Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DEBE3/80AE10C6045011EABA82C415C4F9AE02/A00B9E90A21011EE9C264712C4F9AE02.roa
File: A00B9E90A21011EE9C264712C4F9AE02.roa (raw, json)
Hash identifier: YqVGCW8zmqoDtdu93ZvYc4iN91IEnD28sGChMhQGlnc=
Subject key identifier: DB:A1:14:EC:94:B4:1E:28:DC:C1:13:1C:2D:BA:23:30:3D:6D:5A:15
Certificate issuer: /CN=A91DEBE3/serialNumber=DE50542BEA108201A772C00BC9F251AD17FA96CD
Certificate serial: 0B95
Authority key identifier: DE:50:54:2B:EA:10:82:01:A7:72:C0:0B:C9:F2:51:AD:17:FA:96:CD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3lBUK-oQggGncsALyfJRrRf6ls0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DEBE3/80AE10C6045011EABA82C415C4F9AE02/A00B9E90A21011EE9C264712C4F9AE02.roa
Signing time: Sun 24 Dec 2023 03:57:59 +0000
ROA not before: Sun 24 Dec 2023 03:57:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 4864
IP address blocks: 2404:d580::/120 maxlen: 120
Validation: Failed, certificate revoked on Sun 24 Dec 2023 06:40:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2965 (0xb95)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DEBE3/serialNumber=DE50542BEA108201A772C00BC9F251AD17FA96CD
Validity
Not Before: Dec 24 03:57:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6587ac46-ee9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:e1:a2:c1:39:07:e2:08:f9:d7:7c:2d:c6:45:
2d:db:50:72:6d:ed:04:08:ef:d9:75:3d:4a:8a:34:
34:1d:a5:a5:1b:ee:50:30:5b:31:33:bc:6b:07:a9:
f0:3f:43:7f:ba:0d:a1:d4:9d:29:ab:2a:a3:91:c7:
ba:ac:5c:a5:62:02:f1:0c:55:06:23:46:45:ec:7f:
f3:57:b5:ae:ed:7e:a0:c0:af:35:62:99:7b:c1:9f:
a0:80:a9:a8:22:6d:ee:08:28:d1:f8:e1:dd:22:14:
ad:f3:83:fc:dc:94:30:0b:27:18:c3:63:58:ba:f6:
eb:fc:07:74:da:73:1f:2a:2b:ce:c1:5f:35:2f:e6:
17:8d:60:e3:2c:40:70:7e:b4:1b:8b:18:7d:04:ea:
4e:2e:97:87:1a:54:ab:2a:cd:b5:ee:5a:6c:5f:68:
b8:6c:bc:57:b6:2e:9d:2d:50:53:2a:8d:04:4d:eb:
46:52:22:94:7a:59:b1:79:32:32:bb:f7:13:4c:fd:
d0:44:27:5c:23:a2:1f:7c:6c:ad:58:ab:67:7a:31:
e2:b0:48:08:ce:d9:32:b0:ce:03:ac:a0:e4:5b:66:
29:9f:77:88:5c:ac:00:53:d7:75:df:3a:3b:dc:9d:
65:e8:b0:a2:07:1f:18:d6:80:32:75:da:cb:20:1e:
5b:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:A1:14:EC:94:B4:1E:28:DC:C1:13:1C:2D:BA:23:30:3D:6D:5A:15
X509v3 Authority Key Identifier:
keyid:DE:50:54:2B:EA:10:82:01:A7:72:C0:0B:C9:F2:51:AD:17:FA:96:CD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DEBE3/80AE10C6045011EABA82C415C4F9AE02/3lBUK-oQggGncsALyfJRrRf6ls0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3lBUK-oQggGncsALyfJRrRf6ls0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DEBE3/80AE10C6045011EABA82C415C4F9AE02/A00B9E90A21011EE9C264712C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2404:d580::/120
Signature Algorithm: sha256WithRSAEncryption
75:35:b8:4a:21:a4:61:db:e5:82:45:77:35:6d:20:b9:9e:fa:
02:cf:50:d2:79:8f:f2:78:b7:c9:e2:6d:6c:2f:a1:0d:b9:80:
2e:59:ee:ae:41:3e:dd:e1:cf:2a:36:1a:b5:79:3c:12:84:45:
ad:07:07:82:6d:69:ec:f1:a3:b2:32:a1:ed:86:30:af:42:e4:
ea:32:90:51:31:54:18:e9:54:fd:32:9e:97:4a:43:60:34:ff:
d3:14:13:fa:3e:93:8a:96:bb:93:ec:9f:c0:69:e2:40:17:79:
92:4e:17:b1:71:54:39:02:51:7b:0d:27:ad:76:95:b9:e6:45:
2b:04:be:6a:de:9b:ff:75:2d:d0:57:20:90:3f:d4:e1:04:79:
89:be:05:5d:03:70:cc:58:b7:4d:5d:a4:9b:d8:e1:a2:c9:68:
e8:f1:db:69:b4:6e:cb:34:1f:e1:c8:45:f2:b2:26:86:58:3a:
66:d4:12:90:90:0d:de:89:c7:a4:3c:0b:0d:d1:aa:c4:8e:09:
7b:d1:91:27:e0:4a:77:f1:30:11:21:ea:c6:44:bd:37:3b:60:
35:63:91:f4:0d:fd:43:b5:43:ba:cf:b0:ea:8e:2d:57:b4:57:
01:6a:4c:ba:6f:db:9c:b4:40:9a:dc:d6:0a:21:7e:7e:3d:cb:
f0:fd:57:fd
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICC5UwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
REVCRTMxMTAvBgNVBAUTKERFNTA1NDJCRUExMDgyMDFBNzcyQzAwQkM5RjI1MUFE
MTdGQTk2Q0QwHhcNMjMxMjI0MDM1NzU5WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTg3YWM0Ni1lZTlmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3+GiwTkH4gj513wtxkUt21Bybe0ECO/ZdT1KijQ0HaWlG+5QMFsxM7xrB6nw
P0N/ug2h1J0pqyqjkce6rFylYgLxDFUGI0ZF7H/zV7Wu7X6gwK81Ypl7wZ+ggKmo
Im3uCCjR+OHdIhSt84P83JQwCycYw2NYuvbr/Ad02nMfKivOwV81L+YXjWDjLEBw
frQbixh9BOpOLpeHGlSrKs217lpsX2i4bLxXti6dLVBTKo0ETetGUiKUelmxeTIy
u/cTTP3QRCdcI6IffGytWKtnejHisEgIztkysM4DrKDkW2Ypn3eIXKwAU9d13zo7
3J1l6LCiBx8Y1oAyddrLIB5biwIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFNuhFOyU
tB4o3METHC26IzA9bVoVMB8GA1UdIwQYMBaAFN5QVCvqEIIBp3LAC8nyUa0X+pbN
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFERUJFMy84MEFFMTBDNjA0
NTAxMUVBQkE4MkM0MTVDNEY5QUUwMi8zbEJVSy1vUWdnR25jc0FMeWZKUnJSZjZs
czAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzNsQlVLLW9RZ2dHbmNzQUx5ZkpSclJmNmxzMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
REVCRTMvODBBRTEwQzYwNDUwMTFFQUJBODJDNDE1QzRGOUFFMDIvQTAwQjlFOTBB
MjEwMTFFRTlDMjY0NzEyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgACMBIDEAAkBNWAAAAAAAAAAAAAAAAwDQYJKoZIhvcNAQELBQADggEB
AHU1uEohpGHb5YJFdzVtILme+gLPUNJ5j/J4t8nibWwvoQ25gC5Z7q5BPt3hzyo2
GrV5PBKERa0HB4Jtaezxo7Iyoe2GMK9C5OoykFExVBjpVP0ynpdKQ2A0/9MUE/o+
k4qWu5Psn8Bp4kAXeZJOF7FxVDkCUXsNJ612lbnmRSsEvmrem/91LdBXIJA/1OEE
eYm+BV0DcMxYt01dpJvY4aLJaOjx22m0bss0H+HIRfKyJoZYOmbUEpCQDd6Jx6Q8
Cw3RqsSOCXvRkSfgSnfxMBEh6sZEvTc7YDVjkfQN/UO1Q7rPsOqOLVe0VwFqTLpv
25y0QJrc1gohfn49y/D9V/0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:43 2024 by rpki-client on console-fra.rpki-client.org