Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918C287/68D88184248511EF94236572C4F9AE02/0F40948C6FB111EF8738AE56C4F9AE02.roa
File: 0F40948C6FB111EF8738AE56C4F9AE02.roa (raw, json)
Hash identifier: 2g7LCrXrWi4CIGNSziHoKVFMBQuU0RAaqhov6Yb2c5s=
Subject key identifier: B1:74:E2:40:3F:C1:26:D9:59:19:65:75:95:DA:B4:BE:6F:4F:B0:A0
Certificate issuer: /CN=A918C287/serialNumber=4239117A25582D0067DE4D0CEDA5ABA5CC7E3569
Certificate serial: 60
Authority key identifier: 42:39:11:7A:25:58:2D:00:67:DE:4D:0C:ED:A5:AB:A5:CC:7E:35:69
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QjkReiVYLQBn3k0M7aWrpcx-NWk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918C287/68D88184248511EF94236572C4F9AE02/0F40948C6FB111EF8738AE56C4F9AE02.roa
Signing time: Tue 10 Sep 2024 20:12:53 +0000
ROA not before: Tue 10 Sep 2024 20:12:53 +0000
ROA not after: Sat 01 May 2038 00:00:00 +0000
asID: 399970
IP address blocks: 2001:df0:90::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 20 Nov 2024 02:10:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 96 (0x60)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918C287/serialNumber=4239117A25582D0067DE4D0CEDA5ABA5CC7E3569
Validity
Not Before: Sep 10 20:12:53 2024 GMT
Not After : May 1 00:00:00 2038 GMT
Subject: CN=66e0a845-61f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:e0:b1:ee:8e:e9:c6:5a:95:d8:60:f5:5c:7d:
a2:8b:28:97:a8:26:85:0f:a2:c4:4b:4a:21:97:07:
e5:ca:51:fd:99:6f:25:71:98:f0:df:e3:0a:70:22:
b7:91:86:15:a7:bb:dd:2e:9d:17:cc:91:77:93:8f:
34:69:8c:bf:14:f9:19:ec:2e:94:d6:a8:1b:4a:32:
20:4f:74:02:bd:66:aa:38:80:1f:50:b6:ce:1b:84:
cf:98:f2:49:ff:61:47:59:0a:fe:f1:9b:e1:85:65:
69:ed:33:6c:c8:eb:81:32:0d:65:a4:94:5a:a0:31:
ca:87:69:d8:0e:70:9c:1a:72:0d:06:76:20:69:a5:
b9:a2:ff:6b:3c:d9:9d:2b:bd:70:86:2b:8d:38:ac:
3b:88:ab:9a:6d:01:7a:9e:e4:37:da:b0:8c:e8:74:
1c:48:9a:a4:4c:10:42:8f:b1:b7:d3:3f:40:3d:75:
e5:0d:d4:94:59:85:71:ea:83:81:5f:67:7f:8c:e8:
ea:16:a5:71:7e:9b:cd:46:3a:7f:25:5b:3c:35:4a:
67:bf:63:62:85:b0:8a:ea:bf:7d:89:ed:3a:f4:fa:
f0:f7:3d:bb:80:45:8e:19:60:5f:f3:d2:6e:ed:75:
48:a0:01:6a:41:2f:a4:a8:19:d0:b3:80:c7:32:30:
a2:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:74:E2:40:3F:C1:26:D9:59:19:65:75:95:DA:B4:BE:6F:4F:B0:A0
X509v3 Authority Key Identifier:
keyid:42:39:11:7A:25:58:2D:00:67:DE:4D:0C:ED:A5:AB:A5:CC:7E:35:69
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918C287/68D88184248511EF94236572C4F9AE02/QjkReiVYLQBn3k0M7aWrpcx-NWk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QjkReiVYLQBn3k0M7aWrpcx-NWk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918C287/68D88184248511EF94236572C4F9AE02/0F40948C6FB111EF8738AE56C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2001:df0:90::/48
Signature Algorithm: sha256WithRSAEncryption
0f:31:c7:d1:05:4a:19:50:d9:fc:fd:00:ce:85:70:60:2c:62:
96:15:0d:e8:11:59:15:a8:10:eb:ad:e8:ad:36:ea:d5:9e:75:
72:c3:bd:52:5e:88:64:15:78:b9:9a:51:56:e6:24:d1:76:69:
a7:0d:9e:32:f9:9c:df:5c:6b:85:63:dd:8a:bf:17:b7:46:64:
0a:7a:97:70:79:a2:e8:be:94:49:20:7c:a5:e2:8b:78:63:fe:
e7:8c:4c:9e:e6:a1:00:48:86:c5:d5:21:4c:7a:f3:14:02:25:
6b:a4:77:6f:1c:11:16:d4:36:6d:47:f3:db:bc:a2:bd:5a:c0:
75:18:39:18:e5:f7:a7:db:f9:91:d9:2c:c0:d2:e1:e5:6b:81:
1f:5b:73:47:2c:08:18:ea:57:02:0e:1d:c9:19:51:15:42:40:
0d:6b:a0:16:49:63:41:7b:ec:a4:c8:73:7f:4f:9e:2a:9f:de:
11:98:c6:8e:eb:22:ef:eb:1e:cb:81:42:a3:66:29:91:d2:84:
30:fc:57:f0:54:42:35:ce:1b:1e:4c:a0:0c:40:50:1b:f2:2a:
bb:a5:c2:6c:88:8d:45:6c:f8:81:bb:c7:f8:f6:b0:d4:46:3a:
ad:c2:66:0d:4c:cb:b0:a6:7c:52:f7:3f:95:45:28:a5:ef:73:
29:f3:76:28
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgIBYDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE4
QzI4NzExMC8GA1UEBRMoNDIzOTExN0EyNTU4MkQwMDY3REU0RDBDRURBNUFCQTVD
QzdFMzU2OTAeFw0yNDA5MTAyMDEyNTNaFw0zODA1MDEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2ZTBhODQ1LTYxZjEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDK4LHujunGWpXYYPVcfaKLKJeoJoUPosRLSiGXB+XKUf2ZbyVxmPDf4wpwIreR
hhWnu90unRfMkXeTjzRpjL8U+RnsLpTWqBtKMiBPdAK9Zqo4gB9Qts4bhM+Y8kn/
YUdZCv7xm+GFZWntM2zI64EyDWWklFqgMcqHadgOcJwacg0GdiBppbmi/2s82Z0r
vXCGK404rDuIq5ptAXqe5DfasIzodBxImqRMEEKPsbfTP0A9deUN1JRZhXHqg4Ff
Z3+M6OoWpXF+m81GOn8lWzw1Sme/Y2KFsIrqv32J7Tr0+vD3PbuARY4ZYF/z0m7t
dUigAWpBL6SoGdCzgMcyMKJbAgMBAAGjggKYMIIClDAdBgNVHQ4EFgQUsXTiQD/B
JtlZGWV1ldq0vm9PsKAwHwYDVR0jBBgwFoAUQjkReiVYLQBn3k0M7aWrpcx+NWkw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MThDMjg3LzY4RDg4MTg0MjQ4
NTExRUY5NDIzNjU3MkM0RjlBRTAyL1Fqa1JlaVZZTFFCbjNrME03YVdycGN4LU5X
ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvUWprUmVpVllMUUJuM2swTTdhV3JwY3gtTldrLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4
QzI4Ny82OEQ4ODE4NDI0ODUxMUVGOTQyMzY1NzJDNEY5QUUwMi8wRjQwOTQ4QzZG
QjExMUVGODczOEFFNTZDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAiBggrBgEFBQcBBwEB/wQT
MBEwDwQCAAIwCQMHACABDfAAkDANBgkqhkiG9w0BAQsFAAOCAQEADzHH0QVKGVDZ
/P0AzoVwYCxilhUN6BFZFagQ663orTbq1Z51csO9Ul6IZBV4uZpRVuYk0XZppw2e
Mvmc31xrhWPdir8Xt0ZkCnqXcHmi6L6USSB8peKLeGP+54xMnuahAEiGxdUhTHrz
FAIla6R3bxwRFtQ2bUfz27yivVrAdRg5GOX3p9v5kdkswNLh5WuBH1tzRywIGOpX
Ag4dyRlRFUJADWugFkljQXvspMhzf0+eKp/eEZjGjusi7+sey4FCo2YpkdKEMPxX
8FRCNc4bHkygDEBQG/Iqu6XCbIiNRWz4gbvH+Paw1EY6rcJmDUzLsKZ8Uvc/lUUo
pe9zKfN2KA==
-----END CERTIFICATE-----
Generated at Wed Nov 20 04:35:44 2024 by rpki-client on console-fra.rpki-client.org