Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911C28D/BDAB67F63A8011E5AE390155C4F9AE02/A278209A459511E9A18A751DC4F9AE02.roa
File: A278209A459511E9A18A751DC4F9AE02.roa (raw, json)
Hash identifier: 1ekJKn+UiPvxVSzmR3qh+QKI7BxGbC5xNocBxNAwrtc=
Subject key identifier: D2:4B:9F:85:D0:BE:46:4D:CE:05:EC:8B:99:3C:77:04:14:EB:69:87
Certificate issuer: /CN=A911C28D/serialNumber=99DFB6BF7950E6B40195A59024F4B750863D3D93
Certificate serial: 2628
Authority key identifier: 99:DF:B6:BF:79:50:E6:B4:01:95:A5:90:24:F4:B7:50:86:3D:3D:93
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/md-2v3lQ5rQBlaWQJPS3UIY9PZM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911C28D/BDAB67F63A8011E5AE390155C4F9AE02/A278209A459511E9A18A751DC4F9AE02.roa
Signing time: Sun 06 Aug 2023 16:12:51 +0000
ROA not before: Sun 06 Aug 2023 16:12:51 +0000
ROA not after: Mon 30 Sep 2024 00:00:00 +0000
asID: 138558
IP address blocks: 2402:9e80:46::/47 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9768 (0x2628)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911C28D/serialNumber=99DFB6BF7950E6B40195A59024F4B750863D3D93
Validity
Not Before: Aug 6 16:12:51 2023 GMT
Not After : Sep 30 00:00:00 2024 GMT
Subject: CN=64cfc683-f82b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:d8:6d:0a:39:49:b7:2f:0f:b3:c2:e1:40:47:
67:89:9e:92:6b:7a:45:63:b1:a1:8e:5a:5d:d6:d0:
5f:ae:59:68:6e:af:ff:9e:f7:23:e0:51:ce:87:db:
7b:98:7f:3c:71:9e:20:54:4b:10:f6:91:81:f2:40:
7f:4e:ae:df:6f:f5:95:e3:47:54:fa:76:aa:b4:ff:
2e:64:2c:bc:ef:de:cd:2c:9d:2b:bc:26:d7:76:20:
4b:8e:1e:4f:d0:87:ba:97:b6:0f:95:f0:db:81:31:
64:20:e6:93:d4:c9:e0:97:81:3b:bc:15:34:56:20:
71:b9:a4:32:39:cc:b1:96:49:de:f3:37:ce:0e:77:
25:f5:67:9d:83:4b:6e:13:b3:43:cc:e6:a8:31:64:
03:10:4d:0f:33:68:b7:4c:f8:eb:8a:76:92:05:aa:
07:cb:ea:a1:6c:17:48:ec:86:0f:8a:96:31:c6:d9:
45:2c:12:f4:fc:2f:f1:c4:52:46:fe:44:3b:b3:5f:
64:5b:ef:d4:68:02:ea:ab:f5:42:50:e8:a4:07:7b:
20:9e:38:35:5b:03:b5:ba:5b:6b:c5:b2:1b:6b:82:
ee:8d:76:a8:80:46:24:d1:bd:7e:bd:3f:4b:9f:a7:
29:c7:05:55:a8:b5:c8:37:0c:24:98:b8:f5:b4:37:
c5:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:4B:9F:85:D0:BE:46:4D:CE:05:EC:8B:99:3C:77:04:14:EB:69:87
X509v3 Authority Key Identifier:
keyid:99:DF:B6:BF:79:50:E6:B4:01:95:A5:90:24:F4:B7:50:86:3D:3D:93
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911C28D/BDAB67F63A8011E5AE390155C4F9AE02/md-2v3lQ5rQBlaWQJPS3UIY9PZM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/md-2v3lQ5rQBlaWQJPS3UIY9PZM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911C28D/BDAB67F63A8011E5AE390155C4F9AE02/A278209A459511E9A18A751DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2402:9e80:46::/47
Signature Algorithm: sha256WithRSAEncryption
76:3e:ce:6c:4c:4c:aa:24:0c:2d:5f:d2:3f:dd:89:51:e9:dc:
30:ac:0c:2b:e9:53:e5:24:13:d8:69:80:6f:85:15:d1:0d:70:
da:97:00:25:9f:10:be:2c:7b:97:ab:16:88:8e:f7:bc:48:84:
e6:2a:00:5c:0d:4a:29:98:04:04:e3:18:53:08:36:86:52:51:
04:95:f1:6a:45:7a:d0:2f:86:81:f0:95:ec:b3:89:0a:2f:a0:
1a:32:01:71:92:b2:80:81:e8:60:8b:b7:28:f4:d9:40:77:82:
c0:51:2f:a9:e8:58:60:ca:39:42:73:3f:34:db:e6:2a:20:7b:
aa:14:42:9d:57:ea:de:b1:d6:e0:18:14:f3:ff:f0:7b:57:b3:
68:d0:f1:21:42:f4:72:14:d9:e7:fb:cb:aa:80:57:2f:95:59:
7e:1c:ee:7e:4d:5e:0b:af:0d:0a:e9:e9:1e:f1:df:99:de:0a:
50:ce:b6:0f:a3:74:37:25:1f:df:cd:02:58:aa:66:48:fe:e9:
c9:0e:fd:bd:ee:d6:98:6f:a1:01:a6:18:be:1d:67:55:2b:b4:
02:0b:ba:39:7b:aa:ad:bd:01:11:3c:51:dd:0d:95:b8:59:86:
a2:6a:55:90:03:33:0f:d5:8c:61:1f:10:98:5b:b1:89:4c:10:
e5:45:da:62
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgICJigwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUMyOEQxMTAvBgNVBAUTKDk5REZCNkJGNzk1MEU2QjQwMTk1QTU5MDI0RjRCNzUw
ODYzRDNEOTMwHhcNMjMwODA2MTYxMjUxWhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGNmYzY4My1mODJiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAn9htCjlJty8Ps8LhQEdniZ6Sa3pFY7Ghjlpd1tBfrllobq//nvcj4FHOh9t7
mH88cZ4gVEsQ9pGB8kB/Tq7fb/WV40dU+naqtP8uZCy8797NLJ0rvCbXdiBLjh5P
0Ie6l7YPlfDbgTFkIOaT1Mngl4E7vBU0ViBxuaQyOcyxlkne8zfODncl9Wedg0tu
E7NDzOaoMWQDEE0PM2i3TPjrinaSBaoHy+qhbBdI7IYPipYxxtlFLBL0/C/xxFJG
/kQ7s19kW+/UaALqq/VCUOikB3sgnjg1WwO1ultrxbIba4LujXaogEYk0b1+vT9L
n6cpxwVVqLXINwwkmLj1tDfFdwIDAQABo4ICmDCCApQwHQYDVR0OBBYEFNJLn4XQ
vkZNzgXsi5k8dwQU62mHMB8GA1UdIwQYMBaAFJnftr95UOa0AZWlkCT0t1CGPT2T
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQzI4RC9CREFCNjdGNjNB
ODAxMUU1QUUzOTAxNTVDNEY5QUUwMi9tZC0ydjNsUTVyUUJsYVdRSlBTM1VJWTlQ
Wk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL21kLTJ2M2xRNXJRQmxhV1FKUFMzVUlZOVBaTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUMyOEQvQkRBQjY3RjYzQTgwMTFFNUFFMzkwMTU1QzRGOUFFMDIvQTI3ODIwOUE0
NTk1MTFFOUExOEE3NTFEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwEkAp6AAEYwDQYJKoZIhvcNAQELBQADggEBAHY+zmxMTKok
DC1f0j/diVHp3DCsDCvpU+UkE9hpgG+FFdENcNqXACWfEL4se5erFoiO97xIhOYq
AFwNSimYBATjGFMINoZSUQSV8WpFetAvhoHwleyziQovoBoyAXGSsoCB6GCLtyj0
2UB3gsBRL6noWGDKOUJzPzTb5ioge6oUQp1X6t6x1uAYFPP/8HtXs2jQ8SFC9HIU
2ef7y6qAVy+VWX4c7n5NXguvDQrp6R7x35neClDOtg+jdDclH9/NAliqZkj+6ckO
/b3u1phvoQGmGL4dZ1UrtAILujl7qq29ARE8Ud0NlbhZhqJqVZADMw/VjGEfEJhb
sYlMEOVF2mI=
-----END CERTIFICATE-----
Generated at Mon Sep 25 09:48:01 2023 by rpki-client on console-fra.rpki-client.org