Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91698EC/21E5A30A1EE111EF93F9853DC4F9AE02/E54E2BA427E311EFA1F13E50C4F9AE02.roa
File: E54E2BA427E311EFA1F13E50C4F9AE02.roa (raw, json)
Hash identifier: noi9vMpJxQUtKVLAV8OgBZW8LGMcUNSfSgmOxpsSweY=
Subject key identifier: A2:8B:06:BC:E2:18:65:97:0F:9B:4B:10:45:4F:46:CC:B7:CE:92:C1
Certificate issuer: /CN=A91698EC/serialNumber=E58F0F52A4D2D1DE44675ACA17557BF982EC7D79
Certificate serial: 0E
Authority key identifier: E5:8F:0F:52:A4:D2:D1:DE:44:67:5A:CA:17:55:7B:F9:82:EC:7D:79
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5Y8PUqTS0d5EZ1rKF1V7-YLsfXk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91698EC/21E5A30A1EE111EF93F9853DC4F9AE02/E54E2BA427E311EFA1F13E50C4F9AE02.roa
Signing time: Tue 11 Jun 2024 11:15:23 +0000
ROA not before: Tue 11 Jun 2024 11:15:23 +0000
ROA not after: Sun 31 Aug 2025 00:00:00 +0000
asID: 20473
IP address blocks: 2001:df3:dec0::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 11 Oct 2024 22:51:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14 (0xe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91698EC/serialNumber=E58F0F52A4D2D1DE44675ACA17557BF982EC7D79
Validity
Not Before: Jun 11 11:15:23 2024 GMT
Not After : Aug 31 00:00:00 2025 GMT
Subject: CN=666831cb-41de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:8d:d9:42:d1:03:c1:d4:fe:a5:8f:cb:00:56:
0a:fe:8d:da:63:c7:33:29:f0:f3:ed:a6:ae:31:3f:
2c:2f:87:82:da:dc:74:bd:94:05:36:3d:2f:18:07:
f9:cc:48:5f:ea:ff:a6:34:07:19:f6:cf:d3:e9:94:
24:06:9d:75:6f:7a:c6:69:be:8c:94:87:49:65:5e:
ca:38:e9:6b:0e:a1:cb:35:77:b3:4c:b1:b9:81:07:
c5:a7:d8:6b:f9:a8:c0:92:0a:32:f7:1d:6a:a7:ad:
f0:cb:44:db:4c:03:d5:32:59:2a:c5:2d:2c:de:f1:
84:66:54:a0:cc:14:20:58:6b:de:56:93:03:7c:ce:
d4:b3:21:4d:de:d8:69:e3:67:97:c2:98:85:d3:ce:
fb:4f:93:7c:45:c5:88:39:0b:65:53:81:f6:75:82:
4e:de:65:25:72:32:d0:d9:be:9b:12:25:68:c4:11:
a8:0f:5e:42:9e:bc:7b:39:d3:0d:af:84:81:4c:15:
3a:7a:09:ee:3f:6d:86:33:e6:e0:fc:b1:d3:e8:64:
24:f2:0c:f3:97:6b:8b:76:98:84:7e:c2:01:c1:9f:
5c:55:76:93:3f:59:6f:2d:bf:ed:f9:9f:bd:cd:1c:
f5:2f:cf:d3:a1:7e:d1:12:13:0c:46:8f:ba:67:77:
ea:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:8B:06:BC:E2:18:65:97:0F:9B:4B:10:45:4F:46:CC:B7:CE:92:C1
X509v3 Authority Key Identifier:
keyid:E5:8F:0F:52:A4:D2:D1:DE:44:67:5A:CA:17:55:7B:F9:82:EC:7D:79
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91698EC/21E5A30A1EE111EF93F9853DC4F9AE02/5Y8PUqTS0d5EZ1rKF1V7-YLsfXk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5Y8PUqTS0d5EZ1rKF1V7-YLsfXk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91698EC/21E5A30A1EE111EF93F9853DC4F9AE02/E54E2BA427E311EFA1F13E50C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2001:df3:dec0::/48
Signature Algorithm: sha256WithRSAEncryption
6b:0f:40:e5:c2:cf:9c:91:e0:66:5f:b5:68:66:90:d4:72:0f:
cc:7f:d0:d7:e8:10:6b:39:8b:bc:4c:c5:23:99:a7:a4:4b:b1:
76:e1:68:7a:64:14:25:25:ec:89:ed:55:a2:01:e7:96:c7:65:
73:d3:e0:fa:e3:c5:3f:ad:45:a7:31:78:42:19:57:91:15:6b:
2e:6d:15:04:36:56:52:5d:e6:91:5f:d5:25:a6:68:e7:3d:b2:
24:2a:c0:38:c7:cd:8f:a6:6d:a4:6b:69:76:08:00:bd:ad:c5:
fb:ef:00:e7:0f:fe:97:24:58:52:4a:d8:3d:ce:57:9e:ab:f6:
9c:2d:a6:1e:2e:c7:7f:00:3d:d4:ba:a2:a6:3a:9a:95:58:41:
20:d6:0b:e7:4a:cd:06:86:a6:09:dd:aa:d2:91:ae:07:49:6b:
59:72:0e:aa:f9:1a:65:f3:f5:59:9c:0d:b1:26:c8:9a:b5:e8:
44:70:cc:6d:3c:71:14:dc:4a:df:02:0f:09:b5:30:f8:fe:aa:
26:6f:35:4e:49:94:ad:8f:67:b8:fd:80:88:67:6d:71:56:b3:
6f:1f:9b:dd:4b:8f:0c:9b:9e:ee:d5:34:46:7b:1d:2a:b7:9f:
ad:51:79:a4:92:6c:4c:a0:ef:67:96:09:92:c4:d4:13:d4:0c:
85:d0:24:30
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgIBDjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE2
OThFQzExMC8GA1UEBRMoRTU4RjBGNTJBNEQyRDFERTQ0Njc1QUNBMTc1NTdCRjk4
MkVDN0Q3OTAeFw0yNDA2MTExMTE1MjNaFw0yNTA4MzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2NjgzMWNiLTQxZGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDNjdlC0QPB1P6lj8sAVgr+jdpjxzMp8PPtpq4xPywvh4La3HS9lAU2PS8YB/nM
SF/q/6Y0Bxn2z9PplCQGnXVvesZpvoyUh0llXso46WsOocs1d7NMsbmBB8Wn2Gv5
qMCSCjL3HWqnrfDLRNtMA9UyWSrFLSze8YRmVKDMFCBYa95WkwN8ztSzIU3e2Gnj
Z5fCmIXTzvtPk3xFxYg5C2VTgfZ1gk7eZSVyMtDZvpsSJWjEEagPXkKevHs50w2v
hIFMFTp6Ce4/bYYz5uD8sdPoZCTyDPOXa4t2mIR+wgHBn1xVdpM/WW8tv+35n73N
HPUvz9OhftESEwxGj7pnd+p9AgMBAAGjggKYMIIClDAdBgNVHQ4EFgQUoosGvOIY
ZZcPm0sQRU9GzLfOksEwHwYDVR0jBBgwFoAU5Y8PUqTS0d5EZ1rKF1V7+YLsfXkw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTY5OEVDLzIxRTVBMzBBMUVF
MTExRUY5M0Y5ODUzREM0RjlBRTAyLzVZOFBVcVRTMGQ1RVoxcktGMVY3LVlMc2ZY
ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvNVk4UFVxVFMwZDVFWjFyS0YxVjctWUxzZlhrLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2
OThFQy8yMUU1QTMwQTFFRTExMUVGOTNGOTg1M0RDNEY5QUUwMi9FNTRFMkJBNDI3
RTMxMUVGQTFGMTNFNTBDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAiBggrBgEFBQcBBwEB/wQT
MBEwDwQCAAIwCQMHACABDfPewDANBgkqhkiG9w0BAQsFAAOCAQEAaw9A5cLPnJHg
Zl+1aGaQ1HIPzH/Q1+gQazmLvEzFI5mnpEuxduFoemQUJSXsie1VogHnlsdlc9Pg
+uPFP61FpzF4QhlXkRVrLm0VBDZWUl3mkV/VJaZo5z2yJCrAOMfNj6ZtpGtpdggA
va3F++8A5w/+lyRYUkrYPc5Xnqv2nC2mHi7HfwA91LqipjqalVhBINYL50rNBoam
Cd2q0pGuB0lrWXIOqvkaZfP1WZwNsSbImrXoRHDMbTxxFNxK3wIPCbUw+P6qJm81
TkmUrY9nuP2AiGdtcVazbx+b3UuPDJue7tU0RnsdKrefrVF5pJJsTKDvZ5YJksTU
E9QMhdAkMA==
-----END CERTIFICATE-----
Generated at Sat Oct 12 03:20:57 2024 by rpki-client on console-ams.rpki-client.org