Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917ED5C/B56422D0860811EA92999571C4F9AE02/9033CD3667CA11EB8FD1C67CC4F9AE02.roa
File: 9033CD3667CA11EB8FD1C67CC4F9AE02.roa (raw, json)
Hash identifier: KhQ0BHQU2lvwyjDT0+k4ZfCYRVnhAUXEDNfb3EdLTmo=
Subject key identifier: 95:4F:01:AA:31:B2:86:26:69:25:5C:1E:09:9E:12:98:DC:95:6E:CB
Certificate issuer: /CN=A917ED5C/serialNumber=6FD2E1FE04EAFF9027CE5313150BE84DE11CA1A5
Certificate serial: 0A42
Authority key identifier: 6F:D2:E1:FE:04:EA:FF:90:27:CE:53:13:15:0B:E8:4D:E1:1C:A1:A5
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b9Lh_gTq_5AnzlMTFQvoTeEcoaU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917ED5C/B56422D0860811EA92999571C4F9AE02/9033CD3667CA11EB8FD1C67CC4F9AE02.roa
Signing time: Sun 14 May 2023 22:14:20 +0000
ROA not before: Sun 14 May 2023 22:14:20 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 139833
IP address blocks: 2406:840:f900::/44 maxlen: 48
Validation: Failed, certificate revoked on Tue 28 Nov 2023 08:29:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2626 (0xa42)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917ED5C/serialNumber=6FD2E1FE04EAFF9027CE5313150BE84DE11CA1A5
Validity
Not Before: May 14 22:14:20 2023 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=64615d3c-c137
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:78:23:7a:a3:bc:41:2f:f9:8c:b9:8a:27:2d:
3c:7e:78:fa:0e:4d:54:8e:bc:49:25:37:ba:df:04:
8a:e9:56:db:04:01:fa:4f:8f:15:08:d9:c2:ce:24:
5d:19:3f:6c:57:41:55:46:41:0e:73:d5:5c:cb:51:
4f:8e:ab:cd:92:36:cb:95:ca:a8:04:0d:f7:bf:08:
7a:97:8f:61:83:d4:d3:da:3b:4a:cf:02:12:bd:4c:
ed:cc:e2:72:00:c4:93:f9:73:52:8a:9d:a4:62:b8:
1e:49:1d:5e:13:db:46:3a:e2:cc:24:73:2e:9a:f7:
83:e1:74:45:be:cf:44:bd:ca:38:c4:b2:c8:6b:17:
a1:32:ba:40:8a:e4:af:39:25:36:39:a5:9a:25:5a:
3b:7a:53:0e:8c:53:54:9d:62:f1:ff:13:f6:6e:f6:
c5:1e:8e:d9:12:4f:39:ed:7f:9d:0d:fc:73:d8:7c:
b2:63:35:2d:ce:52:8b:df:2a:71:4d:ab:4b:eb:51:
0c:66:03:5a:23:0e:94:16:dc:6a:97:39:f9:04:fc:
46:c8:fe:e3:e2:27:29:79:df:09:ff:e3:21:86:a4:
a2:96:9d:9d:97:5c:0b:4d:9f:89:c2:c3:5c:b3:55:
95:20:74:5a:18:04:e4:25:5c:65:81:34:61:57:c3:
db:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:4F:01:AA:31:B2:86:26:69:25:5C:1E:09:9E:12:98:DC:95:6E:CB
X509v3 Authority Key Identifier:
keyid:6F:D2:E1:FE:04:EA:FF:90:27:CE:53:13:15:0B:E8:4D:E1:1C:A1:A5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917ED5C/B56422D0860811EA92999571C4F9AE02/b9Lh_gTq_5AnzlMTFQvoTeEcoaU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b9Lh_gTq_5AnzlMTFQvoTeEcoaU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917ED5C/B56422D0860811EA92999571C4F9AE02/9033CD3667CA11EB8FD1C67CC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2406:840:f900::/44
Signature Algorithm: sha256WithRSAEncryption
67:9f:4d:35:50:5d:1a:59:e1:df:cc:fb:d6:96:88:47:dc:3c:
4b:46:b2:39:1a:57:97:ef:04:cf:cc:92:a4:16:88:3d:ac:de:
b3:ae:ff:11:72:9a:cc:1b:b2:c7:61:96:9a:7b:37:d2:3e:59:
7c:6c:67:e4:94:95:e2:c9:25:62:e5:9a:a3:39:b6:5e:31:cc:
05:0d:a3:7f:e6:fb:3a:b0:ee:3b:05:36:82:bf:e2:95:78:db:
aa:d9:e0:ac:59:28:33:14:a8:ad:fb:1e:e5:3c:19:4f:15:15:
01:79:75:0c:3f:90:31:4a:dd:c5:24:0f:0b:07:64:a6:1e:7d:
c3:04:6f:69:04:c9:cd:b4:77:61:2c:a5:66:90:08:8b:1d:ab:
20:bc:01:de:59:2c:2e:57:41:ab:ba:26:96:47:cc:00:9a:1b:
a7:35:74:15:50:27:a1:09:92:12:30:e8:2f:fe:30:fd:ee:f6:
f3:49:de:94:dc:ab:f1:13:9b:07:82:32:65:cd:b5:83:4f:1e:
b8:14:7f:d4:ac:53:33:53:9e:e8:64:19:62:16:45:ea:36:e3:
e1:99:ad:01:56:4a:fd:4b:53:ae:a2:b2:37:63:4e:db:7f:25:
f3:85:cc:6f:68:4e:65:8d:42:fa:63:c3:72:b5:9d:7a:58:00:
27:2e:22:d6
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgICCkIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0VENUMxMTAvBgNVBAUTKDZGRDJFMUZFMDRFQUZGOTAyN0NFNTMxMzE1MEJFODRE
RTExQ0ExQTUwHhcNMjMwNTE0MjIxNDIwWhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDYxNWQzYy1jMTM3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArngjeqO8QS/5jLmKJy08fnj6Dk1UjrxJJTe63wSK6VbbBAH6T48VCNnCziRd
GT9sV0FVRkEOc9Vcy1FPjqvNkjbLlcqoBA33vwh6l49hg9TT2jtKzwISvUztzOJy
AMST+XNSip2kYrgeSR1eE9tGOuLMJHMumveD4XRFvs9Evco4xLLIaxehMrpAiuSv
OSU2OaWaJVo7elMOjFNUnWLx/xP2bvbFHo7ZEk857X+dDfxz2HyyYzUtzlKL3ypx
TatL61EMZgNaIw6UFtxqlzn5BPxGyP7j4icped8J/+MhhqSilp2dl1wLTZ+JwsNc
s1WVIHRaGATkJVxlgTRhV8PbaQIDAQABo4ICmDCCApQwHQYDVR0OBBYEFJVPAaox
soYmaSVcHgmeEpjclW7LMB8GA1UdIwQYMBaAFG/S4f4E6v+QJ85TExUL6E3hHKGl
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RUQ1Qy9CNTY0MjJEMDg2
MDgxMUVBOTI5OTk1NzFDNEY5QUUwMi9iOUxoX2dUcV81QW56bE1URlF2b1RlRWNv
YVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2I5TGhfZ1RxXzVBbnpsTVRGUXZvVGVFY29hVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0VENUMvQjU2NDIyRDA4NjA4MTFFQTkyOTk5NTcxQzRGOUFFMDIvOTAzM0NEMzY2
N0NBMTFFQjhGRDFDNjdDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwQkBghA+QAwDQYJKoZIhvcNAQELBQADggEBAGefTTVQXRpZ
4d/M+9aWiEfcPEtGsjkaV5fvBM/MkqQWiD2s3rOu/xFymswbssdhlpp7N9I+WXxs
Z+SUleLJJWLlmqM5tl4xzAUNo3/m+zqw7jsFNoK/4pV426rZ4KxZKDMUqK37HuU8
GU8VFQF5dQw/kDFK3cUkDwsHZKYefcMEb2kEyc20d2EspWaQCIsdqyC8Ad5ZLC5X
Qau6JpZHzACaG6c1dBVQJ6EJkhIw6C/+MP3u9vNJ3pTcq/ETmweCMmXNtYNPHrgU
f9SsUzNTnuhkGWIWReo24+GZrQFWSv1LU66isjdjTtt/JfOFzG9oTmWNQvpjw3K1
nXpYACcuItY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:13 2024 by rpki-client on console-fra.rpki-client.org