Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917ED5C/B56422D0860811EA92999571C4F9AE02/E53B49F2F3AB11ED92B5543EC4F9AE02.roa
File: E53B49F2F3AB11ED92B5543EC4F9AE02.roa (raw, json)
Hash identifier: 0z+jEnMe1sD40IHnAUmJIlOAn6YGDFgdM3IMHWULUCY=
Subject key identifier: 52:DF:0F:CF:67:98:42:F0:DD:E0:37:C3:FB:54:EF:BC:46:9D:DA:74
Certificate issuer: /CN=A917ED5C/serialNumber=6FD2E1FE04EAFF9027CE5313150BE84DE11CA1A5
Certificate serial: 0A91
Authority key identifier: 6F:D2:E1:FE:04:EA:FF:90:27:CE:53:13:15:0B:E8:4D:E1:1C:A1:A5
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b9Lh_gTq_5AnzlMTFQvoTeEcoaU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917ED5C/B56422D0860811EA92999571C4F9AE02/E53B49F2F3AB11ED92B5543EC4F9AE02.roa
Signing time: Sat 20 May 2023 20:14:00 +0000
ROA not before: Sat 20 May 2023 20:14:00 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 151331
IP address blocks: 2406:840:9990::/44 maxlen: 48
2406:840:fed7::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 14 Oct 2023 20:57:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2705 (0xa91)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917ED5C/serialNumber=6FD2E1FE04EAFF9027CE5313150BE84DE11CA1A5
Validity
Not Before: May 20 20:14:00 2023 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=64692a07-609f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:4a:be:bf:ca:d9:bf:6a:85:c5:0a:69:97:3c:
ac:8c:b2:29:15:b6:e8:ae:5a:e1:f2:0f:09:6a:c9:
7c:2a:c8:5b:e6:c2:21:38:c7:8b:37:d5:e6:19:3a:
7c:1b:b4:ce:a2:87:82:7a:50:c0:7e:3c:9c:1d:c4:
20:6f:dc:da:0d:cb:6c:b6:63:60:70:b7:2f:9b:b0:
b3:b3:63:b0:36:c7:6d:4e:4e:53:18:cd:e1:2b:c4:
f8:24:11:a1:89:6e:f7:f1:47:9e:26:b3:fa:8a:b3:
cf:c5:e0:5c:12:6d:ac:4d:04:95:28:e8:aa:31:c1:
4b:4c:81:4b:19:d1:92:0a:66:55:d3:2f:62:29:73:
d2:42:d3:bd:3a:13:60:5a:fe:6a:99:e7:c8:d2:ba:
19:90:b7:a1:d9:96:d3:23:6c:7b:0b:10:64:dd:2e:
f0:76:02:5e:86:ac:3e:25:05:df:c0:76:f4:cd:cf:
67:f0:da:7a:82:c6:a4:c1:11:dd:88:c5:08:7f:98:
d4:48:27:3e:b7:9f:fb:fa:08:aa:b0:58:7f:82:fb:
76:b4:53:66:f3:4b:7c:30:75:c7:49:0d:f6:48:66:
ed:ac:6c:2e:17:4f:0b:2c:7b:d3:2a:ef:e3:a3:85:
4f:31:fe:4c:d3:d6:01:0b:fe:b6:a1:7f:42:52:92:
74:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:DF:0F:CF:67:98:42:F0:DD:E0:37:C3:FB:54:EF:BC:46:9D:DA:74
X509v3 Authority Key Identifier:
keyid:6F:D2:E1:FE:04:EA:FF:90:27:CE:53:13:15:0B:E8:4D:E1:1C:A1:A5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917ED5C/B56422D0860811EA92999571C4F9AE02/b9Lh_gTq_5AnzlMTFQvoTeEcoaU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b9Lh_gTq_5AnzlMTFQvoTeEcoaU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917ED5C/B56422D0860811EA92999571C4F9AE02/E53B49F2F3AB11ED92B5543EC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2406:840:9990::/44
2406:840:fed7::/48
Signature Algorithm: sha256WithRSAEncryption
66:5f:4c:c0:67:29:04:6e:3b:a9:84:37:1f:bb:5f:30:c6:bf:
b1:f0:81:e2:e7:63:83:ec:33:16:37:de:c5:4e:e1:80:27:ef:
18:61:95:9d:1b:bd:8a:e1:c3:da:f6:7a:d3:0b:dc:e7:1b:8c:
e1:df:0a:96:23:61:26:1f:7e:3b:c0:3e:c1:fd:95:ac:7d:87:
6f:b5:cc:cb:b4:fe:e7:f2:e2:0f:62:80:26:31:f5:d6:0d:cf:
9d:ab:d2:cc:5c:e4:e0:3d:f3:87:34:8a:09:3c:8c:3f:2a:6e:
53:c8:34:04:8e:cb:b2:cf:ed:ee:db:60:85:a9:5f:df:9c:1f:
b5:4a:86:c3:cb:8c:5e:b3:4a:a8:c8:33:84:58:62:0d:a9:24:
1c:ac:65:9e:40:4c:62:1a:5e:9d:95:d6:a9:23:33:5f:d0:d2:
59:5d:37:9c:b2:7c:a8:a3:33:69:c0:f1:39:95:01:a3:1b:73:
b6:1f:2e:32:cc:54:40:df:1a:e5:22:3a:a9:50:93:f3:21:3b:
a9:31:03:ef:f2:81:0a:4c:c5:8d:3c:d8:1d:84:c2:ec:84:09:
44:2a:e4:18:52:e4:f6:72:ee:73:24:fa:c8:b3:11:92:73:05:
86:ae:1a:ff:ce:ed:09:65:8b:c2:72:e9:6b:33:6b:5e:4d:dd:
dd:35:77:76
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICCpEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0VENUMxMTAvBgNVBAUTKDZGRDJFMUZFMDRFQUZGOTAyN0NFNTMxMzE1MEJFODRE
RTExQ0ExQTUwHhcNMjMwNTIwMjAxNDAwWhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDY5MmEwNy02MDlmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvEq+v8rZv2qFxQpplzysjLIpFbborlrh8g8Jasl8Kshb5sIhOMeLN9XmGTp8
G7TOooeCelDAfjycHcQgb9zaDctstmNgcLcvm7Czs2OwNsdtTk5TGM3hK8T4JBGh
iW738UeeJrP6irPPxeBcEm2sTQSVKOiqMcFLTIFLGdGSCmZV0y9iKXPSQtO9OhNg
Wv5qmefI0roZkLeh2ZbTI2x7CxBk3S7wdgJehqw+JQXfwHb0zc9n8Np6gsakwRHd
iMUIf5jUSCc+t5/7+giqsFh/gvt2tFNm80t8MHXHSQ32SGbtrGwuF08LLHvTKu/j
o4VPMf5M09YBC/62oX9CUpJ09wIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFFLfD89n
mELw3eA3w/tU77xGndp0MB8GA1UdIwQYMBaAFG/S4f4E6v+QJ85TExUL6E3hHKGl
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RUQ1Qy9CNTY0MjJEMDg2
MDgxMUVBOTI5OTk1NzFDNEY5QUUwMi9iOUxoX2dUcV81QW56bE1URlF2b1RlRWNv
YVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2I5TGhfZ1RxXzVBbnpsTVRGUXZvVGVFY29hVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0VENUMvQjU2NDIyRDA4NjA4MTFFQTkyOTk5NTcxQzRGOUFFMDIvRTUzQjQ5RjJG
M0FCMTFFRDkyQjU1NDNFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgACMBIDBwQkBghAmZADBwAkBghA/tcwDQYJKoZIhvcNAQELBQADggEB
AGZfTMBnKQRuO6mENx+7XzDGv7HwgeLnY4PsMxY33sVO4YAn7xhhlZ0bvYrhw9r2
etML3OcbjOHfCpYjYSYffjvAPsH9lax9h2+1zMu0/ufy4g9igCYx9dYNz52r0sxc
5OA984c0igk8jD8qblPINASOy7LP7e7bYIWpX9+cH7VKhsPLjF6zSqjIM4RYYg2p
JBysZZ5ATGIaXp2V1qkjM1/Q0lldN5yyfKijM2nA8TmVAaMbc7YfLjLMVEDfGuUi
OqlQk/MhO6kxA+/ygQpMxY082B2EwuyECUQq5BhS5PZy7nMk+sizEZJzBYauGv/O
7Qlli8Jy6Wsza15N3d01d3Y=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:24 2024 by rpki-client on console-ams.rpki-client.org