Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918F0E2/348DE1CEA25E11EFA38D9375C4F9AE02/C91329D4A25F11EF9F9B3A11C4F9AE02.roa
File: C91329D4A25F11EF9F9B3A11C4F9AE02.roa (raw, json)
Hash identifier: F3ORERVCPZdI5HrO6HWbvHx9HLARAbNDL3g5mYMjE2g=
Subject key identifier: 5B:1A:7D:4F:3A:BE:FA:BE:41:10:B8:F8:3A:95:A7:12:BD:79:30:22
Certificate issuer: /CN=A918F0E2/serialNumber=3DEA8B1BB872DD126CA647CC375C20760240C385
Certificate serial: 02
Authority key identifier: 3D:EA:8B:1B:B8:72:DD:12:6C:A6:47:CC:37:5C:20:76:02:40:C3:85
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PeqLG7hy3RJspkfMN1wgdgJAw4U.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918F0E2/348DE1CEA25E11EFA38D9375C4F9AE02/C91329D4A25F11EF9F9B3A11C4F9AE02.roa
Signing time: Thu 14 Nov 2024 08:09:35 +0000
ROA not before: Thu 14 Nov 2024 08:09:35 +0000
ROA not after: Tue 30 Dec 2025 00:00:00 +0000
asID: 15830
IP address blocks: 2001:df4:4ac0::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 14 Nov 2024 09:32:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918F0E2/serialNumber=3DEA8B1BB872DD126CA647CC375C20760240C385
Validity
Not Before: Nov 14 08:09:35 2024 GMT
Not After : Dec 30 00:00:00 2025 GMT
Subject: CN=6735b03f-9d31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:e8:83:40:a0:99:d6:27:cf:71:e3:d2:e3:97:
79:08:17:11:98:16:1c:98:17:01:0a:17:32:a3:55:
9b:9b:58:42:5e:0e:c6:67:6c:c4:78:ce:04:7d:3a:
b2:76:0f:24:ad:aa:9e:89:7f:c4:95:da:88:40:b0:
de:2f:9b:f7:94:34:8e:55:45:49:f7:b2:b2:03:73:
0a:3c:07:e7:0a:4e:63:99:74:85:54:e2:db:55:07:
4e:56:b8:12:42:aa:d3:74:63:65:16:61:9a:5f:01:
45:c8:aa:45:9a:5c:33:e3:af:61:f7:69:82:c1:92:
25:59:de:65:80:a9:d3:80:16:d6:56:50:e1:df:c2:
81:4b:12:f8:89:c3:f0:5f:7a:47:69:c0:93:cc:7d:
fc:98:4a:a4:f8:27:45:b6:04:a6:82:ec:76:f5:18:
01:de:02:64:60:53:44:7a:36:85:81:b0:bc:87:93:
bd:c8:ba:65:05:c7:31:7f:3c:c9:46:e8:19:5d:86:
0d:ea:bd:0d:b4:3d:5a:89:ef:ef:d7:66:8c:fa:27:
d6:5f:c2:82:81:40:48:50:fc:a6:eb:83:1c:6c:7c:
6d:47:08:71:60:1d:9a:ef:0e:3e:d4:e6:94:fc:eb:
12:a0:f4:9a:5c:6b:3b:28:d4:60:77:37:54:08:b7:
b2:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:1A:7D:4F:3A:BE:FA:BE:41:10:B8:F8:3A:95:A7:12:BD:79:30:22
X509v3 Authority Key Identifier:
keyid:3D:EA:8B:1B:B8:72:DD:12:6C:A6:47:CC:37:5C:20:76:02:40:C3:85
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918F0E2/348DE1CEA25E11EFA38D9375C4F9AE02/PeqLG7hy3RJspkfMN1wgdgJAw4U.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PeqLG7hy3RJspkfMN1wgdgJAw4U.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918F0E2/348DE1CEA25E11EFA38D9375C4F9AE02/C91329D4A25F11EF9F9B3A11C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2001:df4:4ac0::/48
Signature Algorithm: sha256WithRSAEncryption
29:0a:3b:64:fb:f1:f7:e0:7d:22:e4:98:02:7b:4b:d9:38:59:
09:7f:f8:97:a1:0e:9c:41:2f:69:0a:3a:a4:84:d0:ef:9d:da:
04:27:7e:14:95:7b:21:82:46:5d:90:ce:54:7b:1c:fb:0a:f0:
d8:f7:f0:1d:28:b6:4b:69:55:db:ea:ab:20:ae:c1:0b:cc:f0:
e0:4f:b1:dd:cc:39:91:be:7d:75:54:a2:6d:1a:49:7d:40:bb:
55:fa:99:3b:c1:61:0b:4e:60:71:ee:ce:cd:f1:4f:b8:ed:68:
3b:b0:90:a9:ad:06:8a:d1:71:40:5c:53:b8:26:01:93:ba:9c:
02:73:f1:fc:6d:66:4b:78:4a:5f:92:7c:62:b8:fa:40:f7:f8:
48:1d:77:3b:d2:77:09:67:7b:59:c4:8f:db:2d:93:62:1b:bf:
28:6a:29:54:4e:26:da:b2:13:9c:43:8d:58:10:31:87:03:62:
e7:06:87:30:eb:1d:66:d4:a4:5f:7c:78:1c:0a:11:b6:2a:88:
f0:31:e3:5f:80:af:df:66:b5:d0:5c:e6:b8:f3:7a:71:15:e2:
1d:22:b7:66:75:8b:08:13:3d:23:1e:e3:78:02:9f:56:ed:e1:
9d:0f:07:11:7d:bb:f5:fb:84:f4:3f:3c:8d:af:cd:b0:73:3f:
2f:27:71:a7
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE4
RjBFMjExMC8GA1UEBRMoM0RFQThCMUJCODcyREQxMjZDQTY0N0NDMzc1QzIwNzYw
MjQwQzM4NTAeFw0yNDExMTQwODA5MzVaFw0yNTEyMzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3MzViMDNmLTlkMzEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC96INAoJnWJ89x49Ljl3kIFxGYFhyYFwEKFzKjVZubWEJeDsZnbMR4zgR9OrJ2
DyStqp6Jf8SV2ohAsN4vm/eUNI5VRUn3srIDcwo8B+cKTmOZdIVU4ttVB05WuBJC
qtN0Y2UWYZpfAUXIqkWaXDPjr2H3aYLBkiVZ3mWAqdOAFtZWUOHfwoFLEviJw/Bf
ekdpwJPMffyYSqT4J0W2BKaC7Hb1GAHeAmRgU0R6NoWBsLyHk73IumUFxzF/PMlG
6Bldhg3qvQ20PVqJ7+/XZoz6J9ZfwoKBQEhQ/KbrgxxsfG1HCHFgHZrvDj7U5pT8
6xKg9Jpcazso1GB3N1QIt7KzAgMBAAGjggKYMIIClDAdBgNVHQ4EFgQUWxp9Tzq+
+r5BELj4OpWnEr15MCIwHwYDVR0jBBgwFoAUPeqLG7hy3RJspkfMN1wgdgJAw4Uw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MThGMEUyLzM0OERFMUNFQTI1
RTExRUZBMzhEOTM3NUM0RjlBRTAyL1BlcUxHN2h5M1JKc3BrZk1OMXdnZGdKQXc0
VS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvUGVxTEc3aHkzUkpzcGtmTU4xd2dkZ0pBdzRVLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4
RjBFMi8zNDhERTFDRUEyNUUxMUVGQTM4RDkzNzVDNEY5QUUwMi9DOTEzMjlENEEy
NUYxMUVGOUY5QjNBMTFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAiBggrBgEFBQcBBwEB/wQT
MBEwDwQCAAIwCQMHACABDfRKwDANBgkqhkiG9w0BAQsFAAOCAQEAKQo7ZPvx9+B9
IuSYAntL2ThZCX/4l6EOnEEvaQo6pITQ753aBCd+FJV7IYJGXZDOVHsc+wrw2Pfw
HSi2S2lV2+qrIK7BC8zw4E+x3cw5kb59dVSibRpJfUC7VfqZO8FhC05gce7OzfFP
uO1oO7CQqa0GitFxQFxTuCYBk7qcAnPx/G1mS3hKX5J8Yrj6QPf4SB13O9J3CWd7
WcSP2y2TYhu/KGopVE4m2rITnEONWBAxhwNi5waHMOsdZtSkX3x4HAoRtiqI8DHj
X4Cv32a10FzmuPN6cRXiHSK3ZnWLCBM9Ix7jeAKfVu3hnQ8HEX279fuE9D88ja/N
sHM/Lydxpw==
-----END CERTIFICATE-----
Generated at Thu Nov 14 12:27:54 2024 by rpki-client on console-fra.rpki-client.org