Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917C1DC/B2D1DE20594F11EB88F7A73EC4F9AE02/1844CACEF68C11EEAD8EB82EC4F9AE02.roa
File: 1844CACEF68C11EEAD8EB82EC4F9AE02.roa (raw, json)
Hash identifier: 9JG4ZRrKmUy4v3GYhIiQIt/vbIgOdAYFq9JUuJK5b7U=
Subject key identifier: 4C:34:E2:0A:71:69:3B:07:B2:2B:00:FF:59:C1:DC:21:C2:BC:77:06
Certificate issuer: /CN=A917C1DC/serialNumber=A8D576D4AFBB64045BB0295641B99427D7F878F2
Certificate serial: 0664
Authority key identifier: A8:D5:76:D4:AF:BB:64:04:5B:B0:29:56:41:B9:94:27:D7:F8:78:F2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qNV21K-7ZARbsClWQbmUJ9f4ePI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917C1DC/B2D1DE20594F11EB88F7A73EC4F9AE02/1844CACEF68C11EEAD8EB82EC4F9AE02.roa
Signing time: Tue 09 Apr 2024 16:13:26 +0000
ROA not before: Tue 09 Apr 2024 16:13:26 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 397423
IP address blocks: 2402:86c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Sat 15 Jun 2024 18:22:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1636 (0x664)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917C1DC/serialNumber=A8D576D4AFBB64045BB0295641B99427D7F878F2
Validity
Not Before: Apr 9 16:13:26 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=66156926-3d0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:b0:c7:2d:0b:cf:5a:20:46:00:8d:81:e6:0f:
ee:1e:70:b9:ca:6d:d2:5b:7c:3c:dc:c4:6e:c5:03:
96:62:3d:5d:85:ac:82:84:92:4c:54:70:0e:be:90:
92:9a:bc:50:8b:43:ea:e1:07:11:8d:74:fe:89:5c:
1b:ff:e0:e8:3b:aa:b2:5b:96:07:9c:8c:cb:6b:05:
d1:7d:e7:b3:78:32:ea:bf:99:c3:97:0b:40:26:74:
d4:4a:1e:19:be:e5:7d:f7:28:c6:fc:fe:62:a3:a3:
d5:b9:72:c9:5e:3c:18:97:0a:86:0e:5a:fa:29:60:
4d:4e:4f:9d:9b:3e:3b:f1:ef:5d:71:d3:f3:cc:c3:
2b:b2:4f:03:b0:05:1c:c9:f5:02:f6:cf:3e:9d:64:
a2:26:0d:13:f2:c7:08:da:7c:95:0f:32:3b:36:ae:
eb:07:15:1b:9f:83:07:1e:59:ae:f3:96:b2:a4:bf:
7e:bf:d0:54:be:bf:2b:79:88:d6:87:b8:4a:c4:7c:
f6:e0:19:66:08:4e:bb:fd:32:d8:59:dc:61:75:c8:
9c:98:30:60:53:9c:32:08:98:26:c6:78:26:24:11:
70:2f:99:de:db:5c:28:97:7a:24:9c:3b:a3:0c:90:
22:1b:a0:11:c7:9c:4d:cb:a9:dc:62:19:1e:c1:69:
18:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:34:E2:0A:71:69:3B:07:B2:2B:00:FF:59:C1:DC:21:C2:BC:77:06
X509v3 Authority Key Identifier:
keyid:A8:D5:76:D4:AF:BB:64:04:5B:B0:29:56:41:B9:94:27:D7:F8:78:F2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917C1DC/B2D1DE20594F11EB88F7A73EC4F9AE02/qNV21K-7ZARbsClWQbmUJ9f4ePI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qNV21K-7ZARbsClWQbmUJ9f4ePI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917C1DC/B2D1DE20594F11EB88F7A73EC4F9AE02/1844CACEF68C11EEAD8EB82EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2402:86c0::/32
Signature Algorithm: sha256WithRSAEncryption
7a:b6:1b:89:83:bd:16:c8:f2:d7:07:65:68:02:27:a1:f0:b4:
5f:0a:7b:e1:60:c6:fa:6a:45:8f:2b:58:58:9a:29:f5:e3:aa:
b2:90:be:3e:49:27:09:75:ed:66:21:e5:69:3a:02:0a:c9:d2:
a6:bf:b7:1c:51:7d:fb:e8:77:39:f5:b2:4a:7a:3f:23:7c:a2:
c8:cd:5d:77:31:17:ea:0b:3e:e5:27:c0:d5:c1:35:94:48:dc:
f2:4d:c5:29:6d:3d:c6:c5:cc:ab:24:20:7d:e9:01:9f:b5:38:
ab:74:65:af:7c:11:1c:ad:67:d2:60:fd:8c:56:26:b4:3c:a7:
81:2b:10:86:64:00:9c:3a:ae:49:63:7c:b4:31:20:f8:be:59:
22:c5:7c:c8:37:a4:ee:55:51:e3:2e:01:e2:d8:6b:81:cb:5c:
b3:1c:76:60:3b:67:d0:eb:8c:d0:06:d0:d6:fa:7d:da:2b:fd:
71:07:6c:1b:90:87:cb:7a:10:ee:09:6d:9a:1b:8e:4f:6a:42:
71:36:0d:48:7d:d1:58:4d:96:1e:46:91:9b:a9:bc:38:a2:21:
f1:d6:45:72:cb:38:41:51:e4:9d:b1:e1:16:0b:86:73:b9:3a:
f0:30:82:03:20:b5:bf:ab:53:60:90:36:14:d1:21:8e:62:08:
ae:74:bc:aa
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgICBmQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0MxREMxMTAvBgNVBAUTKEE4RDU3NkQ0QUZCQjY0MDQ1QkIwMjk1NjQxQjk5NDI3
RDdGODc4RjIwHhcNMjQwNDA5MTYxMzI2WhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02NjE1NjkyNi0zZDBhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqrDHLQvPWiBGAI2B5g/uHnC5ym3SW3w83MRuxQOWYj1dhayChJJMVHAOvpCS
mrxQi0Pq4QcRjXT+iVwb/+DoO6qyW5YHnIzLawXRfeezeDLqv5nDlwtAJnTUSh4Z
vuV99yjG/P5io6PVuXLJXjwYlwqGDlr6KWBNTk+dmz478e9dcdPzzMMrsk8DsAUc
yfUC9s8+nWSiJg0T8scI2nyVDzI7Nq7rBxUbn4MHHlmu85aypL9+v9BUvr8reYjW
h7hKxHz24BlmCE67/TLYWdxhdcicmDBgU5wyCJgmxngmJBFwL5ne21wol3oknDuj
DJAiG6ARx5xNy6ncYhkewWkY4QIDAQABo4ICljCCApIwHQYDVR0OBBYEFEw04gpx
aTsHsisA/1nB3CHCvHcGMB8GA1UdIwQYMBaAFKjVdtSvu2QEW7ApVkG5lCfX+Hjy
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QzFEQy9CMkQxREUyMDU5
NEYxMUVCODhGN0E3M0VDNEY5QUUwMi9xTlYyMUstN1pBUmJzQ2xXUWJtVUo5ZjRl
UEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3FOVjIxSy03WkFSYnNDbFdRYm1VSjlmNGVQSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0MxREMvQjJEMURFMjA1OTRGMTFFQjg4RjdBNzNFQzRGOUFFMDIvMTg0NENBQ0VG
NjhDMTFFRUFEOEVCODJFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIAYIKwYBBQUHAQcBAf8E
ETAPMA0EAgACMAcDBQAkAobAMA0GCSqGSIb3DQEBCwUAA4IBAQB6thuJg70WyPLX
B2VoAieh8LRfCnvhYMb6akWPK1hYmin146qykL4+SScJde1mIeVpOgIKydKmv7cc
UX376Hc59bJKej8jfKLIzV13MRfqCz7lJ8DVwTWUSNzyTcUpbT3GxcyrJCB96QGf
tTirdGWvfBEcrWfSYP2MVia0PKeBKxCGZACcOq5JY3y0MSD4vlkixXzIN6TuVVHj
LgHi2GuBy1yzHHZgO2fQ64zQBtDW+n3aK/1xB2wbkIfLehDuCW2aG45PakJxNg1I
fdFYTZYeRpGbqbw4oiHx1kVyyzhBUeSdseEWC4ZzuTrwMIIDILW/q1NgkDYU0SGO
YgiudLyq
-----END CERTIFICATE-----
Generated at Sat Jun 15 18:59:20 2024 by rpki-client on console-fra.rpki-client.org