Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91383F0/DCFCA6A20A8311EE9E6A9250C4F9AE02/8D5EB8DE0E5611EE8EA03372C4F9AE02.roa
File: 8D5EB8DE0E5611EE8EA03372C4F9AE02.roa (raw, json)
Hash identifier: p6z2hHJH/41hfNvSRQxSM3afHe4MG9ROZ7xNp45tHrE=
Subject key identifier: E2:B8:9E:ED:3B:96:81:B7:AE:D1:47:19:17:61:04:C4:9D:94:F8:E2
Certificate issuer: /CN=A91383F0/serialNumber=1036C1E0FFE1CFC37D655D89FA65D65FE22E1F7A
Certificate serial: 0A
Authority key identifier: 10:36:C1:E0:FF:E1:CF:C3:7D:65:5D:89:FA:65:D6:5F:E2:2E:1F:7A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/EDbB4P_hz8N9ZV2J-mXWX-IuH3o.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91383F0/DCFCA6A20A8311EE9E6A9250C4F9AE02/8D5EB8DE0E5611EE8EA03372C4F9AE02.roa
Signing time: Mon 19 Jun 2023 04:05:40 +0000
ROA not before: Mon 19 Jun 2023 04:05:40 +0000
ROA not after: Mon 30 Sep 2024 00:00:00 +0000
asID: 151403
IP address blocks: 2401:aa0::/32 maxlen: 40
Validation: Failed, certificate revoked on Tue 20 Jun 2023 03:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10 (0xa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91383F0/serialNumber=1036C1E0FFE1CFC37D655D89FA65D65FE22E1F7A
Validity
Not Before: Jun 19 04:05:40 2023 GMT
Not After : Sep 30 00:00:00 2024 GMT
Subject: CN=648fd413-4b38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:e7:a5:be:43:f1:bb:52:14:89:a1:d3:62:59:
5d:49:83:ef:e0:0e:dd:db:11:1e:03:f9:e9:23:11:
30:0e:78:84:a0:c8:30:f5:19:34:6c:90:01:ea:56:
fa:d4:ad:78:97:b1:86:df:2e:10:a1:9d:d6:20:30:
5d:d1:63:96:85:d4:66:c4:a7:0b:98:85:cf:7a:1f:
cb:d4:d1:d6:d1:93:be:55:99:2e:92:2d:64:48:10:
9a:63:93:21:83:d7:36:95:4a:f9:f3:e5:24:dd:4d:
ac:7b:a5:89:67:61:19:0e:08:aa:be:6a:06:b8:bf:
ec:25:24:2d:e1:b2:51:e5:f1:fd:8e:bb:f2:63:da:
f6:0b:6a:ae:7c:e6:91:07:85:01:2c:74:2d:56:51:
5a:3b:92:06:1b:84:25:59:64:06:b1:92:90:c5:25:
f6:08:14:20:dd:7f:6c:90:01:ba:ea:da:67:96:fd:
2b:db:f0:72:96:ee:ce:74:55:3d:cb:6a:d8:33:b0:
ea:c5:e8:20:d5:9d:16:93:e1:fd:7c:fd:95:5d:47:
16:cb:55:45:6e:c6:9a:ac:70:3d:01:8d:10:97:13:
43:a8:5c:b8:91:e8:36:4b:62:ff:3b:4f:a7:51:65:
59:b9:2b:74:7d:ce:2f:53:17:33:6b:af:e2:07:23:
8b:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:B8:9E:ED:3B:96:81:B7:AE:D1:47:19:17:61:04:C4:9D:94:F8:E2
X509v3 Authority Key Identifier:
keyid:10:36:C1:E0:FF:E1:CF:C3:7D:65:5D:89:FA:65:D6:5F:E2:2E:1F:7A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91383F0/DCFCA6A20A8311EE9E6A9250C4F9AE02/EDbB4P_hz8N9ZV2J-mXWX-IuH3o.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/EDbB4P_hz8N9ZV2J-mXWX-IuH3o.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91383F0/DCFCA6A20A8311EE9E6A9250C4F9AE02/8D5EB8DE0E5611EE8EA03372C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2401:aa0::/32
Signature Algorithm: sha256WithRSAEncryption
bc:a0:93:e5:63:73:23:1a:1a:50:49:a3:cc:35:11:3e:6b:c7:
96:90:d3:8e:b4:db:e3:bc:97:a1:d0:eb:86:ad:24:a1:d2:2c:
cc:01:f4:c8:62:68:78:67:1f:66:e8:11:56:5b:52:78:4d:a1:
c1:32:73:01:04:8a:23:e6:6a:08:8c:5c:38:53:25:c6:92:32:
29:c5:3f:7f:96:7a:de:f1:64:a3:47:14:31:ff:ef:99:37:b1:
b5:1e:01:78:1a:d2:33:2b:ff:16:c1:8f:1f:9c:6c:b9:fb:40:
3c:7d:1e:3b:fd:5f:d8:ca:9f:73:c8:0a:b5:5a:01:ea:7f:36:
db:5a:ad:55:63:76:49:0d:fb:86:a6:34:f6:41:2a:e8:7b:5d:
6c:8a:10:8b:67:c6:92:21:4c:6d:2f:6d:35:f6:dc:cd:28:9b:
1f:68:31:a8:e9:b7:ac:74:35:f4:bd:8f:17:ab:90:1f:8e:8d:
14:a2:ac:b6:9b:d3:64:e0:6d:cf:b4:e4:e1:b6:c5:fc:ed:e1:
46:81:cc:76:69:73:e8:92:d7:d6:3d:2f:4c:bf:d2:d9:45:d2:
13:3f:9a:ef:74:a0:e3:b0:61:cf:f2:33:1b:3a:a2:71:ef:b6:
c1:ac:37:71:5b:31:c1:a7:85:01:08:a4:62:37:ac:84:82:79:
b0:14:b2:de
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgIBCjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEz
ODNGMDExMC8GA1UEBRMoMTAzNkMxRTBGRkUxQ0ZDMzdENjU1RDg5RkE2NUQ2NUZF
MjJFMUY3QTAeFw0yMzA2MTkwNDA1NDBaFw0yNDA5MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY0OGZkNDEzLTRiMzgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQD056W+Q/G7UhSJodNiWV1Jg+/gDt3bER4D+ekjETAOeISgyDD1GTRskAHqVvrU
rXiXsYbfLhChndYgMF3RY5aF1GbEpwuYhc96H8vU0dbRk75VmS6SLWRIEJpjkyGD
1zaVSvnz5STdTax7pYlnYRkOCKq+aga4v+wlJC3hslHl8f2Ou/Jj2vYLaq585pEH
hQEsdC1WUVo7kgYbhCVZZAaxkpDFJfYIFCDdf2yQAbrq2meW/Svb8HKW7s50VT3L
atgzsOrF6CDVnRaT4f18/ZVdRxbLVUVuxpqscD0BjRCXE0OoXLiR6DZLYv87T6dR
ZVm5K3R9zi9TFzNrr+IHI4ufAgMBAAGjggKWMIICkjAdBgNVHQ4EFgQU4rie7TuW
gbeu0UcZF2EExJ2U+OIwHwYDVR0jBBgwFoAUEDbB4P/hz8N9ZV2J+mXWX+IuH3ow
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTM4M0YwL0RDRkNBNkEyMEE4
MzExRUU5RTZBOTI1MEM0RjlBRTAyL0VEYkI0UF9oejhOOVpWMkotbVhXWC1JdUgz
by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvRURiQjRQX2h6OE45WlYySi1tWFdYLUl1SDNvLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz
ODNGMC9EQ0ZDQTZBMjBBODMxMUVFOUU2QTkyNTBDNEY5QUUwMi84RDVFQjhERTBF
NTYxMUVFOEVBMDMzNzJDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAgBggrBgEFBQcBBwEB/wQR
MA8wDQQCAAIwBwMFACQBCqAwDQYJKoZIhvcNAQELBQADggEBALygk+VjcyMaGlBJ
o8w1ET5rx5aQ04602+O8l6HQ64atJKHSLMwB9MhiaHhnH2boEVZbUnhNocEycwEE
iiPmagiMXDhTJcaSMinFP3+Wet7xZKNHFDH/75k3sbUeAXga0jMr/xbBjx+cbLn7
QDx9Hjv9X9jKn3PICrVaAep/NttarVVjdkkN+4amNPZBKuh7XWyKEItnxpIhTG0v
bTX23M0omx9oMajpt6x0NfS9jxerkB+OjRSirLab02Tgbc+05OG2xfzt4UaBzHZp
c+iS19Y9L0y/0tlF0hM/mu90oOOwYc/yMxs6onHvtsGsN3FbMcGnhQEIpGI3rISC
ebAUst4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:02 2024 by rpki-client on console-fra.rpki-client.org