Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9116748/572BD65801C211ED9A243C4BC4F9AE02/93E487E44E4011EFAF79CF31C4F9AE02.roa
File: 93E487E44E4011EFAF79CF31C4F9AE02.roa (raw, json)
Hash identifier: sZeamtqVn4Bvto6yNl0vpVQ5HnOBmzRmJd+ciKfScbY=
Subject key identifier: B5:74:07:98:45:D9:CE:61:B6:80:DA:74:22:8F:12:FE:CB:77:71:46
Certificate issuer: /CN=A9116748/serialNumber=B0ED061D13BEFFC7941EAA68CFCDCE0031661490
Certificate serial: 0223
Authority key identifier: B0:ED:06:1D:13:BE:FF:C7:94:1E:AA:68:CF:CD:CE:00:31:66:14:90
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sO0GHRO-_8eUHqpoz83OADFmFJA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9116748/572BD65801C211ED9A243C4BC4F9AE02/93E487E44E4011EFAF79CF31C4F9AE02.roa
Signing time: Tue 01 Oct 2024 02:16:33 +0000
ROA not before: Tue 01 Oct 2024 02:16:33 +0000
ROA not after: Fri 31 Jan 2025 00:00:00 +0000
asID: 58984
IP address blocks: 2001:df0:5000::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 18 Nov 2024 23:04:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 547 (0x223)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9116748/serialNumber=B0ED061D13BEFFC7941EAA68CFCDCE0031661490
Validity
Not Before: Oct 1 02:16:33 2024 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=66fb5b81-013c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:63:95:8c:fb:1c:01:8f:df:a4:e4:1b:c8:28:
d2:bf:14:bc:8a:81:95:c9:21:b7:17:b3:85:7c:81:
cf:1f:95:9e:3d:f0:20:e3:1f:30:50:47:8b:4d:d1:
4b:1b:38:48:60:3f:3f:70:d0:3b:47:a4:cf:56:7e:
d9:2f:0d:e2:8f:d6:57:7a:33:22:c7:d7:04:cc:56:
40:7a:f7:f1:18:5e:30:99:8a:12:69:b3:98:ad:9d:
a4:0d:6b:85:0f:18:7f:73:1b:e0:4b:d2:56:95:3c:
7c:b4:c9:32:9b:7a:ec:4d:0e:2f:21:3e:1f:df:2d:
9f:8b:4d:16:f7:5d:78:27:df:e8:34:15:92:d7:08:
8a:f8:e1:e3:fd:e8:4b:bf:ea:5a:d6:f2:96:bf:82:
4e:24:c2:f0:ea:03:8c:1c:bb:98:e3:ff:3c:2f:9d:
ac:0d:3d:a0:a7:08:c6:f8:2e:fd:94:7e:71:b0:69:
c0:12:3d:db:23:1d:90:2e:09:e5:8a:23:b8:0c:fa:
14:a7:bc:6d:4a:cf:80:50:b1:07:ba:36:ce:e3:72:
b0:d1:b9:1f:9f:e6:ee:d2:77:e0:fd:fa:55:da:64:
b6:67:34:b0:3e:f8:b9:56:c0:17:bd:fc:14:20:09:
8c:ca:d6:4a:55:3e:e4:f2:89:db:30:d6:ca:af:48:
98:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:74:07:98:45:D9:CE:61:B6:80:DA:74:22:8F:12:FE:CB:77:71:46
X509v3 Authority Key Identifier:
keyid:B0:ED:06:1D:13:BE:FF:C7:94:1E:AA:68:CF:CD:CE:00:31:66:14:90
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9116748/572BD65801C211ED9A243C4BC4F9AE02/sO0GHRO-_8eUHqpoz83OADFmFJA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sO0GHRO-_8eUHqpoz83OADFmFJA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9116748/572BD65801C211ED9A243C4BC4F9AE02/93E487E44E4011EFAF79CF31C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2001:df0:5000::/48
Signature Algorithm: sha256WithRSAEncryption
48:1a:dd:21:0b:0e:cc:cb:2d:a1:af:c8:41:c1:b9:93:72:22:
bd:40:e5:d7:d3:de:46:5f:c2:09:6c:c4:e8:71:1f:7c:fa:9d:
60:b2:4d:16:16:f4:47:49:da:7e:18:90:ef:c3:00:e9:ce:4f:
0f:13:ee:7b:ed:90:9d:b0:95:0d:14:e9:d4:e2:b1:b2:76:70:
31:bb:45:23:e8:1c:e9:df:d4:cd:37:77:29:95:d5:f0:e8:3e:
13:95:fd:f2:ce:7d:a9:68:73:08:09:cb:7e:4f:2f:fb:17:07:
e9:34:5c:0e:ff:29:1e:16:7a:2b:59:b0:a7:11:e7:bd:33:d1:
07:5f:56:b1:4a:a1:a8:48:1b:0d:84:00:3a:f9:f3:2f:82:f2:
bc:57:75:ac:06:95:b7:86:2c:60:fd:c9:f3:1e:b5:71:a1:75:
b9:8a:76:6b:ad:57:71:8e:2e:1a:6f:a2:b1:7a:3f:36:e9:e9:
84:f8:94:52:67:81:9d:ed:fe:53:d6:ab:10:9c:ac:fc:9c:aa:
47:2a:8b:6e:0b:36:60:1b:89:a5:a9:4b:b3:ca:7a:08:e2:19:
19:aa:bb:89:cf:91:43:58:10:f6:9e:e1:3f:8c:ef:07:15:3c:
f7:e9:71:8f:ca:79:db:ef:9a:33:22:d1:c8:3d:b3:14:bd:a1:
a0:f3:10:39
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgICAiMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTY3NDgxMTAvBgNVBAUTKEIwRUQwNjFEMTNCRUZGQzc5NDFFQUE2OENGQ0RDRTAw
MzE2NjE0OTAwHhcNMjQxMDAxMDIxNjMzWhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmZiNWI4MS0wMTNjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAs2OVjPscAY/fpOQbyCjSvxS8ioGVySG3F7OFfIHPH5WePfAg4x8wUEeLTdFL
GzhIYD8/cNA7R6TPVn7ZLw3ij9ZXejMix9cEzFZAevfxGF4wmYoSabOYrZ2kDWuF
Dxh/cxvgS9JWlTx8tMkym3rsTQ4vIT4f3y2fi00W9114J9/oNBWS1wiK+OHj/ehL
v+pa1vKWv4JOJMLw6gOMHLuY4/88L52sDT2gpwjG+C79lH5xsGnAEj3bIx2QLgnl
iiO4DPoUp7xtSs+AULEHujbO43Kw0bkfn+bu0nfg/fpV2mS2ZzSwPvi5VsAXvfwU
IAmMytZKVT7k8onbMNbKr0iYgwIDAQABo4ICmDCCApQwHQYDVR0OBBYEFLV0B5hF
2c5htoDadCKPEv7Ld3FGMB8GA1UdIwQYMBaAFLDtBh0Tvv/HlB6qaM/NzgAxZhSQ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExNjc0OC81NzJCRDY1ODAx
QzIxMUVEOUEyNDNDNEJDNEY5QUUwMi9zTzBHSFJPLV84ZVVIcXBvejgzT0FERm1G
SkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3NPMEdIUk8tXzhlVUhxcG96ODNPQURGbUZKQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTY3NDgvNTcyQkQ2NTgwMUMyMTFFRDlBMjQzQzRCQzRGOUFFMDIvOTNFNDg3RTQ0
RTQwMTFFRkFGNzlDRjMxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwAgAQ3wUAAwDQYJKoZIhvcNAQELBQADggEBAEga3SELDszL
LaGvyEHBuZNyIr1A5dfT3kZfwglsxOhxH3z6nWCyTRYW9EdJ2n4YkO/DAOnOTw8T
7nvtkJ2wlQ0U6dTisbJ2cDG7RSPoHOnf1M03dymV1fDoPhOV/fLOfalocwgJy35P
L/sXB+k0XA7/KR4WeitZsKcR570z0QdfVrFKoahIGw2EADr58y+C8rxXdawGlbeG
LGD9yfMetXGhdbmKdmutV3GOLhpvorF6Pzbp6YT4lFJngZ3t/lPWqxCcrPycqkcq
i24LNmAbiaWpS7PKegjiGRmqu4nPkUNYEPae4T+M7wcVPPfpcY/KedvvmjMi0cg9
sxS9oaDzEDk=
-----END CERTIFICATE-----
Generated at Tue Nov 19 00:48:05 2024 by rpki-client on console-fra.rpki-client.org