Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A916B837/9D90AB62C15A11ECA44F5360C4F9AE02/5D4E4F481BCF11EEBD054A4CC4F9AE02.roa
File: 5D4E4F481BCF11EEBD054A4CC4F9AE02.roa (raw, json)
Hash identifier: NScqTCm+WeWdnSakVt3PUmpo4Wk/DqNwG3ZqnO+2fDM=
Subject key identifier: 5C:FF:34:81:89:A5:2A:53:1A:06:88:0D:9F:D3:4E:8B:69:72:E9:DB
Certificate issuer: /CN=A916B837/serialNumber=F5522DE313844E96E3EBF38034ECA09BE2AA0AD5
Certificate serial: 01FC
Authority key identifier: F5:52:2D:E3:13:84:4E:96:E3:EB:F3:80:34:EC:A0:9B:E2:AA:0A:D5
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9VIt4xOETpbj6_OANOygm-KqCtU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916B837/9D90AB62C15A11ECA44F5360C4F9AE02/5D4E4F481BCF11EEBD054A4CC4F9AE02.roa
Signing time: Thu 06 Jul 2023 07:33:13 +0000
ROA not before: Thu 06 Jul 2023 07:33:13 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 151338
IP address blocks: 2400:70e0:bab::/48 maxlen: 48
2400:70e0:b000::/48 maxlen: 48
2400:70e0:ff00::/40 maxlen: 40
Validation: Failed, certificate revoked on Tue 05 Sep 2023 08:02:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 508 (0x1fc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916B837/serialNumber=F5522DE313844E96E3EBF38034ECA09BE2AA0AD5
Validity
Not Before: Jul 6 07:33:13 2023 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=64a66e39-e1c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:44:20:37:a1:62:09:b1:03:98:45:50:32:d8:
f1:87:53:2b:22:85:79:17:0f:11:5e:01:de:19:a8:
69:a6:51:36:bd:af:ab:2a:1d:ea:df:fa:48:c3:49:
5c:3a:29:ad:90:42:8c:eb:5b:fa:ff:1d:49:34:d9:
64:ce:c5:54:04:6f:af:72:5b:51:34:6e:e2:05:b1:
68:c4:ae:ed:13:ba:55:4e:88:bf:a4:6e:83:de:1d:
6b:c3:32:cb:bb:1f:3f:e5:ec:00:91:cf:2d:cc:54:
c8:6e:69:c6:82:8f:cd:ea:b0:60:4d:53:f0:37:c4:
e3:64:cb:e1:53:14:a8:02:b9:da:28:24:dd:c0:54:
46:d2:92:1f:42:17:2c:3a:70:96:91:a5:ea:1d:8d:
b1:a5:1d:b7:e3:8d:71:ed:3e:b7:2f:5d:47:4e:e7:
f6:05:12:47:22:ae:0a:a5:98:a7:38:c0:3e:7c:75:
27:8d:c9:fd:de:e9:2b:34:d5:74:a1:d2:e7:72:cb:
f0:be:6b:8b:28:c0:0d:1e:d1:80:d7:df:73:46:ba:
df:c2:28:5c:46:64:a2:b2:e7:5b:12:83:7b:f2:b9:
46:51:64:01:48:a1:49:3c:4b:fd:80:c6:a8:67:c3:
b6:37:4b:4e:a4:6f:12:b7:37:a2:1e:a9:24:db:c6:
62:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:FF:34:81:89:A5:2A:53:1A:06:88:0D:9F:D3:4E:8B:69:72:E9:DB
X509v3 Authority Key Identifier:
keyid:F5:52:2D:E3:13:84:4E:96:E3:EB:F3:80:34:EC:A0:9B:E2:AA:0A:D5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916B837/9D90AB62C15A11ECA44F5360C4F9AE02/9VIt4xOETpbj6_OANOygm-KqCtU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9VIt4xOETpbj6_OANOygm-KqCtU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916B837/9D90AB62C15A11ECA44F5360C4F9AE02/5D4E4F481BCF11EEBD054A4CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2400:70e0:bab::/48
2400:70e0:b000::/48
2400:70e0:ff00::/40
Signature Algorithm: sha256WithRSAEncryption
42:83:6d:92:ff:35:5c:cf:07:2e:b9:32:0a:48:c5:c1:4b:92:
96:89:70:ac:4c:19:0d:12:5d:21:ef:43:25:e4:71:07:ab:bc:
6c:7d:93:0b:b5:34:6e:75:8f:ee:0a:70:9b:bd:89:b0:ce:1c:
9c:37:a4:67:1c:8a:23:f2:63:fc:72:ba:05:fe:4a:a9:2e:08:
20:73:2f:41:fb:c2:b8:6a:3d:9a:66:6d:1b:24:d4:60:47:1a:
38:94:4b:37:5c:32:e8:f0:44:0a:7d:42:80:05:6e:28:c9:47:
94:15:bb:22:a8:4d:a8:b0:09:33:d9:df:10:3a:28:97:0d:50:
43:f8:64:f1:a5:63:07:ef:81:69:03:22:36:85:6e:04:5b:5c:
23:4a:2e:ea:a0:04:a5:dc:48:ba:ef:7a:63:02:22:53:84:95:
8c:62:2d:10:28:be:c2:05:8a:b4:cb:d1:36:cb:d6:2b:4b:16:
29:84:85:6a:1a:66:d6:b4:2b:c4:3d:bc:4a:a6:79:82:9c:5c:
51:e9:23:66:08:31:c1:73:0e:cb:62:6a:28:eb:6a:80:ad:05:
d8:db:d9:b5:4a:a1:d0:c9:09:75:22:11:e7:93:a5:5e:63:af:
5d:f5:48:e0:09:6b:1e:3d:97:d5:f4:77:b4:60:94:2d:cd:0c:
7b:9c:80:1f
-----BEGIN CERTIFICATE-----
MIIFhTCCBG2gAwIBAgICAfwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkI4MzcxMTAvBgNVBAUTKEY1NTIyREUzMTM4NDRFOTZFM0VCRjM4MDM0RUNBMDlC
RTJBQTBBRDUwHhcNMjMwNzA2MDczMzEzWhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGE2NmUzOS1lMWMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAp0QgN6FiCbEDmEVQMtjxh1MrIoV5Fw8RXgHeGahpplE2va+rKh3q3/pIw0lc
OimtkEKM61v6/x1JNNlkzsVUBG+vcltRNG7iBbFoxK7tE7pVToi/pG6D3h1rwzLL
ux8/5ewAkc8tzFTIbmnGgo/N6rBgTVPwN8TjZMvhUxSoArnaKCTdwFRG0pIfQhcs
OnCWkaXqHY2xpR23441x7T63L11HTuf2BRJHIq4KpZinOMA+fHUnjcn93ukrNNV0
odLncsvwvmuLKMANHtGA199zRrrfwihcRmSisudbEoN78rlGUWQBSKFJPEv9gMao
Z8O2N0tOpG8StzeiHqkk28ZihwIDAQABo4ICqTCCAqUwHQYDVR0OBBYEFFz/NIGJ
pSpTGgaIDZ/TTotpcunbMB8GA1UdIwQYMBaAFPVSLeMThE6W4+vzgDTsoJviqgrV
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2QjgzNy85RDkwQUI2MkMx
NUExMUVDQTQ0RjUzNjBDNEY5QUUwMi85Vkl0NHhPRVRwYmo2X09BTk95Z20tS3FD
dFUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzlWSXQ0eE9FVHBiajZfT0FOT3lnbS1LcUN0VS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkI4MzcvOUQ5MEFCNjJDMTVBMTFFQ0E0NEY1MzYwQzRGOUFFMDIvNUQ0RTRGNDgx
QkNGMTFFRUJEMDU0QTRDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMwYIKwYBBQUHAQcBAf8E
JDAiMCAEAgACMBoDBwAkAHDgC6sDBwAkAHDgsAADBgAkAHDg/zANBgkqhkiG9w0B
AQsFAAOCAQEAQoNtkv81XM8HLrkyCkjFwUuSlolwrEwZDRJdIe9DJeRxB6u8bH2T
C7U0bnWP7gpwm72JsM4cnDekZxyKI/Jj/HK6Bf5KqS4IIHMvQfvCuGo9mmZtGyTU
YEcaOJRLN1wy6PBECn1CgAVuKMlHlBW7IqhNqLAJM9nfEDoolw1QQ/hk8aVjB++B
aQMiNoVuBFtcI0ou6qAEpdxIuu96YwIiU4SVjGItECi+wgWKtMvRNsvWK0sWKYSF
ahpm1rQrxD28SqZ5gpxcUekjZggxwXMOy2JqKOtqgK0F2NvZtUqh0MkJdSIR55Ol
XmOvXfVI4AlrHj2X1fR3tGCULc0Me5yAHw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:10 2024 by rpki-client on console-fra.rpki-client.org