Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917BAC5/470A6204153011EDBAA3D027C4F9AE02/E7E3D2006D4B11EDBEA16534C4F9AE02.roa
File: E7E3D2006D4B11EDBEA16534C4F9AE02.roa (raw, json)
Hash identifier: ybZ7TbLX3N1Xjw+xMUb3JDKIbD48UuPI2xzbo616KBc=
Subject key identifier: 85:DF:41:18:34:28:05:56:81:BC:1E:E7:BF:22:30:89:60:04:21:43
Certificate issuer: /CN=A917BAC5/serialNumber=E1088187F64094263DDA6749A95F73AA6C1AB063
Certificate serial: 0145
Authority key identifier: E1:08:81:87:F6:40:94:26:3D:DA:67:49:A9:5F:73:AA:6C:1A:B0:63
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4QiBh_ZAlCY92mdJqV9zqmwasGM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917BAC5/470A6204153011EDBAA3D027C4F9AE02/E7E3D2006D4B11EDBEA16534C4F9AE02.roa
Signing time: Thu 17 Aug 2023 15:26:41 +0000
ROA not before: Thu 17 Aug 2023 15:26:41 +0000
ROA not after: Thu 31 Oct 2024 00:00:00 +0000
asID: 148996
IP address blocks: 2400:9ce0:2000::/40 maxlen: 40
2400:9ce0:6000::/36 maxlen: 36
Validation: Failed, certificate revoked on Sat 26 Aug 2023 13:19:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 325 (0x145)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917BAC5/serialNumber=E1088187F64094263DDA6749A95F73AA6C1AB063
Validity
Not Before: Aug 17 15:26:41 2023 GMT
Not After : Oct 31 00:00:00 2024 GMT
Subject: CN=64de3c31-17ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:e5:c0:ca:df:21:d5:12:3f:87:4a:57:ad:38:
c0:47:5f:98:c0:f2:79:2d:18:1b:02:01:54:68:3a:
59:19:d2:8e:7a:f4:aa:22:bb:84:20:97:a7:11:05:
13:bd:77:33:b6:c6:b5:fd:53:01:ce:2c:ef:af:11:
d1:ef:9a:98:5e:55:36:1e:dc:c1:d3:ea:9a:6a:0d:
8b:92:4d:3d:ce:8d:36:ce:97:db:9b:77:b8:4a:fe:
3a:a3:3b:82:49:d8:b9:6f:50:5f:2a:69:82:f3:b9:
e3:59:a9:92:09:2f:7d:52:45:7f:48:dd:ff:2c:ce:
8c:21:74:0f:5e:b9:6d:11:7e:08:45:37:86:c8:90:
3c:ab:dd:b3:a3:01:b4:96:7d:a2:ac:1f:8d:80:b7:
d7:7a:26:86:d4:09:ce:ee:e1:12:e9:c1:69:f6:99:
07:91:08:c6:b1:c4:65:3a:d2:09:07:6b:b3:df:a4:
47:74:9f:33:56:13:b8:28:ce:fb:df:ba:09:c6:62:
89:73:b0:37:17:ef:19:5a:3d:ca:20:6f:39:51:7b:
29:f1:e2:d7:6a:40:a5:d9:e0:ae:f5:23:d4:dc:d9:
f6:43:88:3e:4d:71:9e:16:04:d0:53:fb:61:bb:d4:
ce:53:de:01:46:32:2a:04:ae:c0:a1:bc:0c:e9:13:
e4:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:DF:41:18:34:28:05:56:81:BC:1E:E7:BF:22:30:89:60:04:21:43
X509v3 Authority Key Identifier:
keyid:E1:08:81:87:F6:40:94:26:3D:DA:67:49:A9:5F:73:AA:6C:1A:B0:63
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917BAC5/470A6204153011EDBAA3D027C4F9AE02/4QiBh_ZAlCY92mdJqV9zqmwasGM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4QiBh_ZAlCY92mdJqV9zqmwasGM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917BAC5/470A6204153011EDBAA3D027C4F9AE02/E7E3D2006D4B11EDBEA16534C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2400:9ce0:2000::/40
2400:9ce0:6000::/36
Signature Algorithm: sha256WithRSAEncryption
0f:ba:9c:6f:8e:5a:63:99:07:e7:fd:be:63:99:90:89:fc:69:
6d:6b:6a:49:b5:20:5a:4c:fa:37:92:e7:f3:8d:56:8d:0a:68:
fe:d7:39:45:e9:57:03:cd:48:49:a0:80:d7:9e:1b:00:b6:27:
1f:2e:27:f5:7d:ac:5c:bf:05:4b:e5:df:67:2c:00:28:6f:b8:
bf:7b:07:63:14:fc:aa:95:3d:a4:4f:ca:82:6f:ad:fe:02:eb:
48:08:bf:e8:79:4a:e4:2f:f9:c6:46:f1:9b:d5:5e:d2:47:b8:
3a:3d:58:a0:31:4d:e7:82:0a:d0:59:7d:33:50:ab:aa:a3:15:
9c:0a:d3:90:d5:7d:ca:b5:9d:3c:1d:85:a5:d4:35:6a:00:f4:
76:0d:91:ae:de:8b:c6:40:5e:78:b6:46:cf:48:0a:02:37:f5:
92:81:10:13:39:3f:7e:66:78:30:a6:bf:26:92:88:0a:f4:70:
c4:51:81:76:05:6b:8e:bf:11:2a:4b:3b:2d:c0:28:1f:35:35:
88:f0:8e:bf:54:8c:20:7d:40:b3:1b:ba:bb:f6:ec:00:4b:51:
f0:8b:00:1c:1c:0d:49:3f:27:b0:90:f3:c2:5a:9f:f6:d3:ff:
cf:bc:cd:44:9e:d7:8e:57:cd:cf:ab:5a:4d:63:b1:83:1b:21:
bc:19:87:62
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgICAUUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0JBQzUxMTAvBgNVBAUTKEUxMDg4MTg3RjY0MDk0MjYzRERBNjc0OUE5NUY3M0FB
NkMxQUIwNjMwHhcNMjMwODE3MTUyNjQxWhcNMjQxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGRlM2MzMS0xN2FlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAruXAyt8h1RI/h0pXrTjAR1+YwPJ5LRgbAgFUaDpZGdKOevSqIruEIJenEQUT
vXcztsa1/VMBzizvrxHR75qYXlU2HtzB0+qaag2Lkk09zo02zpfbm3e4Sv46ozuC
Sdi5b1BfKmmC87njWamSCS99UkV/SN3/LM6MIXQPXrltEX4IRTeGyJA8q92zowG0
ln2irB+NgLfXeiaG1AnO7uES6cFp9pkHkQjGscRlOtIJB2uz36RHdJ8zVhO4KM77
37oJxmKJc7A3F+8ZWj3KIG85UXsp8eLXakCl2eCu9SPU3Nn2Q4g+TXGeFgTQU/th
u9TOU94BRjIqBK7AobwM6RPkUQIDAQABo4ICnzCCApswHQYDVR0OBBYEFIXfQRg0
KAVWgbwe578iMIlgBCFDMB8GA1UdIwQYMBaAFOEIgYf2QJQmPdpnSalfc6psGrBj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QkFDNS80NzBBNjIwNDE1
MzAxMUVEQkFBM0QwMjdDNEY5QUUwMi80UWlCaF9aQWxDWTkybWRKcVY5enFtd2Fz
R00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzRRaUJoX1pBbENZOTJtZEpxVjl6cW13YXNHTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0JBQzUvNDcwQTYyMDQxNTMwMTFFREJBQTNEMDI3QzRGOUFFMDIvRTdFM0QyMDA2
RDRCMTFFREJFQTE2NTM0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKQYIKwYBBQUHAQcBAf8E
GjAYMBYEAgACMBADBgAkAJzgIAMGBCQAnOBgMA0GCSqGSIb3DQEBCwUAA4IBAQAP
upxvjlpjmQfn/b5jmZCJ/Glta2pJtSBaTPo3kufzjVaNCmj+1zlF6VcDzUhJoIDX
nhsAticfLif1faxcvwVL5d9nLAAob7i/ewdjFPyqlT2kT8qCb63+AutICL/oeUrk
L/nGRvGb1V7SR7g6PVigMU3nggrQWX0zUKuqoxWcCtOQ1X3KtZ08HYWl1DVqAPR2
DZGu3ovGQF54tkbPSAoCN/WSgRATOT9+Zngwpr8mkogK9HDEUYF2BWuOvxEqSzst
wCgfNTWI8I6/VIwgfUCzG7q79uwAS1HwiwAcHA1JPyewkPPCWp/20//PvM1EnteO
V83Pq1pNY7GDGyG8GYdi
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:22 2024 by rpki-client on console-ams.rpki-client.org