Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911DFB8/900EAC54453D11EBB55A6225C4F9AE02/70F2353E343111EF9A89B60FC4F9AE02.roa
File: 70F2353E343111EF9A89B60FC4F9AE02.roa (raw, json)
Hash identifier: XAzxp92jJXXjC2PnZzFBU7uCatnWA4kTaZIYx9FGNk4=
Subject key identifier: 9E:DB:85:48:04:29:F7:6F:0F:D9:55:B3:D7:B6:AD:62:6D:DA:A3:86
Certificate issuer: /CN=A911DFB8/serialNumber=AEBB93EA7A2FC69E2C19CCE782EEF5DDB1CA32BD
Certificate serial: 0663
Authority key identifier: AE:BB:93:EA:7A:2F:C6:9E:2C:19:CC:E7:82:EE:F5:DD:B1:CA:32:BD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rruT6novxp4sGczngu713bHKMr0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911DFB8/900EAC54453D11EBB55A6225C4F9AE02/70F2353E343111EF9A89B60FC4F9AE02.roa
Signing time: Thu 27 Jun 2024 03:00:42 +0000
ROA not before: Thu 27 Jun 2024 03:00:42 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 138995
IP address blocks: 2001:df4:1500::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 20 Sep 2024 04:01:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1635 (0x663)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911DFB8/serialNumber=AEBB93EA7A2FC69E2C19CCE782EEF5DDB1CA32BD
Validity
Not Before: Jun 27 03:00:42 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=667cd5da-d273
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:45:99:7d:f4:ef:42:b0:7a:91:0b:37:be:75:
27:90:96:73:ae:6b:e5:b9:2f:be:49:d1:2b:d8:17:
00:c7:92:7e:d7:fd:ed:cb:1f:e3:af:5a:a4:26:df:
ce:2d:c0:8c:a1:f9:5f:94:80:26:8b:a5:c2:07:76:
3b:8d:9c:79:33:9f:9b:81:3b:62:73:2a:52:41:c8:
cb:15:b3:d9:a5:e3:e1:2c:5d:a5:5d:14:d1:09:1f:
11:1b:02:40:0b:89:9b:80:24:2f:c8:8b:d4:07:fe:
28:58:14:2e:d3:45:9f:5a:63:76:14:4b:f5:4d:15:
3f:b2:5a:a6:dc:70:ea:85:d7:e1:63:20:03:59:7a:
8d:9d:b5:16:ab:01:60:ce:19:b7:0e:a3:f3:6a:a6:
df:48:e6:f3:5a:f8:28:c1:06:5c:b0:26:02:d3:1f:
a0:a7:aa:af:70:22:48:2d:de:66:0c:bf:90:1b:31:
cd:4f:cd:c1:38:8a:c8:23:7d:13:e3:22:f4:1b:6a:
8b:ce:ee:36:28:ff:ec:17:3f:e0:ea:9d:99:72:82:
02:94:79:43:b6:41:82:5c:02:ea:ac:6b:42:b4:01:
23:bc:f4:f9:79:34:74:58:82:88:7b:65:49:70:35:
4a:86:83:e9:e3:97:cc:4b:cc:9d:f9:7c:09:a2:21:
d3:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:DB:85:48:04:29:F7:6F:0F:D9:55:B3:D7:B6:AD:62:6D:DA:A3:86
X509v3 Authority Key Identifier:
keyid:AE:BB:93:EA:7A:2F:C6:9E:2C:19:CC:E7:82:EE:F5:DD:B1:CA:32:BD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911DFB8/900EAC54453D11EBB55A6225C4F9AE02/rruT6novxp4sGczngu713bHKMr0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rruT6novxp4sGczngu713bHKMr0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911DFB8/900EAC54453D11EBB55A6225C4F9AE02/70F2353E343111EF9A89B60FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2001:df4:1500::/48
Signature Algorithm: sha256WithRSAEncryption
89:f4:38:ac:f1:51:f0:fd:d9:ee:59:43:04:f8:d3:fc:c4:1d:
80:24:ed:6b:75:f2:0e:94:d8:74:1c:ea:f0:58:62:aa:b1:cd:
c7:1e:f4:ef:41:9f:e0:70:67:3a:8e:47:9d:45:38:16:65:0f:
2d:f3:91:70:0a:12:e4:65:f9:a5:6b:da:a1:48:07:a0:12:98:
65:3d:7e:40:66:d9:9d:36:39:d5:59:c9:f9:f5:4a:aa:a3:ac:
89:32:45:36:39:49:c7:c8:3e:ca:27:33:d6:f5:6d:50:ea:8e:
97:ce:ea:ca:ea:b4:40:24:df:8e:6f:03:fd:1c:c1:2a:01:94:
cb:01:d9:a0:c1:77:12:df:e0:56:61:a5:38:09:23:c2:75:b2:
51:2a:5f:1a:39:d4:8d:4f:5d:ca:ca:be:ce:40:45:ed:ba:1d:
c7:59:ed:e7:78:fa:58:ed:87:1a:94:77:c9:d4:e3:c4:d3:fe:
7a:48:57:5a:91:83:3d:af:46:b9:2d:72:a4:4b:50:e0:9d:2c:
86:94:4d:f7:fb:aa:dd:b1:c8:08:8e:bd:4f:e1:3c:c0:02:87:
8a:b6:35:75:a1:d1:c7:20:ef:62:3d:a7:5a:8d:6a:b3:da:81:
f9:b3:e5:db:d8:a9:c9:92:0c:4e:1d:0f:2b:ad:12:2b:d0:52:
cd:ad:92:90
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgICBmMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MURGQjgxMTAvBgNVBAUTKEFFQkI5M0VBN0EyRkM2OUUyQzE5Q0NFNzgyRUVGNURE
QjFDQTMyQkQwHhcNMjQwNjI3MDMwMDQyWhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02NjdjZDVkYS1kMjczMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0kWZffTvQrB6kQs3vnUnkJZzrmvluS++SdEr2BcAx5J+1/3tyx/jr1qkJt/O
LcCMoflflIAmi6XCB3Y7jZx5M5+bgTticypSQcjLFbPZpePhLF2lXRTRCR8RGwJA
C4mbgCQvyIvUB/4oWBQu00WfWmN2FEv1TRU/slqm3HDqhdfhYyADWXqNnbUWqwFg
zhm3DqPzaqbfSObzWvgowQZcsCYC0x+gp6qvcCJILd5mDL+QGzHNT83BOIrII30T
4yL0G2qLzu42KP/sFz/g6p2ZcoIClHlDtkGCXALqrGtCtAEjvPT5eTR0WIKIe2VJ
cDVKhoPp45fMS8yd+XwJoiHT4wIDAQABo4ICmDCCApQwHQYDVR0OBBYEFJ7bhUgE
KfdvD9lVs9e2rWJt2qOGMB8GA1UdIwQYMBaAFK67k+p6L8aeLBnM54Lu9d2xyjK9
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExREZCOC85MDBFQUM1NDQ1
M0QxMUVCQjU1QTYyMjVDNEY5QUUwMi9ycnVUNm5vdnhwNHNHY3puZ3U3MTNiSEtN
cjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3JydVQ2bm92eHA0c0djem5ndTcxM2JIS01yMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MURGQjgvOTAwRUFDNTQ0NTNEMTFFQkI1NUE2MjI1QzRGOUFFMDIvNzBGMjM1M0Uz
NDMxMTFFRjlBODlCNjBGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwAgAQ30FQAwDQYJKoZIhvcNAQELBQADggEBAIn0OKzxUfD9
2e5ZQwT40/zEHYAk7Wt18g6U2HQc6vBYYqqxzcce9O9Bn+BwZzqOR51FOBZlDy3z
kXAKEuRl+aVr2qFIB6ASmGU9fkBm2Z02OdVZyfn1SqqjrIkyRTY5ScfIPsonM9b1
bVDqjpfO6srqtEAk345vA/0cwSoBlMsB2aDBdxLf4FZhpTgJI8J1slEqXxo51I1P
XcrKvs5ARe26HcdZ7ed4+ljthxqUd8nU48TT/npIV1qRgz2vRrktcqRLUOCdLIaU
Tff7qt2xyAiOvU/hPMACh4q2NXWh0ccg72I9p1qNarPagfmz5dvYqcmSDE4dDyut
EivQUs2tkpA=
-----END CERTIFICATE-----
Generated at Fri Sep 20 09:07:15 2024 by rpki-client on console-ams.rpki-client.org