Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A914CCD1/AD7F45A4CDC411EBB5F48355C4F9AE02/F7BF8BCCB8E711EEB26F9E40C4F9AE02.roa
File: F7BF8BCCB8E711EEB26F9E40C4F9AE02.roa (raw, json)
Hash identifier: Xd0BrF4fS1k/7dLaGZ3sf4Drd6f9TuQsMobGJuNyyAk=
Subject key identifier: 38:75:8F:AC:42:4C:4D:F2:60:8B:58:A2:EB:23:0D:B3:C1:ED:50:55
Certificate issuer: /CN=A914CCD1/serialNumber=A3D5CF43DE5B3D8B9C343ED449C1690EBE34170E
Certificate serial: 04E7
Authority key identifier: A3:D5:CF:43:DE:5B:3D:8B:9C:34:3E:D4:49:C1:69:0E:BE:34:17:0E
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o9XPQ95bPYucND7UScFpDr40Fw4.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914CCD1/AD7F45A4CDC411EBB5F48355C4F9AE02/F7BF8BCCB8E711EEB26F9E40C4F9AE02.roa
Signing time: Mon 22 Jan 2024 05:34:53 +0000
ROA not before: Mon 22 Jan 2024 05:34:53 +0000
ROA not after: Sun 31 Mar 2024 00:00:00 +0000
asID: 54994
IP address blocks: 2405:acc0:3::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 22 Jan 2024 06:35:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1255 (0x4e7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914CCD1/serialNumber=A3D5CF43DE5B3D8B9C343ED449C1690EBE34170E
Validity
Not Before: Jan 22 05:34:53 2024 GMT
Not After : Mar 31 00:00:00 2024 GMT
Subject: CN=65adfe7d-ee1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:8c:72:88:eb:99:cb:25:49:2f:11:7e:30:20:
10:0d:1d:fa:f3:cc:0b:d1:07:fa:ca:c6:a3:a7:46:
48:5a:ed:a9:30:b3:4d:d9:37:11:37:26:0e:83:56:
a8:17:c0:36:00:f7:91:1f:ed:01:8c:db:78:63:cc:
05:3c:14:df:15:b4:06:31:34:eb:ff:af:0d:f3:a2:
cc:09:f5:45:0e:ae:89:15:f4:b2:db:2f:05:cc:ac:
a6:46:56:f6:1d:7e:1c:75:4e:38:12:a8:f8:85:51:
2b:85:f1:bd:dc:bf:33:e5:a9:7b:db:f0:89:c2:c1:
d9:78:6d:d9:2c:71:69:3e:0d:6f:19:a3:a1:b8:d2:
f2:e8:71:9e:7d:30:c7:76:0b:1f:2c:6d:dd:a5:a0:
95:30:4c:14:fd:80:5a:dc:d1:9d:9e:5d:ae:70:d0:
37:d6:6c:7c:16:19:96:e1:05:da:c0:8a:b0:c2:9b:
53:08:5c:4b:54:f5:dc:43:49:55:cd:03:66:2c:da:
e7:25:cf:49:93:d7:64:b9:60:39:9f:24:a0:4d:c6:
08:4f:59:e9:99:fd:2f:34:00:91:9c:0e:6e:34:4c:
53:f2:43:4f:91:e2:2b:4d:be:1a:fe:b8:e7:c4:b2:
27:06:ba:31:c7:b0:e6:71:07:91:42:54:ac:55:f0:
ee:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:75:8F:AC:42:4C:4D:F2:60:8B:58:A2:EB:23:0D:B3:C1:ED:50:55
X509v3 Authority Key Identifier:
keyid:A3:D5:CF:43:DE:5B:3D:8B:9C:34:3E:D4:49:C1:69:0E:BE:34:17:0E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914CCD1/AD7F45A4CDC411EBB5F48355C4F9AE02/o9XPQ95bPYucND7UScFpDr40Fw4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o9XPQ95bPYucND7UScFpDr40Fw4.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914CCD1/AD7F45A4CDC411EBB5F48355C4F9AE02/F7BF8BCCB8E711EEB26F9E40C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2405:acc0:3::/48
Signature Algorithm: sha256WithRSAEncryption
6b:4c:b4:92:f7:4c:44:f6:9d:3b:1a:c4:35:f2:80:6a:d0:98:
16:f7:d6:6c:ab:67:27:fc:ad:37:33:b1:fd:c7:d0:29:1b:b1:
e2:5c:eb:09:41:20:81:ba:c8:ae:84:3f:b6:79:8f:96:ff:7f:
ff:d6:35:27:bb:5a:61:f1:7a:a3:e0:96:a8:b1:0c:fd:55:d7:
4d:f9:89:e8:5b:00:68:4b:47:55:09:37:17:7f:5d:ae:15:a8:
44:b7:8b:a7:ea:90:ae:78:a5:f9:81:95:5c:45:f7:ae:ed:ca:
7a:17:c1:98:87:03:a4:d6:58:db:1d:2c:a0:27:82:98:4f:c9:
f7:9d:a2:75:80:63:06:c9:8d:35:05:9c:e8:23:af:b5:bf:6d:
b2:72:3d:49:24:00:52:06:1f:f4:7e:45:9b:90:fd:d6:8f:cc:
eb:e8:0b:0f:f1:08:ed:fe:c2:55:f4:e1:44:ae:38:b3:82:c6:
ff:1d:18:67:f9:9e:e9:91:80:11:fa:45:31:31:85:56:b9:93:
82:c5:ba:98:4e:0e:8f:34:0d:cc:9f:5b:67:44:56:40:39:96:
46:c9:9a:8d:b5:d3:bc:bd:75:46:6e:a9:a1:36:9b:82:12:b0:
06:80:09:18:69:5f:9f:9a:2e:f1:88:4c:c7:ab:0f:3d:15:52:
37:d9:63:42
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgICBOcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NENDRDExMTAvBgNVBAUTKEEzRDVDRjQzREU1QjNEOEI5QzM0M0VENDQ5QzE2OTBF
QkUzNDE3MEUwHhcNMjQwMTIyMDUzNDUzWhcNMjQwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWFkZmU3ZC1lZTFlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvIxyiOuZyyVJLxF+MCAQDR3688wL0Qf6ysajp0ZIWu2pMLNN2TcRNyYOg1ao
F8A2APeRH+0BjNt4Y8wFPBTfFbQGMTTr/68N86LMCfVFDq6JFfSy2y8FzKymRlb2
HX4cdU44Eqj4hVErhfG93L8z5al72/CJwsHZeG3ZLHFpPg1vGaOhuNLy6HGefTDH
dgsfLG3dpaCVMEwU/YBa3NGdnl2ucNA31mx8FhmW4QXawIqwwptTCFxLVPXcQ0lV
zQNmLNrnJc9Jk9dkuWA5nySgTcYIT1npmf0vNACRnA5uNExT8kNPkeIrTb4a/rjn
xLInBroxx7DmcQeRQlSsVfDuZwIDAQABo4ICmDCCApQwHQYDVR0OBBYEFDh1j6xC
TE3yYItYousjDbPB7VBVMB8GA1UdIwQYMBaAFKPVz0PeWz2LnDQ+1EnBaQ6+NBcO
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0Q0NEMS9BRDdGNDVBNENE
QzQxMUVCQjVGNDgzNTVDNEY5QUUwMi9vOVhQUTk1YlBZdWNORDdVU2NGcERyNDBG
dzQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL285WFBROTViUFl1Y05EN1VTY0ZwRHI0MEZ3NC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NENDRDEvQUQ3RjQ1QTRDREM0MTFFQkI1RjQ4MzU1QzRGOUFFMDIvRjdCRjhCQ0NC
OEU3MTFFRUIyNkY5RTQwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwAkBazAAAMwDQYJKoZIhvcNAQELBQADggEBAGtMtJL3TET2
nTsaxDXygGrQmBb31myrZyf8rTczsf3H0CkbseJc6wlBIIG6yK6EP7Z5j5b/f//W
NSe7WmHxeqPglqixDP1V1035iehbAGhLR1UJNxd/Xa4VqES3i6fqkK54pfmBlVxF
967tynoXwZiHA6TWWNsdLKAngphPyfedonWAYwbJjTUFnOgjr7W/bbJyPUkkAFIG
H/R+RZuQ/daPzOvoCw/xCO3+wlX04USuOLOCxv8dGGf5numRgBH6RTExhVa5k4LF
uphODo80DcyfW2dEVkA5lkbJmo2107y9dUZuqaE2m4ISsAaACRhpX5+aLvGITMer
Dz0VUjfZY0I=
-----END CERTIFICATE-----
Generated at Mon Jan 22 07:41:58 2024 by rpki-client on console-ams.rpki-client.org