Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B9BC6/489091CE266711ECB9C22C77C4F9AE02/D38B0388BC6E11EDBF779885C4F9AE02.roa
File: D38B0388BC6E11EDBF779885C4F9AE02.roa (raw, json)
Hash identifier: R+3rvJR2szYfGaSrL36fDZilSbZPr0IEhIdb/6NGToI=
Subject key identifier: 02:F2:51:01:8C:32:FC:F5:81:F1:F4:01:D6:BE:6D:A4:91:FA:B1:0C
Certificate issuer: /CN=A91B9BC6/serialNumber=EF5B497FFD8B259EE9EA157B0222B110266CF59F
Certificate serial: 03D1
Authority key identifier: EF:5B:49:7F:FD:8B:25:9E:E9:EA:15:7B:02:22:B1:10:26:6C:F5:9F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/71tJf_2LJZ7p6hV7AiKxECZs9Z8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B9BC6/489091CE266711ECB9C22C77C4F9AE02/D38B0388BC6E11EDBF779885C4F9AE02.roa
Signing time: Fri 01 Dec 2023 02:33:52 +0000
ROA not before: Fri 01 Dec 2023 02:33:52 +0000
ROA not after: Mon 30 Dec 2024 00:00:00 +0000
asID: 141726
IP address blocks: 2001:df7:b780::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 07 Dec 2023 08:15:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 977 (0x3d1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B9BC6/serialNumber=EF5B497FFD8B259EE9EA157B0222B110266CF59F
Validity
Not Before: Dec 1 02:33:52 2023 GMT
Not After : Dec 30 00:00:00 2024 GMT
Subject: CN=65694610-48be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:fd:c3:bf:2a:0a:12:d9:ca:2c:8d:1c:ad:8e:
61:df:48:57:45:38:63:5d:24:bc:b0:7c:87:c8:0c:
2c:fa:31:e4:b0:f4:46:70:3d:42:38:64:41:ae:b1:
21:1f:54:77:dd:7c:6a:11:67:3c:a6:68:e7:fd:ec:
61:8e:ed:6c:89:28:1a:9a:f9:b7:92:d2:fd:e2:88:
9c:da:ea:77:5e:c3:f8:d5:5c:1e:e1:24:f1:69:b6:
3e:3c:4b:f4:1c:12:7e:82:2d:21:61:82:93:ce:39:
78:a9:d3:79:d4:09:6c:81:b3:9c:a4:a1:f7:34:96:
cb:80:47:e7:44:6f:0d:a8:18:09:94:8e:af:ff:4d:
30:b8:9a:89:4e:10:b5:50:66:c0:c8:e1:2a:af:60:
e6:3e:ba:45:a3:6d:15:0a:ee:f7:2a:cb:47:93:94:
71:7d:98:66:c1:00:b3:c3:42:34:48:53:8a:f0:9b:
54:79:ad:a6:54:c9:82:95:84:20:a1:07:aa:c0:98:
27:0e:2a:b7:b8:6a:2d:58:9b:77:67:0b:82:8f:cf:
f4:be:4a:6e:9b:70:d0:2d:54:f3:81:79:ee:f2:f7:
f2:39:ea:d6:2c:b1:ee:2c:62:6a:b5:d6:b0:ce:12:
47:13:6d:7a:d5:78:89:f8:2f:15:09:7b:c6:79:7f:
3a:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:F2:51:01:8C:32:FC:F5:81:F1:F4:01:D6:BE:6D:A4:91:FA:B1:0C
X509v3 Authority Key Identifier:
keyid:EF:5B:49:7F:FD:8B:25:9E:E9:EA:15:7B:02:22:B1:10:26:6C:F5:9F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B9BC6/489091CE266711ECB9C22C77C4F9AE02/71tJf_2LJZ7p6hV7AiKxECZs9Z8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/71tJf_2LJZ7p6hV7AiKxECZs9Z8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B9BC6/489091CE266711ECB9C22C77C4F9AE02/D38B0388BC6E11EDBF779885C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2001:df7:b780::/48
Signature Algorithm: sha256WithRSAEncryption
cc:56:be:49:59:07:3b:d6:64:66:26:9e:cb:26:69:4a:3d:be:
02:0a:10:2c:be:dd:77:96:2d:e4:fe:d5:fc:08:2a:33:4d:54:
65:b0:b9:a4:4d:21:ac:9d:20:7b:7f:fd:81:64:24:db:1c:ff:
11:1d:f0:04:e9:89:68:60:89:df:86:7f:b4:c1:3a:93:a0:ff:
e9:b9:af:2e:aa:cc:c1:22:09:db:dd:d7:f3:c1:a1:a1:e7:6d:
94:93:a9:09:2b:b5:42:7b:1f:32:fc:9d:c6:e7:c6:40:50:6a:
bc:e5:78:33:b8:4a:38:bf:d3:c6:98:ca:94:a4:83:4e:68:74:
97:fc:4f:b4:2d:54:b3:0d:52:0b:e4:64:f3:30:a5:f1:a8:99:
59:23:c6:d8:f3:15:c2:ef:1f:91:fb:4e:1b:11:9d:93:e1:bd:
89:ae:97:65:0e:24:4d:de:16:6c:35:81:76:a0:3a:86:e4:53:
a2:57:e7:7f:b9:d5:5f:ae:e5:85:4d:55:6e:09:e0:b0:34:19:
53:98:cc:c0:8b:44:43:c6:49:38:0f:c0:9e:94:93:75:a1:cb:
e6:7e:66:9f:52:2c:f2:b4:e9:3c:0b:88:41:8c:4e:fa:3e:d6:
33:15:23:56:7c:e0:b7:7c:98:77:26:63:8c:0b:46:24:b2:c4:
4e:5c:1a:85
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgICA9EwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjlCQzYxMTAvBgNVBAUTKEVGNUI0OTdGRkQ4QjI1OUVFOUVBMTU3QjAyMjJCMTEw
MjY2Q0Y1OUYwHhcNMjMxMjAxMDIzMzUyWhcNMjQxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTY5NDYxMC00OGJlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzf3DvyoKEtnKLI0crY5h30hXRThjXSS8sHyHyAws+jHksPRGcD1COGRBrrEh
H1R33XxqEWc8pmjn/exhju1siSgamvm3ktL94oic2up3XsP41Vwe4STxabY+PEv0
HBJ+gi0hYYKTzjl4qdN51AlsgbOcpKH3NJbLgEfnRG8NqBgJlI6v/00wuJqJThC1
UGbAyOEqr2DmPrpFo20VCu73KstHk5RxfZhmwQCzw0I0SFOK8JtUea2mVMmClYQg
oQeqwJgnDiq3uGotWJt3ZwuCj8/0vkpum3DQLVTzgXnu8vfyOerWLLHuLGJqtdaw
zhJHE2161XiJ+C8VCXvGeX86swIDAQABo4ICmDCCApQwHQYDVR0OBBYEFALyUQGM
Mvz1gfH0Ada+baSR+rEMMB8GA1UdIwQYMBaAFO9bSX/9iyWe6eoVewIisRAmbPWf
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCOUJDNi80ODkwOTFDRTI2
NjcxMUVDQjlDMjJDNzdDNEY5QUUwMi83MXRKZl8yTEpaN3A2aFY3QWlLeEVDWnM5
WjguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzcxdEpmXzJMSlo3cDZoVjdBaUt4RUNaczlaOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QjlCQzYvNDg5MDkxQ0UyNjY3MTFFQ0I5QzIyQzc3QzRGOUFFMDIvRDM4QjAzODhC
QzZFMTFFREJGNzc5ODg1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwAgAQ33t4AwDQYJKoZIhvcNAQELBQADggEBAMxWvklZBzvW
ZGYmnssmaUo9vgIKECy+3XeWLeT+1fwIKjNNVGWwuaRNIaydIHt//YFkJNsc/xEd
8ATpiWhgid+Gf7TBOpOg/+m5ry6qzMEiCdvd1/PBoaHnbZSTqQkrtUJ7HzL8ncbn
xkBQarzleDO4Sji/08aYypSkg05odJf8T7QtVLMNUgvkZPMwpfGomVkjxtjzFcLv
H5H7ThsRnZPhvYmul2UOJE3eFmw1gXagOobkU6JX53+51V+u5YVNVW4J4LA0GVOY
zMCLREPGSTgPwJ6Uk3Why+Z+Zp9SLPK06TwLiEGMTvo+1jMVI1Z84Ld8mHcmY4wL
RiSyxE5cGoU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:58 2024 by rpki-client on console-ams.rpki-client.org