Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917ED5C/B56422D0860811EA92999571C4F9AE02/B0C804069E7511EE9F337874C4F9AE02.roa
File: B0C804069E7511EE9F337874C4F9AE02.roa (raw, json)
Hash identifier: s1ICQA9ZHsu7DzvrkUN/aVRq5T4UzlA0UoDkA6HlZ4I=
Subject key identifier: 7C:E3:06:54:7B:AD:ED:E5:ED:EE:75:81:EF:72:BE:7B:6C:29:34:B7
Certificate issuer: /CN=A917ED5C/serialNumber=6FD2E1FE04EAFF9027CE5313150BE84DE11CA1A5
Certificate serial: 0B8D
Authority key identifier: 6F:D2:E1:FE:04:EA:FF:90:27:CE:53:13:15:0B:E8:4D:E1:1C:A1:A5
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b9Lh_gTq_5AnzlMTFQvoTeEcoaU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917ED5C/B56422D0860811EA92999571C4F9AE02/B0C804069E7511EE9F337874C4F9AE02.roa
Signing time: Tue 19 Dec 2023 13:51:21 +0000
ROA not before: Tue 19 Dec 2023 13:51:21 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 138211
IP address blocks: 2406:840:e180::/44 maxlen: 48
2406:840:e240::/44 maxlen: 48
Validation: Failed, certificate revoked on Fri 19 Apr 2024 07:21:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2957 (0xb8d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917ED5C/serialNumber=6FD2E1FE04EAFF9027CE5313150BE84DE11CA1A5
Validity
Not Before: Dec 19 13:51:21 2023 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=65819fd9-4980
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:07:c5:71:22:43:d9:fa:c2:f7:c5:b5:f6:0e:
ad:22:32:0c:c9:62:43:91:c3:d0:19:e6:3d:9f:06:
11:d9:f0:8f:f3:e5:26:6b:aa:12:66:5d:a2:fe:e6:
5c:7a:2c:b6:0f:1a:31:ed:96:b6:ee:38:1b:cc:a9:
a8:b1:b2:86:7b:19:c3:a3:33:d9:ab:b3:c4:f1:4f:
c1:d7:3e:b3:25:89:8b:33:45:de:40:93:15:e8:a4:
7f:d3:6d:18:f3:4c:b3:d7:71:d9:3e:91:72:ff:f3:
ac:6f:ce:4c:6a:87:c6:70:b0:ee:0f:83:2d:84:b1:
9b:c1:8f:5d:9d:59:be:6a:c5:55:17:9a:84:d4:64:
6d:6d:8b:f0:2f:84:be:71:9f:7f:65:66:30:a8:1f:
0a:17:60:47:5b:dc:6d:a2:21:c3:5e:64:e0:f9:db:
8a:a1:6b:38:5a:79:9b:a9:01:00:6c:18:62:fe:e8:
a9:f6:60:87:18:e0:d0:04:59:36:e0:c4:87:bb:57:
4e:30:49:f9:9d:93:c0:d6:84:e9:d9:71:a5:28:95:
22:d3:a2:ba:e3:26:54:09:28:b4:f6:32:ae:2a:20:
fc:18:e3:ed:9c:21:d8:37:37:c8:a7:43:45:18:a7:
37:da:30:a0:f0:12:89:54:77:f8:77:49:74:49:7c:
23:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:E3:06:54:7B:AD:ED:E5:ED:EE:75:81:EF:72:BE:7B:6C:29:34:B7
X509v3 Authority Key Identifier:
keyid:6F:D2:E1:FE:04:EA:FF:90:27:CE:53:13:15:0B:E8:4D:E1:1C:A1:A5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917ED5C/B56422D0860811EA92999571C4F9AE02/b9Lh_gTq_5AnzlMTFQvoTeEcoaU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b9Lh_gTq_5AnzlMTFQvoTeEcoaU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917ED5C/B56422D0860811EA92999571C4F9AE02/B0C804069E7511EE9F337874C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2406:840:e180::/44
2406:840:e240::/44
Signature Algorithm: sha256WithRSAEncryption
2f:e1:f7:a4:2c:be:45:cc:8d:5b:e3:77:a9:f6:41:05:f6:9d:
9b:f9:5a:da:20:cb:18:0f:e4:1e:7a:a9:11:c9:7c:5c:09:7d:
46:b8:50:fd:22:ff:eb:0f:9b:88:0a:78:32:a1:ff:5c:53:aa:
e4:2d:9d:d3:a8:a7:d1:2e:8a:47:da:c0:18:02:53:25:24:ad:
42:87:df:d8:40:01:3e:35:b5:c1:4e:6f:93:1a:d0:93:35:88:
13:00:9f:02:80:e6:8b:70:87:28:59:bf:0d:88:8c:d5:3e:64:
9c:27:54:01:2c:eb:93:e8:92:08:dc:46:ca:f7:30:b3:da:ce:
d4:4d:b3:bd:08:80:84:e6:0d:f5:22:c3:c5:b8:9e:e6:eb:7d:
cb:f1:88:fe:37:17:37:75:da:de:f6:d0:d5:73:46:eb:16:b3:
56:f5:38:eb:d9:85:c7:8f:de:42:8a:46:67:4a:5b:63:41:a5:
d9:ee:a2:cf:8a:b2:f3:71:4b:4c:66:62:94:a7:bf:bf:a9:b7:
4f:e1:d3:cc:55:04:21:4d:2d:0e:98:09:46:c1:43:01:2a:a3:
82:d4:83:37:d9:61:ef:b5:75:33:ab:c3:e9:18:fb:78:4b:9c:
ca:64:e6:4e:2a:bd:ed:af:15:34:49:cc:f1:1b:e7:3d:b1:79:
b2:83:b8:e2
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICC40wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0VENUMxMTAvBgNVBAUTKDZGRDJFMUZFMDRFQUZGOTAyN0NFNTMxMzE1MEJFODRE
RTExQ0ExQTUwHhcNMjMxMjE5MTM1MTIxWhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTgxOWZkOS00OTgwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvwfFcSJD2frC98W19g6tIjIMyWJDkcPQGeY9nwYR2fCP8+Uma6oSZl2i/uZc
eiy2Dxox7Za27jgbzKmosbKGexnDozPZq7PE8U/B1z6zJYmLM0XeQJMV6KR/020Y
80yz13HZPpFy//Osb85MaofGcLDuD4MthLGbwY9dnVm+asVVF5qE1GRtbYvwL4S+
cZ9/ZWYwqB8KF2BHW9xtoiHDXmTg+duKoWs4WnmbqQEAbBhi/uip9mCHGODQBFk2
4MSHu1dOMEn5nZPA1oTp2XGlKJUi06K64yZUCSi09jKuKiD8GOPtnCHYNzfIp0NF
GKc32jCg8BKJVHf4d0l0SXwjHQIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFHzjBlR7
re3l7e51ge9yvntsKTS3MB8GA1UdIwQYMBaAFG/S4f4E6v+QJ85TExUL6E3hHKGl
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RUQ1Qy9CNTY0MjJEMDg2
MDgxMUVBOTI5OTk1NzFDNEY5QUUwMi9iOUxoX2dUcV81QW56bE1URlF2b1RlRWNv
YVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2I5TGhfZ1RxXzVBbnpsTVRGUXZvVGVFY29hVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0VENUMvQjU2NDIyRDA4NjA4MTFFQTkyOTk5NTcxQzRGOUFFMDIvQjBDODA0MDY5
RTc1MTFFRTlGMzM3ODc0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgACMBIDBwQkBghA4YADBwQkBghA4kAwDQYJKoZIhvcNAQELBQADggEB
AC/h96QsvkXMjVvjd6n2QQX2nZv5WtogyxgP5B56qRHJfFwJfUa4UP0i/+sPm4gK
eDKh/1xTquQtndOop9EuikfawBgCUyUkrUKH39hAAT41tcFOb5Ma0JM1iBMAnwKA
5otwhyhZvw2IjNU+ZJwnVAEs65PokgjcRsr3MLPaztRNs70IgITmDfUiw8W4nubr
fcvxiP43Fzd12t720NVzRusWs1b1OOvZhceP3kKKRmdKW2NBpdnuos+KsvNxS0xm
YpSnv7+pt0/h08xVBCFNLQ6YCUbBQwEqo4LUgzfZYe+1dTOrw+kY+3hLnMpk5k4q
ve2vFTRJzPEb5z2xebKDuOI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:13 2024 by rpki-client on console-fra.rpki-client.org