Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918C287/861FD87AF5AA11ECBF15E774C4F9AE02/F4FEC2F4210C11EE9D96784DC4F9AE02.roa
File: F4FEC2F4210C11EE9D96784DC4F9AE02.roa (raw, json)
Hash identifier: gQlXLWwKSAZ6ils9U3Q1HF23J7lP/4WjJNPn8cyne4g=
Subject key identifier: 8A:2F:24:10:F5:E5:C0:B3:5D:12:D0:AA:E0:FA:AA:9E:E1:4F:45:E6
Certificate issuer: /CN=A918C287/serialNumber=847014B15AFA781D228192BE054153DB6667D576
Certificate serial: 0179
Authority key identifier: 84:70:14:B1:5A:FA:78:1D:22:81:92:BE:05:41:53:DB:66:67:D5:76
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hHAUsVr6eB0igZK-BUFT22Zn1XY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918C287/861FD87AF5AA11ECBF15E774C4F9AE02/F4FEC2F4210C11EE9D96784DC4F9AE02.roa
Signing time: Wed 12 Jul 2023 23:36:43 +0000
ROA not before: Wed 12 Jul 2023 23:36:43 +0000
ROA not after: Sat 01 May 2038 00:00:00 +0000
asID: 123123321
IP address blocks: 2401:e640::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 377 (0x179)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918C287/serialNumber=847014B15AFA781D228192BE054153DB6667D576
Validity
Not Before: Jul 12 23:36:43 2023 GMT
Not After : May 1 00:00:00 2038 GMT
Subject: CN=64af390b-6914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:86:54:b2:c9:c6:bd:5b:4d:ac:41:f6:ee:d7:
65:f4:f0:c6:01:3d:95:6e:96:bf:0a:ee:10:f3:e8:
65:22:b8:33:c1:a8:b4:18:51:80:fa:70:2f:11:57:
89:a1:27:33:84:ec:d4:9b:2c:87:95:fe:f5:1a:e5:
cb:e1:42:c6:b7:10:f2:6c:d7:30:03:5c:d1:5c:f3:
86:10:e5:a0:ee:e6:2d:e8:96:2b:de:81:ee:63:a6:
ba:43:92:63:20:48:51:7a:65:ca:18:79:20:7e:ca:
be:6e:4f:2b:91:2f:c6:30:b9:ec:69:61:f0:80:28:
25:3f:bd:9a:01:81:b1:5b:48:78:3c:7c:51:7c:bd:
39:72:15:79:e9:1c:67:f0:64:60:f1:73:bd:b3:83:
54:e2:f5:a4:c5:9d:41:0d:fc:d1:a2:0e:25:1d:ca:
6a:42:ec:82:96:78:a4:5a:ed:26:78:e4:68:7c:a2:
dd:7f:e7:a5:31:e1:95:14:8f:40:57:0e:d8:7f:d5:
06:61:6b:98:38:a5:62:e7:7d:38:66:5d:cd:c5:2c:
42:7c:22:30:92:25:cf:82:49:c5:f7:90:6c:5d:55:
99:3b:51:5e:d1:f4:44:e4:02:25:61:9e:a9:c6:e9:
43:b0:1c:87:83:6c:82:1c:03:0c:97:2b:07:8d:b3:
f4:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:2F:24:10:F5:E5:C0:B3:5D:12:D0:AA:E0:FA:AA:9E:E1:4F:45:E6
X509v3 Authority Key Identifier:
keyid:84:70:14:B1:5A:FA:78:1D:22:81:92:BE:05:41:53:DB:66:67:D5:76
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918C287/861FD87AF5AA11ECBF15E774C4F9AE02/hHAUsVr6eB0igZK-BUFT22Zn1XY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hHAUsVr6eB0igZK-BUFT22Zn1XY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918C287/861FD87AF5AA11ECBF15E774C4F9AE02/F4FEC2F4210C11EE9D96784DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2401:e640::/32
Signature Algorithm: sha256WithRSAEncryption
a8:65:22:ce:db:f1:26:f3:f4:ba:28:99:4c:fa:c4:0a:56:73:
a3:29:25:f3:c2:a3:81:68:39:ad:c5:9c:07:f5:2b:80:6d:68:
12:05:70:9a:2b:f2:46:e0:89:d9:53:2f:35:ae:77:15:1a:1b:
cd:76:c9:ef:37:15:4f:ee:36:a3:34:cd:dd:5c:a1:c0:e8:28:
10:d3:30:4d:38:3d:c3:44:d5:c2:6c:b1:1e:ca:0b:99:98:24:
36:30:a3:83:82:72:94:ea:73:f8:4f:eb:f8:cc:9a:ba:55:ce:
db:ff:b9:a3:23:e1:1f:47:8e:99:88:56:00:f3:03:34:f7:6a:
8d:e4:a0:b8:5a:e5:04:24:6f:d8:cb:ff:df:52:bc:c7:e0:8c:
53:bd:7d:98:90:a2:ef:5e:e8:0d:ab:d4:89:83:f8:c7:d5:e9:
98:f3:69:48:59:0a:40:96:92:ef:57:97:44:ed:7d:a2:87:1a:
69:75:b1:23:ca:b4:69:8f:92:9d:ad:81:8e:a0:d8:c3:68:c0:
50:72:77:b2:93:ea:f3:2c:49:31:81:ee:1d:6c:13:27:84:82:
52:76:86:b0:a0:4d:17:95:dd:38:d3:81:ae:e4:c7:41:19:ec:
1e:e2:2f:e8:76:c5:9c:88:51:15:44:5a:88:9c:db:10:a5:85:
54:2f:83:65
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgICAXkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEMyODcxMTAvBgNVBAUTKDg0NzAxNEIxNUFGQTc4MUQyMjgxOTJCRTA1NDE1M0RC
NjY2N0Q1NzYwHhcNMjMwNzEyMjMzNjQzWhcNMzgwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGFmMzkwYi02OTE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1IZUssnGvVtNrEH27tdl9PDGAT2Vbpa/Cu4Q8+hlIrgzwai0GFGA+nAvEVeJ
oSczhOzUmyyHlf71GuXL4ULGtxDybNcwA1zRXPOGEOWg7uYt6JYr3oHuY6a6Q5Jj
IEhRemXKGHkgfsq+bk8rkS/GMLnsaWHwgCglP72aAYGxW0h4PHxRfL05chV56Rxn
8GRg8XO9s4NU4vWkxZ1BDfzRog4lHcpqQuyClnikWu0meORofKLdf+elMeGVFI9A
Vw7Yf9UGYWuYOKVi5304Zl3NxSxCfCIwkiXPgknF95BsXVWZO1Fe0fRE5AIlYZ6p
xulDsByHg2yCHAMMlysHjbP0VQIDAQABo4ICljCCApIwHQYDVR0OBBYEFIovJBD1
5cCzXRLQquD6qp7hT0XmMB8GA1UdIwQYMBaAFIRwFLFa+ngdIoGSvgVBU9tmZ9V2
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4QzI4Ny84NjFGRDg3QUY1
QUExMUVDQkYxNUU3NzRDNEY5QUUwMi9oSEFVc1ZyNmVCMGlnWkstQlVGVDIyWm4x
WFkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2hIQVVzVnI2ZUIwaWdaSy1CVUZUMjJabjFYWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEMyODcvODYxRkQ4N0FGNUFBMTFFQ0JGMTVFNzc0QzRGOUFFMDIvRjRGRUMyRjQy
MTBDMTFFRTlEOTY3ODREQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIAYIKwYBBQUHAQcBAf8E
ETAPMA0EAgACMAcDBQAkAeZAMA0GCSqGSIb3DQEBCwUAA4IBAQCoZSLO2/Em8/S6
KJlM+sQKVnOjKSXzwqOBaDmtxZwH9SuAbWgSBXCaK/JG4InZUy81rncVGhvNdsnv
NxVP7jajNM3dXKHA6CgQ0zBNOD3DRNXCbLEeyguZmCQ2MKODgnKU6nP4T+v4zJq6
Vc7b/7mjI+EfR46ZiFYA8wM092qN5KC4WuUEJG/Yy//fUrzH4IxTvX2YkKLvXugN
q9SJg/jH1emY82lIWQpAlpLvV5dE7X2ihxppdbEjyrRpj5KdrYGOoNjDaMBQcney
k+rzLEkxge4dbBMnhIJSdoawoE0Xld0404Gu5MdBGewe4i/odsWciFEVRFqInNsQ
pYVUL4Nl
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:50 2023 by rpki-client on console-fra.rpki-client.org