Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917419E/981EE9860B2111EC8421494DC4F9AE02/BFEFCAAE5D2111ED9C309214C4F9AE02.roa
File: BFEFCAAE5D2111ED9C309214C4F9AE02.roa (raw, json)
Hash identifier: nkDbk8QH4jKfR72ZLH6PmWys3wfJM8wAYlMdoiU2ir0=
Subject key identifier: 82:8D:83:8D:C1:E4:F3:8F:95:10:7A:02:C5:F6:F8:E8:DD:86:8E:71
Certificate issuer: /CN=A917419E/serialNumber=1445489FDD50AA44AC1D2A3C3A166E06C662AFD5
Certificate serial: 037D
Authority key identifier: 14:45:48:9F:DD:50:AA:44:AC:1D:2A:3C:3A:16:6E:06:C6:62:AF:D5
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FEVIn91QqkSsHSo8OhZuBsZir9U.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917419E/981EE9860B2111EC8421494DC4F9AE02/BFEFCAAE5D2111ED9C309214C4F9AE02.roa
Signing time: Wed 28 Dec 2022 12:02:00 +0000
ROA not before: Wed 28 Dec 2022 12:01:59 +0000
ROA not after: Fri 01 Dec 2023 00:00:00 +0000
asID: 61302
IP address blocks: 2407:d340::/32 maxlen: 32
2407:d340:7100::/40 maxlen: 48
2407:d340:7200::/40 maxlen: 48
2407:d340:7300::/40 maxlen: 48
2407:d340:7400::/40 maxlen: 48
2407:d340:7500::/40 maxlen: 48
2407:d340:7600::/40 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 893 (0x37d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917419E/serialNumber=1445489FDD50AA44AC1D2A3C3A166E06C662AFD5
Validity
Not Before: Dec 28 12:01:59 2022 GMT
Not After : Dec 1 00:00:00 2023 GMT
Subject: CN=63ac3037-1812
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fb:93:17:6f:95:72:81:ac:54:ec:90:67:63:05:
cf:c1:54:7b:e6:d4:23:5f:bd:4f:7e:71:08:dd:e7:
71:57:36:0a:6f:af:c3:6d:59:62:c7:47:e0:71:98:
0a:5d:60:de:8e:ac:e0:15:5b:d2:2d:e2:8f:db:89:
55:63:1f:50:a0:98:35:c0:be:c6:95:dc:3b:b5:b5:
33:4f:33:69:ff:59:5f:3a:31:36:c2:39:3a:bd:b2:
3f:e6:4e:8d:ad:63:b6:fd:41:d8:2a:04:db:74:4f:
1e:56:e8:a1:32:0b:46:cf:c6:10:ac:25:2c:40:4c:
20:61:a4:2b:d2:3d:06:fc:23:f0:9d:dc:59:1a:67:
6b:7a:4d:cb:61:11:11:97:69:9e:12:8b:36:d0:38:
f6:55:56:7d:b7:69:b4:66:90:23:bd:b5:91:8c:6a:
57:28:1a:be:b2:80:81:e8:a7:f9:c8:eb:07:12:7c:
e3:c5:4d:77:9b:66:0e:de:81:3d:83:19:a5:59:27:
d7:32:c1:a7:d4:62:2c:c6:ea:ea:36:e7:83:1a:07:
21:5d:92:e8:d0:ad:00:a7:85:94:d1:4c:ae:08:06:
fa:1e:82:a9:7e:2e:c8:19:86:b0:4f:b7:0d:83:df:
d6:d6:e6:f5:7c:5b:11:25:f2:a1:8c:ad:9d:b0:1e:
e5:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:8D:83:8D:C1:E4:F3:8F:95:10:7A:02:C5:F6:F8:E8:DD:86:8E:71
X509v3 Authority Key Identifier:
keyid:14:45:48:9F:DD:50:AA:44:AC:1D:2A:3C:3A:16:6E:06:C6:62:AF:D5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917419E/981EE9860B2111EC8421494DC4F9AE02/FEVIn91QqkSsHSo8OhZuBsZir9U.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FEVIn91QqkSsHSo8OhZuBsZir9U.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917419E/981EE9860B2111EC8421494DC4F9AE02/BFEFCAAE5D2111ED9C309214C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2407:d340::/32
Signature Algorithm: sha256WithRSAEncryption
97:28:fd:f2:81:2e:5d:fc:0e:3c:81:63:69:14:5c:7b:ff:e2:
09:8c:5d:f8:5c:71:19:ea:80:cc:c1:1c:c0:18:09:de:dc:6d:
15:ff:8d:ae:ca:ee:1c:0b:cc:34:18:1b:65:35:a5:ce:90:2d:
65:48:23:95:3a:3e:34:3f:1e:28:df:38:06:69:3b:56:34:5f:
a4:01:11:29:c7:04:d0:e2:99:2d:b4:85:29:ff:51:bc:9f:51:
67:ed:bd:f9:76:90:b6:fc:f0:02:37:67:51:3a:64:8a:5c:d7:
2d:9a:31:bd:c8:da:48:20:cf:d5:20:6c:09:35:e8:50:6e:bd:
1f:93:25:a4:53:7e:d8:46:9c:e0:1c:8e:fe:97:18:1c:6b:87:
fc:98:23:fb:09:55:61:60:9c:63:99:e3:b1:3d:1f:5e:49:40:
8b:2e:ca:08:6b:d4:b9:30:4f:02:99:c6:96:68:31:03:4f:5e:
3b:29:f2:ed:50:f6:e0:55:74:34:b6:33:e0:1b:94:17:b6:3c:
24:c5:68:53:cd:b4:ba:e6:37:b2:2c:12:29:63:2e:d7:7b:79:
62:0a:87:36:ed:bc:65:f7:0a:91:0d:39:2a:94:6a:fb:f4:44:
b1:75:42:09:35:fb:dc:b7:d7:f9:9b:75:d8:a7:10:4a:00:f5:
63:36:10:f1
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgICA30wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzQxOUUxMTAvBgNVBAUTKDE0NDU0ODlGREQ1MEFBNDRBQzFEMkEzQzNBMTY2RTA2
QzY2MkFGRDUwHhcNMjIxMjI4MTIwMTU5WhcNMjMxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2FjMzAzNy0xODEyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA+5MXb5VygaxU7JBnYwXPwVR75tQjX71PfnEI3edxVzYKb6/DbVlix0fgcZgK
XWDejqzgFVvSLeKP24lVYx9QoJg1wL7Gldw7tbUzTzNp/1lfOjE2wjk6vbI/5k6N
rWO2/UHYKgTbdE8eVuihMgtGz8YQrCUsQEwgYaQr0j0G/CPwndxZGmdrek3LYRER
l2meEos20Dj2VVZ9t2m0ZpAjvbWRjGpXKBq+soCB6Kf5yOsHEnzjxU13m2YO3oE9
gxmlWSfXMsGn1GIsxurqNueDGgchXZLo0K0Ap4WU0UyuCAb6HoKpfi7IGYawT7cN
g9/W1ub1fFsRJfKhjK2dsB7ltwIDAQABo4ICljCCApIwHQYDVR0OBBYEFIKNg43B
5POPlRB6AsX2+Ojdho5xMB8GA1UdIwQYMBaAFBRFSJ/dUKpErB0qPDoWbgbGYq/V
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NDE5RS85ODFFRTk4NjBC
MjExMUVDODQyMTQ5NERDNEY5QUUwMi9GRVZJbjkxUXFrU3NIU284T2hadUJzWmly
OVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZFVkluOTFRcWtTc0hTbzhPaFp1QnNaaXI5VS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NzQxOUUvOTgxRUU5ODYwQjIxMTFFQzg0MjE0OTREQzRGOUFFMDIvQkZFRkNBQUU1
RDIxMTFFRDlDMzA5MjE0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIAYIKwYBBQUHAQcBAf8E
ETAPMA0EAgACMAcDBQAkB9NAMA0GCSqGSIb3DQEBCwUAA4IBAQCXKP3ygS5d/A48
gWNpFFx7/+IJjF34XHEZ6oDMwRzAGAne3G0V/42uyu4cC8w0GBtlNaXOkC1lSCOV
Oj40Px4o3zgGaTtWNF+kAREpxwTQ4pkttIUp/1G8n1Fn7b35dpC2/PACN2dROmSK
XNctmjG9yNpIIM/VIGwJNehQbr0fkyWkU37YRpzgHI7+lxgca4f8mCP7CVVhYJxj
meOxPR9eSUCLLsoIa9S5ME8CmcaWaDEDT147KfLtUPbgVXQ0tjPgG5QXtjwkxWhT
zbS65jeyLBIpYy7Xe3liCoc27bxl9wqRDTkqlGr79ESxdUIJNfvct9f5m3XYpxBK
APVjNhDx
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:46 2023 by rpki-client on console-fra.rpki-client.org