Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917ED5C/B56422D0860811EA92999571C4F9AE02/4BB68A1C0ED011EFABFC2A57C4F9AE02.roa
File: 4BB68A1C0ED011EFABFC2A57C4F9AE02.roa (raw, json)
Hash identifier: nYpDrSH+A7YrNwMlBb7SjYT4PzKaQCMdowjptg+1DKI=
Subject key identifier: 44:9C:23:76:ED:EB:89:19:D3:2E:E0:44:86:8E:AF:B9:56:8D:49:E8
Certificate issuer: /CN=A917ED5C/serialNumber=6FD2E1FE04EAFF9027CE5313150BE84DE11CA1A5
Certificate serial: 0C20
Authority key identifier: 6F:D2:E1:FE:04:EA:FF:90:27:CE:53:13:15:0B:E8:4D:E1:1C:A1:A5
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b9Lh_gTq_5AnzlMTFQvoTeEcoaU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917ED5C/B56422D0860811EA92999571C4F9AE02/4BB68A1C0ED011EFABFC2A57C4F9AE02.roa
Signing time: Fri 10 May 2024 13:22:06 +0000
ROA not before: Fri 10 May 2024 13:22:06 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 38173
IP address blocks: 2406:840:eed0::/44 maxlen: 48
Validation: Failed, certificate revoked on Fri 10 May 2024 14:22:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3104 (0xc20)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917ED5C/serialNumber=6FD2E1FE04EAFF9027CE5313150BE84DE11CA1A5
Validity
Not Before: May 10 13:22:06 2024 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=663e1f7e-5c29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:dc:0c:19:56:96:dc:eb:33:60:f7:b3:77:8e:
fc:bf:49:24:f8:96:40:04:1d:d9:37:83:7d:5b:d6:
f2:43:7e:19:88:db:90:5c:48:15:6f:43:18:5a:e4:
c7:3b:e0:d3:93:22:2f:80:4d:8c:ad:4f:89:fe:2d:
64:c7:15:9a:d3:21:1a:66:74:81:fc:0f:fd:fe:cc:
e8:90:81:5d:ad:52:11:8a:84:b2:f2:0a:08:f0:4f:
25:58:9c:88:cc:ca:1e:25:dc:d8:a1:f4:a4:46:ca:
05:08:ad:bf:fd:20:aa:38:4b:c5:99:b5:42:ca:17:
18:6e:4c:dd:91:ec:8f:f8:0f:f1:40:c9:98:3e:fd:
92:81:95:f2:ea:e7:00:69:f2:b7:24:e7:61:dd:78:
20:7f:e0:f2:21:01:33:e8:68:8b:59:52:92:b5:2f:
41:f0:fd:20:29:ad:6e:f0:02:44:b2:c7:e4:17:a9:
77:88:3e:1f:13:21:04:a1:55:9a:f2:7c:2b:52:1a:
c7:a6:ea:f5:03:f1:e6:8b:8a:f8:da:ae:f1:8c:96:
b5:f4:01:ee:47:9e:00:7c:06:b0:ee:91:79:5c:7c:
f8:4d:d4:fa:0e:ee:f9:e9:0f:7b:91:38:0e:d7:5c:
57:3c:ff:73:1d:3e:dc:05:89:26:99:76:19:f7:f6:
6e:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:9C:23:76:ED:EB:89:19:D3:2E:E0:44:86:8E:AF:B9:56:8D:49:E8
X509v3 Authority Key Identifier:
keyid:6F:D2:E1:FE:04:EA:FF:90:27:CE:53:13:15:0B:E8:4D:E1:1C:A1:A5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917ED5C/B56422D0860811EA92999571C4F9AE02/b9Lh_gTq_5AnzlMTFQvoTeEcoaU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b9Lh_gTq_5AnzlMTFQvoTeEcoaU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917ED5C/B56422D0860811EA92999571C4F9AE02/4BB68A1C0ED011EFABFC2A57C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2406:840:eed0::/44
Signature Algorithm: sha256WithRSAEncryption
4b:15:fc:14:68:32:31:c6:8e:be:12:e3:e3:52:4d:4c:cf:0d:
31:8b:96:82:69:ac:0c:51:54:e0:cf:a1:72:8a:1e:29:95:82:
9a:26:f4:59:fc:ab:59:a7:d0:0b:d4:9d:63:ae:f6:c8:4c:62:
cf:de:8b:0b:fd:1a:61:d4:d6:28:9e:f6:0e:f9:ce:e7:23:61:
59:79:fa:91:ac:d6:cb:83:67:ab:d1:b2:ed:d1:f4:bd:0b:79:
ba:f1:57:f1:c4:95:7f:a6:6d:7b:8d:18:3f:4d:5e:57:22:2b:
f1:8d:8b:61:4b:c9:0a:b4:97:2e:04:44:fa:8b:7b:49:ac:d9:
40:32:cc:a2:b0:6c:39:ba:68:23:46:f8:65:ed:75:88:d3:da:
f8:49:1f:69:49:1c:7b:ac:10:bf:cc:b8:35:2f:56:8b:e9:65:
29:34:bf:90:65:21:33:9d:20:29:3f:51:70:53:7b:a6:e5:fd:
43:8d:9e:fe:fb:dc:63:a3:76:bf:37:b9:7c:43:1e:a6:2e:0d:
30:a4:df:cd:74:a2:29:f8:3d:fc:f8:c1:a4:8a:53:0a:2a:91:
45:0c:25:d9:3f:0f:3a:e2:68:6b:0d:57:be:54:38:dd:ef:10:
ba:b0:af:06:73:21:72:d2:f9:ce:91:9e:65:e0:96:ac:33:c3:
31:80:80:07
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgICDCAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0VENUMxMTAvBgNVBAUTKDZGRDJFMUZFMDRFQUZGOTAyN0NFNTMxMzE1MEJFODRE
RTExQ0ExQTUwHhcNMjQwNTEwMTMyMjA2WhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjNlMWY3ZS01YzI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA7twMGVaW3OszYPezd478v0kk+JZABB3ZN4N9W9byQ34ZiNuQXEgVb0MYWuTH
O+DTkyIvgE2MrU+J/i1kxxWa0yEaZnSB/A/9/szokIFdrVIRioSy8goI8E8lWJyI
zMoeJdzYofSkRsoFCK2//SCqOEvFmbVCyhcYbkzdkeyP+A/xQMmYPv2SgZXy6ucA
afK3JOdh3Xggf+DyIQEz6GiLWVKStS9B8P0gKa1u8AJEssfkF6l3iD4fEyEEoVWa
8nwrUhrHpur1A/Hmi4r42q7xjJa19AHuR54AfAaw7pF5XHz4TdT6Du756Q97kTgO
11xXPP9zHT7cBYkmmXYZ9/ZuIQIDAQABo4ICmDCCApQwHQYDVR0OBBYEFEScI3bt
64kZ0y7gRIaOr7lWjUnoMB8GA1UdIwQYMBaAFG/S4f4E6v+QJ85TExUL6E3hHKGl
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RUQ1Qy9CNTY0MjJEMDg2
MDgxMUVBOTI5OTk1NzFDNEY5QUUwMi9iOUxoX2dUcV81QW56bE1URlF2b1RlRWNv
YVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2I5TGhfZ1RxXzVBbnpsTVRGUXZvVGVFY29hVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0VENUMvQjU2NDIyRDA4NjA4MTFFQTkyOTk5NTcxQzRGOUFFMDIvNEJCNjhBMUMw
RUQwMTFFRkFCRkMyQTU3QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwQkBghA7tAwDQYJKoZIhvcNAQELBQADggEBAEsV/BRoMjHG
jr4S4+NSTUzPDTGLloJprAxRVODPoXKKHimVgpom9Fn8q1mn0AvUnWOu9shMYs/e
iwv9GmHU1iie9g75zucjYVl5+pGs1suDZ6vRsu3R9L0LebrxV/HElX+mbXuNGD9N
XlciK/GNi2FLyQq0ly4ERPqLe0ms2UAyzKKwbDm6aCNG+GXtdYjT2vhJH2lJHHus
EL/MuDUvVovpZSk0v5BlITOdICk/UXBTe6bl/UONnv773GOjdr83uXxDHqYuDTCk
3810oin4Pfz4waSKUwoqkUUMJdk/DzriaGsNV75UON3vELqwrwZzIXLS+c6RnmXg
lqwzwzGAgAc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:23 2024 by rpki-client on console-ams.rpki-client.org