Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/C1FDC16655D811ED90171F2AC4F9AE02.roa
File: C1FDC16655D811ED90171F2AC4F9AE02.roa (raw, json)
Hash identifier: 0ztcFgVTkEAK+mMqI05YiGYSJNF+1ol5LbQhWkDdFEc=
Subject key identifier: 66:23:37:4F:A5:48:5B:FA:B6:FA:73:49:A2:28:18:1B:71:7A:59:C9
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 6C61
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/C1FDC16655D811ED90171F2AC4F9AE02.roa
Signing time: Wed 10 May 2023 16:24:15 +0000
ROA not before: Wed 10 May 2023 16:24:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 136330
IP address blocks: 2405:7dc0::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 27745 (0x6c61)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: May 10 16:24:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=645bc52e-f5fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:ee:4e:12:76:32:ce:c5:ba:27:05:1c:3d:44:
4a:a3:f2:dd:31:ef:ec:f8:0d:d0:78:14:d8:7b:f7:
27:b6:01:a5:3e:c9:33:09:69:f6:ca:67:3a:f4:80:
89:0b:99:a0:4e:22:2f:e3:ef:1d:87:72:ab:d9:5d:
fd:f3:bc:61:32:79:cf:a6:fc:9e:5e:9e:15:5b:8b:
54:e1:b6:62:5f:a8:af:72:c8:b3:d7:ee:02:d8:ff:
d8:ac:5e:c9:d7:8b:8b:b9:74:e6:a9:d6:4f:7f:79:
31:7a:03:38:ff:3a:bf:9f:a2:1a:86:1b:04:65:92:
8c:ba:dc:4c:65:17:c6:c5:5a:96:75:87:44:1c:af:
7d:aa:15:ee:58:a8:29:90:4c:28:50:35:bc:08:37:
12:a4:98:fb:ef:59:20:32:d8:9c:e2:87:dc:48:41:
18:72:b3:81:5c:ba:82:05:40:6a:54:14:f1:97:8d:
29:b9:7c:77:74:44:aa:56:dd:bd:74:9e:53:76:dc:
c4:53:57:82:23:4b:29:da:17:e9:4b:63:d8:62:14:
ad:04:21:0c:6c:19:b5:2e:23:13:27:ce:1d:db:ae:
7d:85:20:be:a4:6c:e7:dc:50:a4:c5:cd:2e:41:74:
75:f7:ca:f0:8f:ea:a4:d3:cc:dd:f3:ed:76:7f:10:
28:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:23:37:4F:A5:48:5B:FA:B6:FA:73:49:A2:28:18:1B:71:7A:59:C9
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/C1FDC16655D811ED90171F2AC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2405:7dc0::/32
Signature Algorithm: sha256WithRSAEncryption
08:25:94:98:b4:87:b9:89:c6:2a:3a:4f:c3:3d:ff:87:2e:b1:
06:a6:1b:21:c6:53:e1:9b:17:77:40:7a:76:a4:c6:e0:4a:7c:
af:71:ec:f3:b7:1c:72:d0:fc:1c:93:72:ac:23:b7:30:9c:f2:
28:d9:74:30:e7:96:c2:a8:0e:74:de:09:0c:61:32:c9:df:48:
52:82:9e:9d:31:64:63:b2:6a:dc:e1:32:b1:0b:32:77:05:1e:
a4:a6:a5:d3:b4:c7:6d:98:ef:ed:bb:a2:e5:86:44:f1:4b:92:
28:4a:ec:64:c8:99:dc:95:46:8e:20:0f:3f:f9:d3:03:2b:1b:
ce:68:bf:63:a8:d9:dd:12:e7:b0:a4:6c:a6:52:e1:fd:0d:b7:
40:b7:58:2d:8d:b6:fd:b1:2f:6a:81:ec:57:1e:e8:d1:fd:2d:
52:29:8c:9a:95:8a:73:b4:f1:3f:b7:3f:d4:af:ab:9a:2f:da:
ed:f5:7c:1c:9d:05:b5:a5:c6:e1:2f:45:57:c0:12:a9:4c:b9:
b0:0b:25:dc:b0:65:bc:71:e1:a5:68:66:8c:0e:32:4f:75:08:
6b:74:8c:28:2f:0a:0c:ff:e2:e6:5a:3c:9d:d9:8b:15:50:d9:
c4:4a:c2:5e:71:f5:59:36:d7:4f:ca:5a:6f:62:be:aa:52:9e:
8e:a9:92:1c
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgICbGEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEVEQjIxMTAvBgNVBAUTKDI5NkVEQjY0RjNBRjZFOUQ5ODA5MzJFODE2Rjk1OTgz
RTNBQkM4MjMwHhcNMjMwNTEwMTYyNDE1WhcNMjQwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDViYzUyZS1mNWZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAoO5OEnYyzsW6JwUcPURKo/LdMe/s+A3QeBTYe/cntgGlPskzCWn2ymc69ICJ
C5mgTiIv4+8dh3Kr2V3987xhMnnPpvyeXp4VW4tU4bZiX6ivcsiz1+4C2P/YrF7J
14uLuXTmqdZPf3kxegM4/zq/n6IahhsEZZKMutxMZRfGxVqWdYdEHK99qhXuWKgp
kEwoUDW8CDcSpJj771kgMtic4ofcSEEYcrOBXLqCBUBqVBTxl40puXx3dESqVt29
dJ5TdtzEU1eCI0sp2hfpS2PYYhStBCEMbBm1LiMTJ84d2659hSC+pGzn3FCkxc0u
QXR198rwj+qk08zd8+12fxAo8QIDAQABo4ICljCCApIwHQYDVR0OBBYEFGYjN0+l
SFv6tvpzSaIoGBtxelnJMB8GA1UdIwQYMBaAFClu22Tzr26dmAky6Bb5WYPjq8gj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RURCMi8yQTQzRTMwQzcw
RTkxMUUyQjM2RDRCNkIyOTc5QkIyMC9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5
Q00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tXN2JaUE92YnAyWUNUTG9GdmxaZy1PcnlDTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEVEQjIvMkE0M0UzMEM3MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvQzFGREMxNjY1
NUQ4MTFFRDkwMTcxRjJBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIAYIKwYBBQUHAQcBAf8E
ETAPMA0EAgACMAcDBQAkBX3AMA0GCSqGSIb3DQEBCwUAA4IBAQAIJZSYtIe5icYq
Ok/DPf+HLrEGphshxlPhmxd3QHp2pMbgSnyvcezztxxy0Pwck3KsI7cwnPIo2XQw
55bCqA503gkMYTLJ30hSgp6dMWRjsmrc4TKxCzJ3BR6kpqXTtMdtmO/tu6LlhkTx
S5IoSuxkyJnclUaOIA8/+dMDKxvOaL9jqNndEuewpGymUuH9DbdAt1gtjbb9sS9q
gexXHujR/S1SKYyalYpztPE/tz/Ur6uaL9rt9XwcnQW1pcbhL0VXwBKpTLmwCyXc
sGW8ceGlaGaMDjJPdQhrdIwoLwoM/+LmWjyd2YsVUNnESsJecfVZNtdPylpvYr6q
Up6OqZIc
-----END CERTIFICATE-----
Generated at Wed Nov 1 10:46:28 2023 by rpki-client on console-fra.rpki-client.org