Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9173DB5/0C999EC08FA111EBA220661EC4F9AE02/211042A8A56211EE8CAB7E1DC4F9AE02.roa
File: 211042A8A56211EE8CAB7E1DC4F9AE02.roa (raw, json)
Hash identifier: Flxxk0tN6+hKDLE/GP0+xNsUDEM02DnsNbD5zMPx7zk=
Subject key identifier: 0B:96:7A:20:67:FD:49:13:55:DE:30:BD:D3:AD:4E:99:3F:59:A4:58
Certificate issuer: /CN=A9173DB5/serialNumber=47EC53BFDD351320E89B2C541BACDD4D8D52A0B3
Certificate serial: 0546
Authority key identifier: 47:EC:53:BF:DD:35:13:20:E8:9B:2C:54:1B:AC:DD:4D:8D:52:A0:B3
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/R-xTv901EyDomyxUG6zdTY1SoLM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9173DB5/0C999EC08FA111EBA220661EC4F9AE02/211042A8A56211EE8CAB7E1DC4F9AE02.roa
Signing time: Thu 28 Dec 2023 09:18:58 +0000
ROA not before: Thu 28 Dec 2023 09:18:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 142018
IP address blocks: 2001:df6:5480::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 12 Jan 2024 15:36:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1350 (0x546)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9173DB5/serialNumber=47EC53BFDD351320E89B2C541BACDD4D8D52A0B3
Validity
Not Before: Dec 28 09:18:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=658d3d81-4523
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:e5:0b:1e:0c:cc:70:9d:47:42:ea:fb:f3:f5:
d6:31:dc:c5:6e:46:51:10:eb:32:d8:8c:81:d7:6b:
93:18:a8:6b:c7:0e:0d:d2:3c:cd:0f:5a:92:b6:86:
12:05:7a:f9:73:c4:1b:04:3c:c2:f4:89:04:40:fe:
cd:0d:6b:ed:bc:d0:a4:bf:93:3f:73:c6:20:d7:2f:
db:5c:4a:f0:67:42:30:dc:77:23:2b:5a:ea:a8:cb:
0b:f6:03:63:78:ed:fd:ea:8b:38:df:d7:1d:98:8e:
d0:9c:7e:79:fe:76:89:a9:e5:b8:65:b2:05:29:31:
ad:68:fe:ba:c8:6b:b3:54:51:a2:55:a7:80:a9:ba:
75:49:38:21:94:4f:a1:86:10:0a:fd:07:ad:22:70:
47:36:b7:17:ff:82:12:e0:79:86:71:c4:18:c6:6c:
d1:a0:f1:68:18:56:60:12:4b:db:1c:6a:2c:41:58:
01:ec:66:42:c6:de:69:52:31:72:11:51:35:a7:fb:
24:23:8c:00:e0:f6:6a:ae:51:e6:a9:f6:cb:a5:ac:
71:16:f3:e8:ed:6b:13:c7:3d:65:5a:ba:c9:f1:bb:
0a:b7:79:3f:87:9c:d7:49:c6:db:89:1d:db:b5:23:
ce:dd:09:c8:e7:a6:de:ed:c7:73:cd:c6:8b:8c:b3:
4d:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:96:7A:20:67:FD:49:13:55:DE:30:BD:D3:AD:4E:99:3F:59:A4:58
X509v3 Authority Key Identifier:
keyid:47:EC:53:BF:DD:35:13:20:E8:9B:2C:54:1B:AC:DD:4D:8D:52:A0:B3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9173DB5/0C999EC08FA111EBA220661EC4F9AE02/R-xTv901EyDomyxUG6zdTY1SoLM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/R-xTv901EyDomyxUG6zdTY1SoLM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9173DB5/0C999EC08FA111EBA220661EC4F9AE02/211042A8A56211EE8CAB7E1DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2001:df6:5480::/48
Signature Algorithm: sha256WithRSAEncryption
bd:32:52:9a:1e:54:d2:9d:f3:e6:59:2d:fa:73:67:14:ab:f5:
0d:65:86:2e:82:98:78:bc:73:3c:f0:81:db:d1:af:f1:67:ac:
02:fb:02:da:6f:67:b3:b9:d7:ae:b1:54:f6:ba:a6:d5:47:e3:
01:5f:a9:5d:c1:37:a4:5e:e2:e7:aa:9c:ed:1d:24:e8:6e:00:
4d:8b:16:9c:7b:e3:e6:84:f2:2d:bd:1d:9b:b0:be:ea:4a:48:
dd:60:a8:51:35:4d:1a:c9:17:89:1d:41:70:88:ec:61:9f:fa:
8e:a5:3f:4f:b7:37:65:85:1b:e1:85:2d:96:d7:fa:ae:c6:79:
59:01:fb:5f:e6:3c:8d:b6:8d:d4:43:e7:87:e6:cd:af:45:04:
78:e6:c9:1b:76:71:fb:58:72:cf:10:60:3f:9a:26:bb:25:7e:
3b:4b:c0:64:26:1c:78:2b:5d:d2:33:9e:1f:18:40:4e:ea:fe:
46:29:dc:31:cc:60:0d:9f:cb:83:a1:65:51:47:d8:5d:ce:b1:
2b:88:21:74:93:28:90:95:a5:70:b1:17:d5:ca:16:51:44:96:
24:fc:10:ed:4c:0d:da:2c:34:fb:65:cf:d8:11:f5:e2:04:b9:
db:e6:4a:3a:a4:bb:7d:fe:2e:03:5c:8b:e8:15:50:2d:c2:f6:
61:df:ea:b1
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgICBUYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzNEQjUxMTAvBgNVBAUTKDQ3RUM1M0JGREQzNTEzMjBFODlCMkM1NDFCQUNERDRE
OEQ1MkEwQjMwHhcNMjMxMjI4MDkxODU4WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NThkM2Q4MS00NTIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyeULHgzMcJ1HQur78/XWMdzFbkZREOsy2IyB12uTGKhrxw4N0jzND1qStoYS
BXr5c8QbBDzC9IkEQP7NDWvtvNCkv5M/c8Yg1y/bXErwZ0Iw3HcjK1rqqMsL9gNj
eO396os439cdmI7QnH55/naJqeW4ZbIFKTGtaP66yGuzVFGiVaeAqbp1STghlE+h
hhAK/QetInBHNrcX/4IS4HmGccQYxmzRoPFoGFZgEkvbHGosQVgB7GZCxt5pUjFy
EVE1p/skI4wA4PZqrlHmqfbLpaxxFvPo7WsTxz1lWrrJ8bsKt3k/h5zXScbbiR3b
tSPO3QnI56be7cdzzcaLjLNNxwIDAQABo4ICmDCCApQwHQYDVR0OBBYEFAuWeiBn
/UkTVd4wvdOtTpk/WaRYMB8GA1UdIwQYMBaAFEfsU7/dNRMg6JssVBus3U2NUqCz
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3M0RCNS8wQzk5OUVDMDhG
QTExMUVCQTIyMDY2MUVDNEY5QUUwMi9SLXhUdjkwMUV5RG9teXhVRzZ6ZFRZMVNv
TE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1IteFR2OTAxRXlEb215eFVHNnpkVFkxU29MTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzNEQjUvMEM5OTlFQzA4RkExMTFFQkEyMjA2NjFFQzRGOUFFMDIvMjExMDQyQThB
NTYyMTFFRThDQUI3RTFEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwAgAQ32VIAwDQYJKoZIhvcNAQELBQADggEBAL0yUpoeVNKd
8+ZZLfpzZxSr9Q1lhi6CmHi8czzwgdvRr/FnrAL7AtpvZ7O5166xVPa6ptVH4wFf
qV3BN6Re4ueqnO0dJOhuAE2LFpx74+aE8i29HZuwvupKSN1gqFE1TRrJF4kdQXCI
7GGf+o6lP0+3N2WFG+GFLZbX+q7GeVkB+1/mPI22jdRD54fmza9FBHjmyRt2cftY
cs8QYD+aJrslfjtLwGQmHHgrXdIznh8YQE7q/kYp3DHMYA2fy4OhZVFH2F3OsSuI
IXSTKJCVpXCxF9XKFlFEliT8EO1MDdosNPtlz9gR9eIEudvmSjqku33+LgNci+gV
UC3C9mHf6rE=
-----END CERTIFICATE-----
Generated at Fri Jan 12 19:58:26 2024 by rpki-client on console-fra.rpki-client.org