Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A915ADC4/61415F58A9F711EE8EB48D22C4F9AE02/FA67CDC4F1F611EE8FDF0C67C4F9AE02.roa
File: FA67CDC4F1F611EE8FDF0C67C4F9AE02.roa (raw, json)
Hash identifier: tyztzM5qkfxN215ENbvS/yK+g8BSe3HCa7aY28o2OMw=
Subject key identifier: 14:AB:B5:59:54:2C:BE:CE:82:C6:59:3C:87:82:FA:48:13:62:62:41
Certificate issuer: /CN=A915ADC4/serialNumber=1DD1CBBC5DF5BDFABBB3ADAF12B00256B7F18D12
Certificate serial: 54
Authority key identifier: 1D:D1:CB:BC:5D:F5:BD:FA:BB:B3:AD:AF:12:B0:02:56:B7:F1:8D:12
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HdHLvF31vfq7s62vErACVrfxjRI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915ADC4/61415F58A9F711EE8EB48D22C4F9AE02/FA67CDC4F1F611EE8FDF0C67C4F9AE02.roa
Signing time: Wed 03 Apr 2024 20:22:41 +0000
ROA not before: Wed 03 Apr 2024 20:22:41 +0000
ROA not after: Thu 01 May 2025 00:00:00 +0000
asID: 137707
IP address blocks: 2401:72a0::/32 maxlen: 40
2402:ca40::/32 maxlen: 40
Validation: Failed, certificate revoked on Wed 24 Jul 2024 22:27:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84 (0x54)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915ADC4/serialNumber=1DD1CBBC5DF5BDFABBB3ADAF12B00256B7F18D12
Validity
Not Before: Apr 3 20:22:41 2024 GMT
Not After : May 1 00:00:00 2025 GMT
Subject: CN=660dba91-0187
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:4c:2d:ca:ac:e4:4b:85:64:d6:3b:1c:be:59:
89:21:20:f0:ff:5a:fb:9e:32:a3:b0:f8:36:06:b8:
12:87:41:69:1b:10:4e:aa:5a:e3:f5:7d:e3:d5:d6:
65:ea:eb:e9:92:db:e0:18:7e:05:a3:d4:70:e4:2b:
3c:d0:b9:6e:15:20:4c:27:8a:a8:a9:1f:d5:ba:8d:
28:80:ae:ff:c9:77:dd:a3:9b:ba:78:c7:f7:10:05:
71:a2:4b:77:ed:a4:56:3e:b9:92:b5:5a:38:b0:21:
63:d2:75:6a:cc:40:4d:d7:28:7e:ef:62:1f:a0:2f:
02:0e:72:02:f1:26:38:86:01:0d:40:21:d2:32:f2:
9f:34:2f:21:31:4b:1e:1d:dc:6b:bb:4f:21:bf:ed:
e3:7a:26:7c:a2:76:d3:0a:f2:c8:52:48:f9:98:48:
05:3e:08:b8:96:7b:fa:0a:4a:60:b4:e3:ac:c8:74:
06:b6:a8:78:ae:ed:f9:81:f6:76:93:c5:4f:05:b1:
41:33:e1:8f:45:51:26:8f:f3:82:ad:27:c5:09:b0:
4a:76:92:f3:95:14:50:71:ad:5a:04:6a:78:8e:4c:
6d:f5:60:e5:d9:c6:f6:76:b5:7d:c6:b0:b4:d8:30:
af:a4:72:77:89:5a:e2:df:2f:62:c8:b7:d0:a7:d2:
00:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:AB:B5:59:54:2C:BE:CE:82:C6:59:3C:87:82:FA:48:13:62:62:41
X509v3 Authority Key Identifier:
keyid:1D:D1:CB:BC:5D:F5:BD:FA:BB:B3:AD:AF:12:B0:02:56:B7:F1:8D:12
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915ADC4/61415F58A9F711EE8EB48D22C4F9AE02/HdHLvF31vfq7s62vErACVrfxjRI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HdHLvF31vfq7s62vErACVrfxjRI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915ADC4/61415F58A9F711EE8EB48D22C4F9AE02/FA67CDC4F1F611EE8FDF0C67C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2401:72a0::/32
2402:ca40::/32
Signature Algorithm: sha256WithRSAEncryption
03:8b:57:06:53:2b:6b:cb:bc:e8:67:3a:d3:52:83:dc:59:6d:
fa:3e:67:c3:bb:45:ef:3e:7c:fa:60:d7:4d:f6:25:45:5c:be:
0e:c8:dc:71:9b:f0:f5:41:ce:14:e9:3d:66:65:92:8b:68:51:
1f:3a:da:39:34:ba:4c:8f:4c:ed:6e:e6:f5:45:6b:55:38:10:
78:1c:e1:0b:ba:87:53:e5:77:d5:1e:eb:0b:c1:07:79:5d:49:
19:93:12:4c:84:6b:14:6e:4a:9c:32:9f:7c:33:75:83:bc:ff:
7f:de:08:a1:a3:6a:29:af:ae:b9:1a:8c:9e:45:ef:07:ad:b6:
cb:8f:07:d3:92:6b:39:9a:7f:ac:da:6a:c0:87:20:34:59:34:
05:da:4b:79:14:7f:77:ff:69:8a:eb:73:b2:72:72:93:4f:e2:
93:7b:b6:8f:26:d3:e5:68:68:e9:7e:89:89:ac:3a:10:a7:6b:
ee:a1:a5:bf:8d:69:44:2b:d0:b1:f2:b7:e8:e1:ca:a1:1e:33:
6a:46:7b:ea:ea:ec:e2:27:e6:e2:35:4e:5f:d1:62:d9:eb:b8:
b3:1b:be:af:04:37:1e:de:73:98:db:ab:12:d9:18:25:03:e6:
40:6c:e8:95:85:9f:60:6e:02:da:1b:cd:cb:05:98:cc:06:dd:
a8:b4:91:56
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgIBVDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE1
QURDNDExMC8GA1UEBRMoMUREMUNCQkM1REY1QkRGQUJCQjNBREFGMTJCMDAyNTZC
N0YxOEQxMjAeFw0yNDA0MDMyMDIyNDFaFw0yNTA1MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2MGRiYTkxLTAxODcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDcTC3KrORLhWTWOxy+WYkhIPD/WvueMqOw+DYGuBKHQWkbEE6qWuP1fePV1mXq
6+mS2+AYfgWj1HDkKzzQuW4VIEwniqipH9W6jSiArv/Jd92jm7p4x/cQBXGiS3ft
pFY+uZK1WjiwIWPSdWrMQE3XKH7vYh+gLwIOcgLxJjiGAQ1AIdIy8p80LyExSx4d
3Gu7TyG/7eN6JnyidtMK8shSSPmYSAU+CLiWe/oKSmC046zIdAa2qHiu7fmB9naT
xU8FsUEz4Y9FUSaP84KtJ8UJsEp2kvOVFFBxrVoEaniOTG31YOXZxvZ2tX3GsLTY
MK+kcneJWuLfL2LIt9Cn0gChAgMBAAGjggKdMIICmTAdBgNVHQ4EFgQUFKu1WVQs
vs6Cxlk8h4L6SBNiYkEwHwYDVR0jBBgwFoAUHdHLvF31vfq7s62vErACVrfxjRIw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTVBREM0LzYxNDE1RjU4QTlG
NzExRUU4RUI0OEQyMkM0RjlBRTAyL0hkSEx2RjMxdmZxN3M2MnZFckFDVnJmeGpS
SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvSGRITHZGMzF2ZnE3czYydkVyQUNWcmZ4alJJLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1
QURDNC82MTQxNUY1OEE5RjcxMUVFOEVCNDhEMjJDNEY5QUUwMi9GQTY3Q0RDNEYx
RjYxMUVFOEZERjBDNjdDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAnBggrBgEFBQcBBwEB/wQY
MBYwFAQCAAIwDgMFACQBcqADBQAkAspAMA0GCSqGSIb3DQEBCwUAA4IBAQADi1cG
Uytry7zoZzrTUoPcWW36PmfDu0XvPnz6YNdN9iVFXL4OyNxxm/D1Qc4U6T1mZZKL
aFEfOto5NLpMj0ztbub1RWtVOBB4HOELuodT5XfVHusLwQd5XUkZkxJMhGsUbkqc
Mp98M3WDvP9/3giho2opr665GoyeRe8HrbbLjwfTkms5mn+s2mrAhyA0WTQF2kt5
FH93/2mK63OycnKTT+KTe7aPJtPlaGjpfomJrDoQp2vuoaW/jWlEK9Cx8rfo4cqh
HjNqRnvq6uziJ+biNU5f0WLZ67izG76vBDce3nOY26sS2RglA+ZAbOiVhZ9gbgLa
G83LBZjMBt2otJFW
-----END CERTIFICATE-----
Generated at Thu Jul 25 00:42:17 2024 by rpki-client on console-ams.rpki-client.org