Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917ED5C/B56422D0860811EA92999571C4F9AE02/84E5AEAE9DBB11ECAEF71E5FC4F9AE02.roa
File: 84E5AEAE9DBB11ECAEF71E5FC4F9AE02.roa (raw, json)
Hash identifier: a26dUsTykYmyt6hHf9NyAgCUGvAYWcp0DL7pRl2lFPo=
Subject key identifier: 4F:E5:EA:DE:15:09:E2:1E:CA:04:B3:A5:94:DD:AB:06:0E:02:88:07
Certificate issuer: /CN=A917ED5C/serialNumber=6FD2E1FE04EAFF9027CE5313150BE84DE11CA1A5
Certificate serial: 0B3D
Authority key identifier: 6F:D2:E1:FE:04:EA:FF:90:27:CE:53:13:15:0B:E8:4D:E1:1C:A1:A5
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b9Lh_gTq_5AnzlMTFQvoTeEcoaU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917ED5C/B56422D0860811EA92999571C4F9AE02/84E5AEAE9DBB11ECAEF71E5FC4F9AE02.roa
Signing time: Thu 05 Oct 2023 14:01:23 +0000
ROA not before: Thu 05 Oct 2023 14:01:23 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 20473
IP address blocks: 2406:840:9888::/48 maxlen: 48
2406:840:e060::/44 maxlen: 48
2406:840:e070::/44 maxlen: 48
2406:840:eef0::/44 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Nov 2023 14:52:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2877 (0xb3d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917ED5C/serialNumber=6FD2E1FE04EAFF9027CE5313150BE84DE11CA1A5
Validity
Not Before: Oct 5 14:01:23 2023 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=651ec1b2-09f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:1f:93:e1:bb:d0:43:dc:72:6c:3c:68:8b:f1:
97:fe:53:95:6b:43:b9:d7:24:fb:eb:f2:f1:99:ac:
72:1e:70:59:d0:c1:0e:36:34:e7:b8:b7:a7:a8:19:
df:36:4b:5a:bd:13:ea:b6:44:b7:69:69:3a:11:a4:
31:c5:2a:0e:8a:b4:d1:9f:0b:bf:d6:6b:eb:0f:69:
ae:40:30:7f:74:cc:77:68:0f:5a:3b:b4:de:2f:d6:
6b:96:da:5e:18:aa:8b:5e:10:e8:b5:81:57:04:8b:
98:15:c3:46:3d:e9:11:95:07:5f:43:9c:ca:91:f0:
76:43:c4:f4:16:37:0b:8c:ed:9f:73:44:30:c4:00:
bf:69:a1:ca:72:e8:61:e4:2d:85:6f:f8:27:0f:3b:
19:f2:b8:93:a5:48:04:75:f3:82:8c:70:ca:2f:b6:
25:38:0d:e3:55:81:cf:5c:4f:18:35:40:0d:d8:18:
e6:96:82:37:c5:01:d3:33:e0:dc:95:7c:ef:7c:3e:
77:6e:d4:1a:f6:71:2a:bc:13:53:2f:6f:65:e1:5a:
08:04:04:d4:71:dc:74:dd:38:cf:00:70:61:a8:f5:
3b:db:26:f7:9a:d8:67:df:8e:9d:47:23:c7:b1:1a:
d0:66:4b:75:fc:3c:44:a6:31:b9:d1:7b:d6:80:f5:
ec:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:E5:EA:DE:15:09:E2:1E:CA:04:B3:A5:94:DD:AB:06:0E:02:88:07
X509v3 Authority Key Identifier:
keyid:6F:D2:E1:FE:04:EA:FF:90:27:CE:53:13:15:0B:E8:4D:E1:1C:A1:A5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917ED5C/B56422D0860811EA92999571C4F9AE02/b9Lh_gTq_5AnzlMTFQvoTeEcoaU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b9Lh_gTq_5AnzlMTFQvoTeEcoaU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917ED5C/B56422D0860811EA92999571C4F9AE02/84E5AEAE9DBB11ECAEF71E5FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2406:840:9888::/48
2406:840:e060::/43
2406:840:eef0::/44
Signature Algorithm: sha256WithRSAEncryption
40:ea:2c:cb:43:d8:b2:be:eb:fa:c0:c8:49:03:70:78:17:28:
b5:08:5a:3b:73:df:db:eb:61:f0:25:cf:c0:47:e8:f2:39:af:
9b:c2:a2:83:f2:4d:c5:de:b9:19:ad:6d:e5:27:c0:84:37:b1:
6b:b1:37:4d:b5:2e:ab:3a:8a:92:7a:8b:1e:e5:0f:d0:7d:4a:
25:dd:25:c3:07:77:04:a1:21:89:67:a2:fe:9b:90:86:4b:bd:
ac:de:8a:9f:7b:7a:f4:cd:2b:0f:2d:01:8a:8e:5d:27:46:0a:
75:53:6f:68:59:79:4f:81:7a:43:a3:4c:11:e5:ec:ea:5a:42:
cd:2e:ce:a7:c2:c7:57:b6:12:2c:fe:98:0f:db:64:da:e5:16:
ad:75:5a:38:82:ca:32:a6:84:fe:21:5a:f1:08:de:ff:4a:04:
fd:67:a8:db:c5:fc:4c:ed:2f:08:96:17:27:5f:dc:49:6c:2f:
dc:97:6b:b3:13:62:57:da:59:df:b6:7d:9f:db:f7:22:00:78:
90:69:03:87:a2:4e:b8:04:64:b1:83:d5:9b:15:78:96:ed:db:
2d:78:21:0e:60:e3:1a:70:a0:70:16:de:85:59:36:22:fa:fa:
39:1e:fc:05:8a:2b:fc:df:7c:b0:a9:fb:44:14:24:57:cb:49:
af:2c:23:66
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgICCz0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0VENUMxMTAvBgNVBAUTKDZGRDJFMUZFMDRFQUZGOTAyN0NFNTMxMzE1MEJFODRE
RTExQ0ExQTUwHhcNMjMxMDA1MTQwMTIzWhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTFlYzFiMi0wOWY0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4x+T4bvQQ9xybDxoi/GX/lOVa0O51yT76/LxmaxyHnBZ0MEONjTnuLenqBnf
NktavRPqtkS3aWk6EaQxxSoOirTRnwu/1mvrD2muQDB/dMx3aA9aO7TeL9Zrltpe
GKqLXhDotYFXBIuYFcNGPekRlQdfQ5zKkfB2Q8T0FjcLjO2fc0QwxAC/aaHKcuhh
5C2Fb/gnDzsZ8riTpUgEdfOCjHDKL7YlOA3jVYHPXE8YNUAN2BjmloI3xQHTM+Dc
lXzvfD53btQa9nEqvBNTL29l4VoIBATUcdx03TjPAHBhqPU72yb3mthn346dRyPH
sRrQZkt1/DxEpjG50XvWgPXsNQIDAQABo4ICqjCCAqYwHQYDVR0OBBYEFE/l6t4V
CeIeygSzpZTdqwYOAogHMB8GA1UdIwQYMBaAFG/S4f4E6v+QJ85TExUL6E3hHKGl
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RUQ1Qy9CNTY0MjJEMDg2
MDgxMUVBOTI5OTk1NzFDNEY5QUUwMi9iOUxoX2dUcV81QW56bE1URlF2b1RlRWNv
YVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2I5TGhfZ1RxXzVBbnpsTVRGUXZvVGVFY29hVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0VENUMvQjU2NDIyRDA4NjA4MTFFQTkyOTk5NTcxQzRGOUFFMDIvODRFNUFFQUU5
REJCMTFFQ0FFRjcxRTVGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNAYIKwYBBQUHAQcBAf8E
JTAjMCEEAgACMBsDBwAkBghAmIgDBwUkBghA4GADBwQkBghA7vAwDQYJKoZIhvcN
AQELBQADggEBAEDqLMtD2LK+6/rAyEkDcHgXKLUIWjtz39vrYfAlz8BH6PI5r5vC
ooPyTcXeuRmtbeUnwIQ3sWuxN021Lqs6ipJ6ix7lD9B9SiXdJcMHdwShIYlnov6b
kIZLvazeip97evTNKw8tAYqOXSdGCnVTb2hZeU+BekOjTBHl7OpaQs0uzqfCx1e2
Eiz+mA/bZNrlFq11WjiCyjKmhP4hWvEI3v9KBP1nqNvF/EztLwiWFydf3ElsL9yX
a7MTYlfaWd+2fZ/b9yIAeJBpA4eiTrgEZLGD1ZsVeJbt2y14IQ5g4xpwoHAW3oVZ
NiL6+jke/AWKK/zffLCp+0QUJFfLSa8sI2Y=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:23 2024 by rpki-client on console-ams.rpki-client.org