Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91364F5/3A3A210ED9E211EE9BAE372EC4F9AE02/0F1FBEA0D9FD11EEA4312983C4F9AE02.roa
File: 0F1FBEA0D9FD11EEA4312983C4F9AE02.roa (raw, json)
Hash identifier: d6rvOEuha5JQmSsy/6mTmD/23xKKm1iMKtMvSkxNu/U=
Subject key identifier: CE:9B:7A:E4:2E:8E:12:30:3C:4E:A5:79:A2:26:1D:0F:EB:B6:F4:C6
Certificate issuer: /CN=A91364F5/serialNumber=CCB8E08F9990A75531E936ADB06DBACAA731B552
Certificate serial: 06
Authority key identifier: CC:B8:E0:8F:99:90:A7:55:31:E9:36:AD:B0:6D:BA:CA:A7:31:B5:52
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zLjgj5mQp1Ux6TatsG26yqcxtVI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91364F5/3A3A210ED9E211EE9BAE372EC4F9AE02/0F1FBEA0D9FD11EEA4312983C4F9AE02.roa
Signing time: Mon 04 Mar 2024 07:59:00 +0000
ROA not before: Mon 04 Mar 2024 07:59:00 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 152606
IP address blocks: 2401:8660::/32 maxlen: 32
Validation: Failed, certificate revoked on Sun 26 May 2024 09:53:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6 (0x6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91364F5/serialNumber=CCB8E08F9990A75531E936ADB06DBACAA731B552
Validity
Not Before: Mar 4 07:59:00 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=65e57f44-db5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:d4:79:fc:55:bb:d4:45:22:64:a4:1b:17:24:
e7:f2:8b:a8:e0:92:a2:c8:f6:5e:70:e4:0c:12:4c:
ce:6f:6c:ee:8e:50:58:c7:46:cc:cf:23:07:cf:bc:
d0:48:4d:8e:62:0c:5c:c4:51:a8:40:33:0d:d6:05:
ba:09:2c:5e:40:0e:e8:1f:b1:ea:03:a8:cc:48:89:
8b:e1:d0:5c:b3:cd:bc:6d:a9:ed:c9:18:36:51:ad:
99:4b:9b:9f:61:a0:89:c5:9e:51:f3:e9:f0:48:ef:
c3:6a:8c:e1:20:71:c5:9a:5d:da:31:9b:79:77:6a:
be:01:a2:ea:25:4e:75:4b:b2:ee:d3:70:79:02:22:
ab:8c:77:d1:57:ba:52:33:1e:98:ee:f8:ae:86:4a:
bb:4a:42:ea:f9:16:f6:d3:5b:7e:7c:bb:50:39:06:
3b:20:44:44:2a:7d:ff:96:a1:7e:e9:77:ae:4d:cd:
e4:e8:19:dd:2b:3e:06:ca:b5:c1:63:c3:3c:6c:c5:
90:aa:55:63:85:6e:49:45:c9:8d:c2:ff:bd:31:06:
7d:77:53:3b:3a:3d:d1:79:2b:75:cd:b1:96:63:30:
1c:5d:83:6e:2e:6a:24:0d:61:c0:81:58:7d:4f:5f:
22:36:ef:7d:b9:d2:09:7e:76:26:89:f1:2c:ed:bc:
5f:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:9B:7A:E4:2E:8E:12:30:3C:4E:A5:79:A2:26:1D:0F:EB:B6:F4:C6
X509v3 Authority Key Identifier:
keyid:CC:B8:E0:8F:99:90:A7:55:31:E9:36:AD:B0:6D:BA:CA:A7:31:B5:52
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91364F5/3A3A210ED9E211EE9BAE372EC4F9AE02/zLjgj5mQp1Ux6TatsG26yqcxtVI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zLjgj5mQp1Ux6TatsG26yqcxtVI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91364F5/3A3A210ED9E211EE9BAE372EC4F9AE02/0F1FBEA0D9FD11EEA4312983C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2401:8660::/32
Signature Algorithm: sha256WithRSAEncryption
60:f2:dd:72:85:98:f6:ea:ca:55:31:27:42:47:aa:38:05:11:
6f:bb:cc:98:38:9c:d5:d4:73:4b:ee:99:8f:ba:66:b8:6c:dd:
ec:47:20:88:25:11:1c:70:99:2a:46:53:44:89:11:d3:c3:bf:
d0:ee:60:d2:6c:95:79:e1:d4:08:35:c8:e0:cf:1a:0d:46:40:
c0:a2:dc:af:f8:1a:38:d6:72:ab:07:e2:7b:c4:52:de:95:81:
81:95:68:c4:da:1b:a2:38:2a:db:c2:9b:06:c0:4e:e6:88:d6:
90:8e:13:94:41:82:6e:41:cd:33:9a:be:cd:87:b5:c2:87:30:
e4:79:2f:9f:51:e9:ec:29:6c:8c:68:f9:94:1f:8a:1d:40:f3:
c1:a6:38:bc:18:a9:34:60:40:78:c7:ac:6b:e9:05:af:66:09:
a5:65:e9:8e:8b:02:b5:63:a1:74:64:a3:ec:cb:fe:11:7f:e1:
31:3f:50:8c:b2:4e:b8:69:dc:56:e5:f0:35:1e:c5:a4:77:57:
c7:10:96:b1:45:32:af:a0:9d:29:a9:23:89:dc:79:5c:62:12:
3c:e9:f2:9e:3f:17:7e:6c:40:82:fe:2b:13:78:dd:a5:08:e3:
4c:26:fb:2f:03:00:6d:b5:d1:f8:73:3c:fc:00:ad:f7:83:77:
75:71:25:fb
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgIBBjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEz
NjRGNTExMC8GA1UEBRMoQ0NCOEUwOEY5OTkwQTc1NTMxRTkzNkFEQjA2REJBQ0FB
NzMxQjU1MjAeFw0yNDAzMDQwNzU5MDBaFw0yNTA1MjgwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1ZTU3ZjQ0LWRiNWYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDe1Hn8VbvURSJkpBsXJOfyi6jgkqLI9l5w5AwSTM5vbO6OUFjHRszPIwfPvNBI
TY5iDFzEUahAMw3WBboJLF5ADugfseoDqMxIiYvh0Fyzzbxtqe3JGDZRrZlLm59h
oInFnlHz6fBI78NqjOEgccWaXdoxm3l3ar4BouolTnVLsu7TcHkCIquMd9FXulIz
Hpju+K6GSrtKQur5FvbTW358u1A5BjsgREQqff+WoX7pd65NzeToGd0rPgbKtcFj
wzxsxZCqVWOFbklFyY3C/70xBn13Uzs6PdF5K3XNsZZjMBxdg24uaiQNYcCBWH1P
XyI273250gl+diaJ8SztvF+JAgMBAAGjggKWMIICkjAdBgNVHQ4EFgQUzpt65C6O
EjA8TqV5oiYdD+u29MYwHwYDVR0jBBgwFoAUzLjgj5mQp1Ux6TatsG26yqcxtVIw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTM2NEY1LzNBM0EyMTBFRDlF
MjExRUU5QkFFMzcyRUM0RjlBRTAyL3pMamdqNW1RcDFVeDZUYXRzRzI2eXFjeHRW
SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvekxqZ2o1bVFwMVV4NlRhdHNHMjZ5cWN4dFZJLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz
NjRGNS8zQTNBMjEwRUQ5RTIxMUVFOUJBRTM3MkVDNEY5QUUwMi8wRjFGQkVBMEQ5
RkQxMUVFQTQzMTI5ODNDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAgBggrBgEFBQcBBwEB/wQR
MA8wDQQCAAIwBwMFACQBhmAwDQYJKoZIhvcNAQELBQADggEBAGDy3XKFmPbqylUx
J0JHqjgFEW+7zJg4nNXUc0vumY+6Zrhs3exHIIglERxwmSpGU0SJEdPDv9DuYNJs
lXnh1Ag1yODPGg1GQMCi3K/4GjjWcqsH4nvEUt6VgYGVaMTaG6I4KtvCmwbATuaI
1pCOE5RBgm5BzTOavs2HtcKHMOR5L59R6ewpbIxo+ZQfih1A88GmOLwYqTRgQHjH
rGvpBa9mCaVl6Y6LArVjoXRko+zL/hF/4TE/UIyyTrhp3Fbl8DUexaR3V8cQlrFF
Mq+gnSmpI4nceVxiEjzp8p4/F35sQIL+KxN43aUI40wm+y8DAG210fhzPPwArfeD
d3VxJfs=
-----END CERTIFICATE-----
Generated at Sun May 26 13:20:22 2024 by rpki-client on console-ams.rpki-client.org