Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B3B4C/DC9DE28E8C5011EFA067C815C4F9AE02/DAAE18DA8C5111EFBC8FBB37C4F9AE02.roa
File: DAAE18DA8C5111EFBC8FBB37C4F9AE02.roa (raw, json)
Hash identifier: Xzvudg0OeAEYas0woxCLna9uAIftSC+8bKIDjTFyyNY=
Subject key identifier: 41:9D:23:4A:47:E7:83:09:98:9A:B5:6E:1D:7F:10:F2:FB:10:06:18
Certificate issuer: /CN=A91B3B4C/serialNumber=B63DFD686CE0A90076E4F5FF428685F63FB08EDD
Certificate serial: 02
Authority key identifier: B6:3D:FD:68:6C:E0:A9:00:76:E4:F5:FF:42:86:85:F6:3F:B0:8E:DD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tj39aGzgqQB25PX_QoaF9j-wjt0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B3B4C/DC9DE28E8C5011EFA067C815C4F9AE02/DAAE18DA8C5111EFBC8FBB37C4F9AE02.roa
Signing time: Thu 17 Oct 2024 06:34:26 +0000
ROA not before: Thu 17 Oct 2024 06:34:26 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 153344
IP address blocks: 2400:9e20:caf0::/44 maxlen: 44
Validation: Failed, certificate revoked on Fri 25 Oct 2024 08:14:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B3B4C/serialNumber=B63DFD686CE0A90076E4F5FF428685F63FB08EDD
Validity
Not Before: Oct 17 06:34:26 2024 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=6710aff2-fdc8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:23:42:ae:db:38:1c:c7:48:26:a7:2b:1f:c7:
bd:70:ce:2c:1b:c2:c1:9c:cf:c8:fd:c8:33:47:be:
5a:9d:2c:91:d0:c1:c6:df:c7:59:4a:44:38:83:a3:
8b:49:37:99:69:a9:98:96:eb:f7:a6:b1:46:ed:bc:
f9:b8:ea:8f:45:37:a9:3d:e2:c1:17:ca:68:f0:8d:
72:97:07:cc:8c:e5:52:82:8f:15:4c:5b:87:a0:dc:
c2:be:7d:ff:9c:52:49:e9:2e:58:47:6d:dd:c7:e3:
e8:9d:ba:e2:af:38:c1:61:4c:66:c5:b0:7a:84:e5:
dc:b8:b1:48:cc:4d:39:2f:c6:41:c0:aa:4c:44:73:
db:d6:8f:54:65:f7:50:bf:40:f8:22:01:c0:89:a2:
af:d8:0f:fc:68:d3:1f:3a:b0:bc:57:96:ae:98:af:
23:08:69:e5:fb:50:26:07:8f:77:52:fe:b8:21:f7:
67:76:db:55:18:bb:22:55:7e:f3:f1:a9:1f:3b:d3:
44:9d:61:33:56:78:f8:a3:d1:a5:56:7d:29:d7:9f:
95:b6:07:d5:04:f6:bd:76:2a:c5:1b:7e:d7:6c:60:
b6:84:48:d5:d0:dc:04:6f:56:b9:c3:db:80:93:c0:
3c:bf:3a:c0:0a:99:58:3e:14:89:4a:32:44:a2:d2:
61:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:9D:23:4A:47:E7:83:09:98:9A:B5:6E:1D:7F:10:F2:FB:10:06:18
X509v3 Authority Key Identifier:
keyid:B6:3D:FD:68:6C:E0:A9:00:76:E4:F5:FF:42:86:85:F6:3F:B0:8E:DD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B3B4C/DC9DE28E8C5011EFA067C815C4F9AE02/tj39aGzgqQB25PX_QoaF9j-wjt0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tj39aGzgqQB25PX_QoaF9j-wjt0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B3B4C/DC9DE28E8C5011EFA067C815C4F9AE02/DAAE18DA8C5111EFBC8FBB37C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2400:9e20:caf0::/44
Signature Algorithm: sha256WithRSAEncryption
0b:2c:39:2a:1f:dd:91:d4:81:3a:4a:7c:5f:40:63:47:2c:45:
d8:8d:21:99:c8:d9:d7:a6:99:20:0b:22:b2:6a:fd:f6:de:05:
d9:a1:99:19:cf:e4:cf:49:16:3a:9f:41:93:03:bb:38:e2:62:
97:90:72:70:53:c3:b0:51:2b:c6:1a:93:10:f9:07:b6:9a:bb:
9e:14:41:b5:29:b8:02:2d:86:b9:33:8f:b6:6f:e1:55:83:d0:
12:c7:12:ed:82:ad:11:ef:b9:09:10:26:6d:6f:8b:e0:ae:40:
a6:7f:12:fa:ff:50:5f:68:30:7c:fa:79:4e:df:70:d7:d1:27:
15:39:de:15:32:43:c2:63:ea:cd:7d:37:89:10:ec:bb:e7:0b:
af:db:6d:2a:9b:05:81:b8:d9:50:15:0f:44:fe:e2:00:44:47:
a2:4e:cf:ea:46:61:91:af:68:f3:2d:e9:44:86:60:98:2d:71:
25:fd:35:74:a4:46:6d:07:d7:a7:c1:1d:45:a8:27:95:a8:a6:
9e:03:7e:23:78:e4:36:d9:c5:92:92:52:c6:fc:61:82:d3:4c:
84:3b:55:07:42:b1:74:6b:9a:89:27:b5:45:2f:9d:c4:47:a5:
ac:72:fa:0c:93:71:e4:fc:6b:c3:2b:d7:74:c1:dc:87:4d:b3:
c2:ce:e6:23
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC
M0I0QzExMC8GA1UEBRMoQjYzREZENjg2Q0UwQTkwMDc2RTRGNUZGNDI4Njg1RjYz
RkIwOEVERDAeFw0yNDEwMTcwNjM0MjZaFw0yNTEyMDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3MTBhZmYyLWZkYzgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC2I0Ku2zgcx0gmpysfx71wziwbwsGcz8j9yDNHvlqdLJHQwcbfx1lKRDiDo4tJ
N5lpqZiW6/emsUbtvPm46o9FN6k94sEXymjwjXKXB8yM5VKCjxVMW4eg3MK+ff+c
UknpLlhHbd3H4+iduuKvOMFhTGbFsHqE5dy4sUjMTTkvxkHAqkxEc9vWj1Rl91C/
QPgiAcCJoq/YD/xo0x86sLxXlq6YryMIaeX7UCYHj3dS/rgh92d221UYuyJVfvPx
qR8700SdYTNWePij0aVWfSnXn5W2B9UE9r12KsUbftdsYLaESNXQ3ARvVrnD24CT
wDy/OsAKmVg+FIlKMkSi0mEJAgMBAAGjggKYMIIClDAdBgNVHQ4EFgQUQZ0jSkfn
gwmYmrVuHX8Q8vsQBhgwHwYDVR0jBBgwFoAUtj39aGzgqQB25PX/QoaF9j+wjt0w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUIzQjRDL0RDOURFMjhFOEM1
MDExRUZBMDY3QzgxNUM0RjlBRTAyL3RqMzlhR3pncVFCMjVQWF9Rb2FGOWotd2p0
MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvdGozOWFHemdxUUIyNVBYX1FvYUY5ai13anQwLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC
M0I0Qy9EQzlERTI4RThDNTAxMUVGQTA2N0M4MTVDNEY5QUUwMi9EQUFFMThEQThD
NTExMUVGQkM4RkJCMzdDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAiBggrBgEFBQcBBwEB/wQT
MBEwDwQCAAIwCQMHBCQAniDK8DANBgkqhkiG9w0BAQsFAAOCAQEACyw5Kh/dkdSB
Okp8X0BjRyxF2I0hmcjZ16aZIAsismr99t4F2aGZGc/kz0kWOp9BkwO7OOJil5By
cFPDsFErxhqTEPkHtpq7nhRBtSm4Ai2GuTOPtm/hVYPQEscS7YKtEe+5CRAmbW+L
4K5Apn8S+v9QX2gwfPp5Tt9w19EnFTneFTJDwmPqzX03iRDsu+cLr9ttKpsFgbjZ
UBUPRP7iAERHok7P6kZhka9o8y3pRIZgmC1xJf01dKRGbQfXp8EdRagnlaimngN+
I3jkNtnFkpJSxvxhgtNMhDtVB0KxdGuaiSe1RS+dxEelrHL6DJNx5PxrwyvXdMHc
h02zws7mIw==
-----END CERTIFICATE-----
Generated at Fri Oct 25 09:57:07 2024 by rpki-client on console-fra.rpki-client.org