Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915ADC4/61415F58A9F711EE8EB48D22C4F9AE02/5472A05CAABF11EE8D7AE735C4F9AE02.roa
File: 5472A05CAABF11EE8D7AE735C4F9AE02.roa (raw, json)
Hash identifier: ASFN86cFQGL8Q7C49AGwx5M6p08/G59Z8j/KRsdbKbw=
Subject key identifier: 8E:A8:28:F6:30:8E:DC:B8:31:58:AE:4A:84:48:EA:9F:70:D7:99:A2
Certificate issuer: /CN=A915ADC4/serialNumber=1DD1CBBC5DF5BDFABBB3ADAF12B00256B7F18D12
Certificate serial: 06
Authority key identifier: 1D:D1:CB:BC:5D:F5:BD:FA:BB:B3:AD:AF:12:B0:02:56:B7:F1:8D:12
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HdHLvF31vfq7s62vErACVrfxjRI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915ADC4/61415F58A9F711EE8EB48D22C4F9AE02/5472A05CAABF11EE8D7AE735C4F9AE02.roa
Signing time: Thu 04 Jan 2024 05:08:43 +0000
ROA not before: Thu 04 Jan 2024 05:08:43 +0000
ROA not after: Thu 01 May 2025 00:00:00 +0000
asID: 152300
IP address blocks: 2401:72a0::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 04 Jan 2024 09:57:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6 (0x6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915ADC4/serialNumber=1DD1CBBC5DF5BDFABBB3ADAF12B00256B7F18D12
Validity
Not Before: Jan 4 05:08:43 2024 GMT
Not After : May 1 00:00:00 2025 GMT
Subject: CN=65963d5a-4e2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:90:11:76:2f:d1:e3:91:47:00:bc:c8:fb:76:
22:7b:db:15:fd:74:68:b5:95:62:5b:66:5b:f5:49:
b7:33:f9:f8:9b:f4:73:74:42:98:18:5c:01:d5:46:
b7:d5:04:b7:a0:00:38:a7:06:f3:a2:d8:f0:4d:21:
84:d2:15:50:eb:95:d9:6e:b1:b5:12:4d:f8:54:66:
cb:79:72:9c:e1:a3:8d:70:f0:9c:9b:83:bf:fe:91:
c2:06:ed:18:d0:d5:58:9e:d2:ad:23:6f:56:11:65:
b2:af:55:3e:69:22:c7:2b:d6:ff:a4:b0:f4:42:82:
a1:cb:39:b0:95:84:a5:13:31:c4:d8:e6:49:78:87:
54:95:48:bd:a7:b9:62:58:9b:0f:1c:68:b5:80:4d:
5d:98:a3:3f:64:6b:ee:2f:fc:a4:cd:22:9f:d1:5b:
7a:bd:0d:f9:72:4a:20:c3:05:d0:ca:63:9d:07:d1:
d1:bf:cd:74:aa:da:8c:2e:af:e6:49:5e:33:1d:45:
66:89:3a:3f:4e:24:14:54:87:49:02:28:90:5f:00:
32:89:ed:38:ff:ae:de:bc:a1:ac:1e:0e:e4:88:a5:
4b:cf:e3:1d:aa:03:2d:71:f8:a5:15:0c:18:0c:7e:
3c:1a:f1:33:0e:a6:e2:2d:69:e0:a7:33:d9:97:50:
2e:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:A8:28:F6:30:8E:DC:B8:31:58:AE:4A:84:48:EA:9F:70:D7:99:A2
X509v3 Authority Key Identifier:
keyid:1D:D1:CB:BC:5D:F5:BD:FA:BB:B3:AD:AF:12:B0:02:56:B7:F1:8D:12
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915ADC4/61415F58A9F711EE8EB48D22C4F9AE02/HdHLvF31vfq7s62vErACVrfxjRI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HdHLvF31vfq7s62vErACVrfxjRI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915ADC4/61415F58A9F711EE8EB48D22C4F9AE02/5472A05CAABF11EE8D7AE735C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2401:72a0::/32
Signature Algorithm: sha256WithRSAEncryption
31:d5:5f:46:ac:a7:78:8f:f8:e2:3f:ec:52:4f:81:c7:b4:62:
98:24:74:94:cb:e5:06:d8:c6:37:66:d6:2c:40:94:e3:04:d7:
b1:76:0a:59:73:97:44:f9:58:2f:98:b3:5c:35:00:7f:54:89:
a9:f3:4b:06:da:c6:49:84:e2:d1:6e:31:69:a8:23:d7:78:ce:
15:31:6e:87:77:57:1e:c4:de:62:cc:d6:c0:d7:12:1f:8b:cc:
68:0a:14:ea:bd:91:ab:e0:69:a3:3a:50:40:92:f1:4f:48:df:
35:60:09:ab:65:a8:9d:95:0d:9e:b6:ac:d6:1a:e5:d9:1d:72:
95:71:71:57:2a:15:e3:61:2f:25:9f:56:74:da:56:80:93:bd:
22:14:4e:ad:ce:d7:14:c8:01:de:a3:ac:21:c2:63:c8:d4:9c:
3f:50:f3:af:18:fa:57:41:ec:32:6e:7a:77:7b:b9:8a:34:b1:
ef:cd:d4:e0:d1:6d:ee:c1:4d:dd:bf:52:49:77:98:4c:c7:c0:
7d:c7:ef:f9:ff:8d:13:fa:5a:d8:86:3c:f9:e2:78:7c:4a:8d:
34:d2:d3:09:76:be:ba:34:b3:97:12:54:74:a4:27:77:97:68:
d7:26:0b:dc:70:1f:f9:55:c3:dd:2c:f1:64:a0:9b:ff:b3:f8:
9e:2f:68:36
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgIBBjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE1
QURDNDExMC8GA1UEBRMoMUREMUNCQkM1REY1QkRGQUJCQjNBREFGMTJCMDAyNTZC
N0YxOEQxMjAeFw0yNDAxMDQwNTA4NDNaFw0yNTA1MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1OTYzZDVhLTRlMmMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC3kBF2L9HjkUcAvMj7diJ72xX9dGi1lWJbZlv1Sbcz+fib9HN0QpgYXAHVRrfV
BLegADinBvOi2PBNIYTSFVDrldlusbUSTfhUZst5cpzho41w8Jybg7/+kcIG7RjQ
1Vie0q0jb1YRZbKvVT5pIscr1v+ksPRCgqHLObCVhKUTMcTY5kl4h1SVSL2nuWJY
mw8caLWATV2Yoz9ka+4v/KTNIp/RW3q9DflySiDDBdDKY50H0dG/zXSq2owur+ZJ
XjMdRWaJOj9OJBRUh0kCKJBfADKJ7Tj/rt68oaweDuSIpUvP4x2qAy1x+KUVDBgM
fjwa8TMOpuItaeCnM9mXUC7jAgMBAAGjggKWMIICkjAdBgNVHQ4EFgQUjqgo9jCO
3LgxWK5KhEjqn3DXmaIwHwYDVR0jBBgwFoAUHdHLvF31vfq7s62vErACVrfxjRIw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTVBREM0LzYxNDE1RjU4QTlG
NzExRUU4RUI0OEQyMkM0RjlBRTAyL0hkSEx2RjMxdmZxN3M2MnZFckFDVnJmeGpS
SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvSGRITHZGMzF2ZnE3czYydkVyQUNWcmZ4alJJLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1
QURDNC82MTQxNUY1OEE5RjcxMUVFOEVCNDhEMjJDNEY5QUUwMi81NDcyQTA1Q0FB
QkYxMUVFOEQ3QUU3MzVDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAgBggrBgEFBQcBBwEB/wQR
MA8wDQQCAAIwBwMFACQBcqAwDQYJKoZIhvcNAQELBQADggEBADHVX0asp3iP+OI/
7FJPgce0YpgkdJTL5QbYxjdm1ixAlOME17F2Cllzl0T5WC+Ys1w1AH9UianzSwba
xkmE4tFuMWmoI9d4zhUxbod3Vx7E3mLM1sDXEh+LzGgKFOq9kavgaaM6UECS8U9I
3zVgCatlqJ2VDZ62rNYa5dkdcpVxcVcqFeNhLyWfVnTaVoCTvSIUTq3O1xTIAd6j
rCHCY8jUnD9Q868Y+ldB7DJuend7uYo0se/N1ODRbe7BTd2/Ukl3mEzHwH3H7/n/
jRP6WtiGPPnieHxKjTTS0wl2vro0s5cSVHSkJ3eXaNcmC9xwH/lVw90s8WSgm/+z
+J4vaDY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:07 2024 by rpki-client on console-ams.rpki-client.org