Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917ED5C/B56422D0860811EA92999571C4F9AE02/74CE471E320D11EEB5724E3EC4F9AE02.roa
File: 74CE471E320D11EEB5724E3EC4F9AE02.roa (raw, json)
Hash identifier: fvrX3nLh9tg1DHX6NvVywqUMyME5N6HGrvxjVlL3bXQ=
Subject key identifier: E9:F4:E4:E1:F6:55:44:A0:EE:17:D2:BC:CF:78:F7:F4:50:24:91:33
Certificate issuer: /CN=A917ED5C/serialNumber=6FD2E1FE04EAFF9027CE5313150BE84DE11CA1A5
Certificate serial: 0ADB
Authority key identifier: 6F:D2:E1:FE:04:EA:FF:90:27:CE:53:13:15:0B:E8:4D:E1:1C:A1:A5
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b9Lh_gTq_5AnzlMTFQvoTeEcoaU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917ED5C/B56422D0860811EA92999571C4F9AE02/74CE471E320D11EEB5724E3EC4F9AE02.roa
Signing time: Thu 03 Aug 2023 14:53:38 +0000
ROA not before: Thu 03 Aug 2023 14:53:38 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 32167
IP address blocks: 2406:840:e911::/48 maxlen: 48
2406:840:fa80::/44 maxlen: 48
Validation: Failed, certificate revoked on Thu 26 Oct 2023 05:24:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2779 (0xadb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917ED5C/serialNumber=6FD2E1FE04EAFF9027CE5313150BE84DE11CA1A5
Validity
Not Before: Aug 3 14:53:38 2023 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=64cbbf72-a113
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:17:e4:62:fc:53:36:08:58:c1:6a:49:2a:35:
b5:49:f9:77:9a:a9:b8:1b:9e:1c:9c:07:04:c2:2b:
76:bc:ab:74:2f:91:5d:06:4a:61:0b:f9:30:07:96:
2d:5e:b7:77:cd:69:04:41:ab:6c:fb:96:e6:7d:cf:
a8:a3:88:13:ee:0b:09:ca:8e:fb:c1:d9:1d:ea:c8:
33:1b:ff:dd:c7:01:d7:c8:36:be:fc:79:b6:a7:1d:
c0:61:8e:0e:d6:68:73:f7:52:2a:5e:dc:d7:2e:ed:
ba:92:69:50:d6:94:97:35:27:66:6b:9d:be:f4:de:
79:99:ff:19:cc:70:cb:c3:5c:bb:b8:5a:25:79:2d:
72:68:e0:ee:ca:c5:39:2f:9e:19:bc:88:34:0b:37:
55:f4:1d:7d:42:24:7d:78:07:7c:6b:95:f0:ad:d8:
83:99:6f:1f:b4:41:69:b2:e7:42:ef:18:5c:95:e8:
e9:a1:0d:9c:17:ad:66:93:92:8e:19:e5:a8:b0:fc:
ed:9c:aa:50:0f:29:a9:7b:88:e5:e2:68:7d:9b:38:
87:dd:04:9d:39:41:0d:2c:c6:96:82:6a:2d:3e:24:
94:d7:fc:7f:23:69:e6:c0:30:1e:e3:18:a3:96:a1:
89:46:0b:9a:25:e7:96:85:b3:6c:47:31:d9:65:26:
4e:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:F4:E4:E1:F6:55:44:A0:EE:17:D2:BC:CF:78:F7:F4:50:24:91:33
X509v3 Authority Key Identifier:
keyid:6F:D2:E1:FE:04:EA:FF:90:27:CE:53:13:15:0B:E8:4D:E1:1C:A1:A5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917ED5C/B56422D0860811EA92999571C4F9AE02/b9Lh_gTq_5AnzlMTFQvoTeEcoaU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b9Lh_gTq_5AnzlMTFQvoTeEcoaU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917ED5C/B56422D0860811EA92999571C4F9AE02/74CE471E320D11EEB5724E3EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2406:840:e911::/48
2406:840:fa80::/44
Signature Algorithm: sha256WithRSAEncryption
46:f9:16:84:02:d2:87:69:87:51:fb:05:3e:a8:a4:00:24:2c:
94:78:fb:05:c3:3a:6e:ae:5c:ac:46:44:41:a9:17:71:ac:ce:
e1:30:b6:d8:2f:b0:7b:af:81:a0:d8:4f:ef:7c:af:8b:19:d6:
ef:44:a6:64:9f:75:11:86:15:6f:93:d5:91:1a:04:3f:1d:74:
0e:cd:4e:39:f8:af:9d:34:ba:b9:0d:a0:b7:58:dd:ee:a1:0d:
eb:b0:6f:89:af:dd:5f:5a:fa:01:ec:a1:dc:47:85:0c:5e:23:
69:72:94:01:7f:f9:dc:d1:57:47:bb:07:80:84:e3:d9:89:cc:
08:c3:e0:16:3b:be:2f:f5:41:fa:66:58:43:14:93:0a:0c:c0:
40:db:cc:99:c1:29:99:23:62:41:f7:e5:23:2d:30:f8:f2:a1:
92:32:2f:ec:07:91:b3:42:90:54:57:c0:46:dc:6a:b2:7c:39:
28:3a:78:b4:f6:fc:52:92:36:08:fa:45:b6:a5:09:13:69:62:
72:93:2e:89:0c:14:ae:7a:4e:4c:a9:08:36:a2:5c:61:0d:96:
4e:34:02:44:8f:60:35:46:f5:97:56:87:4d:c0:28:c8:68:d7:
8e:1d:26:00:0c:e1:46:7b:26:e4:27:e1:a9:42:fd:bb:36:40:
9e:6d:c4:f0
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICCtswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0VENUMxMTAvBgNVBAUTKDZGRDJFMUZFMDRFQUZGOTAyN0NFNTMxMzE1MEJFODRE
RTExQ0ExQTUwHhcNMjMwODAzMTQ1MzM4WhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGNiYmY3Mi1hMTEzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA7BfkYvxTNghYwWpJKjW1Sfl3mqm4G54cnAcEwit2vKt0L5FdBkphC/kwB5Yt
Xrd3zWkEQats+5bmfc+oo4gT7gsJyo77wdkd6sgzG//dxwHXyDa+/Hm2px3AYY4O
1mhz91IqXtzXLu26kmlQ1pSXNSdma52+9N55mf8ZzHDLw1y7uFoleS1yaODuysU5
L54ZvIg0CzdV9B19QiR9eAd8a5XwrdiDmW8ftEFpsudC7xhclejpoQ2cF61mk5KO
GeWosPztnKpQDympe4jl4mh9mziH3QSdOUENLMaWgmotPiSU1/x/I2nmwDAe4xij
lqGJRguaJeeWhbNsRzHZZSZOQQIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFOn05OH2
VUSg7hfSvM949/RQJJEzMB8GA1UdIwQYMBaAFG/S4f4E6v+QJ85TExUL6E3hHKGl
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RUQ1Qy9CNTY0MjJEMDg2
MDgxMUVBOTI5OTk1NzFDNEY5QUUwMi9iOUxoX2dUcV81QW56bE1URlF2b1RlRWNv
YVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2I5TGhfZ1RxXzVBbnpsTVRGUXZvVGVFY29hVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0VENUMvQjU2NDIyRDA4NjA4MTFFQTkyOTk5NTcxQzRGOUFFMDIvNzRDRTQ3MUUz
MjBEMTFFRUI1NzI0RTNFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgACMBIDBwAkBghA6REDBwQkBghA+oAwDQYJKoZIhvcNAQELBQADggEB
AEb5FoQC0odph1H7BT6opAAkLJR4+wXDOm6uXKxGREGpF3GszuEwttgvsHuvgaDY
T+98r4sZ1u9EpmSfdRGGFW+T1ZEaBD8ddA7NTjn4r500urkNoLdY3e6hDeuwb4mv
3V9a+gHsodxHhQxeI2lylAF/+dzRV0e7B4CE49mJzAjD4BY7vi/1QfpmWEMUkwoM
wEDbzJnBKZkjYkH35SMtMPjyoZIyL+wHkbNCkFRXwEbcarJ8OSg6eLT2/FKSNgj6
RbalCRNpYnKTLokMFK56TkypCDaiXGENlk40AkSPYDVG9ZdWh03AKMho144dJgAM
4UZ7JuQn4alC/bs2QJ5txPA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:13 2024 by rpki-client on console-fra.rpki-client.org