Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917ED5C/B56422D0860811EA92999571C4F9AE02/8B7C68BCAD7111EE8EFB3973C4F9AE02.roa
File: 8B7C68BCAD7111EE8EFB3973C4F9AE02.roa (raw, json)
Hash identifier: Xkyo29Dbw7hta8X6DgT3l6R1H/jDlHdM4QcsfRp48eY=
Subject key identifier: 19:AA:E4:41:AB:0A:86:DE:9F:F6:B1:8F:C1:06:19:57:C0:67:18:9C
Certificate issuer: /CN=A917ED5C/serialNumber=6FD2E1FE04EAFF9027CE5313150BE84DE11CA1A5
Certificate serial: 0BB3
Authority key identifier: 6F:D2:E1:FE:04:EA:FF:90:27:CE:53:13:15:0B:E8:4D:E1:1C:A1:A5
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b9Lh_gTq_5AnzlMTFQvoTeEcoaU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917ED5C/B56422D0860811EA92999571C4F9AE02/8B7C68BCAD7111EE8EFB3973C4F9AE02.roa
Signing time: Sun 07 Jan 2024 15:29:28 +0000
ROA not before: Sun 07 Jan 2024 15:29:28 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 142582
IP address blocks: 2406:840:fef4::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 30 Mar 2024 15:18:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2995 (0xbb3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917ED5C/serialNumber=6FD2E1FE04EAFF9027CE5313150BE84DE11CA1A5
Validity
Not Before: Jan 7 15:29:28 2024 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=659ac358-3461
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:b5:0f:17:62:da:a2:67:ba:7a:64:7e:28:4e:
2e:29:95:ca:d3:18:17:94:6f:c0:d9:87:c5:68:08:
93:e8:c0:df:40:f3:7c:10:32:c3:be:5f:49:42:95:
22:a9:af:dd:79:e8:56:87:76:e5:84:cf:cc:14:86:
4e:e9:95:4b:54:05:4f:66:ed:9e:ce:0e:a1:9c:bd:
37:4a:c0:a4:d7:7a:82:14:4e:7a:0a:ef:3e:37:88:
71:82:9f:45:67:53:13:13:8e:82:49:aa:59:3b:f5:
23:c7:7d:f3:90:11:b6:fb:aa:53:ea:0e:dc:b8:0d:
04:72:a7:16:21:e7:37:d6:c5:26:48:a7:44:40:f7:
a0:02:65:19:5e:1d:ad:d7:e6:ac:94:e6:81:c1:62:
43:a2:65:ce:c0:cb:bd:69:4e:25:48:23:2d:82:bb:
6a:f4:1a:0d:5d:b2:a4:49:b6:fd:4b:49:aa:f1:45:
74:c6:40:12:40:4f:d3:30:ca:26:4e:c6:69:15:ad:
7c:78:b7:fd:d3:82:8e:65:8b:a0:02:bd:81:30:9a:
3a:ef:31:69:0f:ac:be:8b:03:cf:d8:49:1c:85:82:
18:3b:fc:fe:39:e7:92:42:85:fd:ce:ff:e5:c8:d3:
6b:ed:ca:df:d7:60:c3:77:7e:ec:48:2c:94:33:db:
e0:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:AA:E4:41:AB:0A:86:DE:9F:F6:B1:8F:C1:06:19:57:C0:67:18:9C
X509v3 Authority Key Identifier:
keyid:6F:D2:E1:FE:04:EA:FF:90:27:CE:53:13:15:0B:E8:4D:E1:1C:A1:A5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917ED5C/B56422D0860811EA92999571C4F9AE02/b9Lh_gTq_5AnzlMTFQvoTeEcoaU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b9Lh_gTq_5AnzlMTFQvoTeEcoaU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917ED5C/B56422D0860811EA92999571C4F9AE02/8B7C68BCAD7111EE8EFB3973C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2406:840:fef4::/48
Signature Algorithm: sha256WithRSAEncryption
8d:bf:9d:77:5b:53:32:22:3a:29:33:c4:e9:08:5d:e0:37:91:
77:ea:80:bc:9e:f9:e9:17:3d:63:e3:63:6b:31:cf:84:8b:5f:
8c:10:da:8a:a2:fa:16:63:c7:a6:1b:5f:e5:45:cc:3b:b2:e1:
5c:67:98:fd:44:ab:a3:b9:80:1b:e8:c2:9b:09:98:29:1f:72:
52:14:62:45:dd:f0:df:6d:f8:4f:87:e7:19:e5:1d:27:74:01:
d7:45:68:92:c3:a2:19:df:1f:08:9a:71:91:e4:60:41:d8:ab:
33:c8:90:1c:2d:7d:61:6c:d4:7f:9d:22:05:85:eb:3b:cc:81:
54:63:42:b4:0b:39:49:3c:db:a0:c3:10:41:ac:da:d2:3c:2d:
3f:b4:f0:14:f8:17:47:ef:9f:d2:f1:0d:23:06:b5:31:58:d2:
e6:9e:44:2b:34:ee:a9:f9:dd:19:70:77:ac:8e:f7:0b:8f:29:
a1:c2:bd:fa:81:4a:2a:6c:af:91:c2:44:a6:e4:fd:89:e5:89:
78:0b:52:5b:09:dd:84:f1:71:11:26:b8:99:e7:9d:92:f2:b1:
34:5b:84:9b:7f:15:82:a2:7a:f6:51:e4:dd:ea:e0:09:4d:09:
7f:c8:02:77:c4:68:68:f9:18:9f:c7:b8:6c:ee:65:20:da:ff:
85:1c:db:bd
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgICC7MwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0VENUMxMTAvBgNVBAUTKDZGRDJFMUZFMDRFQUZGOTAyN0NFNTMxMzE1MEJFODRE
RTExQ0ExQTUwHhcNMjQwMTA3MTUyOTI4WhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTlhYzM1OC0zNDYxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2rUPF2Laome6emR+KE4uKZXK0xgXlG/A2YfFaAiT6MDfQPN8EDLDvl9JQpUi
qa/deehWh3blhM/MFIZO6ZVLVAVPZu2ezg6hnL03SsCk13qCFE56Cu8+N4hxgp9F
Z1MTE46CSapZO/Ujx33zkBG2+6pT6g7cuA0EcqcWIec31sUmSKdEQPegAmUZXh2t
1+aslOaBwWJDomXOwMu9aU4lSCMtgrtq9BoNXbKkSbb9S0mq8UV0xkASQE/TMMom
TsZpFa18eLf904KOZYugAr2BMJo67zFpD6y+iwPP2EkchYIYO/z+OeeSQoX9zv/l
yNNr7crf12DDd37sSCyUM9vgHQIDAQABo4ICmDCCApQwHQYDVR0OBBYEFBmq5EGr
Coben/axj8EGGVfAZxicMB8GA1UdIwQYMBaAFG/S4f4E6v+QJ85TExUL6E3hHKGl
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RUQ1Qy9CNTY0MjJEMDg2
MDgxMUVBOTI5OTk1NzFDNEY5QUUwMi9iOUxoX2dUcV81QW56bE1URlF2b1RlRWNv
YVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2I5TGhfZ1RxXzVBbnpsTVRGUXZvVGVFY29hVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0VENUMvQjU2NDIyRDA4NjA4MTFFQTkyOTk5NTcxQzRGOUFFMDIvOEI3QzY4QkNB
RDcxMTFFRThFRkIzOTczQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwAkBghA/vQwDQYJKoZIhvcNAQELBQADggEBAI2/nXdbUzIi
OikzxOkIXeA3kXfqgLye+ekXPWPjY2sxz4SLX4wQ2oqi+hZjx6YbX+VFzDuy4Vxn
mP1Eq6O5gBvowpsJmCkfclIUYkXd8N9t+E+H5xnlHSd0AddFaJLDohnfHwiacZHk
YEHYqzPIkBwtfWFs1H+dIgWF6zvMgVRjQrQLOUk826DDEEGs2tI8LT+08BT4F0fv
n9LxDSMGtTFY0uaeRCs07qn53Rlwd6yO9wuPKaHCvfqBSipsr5HCRKbk/YnliXgL
UlsJ3YTxcREmuJnnnZLysTRbhJt/FYKievZR5N3q4AlNCX/IAnfEaGj5GJ/HuGzu
ZSDa/4Uc270=
-----END CERTIFICATE-----
Generated at Sat Mar 30 16:09:24 2024 by rpki-client on console-ams.rpki-client.org