Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917530D/E64001F4B64B11EE91463760C4F9AE02/1BEBEF22BC2B11EE9E07372FC4F9AE02.roa
File: 1BEBEF22BC2B11EE9E07372FC4F9AE02.roa (raw, json)
Hash identifier: 8AKjzTN2ebupzY9Q+12ANqP/63LDp5GktBtxaktGQq8=
Subject key identifier: A1:C6:9A:83:09:1D:4F:12:B1:44:A3:97:5F:9B:97:81:AE:E3:43:40
Certificate issuer: /CN=A917530D/serialNumber=E780FA3777B81D4CF6A35406EA5CF4BE4F65E9FA
Certificate serial: 0A
Authority key identifier: E7:80:FA:37:77:B8:1D:4C:F6:A3:54:06:EA:5C:F4:BE:4F:65:E9:FA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/54D6N3e4HUz2o1QG6lz0vk9l6fo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917530D/E64001F4B64B11EE91463760C4F9AE02/1BEBEF22BC2B11EE9E07372FC4F9AE02.roa
Signing time: Fri 26 Jan 2024 09:13:03 +0000
ROA not before: Fri 26 Jan 2024 09:13:03 +0000
ROA not after: Thu 01 May 2025 00:00:00 +0000
asID: 140201
IP address blocks: 2401:7860:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 11 Nov 2024 19:49:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10 (0xa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917530D/serialNumber=E780FA3777B81D4CF6A35406EA5CF4BE4F65E9FA
Validity
Not Before: Jan 26 09:13:03 2024 GMT
Not After : May 1 00:00:00 2025 GMT
Subject: CN=65b3779f-d9fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:35:0b:74:37:50:99:3b:e9:0f:22:cc:5b:b2:
3a:4e:71:73:24:cf:00:fb:56:23:1e:4d:b6:7d:fe:
ff:bc:c5:6c:dc:61:e6:3d:3f:23:b1:94:7b:9a:e6:
e5:d7:4d:10:50:27:92:5a:34:35:68:ab:40:72:20:
08:f5:ef:9e:38:a9:6a:ee:3d:ba:31:e8:31:46:ab:
5e:0e:f3:bd:3f:b4:94:4c:fa:66:ad:92:01:6d:f2:
77:28:3d:75:67:74:fe:eb:0b:0e:d9:3e:66:df:f2:
5f:56:a9:2c:db:be:39:8d:7a:29:b9:af:fd:3b:46:
51:ef:9f:0a:05:22:35:03:97:c0:af:fb:34:7a:a7:
f8:a7:cb:f5:9b:e2:17:cd:e0:89:fb:f1:6f:4e:69:
a5:51:4e:72:c0:e6:0f:fd:b2:56:dc:d2:45:08:f8:
04:c6:2c:8d:c8:0f:c8:e5:ea:3f:3b:47:66:72:c1:
3b:b8:18:10:5a:de:54:2a:c3:81:79:3e:a4:7b:9e:
12:f2:05:ea:50:73:b3:47:6a:58:49:c1:1e:78:b8:
5e:7d:a4:ce:16:69:f6:e8:bf:90:19:29:af:55:5b:
f6:59:20:26:49:5e:ea:de:bc:48:14:45:0e:d3:f9:
07:f2:07:42:0c:34:d4:ab:aa:8a:bc:5e:06:69:bc:
49:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:C6:9A:83:09:1D:4F:12:B1:44:A3:97:5F:9B:97:81:AE:E3:43:40
X509v3 Authority Key Identifier:
keyid:E7:80:FA:37:77:B8:1D:4C:F6:A3:54:06:EA:5C:F4:BE:4F:65:E9:FA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917530D/E64001F4B64B11EE91463760C4F9AE02/54D6N3e4HUz2o1QG6lz0vk9l6fo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/54D6N3e4HUz2o1QG6lz0vk9l6fo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917530D/E64001F4B64B11EE91463760C4F9AE02/1BEBEF22BC2B11EE9E07372FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2401:7860:1::/48
Signature Algorithm: sha256WithRSAEncryption
1f:06:c0:39:77:cb:c5:cf:e6:a2:c4:0a:0c:0b:cc:28:9f:9b:
67:ad:13:d2:af:ee:f4:9d:fa:e0:34:2d:f1:de:38:c6:ce:7a:
2c:93:a1:e2:53:df:36:9a:dd:99:3a:2d:47:3b:70:a2:87:fd:
39:74:63:a8:ab:5b:31:f5:1f:6c:af:00:5f:59:ea:20:bb:e9:
c6:5f:c2:3e:b5:ae:c5:f1:12:58:e3:7a:c3:68:e3:96:c5:de:
3e:28:14:d9:01:52:ab:53:0c:39:c5:60:2b:26:3c:b5:35:78:
16:83:9a:15:c8:e0:f0:c0:fd:35:48:64:a8:5d:fc:71:28:1d:
d6:30:f0:c4:34:e5:03:bd:4c:49:96:ff:72:a1:09:49:7e:91:
e3:54:b1:07:1d:e3:04:5d:d2:a0:23:85:03:b4:73:63:46:c6:
43:2c:48:4d:d9:ac:63:51:f8:bc:9b:6d:af:f6:7f:81:3a:2f:
b6:e5:e3:00:51:ca:d1:6f:1a:11:f7:76:da:b8:cb:75:73:f4:
1d:b6:c4:2c:2f:ff:63:e9:e2:9d:ad:e5:64:99:03:66:d3:24:
e6:ca:1d:33:4b:fd:1d:3d:1a:bc:d5:6c:26:0f:dc:71:03:51:
9b:41:fd:a5:d9:4c:a5:76:93:74:11:55:d8:b2:6d:58:c3:75:
81:c7:f7:46
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgIBCjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3
NTMwRDExMC8GA1UEBRMoRTc4MEZBMzc3N0I4MUQ0Q0Y2QTM1NDA2RUE1Q0Y0QkU0
RjY1RTlGQTAeFw0yNDAxMjYwOTEzMDNaFw0yNTA1MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY1YjM3NzlmLWQ5ZmUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDaNQt0N1CZO+kPIsxbsjpOcXMkzwD7ViMeTbZ9/v+8xWzcYeY9PyOxlHua5uXX
TRBQJ5JaNDVoq0ByIAj17544qWruPbox6DFGq14O870/tJRM+matkgFt8ncoPXVn
dP7rCw7ZPmbf8l9WqSzbvjmNeim5r/07RlHvnwoFIjUDl8Cv+zR6p/iny/Wb4hfN
4In78W9OaaVRTnLA5g/9slbc0kUI+ATGLI3ID8jl6j87R2ZywTu4GBBa3lQqw4F5
PqR7nhLyBepQc7NHalhJwR54uF59pM4Wafbov5AZKa9VW/ZZICZJXurevEgURQ7T
+QfyB0IMNNSrqoq8XgZpvEkfAgMBAAGjggKYMIIClDAdBgNVHQ4EFgQUocaagwkd
TxKxRKOXX5uXga7jQ0AwHwYDVR0jBBgwFoAU54D6N3e4HUz2o1QG6lz0vk9l6fow
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTc1MzBEL0U2NDAwMUY0QjY0
QjExRUU5MTQ2Mzc2MEM0RjlBRTAyLzU0RDZOM2U0SFV6Mm8xUUc2bHowdms5bDZm
by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvNTRENk4zZTRIVXoybzFRRzZsejB2azlsNmZvLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
NTMwRC9FNjQwMDFGNEI2NEIxMUVFOTE0NjM3NjBDNEY5QUUwMi8xQkVCRUYyMkJD
MkIxMUVFOUUwNzM3MkZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAiBggrBgEFBQcBBwEB/wQT
MBEwDwQCAAIwCQMHACQBeGAAATANBgkqhkiG9w0BAQsFAAOCAQEAHwbAOXfLxc/m
osQKDAvMKJ+bZ60T0q/u9J364DQt8d44xs56LJOh4lPfNprdmTotRztwoof9OXRj
qKtbMfUfbK8AX1nqILvpxl/CPrWuxfESWON6w2jjlsXePigU2QFSq1MMOcVgKyY8
tTV4FoOaFcjg8MD9NUhkqF38cSgd1jDwxDTlA71MSZb/cqEJSX6R41SxBx3jBF3S
oCOFA7RzY0bGQyxITdmsY1H4vJttr/Z/gTovtuXjAFHK0W8aEfd22rjLdXP0HbbE
LC//Y+nina3lZJkDZtMk5sodM0v9HT0avNVsJg/ccQNRm0H9pdlMpXaTdBFV2LJt
WMN1gcf3Rg==
-----END CERTIFICATE-----
Generated at Tue Nov 12 00:40:42 2024 by rpki-client on console-ams.rpki-client.org