Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9136BFF/E42BEAC293F011E9BC0CFF71C4F9AE02/B2B5EE70AFEB11EBB965A648C4F9AE02.roa
File: B2B5EE70AFEB11EBB965A648C4F9AE02.roa (raw, json)
Hash identifier: yYS7M2aa4BqeJ5+UBHRtr9Oj//kodDYTYNX+cb95oh0=
Subject key identifier: 3D:D9:F7:86:B0:F1:F5:FB:42:D1:FC:3B:B2:CC:1C:97:44:9B:F3:1C
Certificate issuer: /CN=A9136BFF/serialNumber=C14389517F886805A2D485BA412DAD2B52776F72
Certificate serial: 0E6C
Authority key identifier: C1:43:89:51:7F:88:68:05:A2:D4:85:BA:41:2D:AD:2B:52:77:6F:72
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wUOJUX-IaAWi1IW6QS2tK1J3b3I.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9136BFF/E42BEAC293F011E9BC0CFF71C4F9AE02/B2B5EE70AFEB11EBB965A648C4F9AE02.roa
Signing time: Sun 02 Jun 2024 18:51:47 +0000
ROA not before: Sun 02 Jun 2024 18:51:47 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 141706
IP address blocks: 2402:3180::/45 maxlen: 48
Validation: Failed, certificate revoked on Thu 31 Oct 2024 12:20:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3692 (0xe6c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9136BFF/serialNumber=C14389517F886805A2D485BA412DAD2B52776F72
Validity
Not Before: Jun 2 18:51:47 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=665cbf43-9bb1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:6d:f4:4b:d2:8f:7b:e8:d8:3b:20:df:84:21:
28:9e:3a:e7:c0:64:58:ae:4e:42:c4:41:b4:d4:cc:
30:60:ae:d7:4d:98:58:43:93:17:ff:41:13:b7:93:
70:22:ee:ab:c4:45:27:93:ba:76:10:d4:5d:c0:7e:
a5:a7:e9:b8:83:e2:a1:0e:ef:13:79:5a:e3:a5:44:
f5:79:23:0f:aa:eb:29:66:5d:82:75:6d:4b:72:2d:
b2:02:08:6b:a2:50:cc:91:07:cd:74:66:f8:1e:cf:
cf:25:b2:9a:26:38:ff:00:dc:c5:48:dc:4c:ad:d5:
fd:7c:1c:20:bc:c4:36:bf:d1:1e:55:95:59:48:d0:
55:10:e6:d0:87:dc:17:56:4a:e9:cd:c9:91:1c:99:
7a:80:ca:5c:53:ea:a3:6f:b8:05:9b:ae:4e:4a:4c:
c5:7c:0b:00:d5:51:ef:23:be:05:c1:49:6d:f4:e1:
f7:98:4c:1e:ac:cb:d5:90:f9:25:a0:33:70:ac:de:
46:9f:1a:93:2f:c6:1e:52:74:fa:9b:56:1c:46:3e:
f4:37:a0:2b:27:f9:8b:58:e5:18:ad:e8:98:e3:49:
e3:ff:c7:29:a8:49:e9:f4:d6:b9:c4:3b:5c:3c:3a:
8e:97:d2:2d:6c:03:71:7d:55:96:1f:3e:dc:cf:84:
c6:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:D9:F7:86:B0:F1:F5:FB:42:D1:FC:3B:B2:CC:1C:97:44:9B:F3:1C
X509v3 Authority Key Identifier:
keyid:C1:43:89:51:7F:88:68:05:A2:D4:85:BA:41:2D:AD:2B:52:77:6F:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9136BFF/E42BEAC293F011E9BC0CFF71C4F9AE02/wUOJUX-IaAWi1IW6QS2tK1J3b3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wUOJUX-IaAWi1IW6QS2tK1J3b3I.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9136BFF/E42BEAC293F011E9BC0CFF71C4F9AE02/B2B5EE70AFEB11EBB965A648C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2402:3180::/45
Signature Algorithm: sha256WithRSAEncryption
15:a7:e0:1e:dc:0f:6a:a7:a4:aa:d3:d7:87:28:3c:a0:6b:f7:
4c:40:c2:d8:d0:06:ba:b8:5e:e9:b9:be:f2:e3:34:e9:5e:bf:
1e:03:50:5e:f4:d4:3f:0f:8f:77:26:58:ed:ae:1c:65:27:64:
18:22:ef:9e:ae:32:e6:0b:7e:68:ee:1c:43:98:55:ec:b7:fe:
28:92:fc:f0:1f:86:7d:7b:d4:b1:36:5e:79:ba:81:75:c5:4b:
6f:03:b3:e3:00:0c:a5:00:9f:07:89:69:0f:03:e6:37:d8:44:
78:e6:8a:6b:d7:0a:c7:81:df:c3:af:75:fa:8b:97:b6:22:bd:
43:d0:1d:56:65:d8:ab:19:fe:39:c7:c9:af:2f:fc:04:dc:f5:
ab:90:bc:96:9e:af:25:28:c2:5b:0f:35:46:3c:03:c0:49:50:
86:34:69:ab:5d:09:a6:41:cf:9d:3b:97:e9:80:36:d4:4f:94:
65:f6:83:a1:64:83:92:c3:4f:fe:55:f3:b2:2f:fa:be:d6:e5:
4d:43:bc:43:3f:92:91:71:c0:65:92:6a:74:f5:97:77:72:50:
65:0a:d5:2f:ea:db:01:f7:af:1a:6d:fc:b9:ab:3b:27:b5:25:
82:2d:01:04:c5:dc:f2:1c:bf:50:e1:a5:35:5c:4d:79:10:f9:
50:1e:3b:7d
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgICDmwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzZCRkYxMTAvBgNVBAUTKEMxNDM4OTUxN0Y4ODY4MDVBMkQ0ODVCQTQxMkRBRDJC
NTI3NzZGNzIwHhcNMjQwNjAyMTg1MTQ3WhcNMjUwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjVjYmY0My05YmIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAlW30S9KPe+jYOyDfhCEonjrnwGRYrk5CxEG01MwwYK7XTZhYQ5MX/0ETt5Nw
Iu6rxEUnk7p2ENRdwH6lp+m4g+KhDu8TeVrjpUT1eSMPquspZl2CdW1Lci2yAghr
olDMkQfNdGb4Hs/PJbKaJjj/ANzFSNxMrdX9fBwgvMQ2v9EeVZVZSNBVEObQh9wX
VkrpzcmRHJl6gMpcU+qjb7gFm65OSkzFfAsA1VHvI74FwUlt9OH3mEwerMvVkPkl
oDNwrN5GnxqTL8YeUnT6m1YcRj70N6ArJ/mLWOUYreiY40nj/8cpqEnp9Na5xDtc
PDqOl9ItbANxfVWWHz7cz4TGkwIDAQABo4ICmDCCApQwHQYDVR0OBBYEFD3Z94aw
8fX7QtH8O7LMHJdEm/McMB8GA1UdIwQYMBaAFMFDiVF/iGgFotSFukEtrStSd29y
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzNkJGRi9FNDJCRUFDMjkz
RjAxMUU5QkMwQ0ZGNzFDNEY5QUUwMi93VU9KVVgtSWFBV2kxSVc2UVMydEsxSjNi
M0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3dVT0pVWC1JYUFXaTFJVzZRUzJ0SzFKM2IzSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzZCRkYvRTQyQkVBQzI5M0YwMTFFOUJDMENGRjcxQzRGOUFFMDIvQjJCNUVFNzBB
RkVCMTFFQkI5NjVBNjQ4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwMkAjGAAAAwDQYJKoZIhvcNAQELBQADggEBABWn4B7cD2qn
pKrT14coPKBr90xAwtjQBrq4Xum5vvLjNOlevx4DUF701D8Pj3cmWO2uHGUnZBgi
756uMuYLfmjuHEOYVey3/iiS/PAfhn171LE2Xnm6gXXFS28Ds+MADKUAnweJaQ8D
5jfYRHjmimvXCseB38OvdfqLl7YivUPQHVZl2KsZ/jnHya8v/ATc9auQvJaeryUo
wlsPNUY8A8BJUIY0aatdCaZBz507l+mANtRPlGX2g6Fkg5LDT/5V87Iv+r7W5U1D
vEM/kpFxwGWSanT1l3dyUGUK1S/q2wH3rxpt/LmrOye1JYItAQTF3PIcv1DhpTVc
TXkQ+VAeO30=
-----END CERTIFICATE-----
Generated at Thu Oct 31 15:31:00 2024 by rpki-client on console-fra.rpki-client.org