Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9170EED/3FF3940E853B11EFA3072349C4F9AE02/A5CD6DCC853B11EFB513D149C4F9AE02.roa
File: A5CD6DCC853B11EFB513D149C4F9AE02.roa (raw, json)
Hash identifier: PTvwEB4ciP9aJ0Zy1rBR6cF0h9x0sqSplCsREkXk9q4=
Subject key identifier: 2C:28:1D:AF:E5:2B:7B:B8:46:39:A3:ED:D7:A5:B7:49:84:C4:AA:3A
Certificate issuer: /CN=A9170EED/serialNumber=EDFE706C949B5ECF1DBBE460DBD04EFE7C1E128B
Certificate serial: 02
Authority key identifier: ED:FE:70:6C:94:9B:5E:CF:1D:BB:E4:60:DB:D0:4E:FE:7C:1E:12:8B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7f5wbJSbXs8du-Rg29BO_nweEos.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9170EED/3FF3940E853B11EFA3072349C4F9AE02/A5CD6DCC853B11EFB513D149C4F9AE02.roa
Signing time: Tue 08 Oct 2024 06:07:50 +0000
ROA not before: Tue 08 Oct 2024 06:07:50 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 134192
IP address blocks: 2001:df4:5e41::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 09 Oct 2024 07:34:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9170EED/serialNumber=EDFE706C949B5ECF1DBBE460DBD04EFE7C1E128B
Validity
Not Before: Oct 8 06:07:50 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=6704cc36-4d22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:51:7a:72:64:57:7f:fc:be:dc:f2:95:e3:65:
21:8d:c2:c3:d0:bb:ff:e2:3d:cb:fd:a3:8e:00:45:
70:84:8d:c6:60:44:8b:8a:df:c6:c9:2e:31:de:6b:
76:f0:82:42:74:03:da:a9:ad:02:95:3f:83:34:f1:
c8:d9:21:22:d9:52:13:2b:0e:50:ce:ea:3e:0d:55:
4b:2f:0a:30:3d:44:e8:11:c6:ac:35:7c:8f:be:03:
03:61:1b:6e:05:f3:56:a5:dc:a6:cc:c7:51:27:02:
fd:d7:13:e0:7d:57:dc:db:fa:d2:ff:37:33:28:4b:
f0:f0:05:8c:d5:84:ec:4d:98:e6:d3:8a:a5:16:9e:
ed:7d:c2:99:79:03:55:54:c0:35:b3:34:e7:32:94:
aa:d9:a7:c0:57:80:ce:26:b6:13:f5:49:20:85:7b:
82:ab:83:3c:3c:a7:f0:bc:25:78:b0:19:6b:54:55:
65:f9:ab:5e:ce:13:8b:87:b0:e3:1f:96:1f:32:27:
57:ef:63:16:46:70:77:fd:57:e4:3c:81:db:61:d6:
0d:02:a7:36:28:64:2a:68:9a:f2:e7:4d:5b:fd:d8:
c8:b2:03:4e:47:4c:60:53:d7:51:77:8c:cb:13:23:
9a:19:38:60:f4:d1:f9:67:00:f2:06:6f:cc:29:ac:
80:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:28:1D:AF:E5:2B:7B:B8:46:39:A3:ED:D7:A5:B7:49:84:C4:AA:3A
X509v3 Authority Key Identifier:
keyid:ED:FE:70:6C:94:9B:5E:CF:1D:BB:E4:60:DB:D0:4E:FE:7C:1E:12:8B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9170EED/3FF3940E853B11EFA3072349C4F9AE02/7f5wbJSbXs8du-Rg29BO_nweEos.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7f5wbJSbXs8du-Rg29BO_nweEos.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9170EED/3FF3940E853B11EFA3072349C4F9AE02/A5CD6DCC853B11EFB513D149C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2001:df4:5e41::/48
Signature Algorithm: sha256WithRSAEncryption
1c:f4:ca:ea:f3:0d:86:cb:01:79:0a:f7:74:f1:3a:63:ab:08:
55:84:98:a3:a3:c9:ae:56:b3:bb:aa:d1:85:b3:69:1c:83:cc:
7a:5f:42:44:82:19:ad:8b:18:62:f5:b3:fa:43:93:f6:0e:cf:
13:d0:ba:14:d9:3d:2c:a3:d2:fd:6e:24:5f:7b:70:e4:51:a1:
2b:e5:fa:05:00:7a:d1:28:ec:a0:99:c2:db:4a:9f:9a:10:cb:
6e:43:5d:d6:a3:af:a5:8f:29:07:ba:83:14:a0:f3:44:59:78:
9e:c5:90:15:18:24:34:5e:59:ec:56:b8:5e:18:b2:d8:7c:8b:
09:1b:ce:d6:ff:b5:ac:1c:98:d1:69:5f:e5:57:c8:d7:10:ab:
8c:6f:e5:f4:bf:80:7a:8c:05:aa:24:df:79:f5:d1:01:45:d0:
52:df:c5:86:5a:07:fc:44:28:36:07:fc:05:6a:43:55:4a:e4:
06:45:66:5a:a2:18:34:07:85:b0:fa:d7:a6:39:a4:b0:01:54:
30:32:c1:9a:e8:49:86:d1:9e:a6:4b:15:33:56:ee:ee:ce:10:
f6:85:a2:d7:73:1c:50:fe:67:5d:1b:0c:4c:1d:5b:40:cb:65:
bf:6b:c3:0c:e1:15:0b:ba:be:06:49:61:7d:fb:a3:81:8e:00:
2e:30:90:14
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgIBAjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3
MEVFRDExMC8GA1UEBRMoRURGRTcwNkM5NDlCNUVDRjFEQkJFNDYwREJEMDRFRkU3
QzFFMTI4QjAeFw0yNDEwMDgwNjA3NTBaFw0yNjAxMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3MDRjYzM2LTRkMjIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDfUXpyZFd//L7c8pXjZSGNwsPQu//iPcv9o44ARXCEjcZgRIuK38bJLjHea3bw
gkJ0A9qprQKVP4M08cjZISLZUhMrDlDO6j4NVUsvCjA9ROgRxqw1fI++AwNhG24F
81al3KbMx1EnAv3XE+B9V9zb+tL/NzMoS/DwBYzVhOxNmObTiqUWnu19wpl5A1VU
wDWzNOcylKrZp8BXgM4mthP1SSCFe4Krgzw8p/C8JXiwGWtUVWX5q17OE4uHsOMf
lh8yJ1fvYxZGcHf9V+Q8gdth1g0CpzYoZCpomvLnTVv92MiyA05HTGBT11F3jMsT
I5oZOGD00flnAPIGb8wprIDNAgMBAAGjggKYMIIClDAdBgNVHQ4EFgQULCgdr+Ur
e7hGOaPt16W3SYTEqjowHwYDVR0jBBgwFoAU7f5wbJSbXs8du+Rg29BO/nweEosw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTcwRUVELzNGRjM5NDBFODUz
QjExRUZBMzA3MjM0OUM0RjlBRTAyLzdmNXdiSlNiWHM4ZHUtUmcyOUJPX253ZUVv
cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvN2Y1d2JKU2JYczhkdS1SZzI5Qk9fbndlRW9zLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
MEVFRC8zRkYzOTQwRTg1M0IxMUVGQTMwNzIzNDlDNEY5QUUwMi9BNUNENkRDQzg1
M0IxMUVGQjUxM0QxNDlDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAiBggrBgEFBQcBBwEB/wQT
MBEwDwQCAAIwCQMHACABDfReQTANBgkqhkiG9w0BAQsFAAOCAQEAHPTK6vMNhssB
eQr3dPE6Y6sIVYSYo6PJrlazu6rRhbNpHIPMel9CRIIZrYsYYvWz+kOT9g7PE9C6
FNk9LKPS/W4kX3tw5FGhK+X6BQB60SjsoJnC20qfmhDLbkNd1qOvpY8pB7qDFKDz
RFl4nsWQFRgkNF5Z7Fa4Xhiy2HyLCRvO1v+1rByY0Wlf5VfI1xCrjG/l9L+AeowF
qiTfefXRAUXQUt/FhloH/EQoNgf8BWpDVUrkBkVmWqIYNAeFsPrXpjmksAFUMDLB
muhJhtGepksVM1bu7s4Q9oWi13McUP5nXRsMTB1bQMtlv2vDDOEVC7q+Bklhffuj
gY4ALjCQFA==
-----END CERTIFICATE-----
Generated at Wed Oct 9 09:56:45 2024 by rpki-client on console-fra.rpki-client.org