Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A911E2E0/B3E815DC9E4611E588D46016C4F9AE02/C4D639B63B2B11EEB806E26CC4F9AE02.roa
File: C4D639B63B2B11EEB806E26CC4F9AE02.roa (raw, json)
Hash identifier: wq2IjpgPrmfbsS1rpcNsBC0KyZ9HGIUelXDlD6xiXbc=
Subject key identifier: 7C:14:41:CA:E0:C3:0D:94:74:EA:67:39:CC:F2:B8:5B:7B:14:8A:DD
Certificate issuer: /CN=A911E2E0/serialNumber=ED68CA6A2D12A88CC7D296A2BC2BF1519A0B5FF3
Certificate serial: 217E
Authority key identifier: ED:68:CA:6A:2D:12:A8:8C:C7:D2:96:A2:BC:2B:F1:51:9A:0B:5F:F3
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7WjKai0SqIzH0paivCvxUZoLX_M.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911E2E0/B3E815DC9E4611E588D46016C4F9AE02/C4D639B63B2B11EEB806E26CC4F9AE02.roa
Signing time: Tue 15 Aug 2023 05:22:47 +0000
ROA not before: Tue 15 Aug 2023 05:22:47 +0000
ROA not after: Mon 30 Sep 2024 00:00:00 +0000
asID: 136408
IP address blocks: 2403:1600::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 15 Aug 2024 04:52:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8574 (0x217e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911E2E0/serialNumber=ED68CA6A2D12A88CC7D296A2BC2BF1519A0B5FF3
Validity
Not Before: Aug 15 05:22:47 2023 GMT
Not After : Sep 30 00:00:00 2024 GMT
Subject: CN=64db0ba6-3b09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:11:9f:1d:2b:31:3b:54:d0:c9:50:99:8a:3c:
b9:02:38:9c:46:8d:8e:b1:8f:64:33:49:51:17:94:
65:fc:80:80:4a:c8:23:34:a0:08:d8:a3:96:e5:dc:
3b:01:a0:8f:4a:67:0c:62:30:e2:02:97:d9:c6:86:
ce:46:f3:01:db:5e:96:3f:07:15:75:c2:e4:15:9e:
a1:1c:9b:81:c3:31:a4:f2:d1:a5:47:20:24:bd:80:
b6:da:38:93:c9:0d:7d:b7:c5:48:74:5c:9b:33:a2:
a3:1d:92:6d:d0:02:d6:eb:58:24:90:d0:6a:f5:f4:
53:0c:eb:ea:45:e4:e6:f4:7e:87:47:07:a8:4c:bd:
ce:7c:4e:58:57:f2:5c:e9:d0:eb:8f:08:f6:a1:9d:
1e:56:27:b3:ce:7b:33:54:1f:03:ec:88:e4:10:50:
7d:67:fe:f7:c7:2e:c8:5e:46:c8:fb:67:5c:04:b0:
8f:87:69:6d:11:39:32:b3:9f:1a:d5:6b:6f:ac:f1:
64:18:8c:97:4c:06:91:d4:eb:fe:a7:2f:eb:23:22:
8f:07:61:fd:75:fe:00:12:e0:df:24:7b:c0:a1:ec:
35:35:dc:27:c1:69:ae:22:9a:e4:e9:c2:39:cb:bd:
94:99:27:fa:31:d3:20:ec:c1:cb:7b:7a:7f:ff:9e:
2d:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:14:41:CA:E0:C3:0D:94:74:EA:67:39:CC:F2:B8:5B:7B:14:8A:DD
X509v3 Authority Key Identifier:
keyid:ED:68:CA:6A:2D:12:A8:8C:C7:D2:96:A2:BC:2B:F1:51:9A:0B:5F:F3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911E2E0/B3E815DC9E4611E588D46016C4F9AE02/7WjKai0SqIzH0paivCvxUZoLX_M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7WjKai0SqIzH0paivCvxUZoLX_M.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911E2E0/B3E815DC9E4611E588D46016C4F9AE02/C4D639B63B2B11EEB806E26CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2403:1600::/32
Signature Algorithm: sha256WithRSAEncryption
39:d2:6d:0d:8c:35:d3:62:a8:dd:9d:b0:67:bc:10:e2:7c:8d:
e5:56:51:8a:b6:67:f2:d1:70:56:35:8b:fd:02:fb:d3:f0:b9:
81:26:63:78:3b:74:b6:b7:8e:7f:1a:fb:61:d7:a0:a2:7a:3e:
a1:ca:8e:f8:ff:0c:c0:1b:23:42:1f:ab:1f:9f:c7:53:56:31:
8c:77:1b:3d:22:79:82:39:e1:8d:d0:b7:a4:f6:ae:54:57:34:
b7:fb:1b:f2:14:3e:1a:18:e0:6f:92:c4:85:16:41:3d:90:2d:
98:72:af:a6:8b:df:d0:ad:58:b0:3b:47:f0:4c:53:8d:55:e5:
cb:12:ba:96:03:a3:00:63:c9:0d:42:48:34:ca:9a:15:ac:96:
b8:ba:a4:3d:5f:95:75:53:ec:df:a7:b2:04:f7:b4:22:42:85:
6d:cb:d1:7c:13:92:ab:9b:cb:bc:4f:2d:10:de:96:be:cf:cd:
68:10:97:42:da:f8:09:f9:19:8b:0e:13:e6:25:c8:3d:df:74:
a8:12:bc:26:66:d8:37:f8:74:38:20:0e:9a:72:57:e7:90:8f:
d2:76:6a:05:8b:9d:5a:60:95:5c:ef:f0:97:05:30:a0:57:e8:
58:98:98:9b:84:ee:50:73:7d:82:87:cb:84:b2:e9:3e:8a:1d:
8f:d3:64:22
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgICIX4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUUyRTAxMTAvBgNVBAUTKEVENjhDQTZBMkQxMkE4OENDN0QyOTZBMkJDMkJGMTUx
OUEwQjVGRjMwHhcNMjMwODE1MDUyMjQ3WhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGRiMGJhNi0zYjA5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtRGfHSsxO1TQyVCZijy5AjicRo2OsY9kM0lRF5Rl/ICASsgjNKAI2KOW5dw7
AaCPSmcMYjDiApfZxobORvMB216WPwcVdcLkFZ6hHJuBwzGk8tGlRyAkvYC22jiT
yQ19t8VIdFybM6KjHZJt0ALW61gkkNBq9fRTDOvqReTm9H6HRweoTL3OfE5YV/Jc
6dDrjwj2oZ0eViezznszVB8D7IjkEFB9Z/73xy7IXkbI+2dcBLCPh2ltETkys58a
1WtvrPFkGIyXTAaR1Ov+py/rIyKPB2H9df4AEuDfJHvAoew1NdwnwWmuIprk6cI5
y72UmSf6MdMg7MHLe3p//54tgQIDAQABo4ICljCCApIwHQYDVR0OBBYEFHwUQcrg
ww2UdOpnOczyuFt7FIrdMB8GA1UdIwQYMBaAFO1oymotEqiMx9KWorwr8VGaC1/z
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExRTJFMC9CM0U4MTVEQzlF
NDYxMUU1ODhENDYwMTZDNEY5QUUwMi83V2pLYWkwU3FJekgwcGFpdkN2eFVab0xY
X00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzdXakthaTBTcUl6SDBwYWl2Q3Z4VVpvTFhfTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MUUyRTAvQjNFODE1REM5RTQ2MTFFNTg4RDQ2MDE2QzRGOUFFMDIvQzRENjM5QjYz
QjJCMTFFRUI4MDZFMjZDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIAYIKwYBBQUHAQcBAf8E
ETAPMA0EAgACMAcDBQAkAxYAMA0GCSqGSIb3DQEBCwUAA4IBAQA50m0NjDXTYqjd
nbBnvBDifI3lVlGKtmfy0XBWNYv9AvvT8LmBJmN4O3S2t45/Gvth16Ciej6hyo74
/wzAGyNCH6sfn8dTVjGMdxs9InmCOeGN0Lek9q5UVzS3+xvyFD4aGOBvksSFFkE9
kC2Ycq+mi9/QrViwO0fwTFONVeXLErqWA6MAY8kNQkg0ypoVrJa4uqQ9X5V1U+zf
p7IE97QiQoVty9F8E5Krm8u8Ty0Q3pa+z81oEJdC2vgJ+RmLDhPmJcg933SoErwm
Ztg3+HQ4IA6aclfnkI/SdmoFi51aYJVc7/CXBTCgV+hYmJibhO5Qc32Ch8uEsuk+
ih2P02Qi
-----END CERTIFICATE-----
Generated at Thu Aug 15 06:49:25 2024 by rpki-client on console-ams.rpki-client.org