Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91522E0/C9B90FF8468811EAACF18A28C4F9AE02/A3F6A026D39511ED9156CA29C4F9AE02.roa
File: A3F6A026D39511ED9156CA29C4F9AE02.roa (raw, json)
Hash identifier: wBcNyU94ScqUGMH94NZ1lE3wE5c3SqWo74TOkr73Qr0=
Subject key identifier: 3C:31:6A:97:44:48:47:AB:2C:E0:0E:8D:4C:F5:19:A7:F5:46:E4:31
Certificate issuer: /CN=A91522E0/serialNumber=4F32ECFF8CD46C3EC03FA75E1008F4AA9A0CF893
Certificate serial: 09E6
Authority key identifier: 4F:32:EC:FF:8C:D4:6C:3E:C0:3F:A7:5E:10:08:F4:AA:9A:0C:F8:93
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TzLs_4zUbD7AP6deEAj0qpoM-JM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91522E0/C9B90FF8468811EAACF18A28C4F9AE02/A3F6A026D39511ED9156CA29C4F9AE02.roa
Signing time: Sun 12 Nov 2023 20:28:04 +0000
ROA not before: Sun 12 Nov 2023 20:28:04 +0000
ROA not after: Fri 31 Jan 2025 00:00:00 +0000
asID: 132381
IP address blocks: 2001:df3:500::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 07 Mar 2024 09:52:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2534 (0x9e6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91522E0/serialNumber=4F32ECFF8CD46C3EC03FA75E1008F4AA9A0CF893
Validity
Not Before: Nov 12 20:28:04 2023 GMT
Not After : Jan 31 00:00:00 2025 GMT
Subject: CN=65513554-ec34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:c9:b3:70:1b:ff:81:37:11:3e:26:5e:b6:12:
33:ac:19:f8:ef:15:fa:a4:d5:97:d3:b3:20:42:4a:
85:27:2d:62:31:b0:4d:37:b8:e3:e1:d6:f4:28:4e:
20:d2:c1:b9:26:4e:fd:e7:62:65:7c:9a:12:64:27:
3e:1f:10:ea:e4:c7:fb:37:57:78:e0:8d:78:96:88:
0f:b8:dd:45:fb:3b:03:f2:c5:dc:9d:63:61:f7:b0:
01:01:f0:42:c0:b5:52:69:8b:fe:b6:27:7d:fb:18:
b2:95:76:40:f1:78:e3:3e:89:52:28:d1:ec:cf:bb:
31:f4:0a:14:ac:1f:6c:ca:87:15:40:a8:e8:c6:cc:
b4:45:9c:05:55:9d:64:5f:37:98:77:3e:75:20:44:
fc:67:7f:22:c0:c9:14:7b:d0:30:8b:0c:a9:38:71:
8d:16:d1:90:51:a8:3a:57:55:72:2e:00:b4:cd:bf:
01:37:d2:4e:80:c1:1a:b9:f1:33:98:a4:40:91:88:
e2:87:2d:45:72:f6:1e:61:77:15:5a:be:c2:20:ba:
31:d4:90:e7:ca:f2:da:c9:08:ad:d4:d2:ed:a0:52:
e3:fc:85:90:0c:f4:6d:d0:2f:42:2e:d2:ce:e5:e7:
30:05:d4:61:34:01:90:d5:52:62:53:a7:c9:5b:a5:
d3:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:31:6A:97:44:48:47:AB:2C:E0:0E:8D:4C:F5:19:A7:F5:46:E4:31
X509v3 Authority Key Identifier:
keyid:4F:32:EC:FF:8C:D4:6C:3E:C0:3F:A7:5E:10:08:F4:AA:9A:0C:F8:93
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91522E0/C9B90FF8468811EAACF18A28C4F9AE02/TzLs_4zUbD7AP6deEAj0qpoM-JM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TzLs_4zUbD7AP6deEAj0qpoM-JM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91522E0/C9B90FF8468811EAACF18A28C4F9AE02/A3F6A026D39511ED9156CA29C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2001:df3:500::/48
Signature Algorithm: sha256WithRSAEncryption
9e:4d:b9:9d:c8:f7:da:73:0b:53:23:36:12:29:85:b8:65:a0:
7d:ce:fd:a0:57:dc:a4:cc:69:a8:01:da:f6:ee:00:1e:b2:1c:
3b:04:f1:a4:4e:f0:d3:d2:37:ab:43:67:94:56:4b:f5:7f:94:
71:94:10:26:7f:2e:bd:3f:32:b9:50:14:48:ae:65:8e:18:0a:
77:20:01:5f:b9:f1:b2:75:4b:5b:43:ec:f3:d6:f6:13:4d:ab:
24:6e:29:98:82:62:a2:38:6e:e1:7f:3e:c9:9b:a1:b2:e7:76:
43:8b:cf:c9:27:7f:5a:67:da:26:55:ca:79:b8:75:c2:5b:ca:
9b:e2:14:7a:2c:47:28:83:6d:cf:17:26:b1:c2:e4:af:3b:7c:
d5:00:f5:b7:ac:94:e2:0e:d0:d5:1b:5c:96:9e:13:e0:b2:18:
09:b5:cb:d5:25:d7:2b:fa:7c:4e:6a:67:c6:29:f9:88:d1:91:
f7:b8:c2:79:4d:f9:5a:54:39:2b:6b:ac:40:2d:09:1c:cb:98:
f9:02:fe:96:3d:c8:25:cb:ee:cb:5b:d3:3f:3f:77:4d:9a:49:
04:3d:41:92:69:64:7f:ec:7e:f1:c8:d3:c1:e2:fa:83:e5:f5:
79:49:88:49:e1:2b:bc:dc:eb:e0:c0:4d:91:30:38:9d:d2:81:
e6:2f:44:d1
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgICCeYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTIyRTAxMTAvBgNVBAUTKDRGMzJFQ0ZGOENENDZDM0VDMDNGQTc1RTEwMDhGNEFB
OUEwQ0Y4OTMwHhcNMjMxMTEyMjAyODA0WhcNMjUwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTUxMzU1NC1lYzM0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5cmzcBv/gTcRPiZethIzrBn47xX6pNWX07MgQkqFJy1iMbBNN7jj4db0KE4g
0sG5Jk7952JlfJoSZCc+HxDq5Mf7N1d44I14logPuN1F+zsD8sXcnWNh97ABAfBC
wLVSaYv+tid9+xiylXZA8XjjPolSKNHsz7sx9AoUrB9syocVQKjoxsy0RZwFVZ1k
XzeYdz51IET8Z38iwMkUe9AwiwypOHGNFtGQUag6V1VyLgC0zb8BN9JOgMEaufEz
mKRAkYjihy1FcvYeYXcVWr7CILox1JDnyvLayQit1NLtoFLj/IWQDPRt0C9CLtLO
5ecwBdRhNAGQ1VJiU6fJW6XTwQIDAQABo4ICmDCCApQwHQYDVR0OBBYEFDwxapdE
SEerLOAOjUz1Gaf1RuQxMB8GA1UdIwQYMBaAFE8y7P+M1Gw+wD+nXhAI9KqaDPiT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MjJFMC9DOUI5MEZGODQ2
ODgxMUVBQUNGMThBMjhDNEY5QUUwMi9UekxzXzR6VWJEN0FQNmRlRUFqMHFwb00t
Sk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1R6THNfNHpVYkQ3QVA2ZGVFQWowcXBvTS1KTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTIyRTAvQzlCOTBGRjg0Njg4MTFFQUFDRjE4QTI4QzRGOUFFMDIvQTNGNkEwMjZE
Mzk1MTFFRDkxNTZDQTI5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwAgAQ3zBQAwDQYJKoZIhvcNAQELBQADggEBAJ5NuZ3I99pz
C1MjNhIphbhloH3O/aBX3KTMaagB2vbuAB6yHDsE8aRO8NPSN6tDZ5RWS/V/lHGU
ECZ/Lr0/MrlQFEiuZY4YCncgAV+58bJ1S1tD7PPW9hNNqyRuKZiCYqI4buF/Psmb
obLndkOLz8knf1pn2iZVynm4dcJbypviFHosRyiDbc8XJrHC5K87fNUA9beslOIO
0NUbXJaeE+CyGAm1y9Ul1yv6fE5qZ8Yp+YjRkfe4wnlN+VpUOStrrEAtCRzLmPkC
/pY9yCXL7stb0z8/d02aSQQ9QZJpZH/sfvHI08Hi+oPl9XlJiEnhK7zc6+DATZEw
OJ3SgeYvRNE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:06 2024 by rpki-client on console-fra.rpki-client.org