Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917ED5C/B56422D0860811EA92999571C4F9AE02/4839A1B0BC8311EA8D315C3BC4F9AE02.roa
File: 4839A1B0BC8311EA8D315C3BC4F9AE02.roa (raw, json)
Hash identifier: OsuDNWdXmKRbAqZLE4l/b2/QtcVpA2npU4yPR8Itr2I=
Subject key identifier: 4C:02:5C:55:1E:87:80:C0:8B:26:F1:A1:43:1A:54:6B:3F:78:0B:4D
Certificate issuer: /CN=A917ED5C/serialNumber=6FD2E1FE04EAFF9027CE5313150BE84DE11CA1A5
Certificate serial: 0A3A
Authority key identifier: 6F:D2:E1:FE:04:EA:FF:90:27:CE:53:13:15:0B:E8:4D:E1:1C:A1:A5
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b9Lh_gTq_5AnzlMTFQvoTeEcoaU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917ED5C/B56422D0860811EA92999571C4F9AE02/4839A1B0BC8311EA8D315C3BC4F9AE02.roa
Signing time: Sun 14 May 2023 22:14:11 +0000
ROA not before: Sun 14 May 2023 22:14:11 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 138211
IP address blocks: 2406:840:e180::/44 maxlen: 48
2406:840:e240::/44 maxlen: 48
2406:840:e400::/44 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2618 (0xa3a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917ED5C/serialNumber=6FD2E1FE04EAFF9027CE5313150BE84DE11CA1A5
Validity
Not Before: May 14 22:14:11 2023 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=64615d33-3cf8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:50:08:4a:37:d3:4f:a9:67:82:e2:d1:6b:ad:
1e:7d:16:42:9b:a6:27:02:f1:cf:e7:60:5e:60:32:
b3:a6:52:49:04:0b:02:ff:e6:37:45:52:61:6c:c7:
98:14:f3:a9:6f:42:6b:a6:9a:2c:46:49:0f:6e:1a:
ef:87:46:fb:8c:c8:f9:a4:1a:35:63:87:77:de:d0:
38:ed:fc:5a:a1:8c:59:b9:cc:b6:59:0b:bc:3a:dc:
2a:59:58:c8:57:eb:67:e1:f4:a1:d0:4b:99:a0:f6:
44:e1:db:b8:e9:a5:80:1a:0e:99:0f:e4:58:ff:f8:
23:9d:4f:da:71:6b:b4:96:7a:76:16:24:c4:92:ea:
75:c0:53:a2:20:53:39:a3:63:5b:02:1a:5a:6f:59:
6a:0f:06:bb:b6:64:07:c3:ff:be:cb:74:a4:fa:0c:
07:e6:31:2c:7f:7d:78:4d:e9:13:85:10:fc:c8:01:
49:d2:f8:02:db:8b:e1:cc:4c:54:32:50:08:2e:41:
93:58:b4:c0:57:3e:02:1e:04:49:37:8e:56:73:b7:
87:c4:27:47:5f:6a:2a:83:7a:07:99:f6:61:35:2f:
62:59:d5:a0:9a:50:f0:f8:2f:8d:1e:f7:0d:bd:9b:
9a:17:e3:73:cd:15:e1:05:99:2c:54:23:1c:6e:4e:
29:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:02:5C:55:1E:87:80:C0:8B:26:F1:A1:43:1A:54:6B:3F:78:0B:4D
X509v3 Authority Key Identifier:
keyid:6F:D2:E1:FE:04:EA:FF:90:27:CE:53:13:15:0B:E8:4D:E1:1C:A1:A5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917ED5C/B56422D0860811EA92999571C4F9AE02/b9Lh_gTq_5AnzlMTFQvoTeEcoaU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b9Lh_gTq_5AnzlMTFQvoTeEcoaU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917ED5C/B56422D0860811EA92999571C4F9AE02/4839A1B0BC8311EA8D315C3BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2406:840:e180::/44
2406:840:e240::/44
2406:840:e400::/44
Signature Algorithm: sha256WithRSAEncryption
46:46:f0:8e:f2:e4:9e:14:bd:9d:6c:3f:28:ac:5d:90:76:f7:
d8:b0:32:e1:8e:2f:fe:01:b3:91:73:62:f6:87:38:56:d6:c0:
75:cd:45:e8:e4:31:13:83:5f:b4:2f:a9:b6:24:9c:86:07:79:
2c:d8:9b:cb:31:bf:a3:b9:77:42:6b:7b:0f:2d:c6:b1:4a:19:
87:13:ad:33:eb:6f:5d:1a:de:57:ad:80:0d:38:8c:6d:3a:67:
4a:c5:48:6d:77:66:49:b5:12:3e:c1:af:87:d0:13:82:3b:71:
d9:2a:34:5e:5f:4b:69:6c:46:16:11:87:6b:c7:17:d5:49:36:
1d:1f:62:d6:24:9d:2e:b3:ec:1e:45:84:56:a1:4e:90:3f:4e:
20:4c:2e:59:67:ce:d5:24:c9:cc:fd:4a:17:09:9d:ed:87:27:
74:b1:a6:1d:72:c9:92:d0:a3:e1:22:ce:a3:4e:47:34:26:83:
72:db:66:9e:e4:a2:ca:c3:b1:a5:10:7e:17:b7:fb:01:85:09:
5a:c2:0d:66:d6:74:e7:91:89:7c:81:71:05:af:56:d5:84:85:
6b:55:a4:0f:37:0f:d8:da:11:db:1b:5a:58:a4:5f:ef:e6:77:
e7:71:a4:11:1f:81:75:49:0b:e3:13:0c:71:45:96:79:1b:a4:
22:de:6f:7c
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICCjowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0VENUMxMTAvBgNVBAUTKDZGRDJFMUZFMDRFQUZGOTAyN0NFNTMxMzE1MEJFODRE
RTExQ0ExQTUwHhcNMjMwNTE0MjIxNDExWhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDYxNWQzMy0zY2Y4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA8VAISjfTT6lnguLRa60efRZCm6YnAvHP52BeYDKzplJJBAsC/+Y3RVJhbMeY
FPOpb0JrpposRkkPbhrvh0b7jMj5pBo1Y4d33tA47fxaoYxZucy2WQu8OtwqWVjI
V+tn4fSh0EuZoPZE4du46aWAGg6ZD+RY//gjnU/acWu0lnp2FiTEkup1wFOiIFM5
o2NbAhpab1lqDwa7tmQHw/++y3Sk+gwH5jEsf314TekThRD8yAFJ0vgC24vhzExU
MlAILkGTWLTAVz4CHgRJN45Wc7eHxCdHX2oqg3oHmfZhNS9iWdWgmlDw+C+NHvcN
vZuaF+NzzRXhBZksVCMcbk4p4QIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFEwCXFUe
h4DAiybxoUMaVGs/eAtNMB8GA1UdIwQYMBaAFG/S4f4E6v+QJ85TExUL6E3hHKGl
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RUQ1Qy9CNTY0MjJEMDg2
MDgxMUVBOTI5OTk1NzFDNEY5QUUwMi9iOUxoX2dUcV81QW56bE1URlF2b1RlRWNv
YVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2I5TGhfZ1RxXzVBbnpsTVRGUXZvVGVFY29hVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0VENUMvQjU2NDIyRDA4NjA4MTFFQTkyOTk5NTcxQzRGOUFFMDIvNDgzOUExQjBC
QzgzMTFFQThEMzE1QzNCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMCEEAgACMBsDBwQkBghA4YADBwQkBghA4kADBwQkBghA5AAwDQYJKoZIhvcN
AQELBQADggEBAEZG8I7y5J4UvZ1sPyisXZB299iwMuGOL/4Bs5FzYvaHOFbWwHXN
RejkMRODX7QvqbYknIYHeSzYm8sxv6O5d0Jrew8txrFKGYcTrTPrb10a3letgA04
jG06Z0rFSG13Zkm1Ej7Br4fQE4I7cdkqNF5fS2lsRhYRh2vHF9VJNh0fYtYknS6z
7B5FhFahTpA/TiBMLllnztUkycz9ShcJne2HJ3Sxph1yyZLQo+EizqNORzQmg3Lb
Zp7kosrDsaUQfhe3+wGFCVrCDWbWdOeRiXyBcQWvVtWEhWtVpA83D9jaEdsbWlik
X+/md+dxpBEfgXVJC+MTDHFFlnkbpCLeb3w=
-----END CERTIFICATE-----
Generated at Tue Dec 19 14:40:10 2023 by rpki-client on console-fra.rpki-client.org