Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A917ED5C/B56422D0860811EA92999571C4F9AE02/ECD4245CBEFC11EC82FBEC0AC4F9AE02.roa
File: ECD4245CBEFC11EC82FBEC0AC4F9AE02.roa (raw, json)
Hash identifier: 3lfcCDpLkSo9M1u7y4bGO6r3rCklpVqxm+ITytCJsX0=
Subject key identifier: 6F:7B:0B:D6:BC:54:6F:07:BA:F6:70:51:43:F4:C0:C7:A4:BF:1B:3D
Certificate issuer: /CN=A917ED5C/serialNumber=6FD2E1FE04EAFF9027CE5313150BE84DE11CA1A5
Certificate serial: 0C33
Authority key identifier: 6F:D2:E1:FE:04:EA:FF:90:27:CE:53:13:15:0B:E8:4D:E1:1C:A1:A5
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b9Lh_gTq_5AnzlMTFQvoTeEcoaU.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917ED5C/B56422D0860811EA92999571C4F9AE02/ECD4245CBEFC11EC82FBEC0AC4F9AE02.roa
Signing time: Mon 20 May 2024 15:28:08 +0000
ROA not before: Mon 20 May 2024 15:28:08 +0000
ROA not after: Tue 30 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 2406:840:e666::/47 maxlen: 48
2406:840:fdd0::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 20 May 2024 16:43:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3123 (0xc33)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917ED5C/serialNumber=6FD2E1FE04EAFF9027CE5313150BE84DE11CA1A5
Validity
Not Before: May 20 15:28:08 2024 GMT
Not After : Jul 30 00:00:00 2024 GMT
Subject: CN=664b6c08-16c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:b1:83:c2:b3:48:b6:72:b9:e5:d9:cd:fc:35:
9d:9d:5f:6a:58:ff:b5:df:19:3a:74:c8:60:61:5b:
6f:5a:1c:21:49:13:b5:0e:80:c2:e5:1d:ee:cd:e1:
56:0f:82:c5:db:e6:11:14:28:55:ff:f3:48:19:60:
eb:1c:c0:04:bb:ec:bd:c9:15:59:75:77:d0:7a:56:
be:4e:df:ea:48:78:9f:40:70:28:92:98:1a:27:d7:
b7:e3:22:78:e4:2d:55:55:ee:5d:24:63:c5:15:13:
97:86:83:9d:a4:fa:f8:70:d2:d1:c2:64:9e:b1:30:
8b:53:52:38:6c:ea:f8:3b:9e:2b:c3:76:5a:4c:c1:
f4:be:b6:64:2a:fa:24:2f:bd:74:f6:7d:02:90:af:
3d:b4:c1:08:36:cd:d5:57:ce:f0:8a:67:54:19:61:
f0:49:5e:93:36:38:b3:ff:49:05:ee:af:a1:8a:ef:
93:55:1f:1e:12:f9:b9:45:83:83:0d:0a:aa:6a:c3:
f9:68:da:4d:32:0a:3f:ed:f2:2d:aa:1b:cc:d5:f7:
99:5b:9e:03:cf:df:87:39:9b:49:69:48:4f:d1:7b:
19:d0:6c:cc:d0:05:ab:bb:21:c5:f6:d8:06:69:6e:
9c:f6:33:f8:02:53:90:fc:c0:92:82:51:5c:66:af:
ba:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:7B:0B:D6:BC:54:6F:07:BA:F6:70:51:43:F4:C0:C7:A4:BF:1B:3D
X509v3 Authority Key Identifier:
keyid:6F:D2:E1:FE:04:EA:FF:90:27:CE:53:13:15:0B:E8:4D:E1:1C:A1:A5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917ED5C/B56422D0860811EA92999571C4F9AE02/b9Lh_gTq_5AnzlMTFQvoTeEcoaU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b9Lh_gTq_5AnzlMTFQvoTeEcoaU.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917ED5C/B56422D0860811EA92999571C4F9AE02/ECD4245CBEFC11EC82FBEC0AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2406:840:e666::/47
2406:840:fdd0::/48
Signature Algorithm: sha256WithRSAEncryption
35:c9:8c:85:ef:f0:f3:fd:13:49:6d:61:2d:c9:fa:ef:d7:f2:
fe:93:c0:71:a2:be:a2:a1:eb:8c:ec:40:f4:5c:50:15:a9:d0:
45:d8:d5:cd:8a:c5:96:78:d4:6c:b6:f6:93:cc:3e:24:00:68:
25:6b:af:f6:22:00:e2:6d:80:54:04:c6:be:92:cf:ab:80:f2:
ea:44:79:32:7b:55:97:52:54:41:32:92:d1:97:02:1d:77:5c:
a6:64:9b:10:52:be:79:2b:cf:70:03:62:58:df:e0:9f:ba:24:
67:9c:7c:d6:d5:a5:56:1f:9f:71:e4:4a:5a:b6:3b:75:91:6c:
80:c6:5b:ec:af:2e:47:56:6d:80:b4:61:70:8c:71:25:2c:0f:
af:56:34:bd:6c:9a:6d:65:0b:bf:bf:3d:99:f4:f6:e0:06:c1:
e3:14:d8:b9:9e:49:52:49:09:30:14:05:96:cd:c5:ba:90:15:
e5:46:92:92:96:1d:9e:55:bc:1d:8f:b6:8f:80:4b:37:8c:dc:
c6:39:36:7f:e9:63:da:b2:20:2b:d7:ca:49:19:bc:50:b4:ab:
ca:d4:4e:37:7d:d5:61:14:de:c4:e2:f9:53:ea:02:08:a3:3c:
ba:cb:13:18:b5:9a:e3:81:50:47:8d:6b:c7:20:7e:7e:d9:9d:
57:cb:87:94
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICDDMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0VENUMxMTAvBgNVBAUTKDZGRDJFMUZFMDRFQUZGOTAyN0NFNTMxMzE1MEJFODRE
RTExQ0ExQTUwHhcNMjQwNTIwMTUyODA4WhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NjRiNmMwOC0xNmM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA07GDwrNItnK55dnN/DWdnV9qWP+13xk6dMhgYVtvWhwhSRO1DoDC5R3uzeFW
D4LF2+YRFChV//NIGWDrHMAEu+y9yRVZdXfQela+Tt/qSHifQHAokpgaJ9e34yJ4
5C1VVe5dJGPFFROXhoOdpPr4cNLRwmSesTCLU1I4bOr4O54rw3ZaTMH0vrZkKvok
L7109n0CkK89tMEINs3VV87wimdUGWHwSV6TNjiz/0kF7q+hiu+TVR8eEvm5RYOD
DQqqasP5aNpNMgo/7fItqhvM1feZW54Dz9+HOZtJaUhP0XsZ0GzM0AWruyHF9tgG
aW6c9jP4AlOQ/MCSglFcZq+6FQIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFG97C9a8
VG8HuvZwUUP0wMekvxs9MB8GA1UdIwQYMBaAFG/S4f4E6v+QJ85TExUL6E3hHKGl
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RUQ1Qy9CNTY0MjJEMDg2
MDgxMUVBOTI5OTk1NzFDNEY5QUUwMi9iOUxoX2dUcV81QW56bE1URlF2b1RlRWNv
YVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2I5TGhfZ1RxXzVBbnpsTVRGUXZvVGVFY29hVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
N0VENUMvQjU2NDIyRDA4NjA4MTFFQTkyOTk5NTcxQzRGOUFFMDIvRUNENDI0NUNC
RUZDMTFFQzgyRkJFQzBBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgACMBIDBwEkBghA5mYDBwAkBghA/dAwDQYJKoZIhvcNAQELBQADggEB
ADXJjIXv8PP9E0ltYS3J+u/X8v6TwHGivqKh64zsQPRcUBWp0EXY1c2KxZZ41Gy2
9pPMPiQAaCVrr/YiAOJtgFQExr6Sz6uA8upEeTJ7VZdSVEEyktGXAh13XKZkmxBS
vnkrz3ADYljf4J+6JGecfNbVpVYfn3HkSlq2O3WRbIDGW+yvLkdWbYC0YXCMcSUs
D69WNL1smm1lC7+/PZn09uAGweMU2LmeSVJJCTAUBZbNxbqQFeVGkpKWHZ5VvB2P
to+ASzeM3MY5Nn/pY9qyICvXykkZvFC0q8rUTjd91WEU3sTi+VPqAgijPLrLExi1
muOBUEeNa8cgfn7ZnVfLh5Q=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:24 2024 by rpki-client on console-ams.rpki-client.org