjQxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGRkOTc2Yi0xYzU0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAo0Qlr0Mcos4iwLxE+0XUQPqZeeF9k+Qs0jghfmTsJ0WXYSLxkjN/SaPKqk7F
zvE5FTRQ+Ks3wmBBS2R1pS1V4kJT/iL8goSQ7dn6p8eAR+oxLgO7aR6NIyzuZdYg
9LZ3abBAGc5VIgWDkdRYkE+Qgdp8ZAAIpQxKNyY/9AqXJecJHdUttC2k1PnnoQtb
msCR3vI4SAPQEEtdSiq/5g033eh/7alwL1WT/+X/W9UwxHrNcY8HV2Vj7bKqX+3M
6CzKe21GSioLN4E6aQ/0T6FbXe3phAB5TyJp/DJOli3F/BG4iGniC7NeCYxH5A/1
DR7odFU873wj7iqovy8bJRmLWQIDAQABo4IClzCCApMwHQYDVR0OBBYEFAC+yJDq
djuQxGlMekjEehDnxfHtMB8GA1UdIwQYMBaAFOEIgYf2QJQmPdpnSalfc6psGrBj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QkFDNS80NzBBNjIwNDE1
MzAxMUVEQkFBM0QwMjdDNEY5QUUwMi80UWlCaF9aQWxDWTkybWRKcVY5enFtd2Fz
R00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzRRaUJoX1pBbENZOTJtZEpxVjl6cW13YXNHTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0JBQzUvNDcwQTYyMDQxNTMwMTFFREJBQTNEMDI3QzRGOUFFMDIvQUQ1MDAxMTQ2
QzY5MTFFREI2OTI4NDZEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIQYIKwYBBQUHAQcBAf8E
EjAQMA4EAgACMAgDBgQkAJzgEDANBgkqhkiG9w0BAQsFAAOCAQEAQEsolIduHQXk
tNA27vBZU84w5qrxHmWoh5211ei8L4hTTMEo9H0b2JSM2Y00R1OgwjoFhJ4iDQrc
wD1tbI0bByK0mYWzz4CHtrRU7K63FfTfaIK9sXvSyH8LS3Q7kOROGV9J3IbGTRMe
VdUvaQUmVV02M0JxQ4rJBud/Yh8g83Vgmm/kIbi+ExJ+QBh601sgpEYYNV6Q2kuC
T3W4mF0RMVVU0/ScVTFtE2ZoPUYNDvYRg7zVQqe7WSuqDGwmoQX1z1xbW95+j1sT
rop/1E+2WGkNcsRScREkeI80Jmko4A1VCJ7UjKgv6xd7kirj/SCHqBk3HBXRxyWU
t4ymo8CLkw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:22 2024 by rpki-client on console-ams.rpki-client.org