Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9190818/7E1F6AE2909D11EF9717F650C4F9AE02/2B3DE03699FA11EFA2A90E11C4F9AE02.roa
File: 2B3DE03699FA11EFA2A90E11C4F9AE02.roa (raw, json)
Hash identifier: MtukrdBDMYCSCoNwuikYQdSnVr/zF1tqPgTdtdc7Hho=
Subject key identifier: 8A:5E:75:06:33:B6:C1:16:1F:C6:34:BB:E8:0C:D3:F4:26:88:3D:5E
Certificate issuer: /CN=A9190818/serialNumber=548430EAB88E4E378FB5005AFAE5CAB9C0007A1A
Certificate serial: 0E
Authority key identifier: 54:84:30:EA:B8:8E:4E:37:8F:B5:00:5A:FA:E5:CA:B9:C0:00:7A:1A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VIQw6riOTjePtQBa-uXKucAAeho.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9190818/7E1F6AE2909D11EF9717F650C4F9AE02/2B3DE03699FA11EFA2A90E11C4F9AE02.roa
Signing time: Sun 03 Nov 2024 15:42:02 +0000
ROA not before: Sun 03 Nov 2024 15:42:02 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 153371
IP address blocks: 2401:ce20::/32 maxlen: 40
Validation: Failed, certificate revoked on Mon 04 Nov 2024 17:50:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14 (0xe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9190818/serialNumber=548430EAB88E4E378FB5005AFAE5CAB9C0007A1A
Validity
Not Before: Nov 3 15:42:02 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=672799ca-efcc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:50:93:a6:fb:fc:e0:39:3c:e3:f4:34:93:71:
1e:ab:2c:06:0a:5d:07:47:2d:9e:b0:55:89:8a:c2:
cf:48:e2:78:49:61:7a:4a:ca:40:8c:cb:5a:5d:ee:
85:d1:f7:80:85:68:2d:88:ac:45:61:a7:97:b4:b8:
e1:73:49:c9:43:de:23:ee:1e:80:43:28:05:a0:68:
67:b9:3e:47:35:f8:23:a0:f5:39:ac:06:52:9d:e5:
14:31:a5:cb:a8:eb:4c:65:09:86:e1:b4:84:e1:37:
a4:d6:0b:6b:ea:bc:02:c5:a5:dd:c6:32:18:55:48:
26:1d:55:60:8e:00:63:60:a9:76:d2:24:e3:e5:00:
6a:59:e1:68:fb:6a:81:9f:29:5f:02:06:e8:9c:29:
a8:13:d3:b4:b4:ee:22:97:9b:24:b7:d0:ce:d5:fd:
b7:8c:11:a1:15:43:c9:c0:d8:91:37:0d:c3:5c:83:
7d:87:75:fa:8e:54:14:78:e2:19:5e:75:97:b6:1b:
ab:57:8f:c8:87:4e:6a:19:eb:41:cb:3e:0d:3f:9e:
f3:eb:c1:82:54:03:59:9a:5b:26:fb:ae:d1:eb:b7:
5d:d0:1f:04:dc:0b:56:ff:73:78:a1:47:ce:fb:64:
8b:f0:8e:9a:56:14:50:57:9e:db:da:08:d5:74:8b:
36:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:5E:75:06:33:B6:C1:16:1F:C6:34:BB:E8:0C:D3:F4:26:88:3D:5E
X509v3 Authority Key Identifier:
keyid:54:84:30:EA:B8:8E:4E:37:8F:B5:00:5A:FA:E5:CA:B9:C0:00:7A:1A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9190818/7E1F6AE2909D11EF9717F650C4F9AE02/VIQw6riOTjePtQBa-uXKucAAeho.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VIQw6riOTjePtQBa-uXKucAAeho.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9190818/7E1F6AE2909D11EF9717F650C4F9AE02/2B3DE03699FA11EFA2A90E11C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2401:ce20::/32
Signature Algorithm: sha256WithRSAEncryption
9a:95:3a:43:fe:aa:e4:94:94:c0:4a:58:15:fd:12:67:0e:c0:
f6:44:69:90:76:59:06:f7:80:41:8f:23:9a:a5:2f:a4:c4:07:
02:06:16:a1:87:43:03:4a:c1:ca:31:d3:76:04:7e:80:f7:23:
dd:f6:b1:48:83:d4:26:78:a7:fe:1f:37:58:d0:69:65:e6:f0:
59:43:73:35:bc:d3:c1:f6:c8:ae:a3:28:23:d0:2a:ba:3e:a3:
cf:12:d7:d7:5f:5e:4f:16:ab:65:f0:f7:41:5a:68:d8:26:18:
4a:fc:99:ac:c5:ba:ad:2a:f9:98:59:a5:d9:cd:be:af:95:18:
b8:3b:25:cc:fe:f1:52:cf:f6:5a:92:fa:99:5b:79:08:63:0b:
cc:4a:2d:11:78:23:18:58:57:77:cd:d2:92:68:78:f2:3f:09:
50:ae:10:8c:3d:45:9b:72:a0:79:57:e7:34:c9:dc:ab:23:9e:
bc:15:7c:a4:bf:6e:e6:63:df:ed:a6:5c:92:9e:8a:cc:a4:60:
b8:09:15:35:0a:f4:98:a7:d5:a0:ec:ed:d6:a0:d4:5d:ac:cb:
3d:70:9c:90:20:f6:9a:b8:95:44:e4:ce:f4:92:6c:35:9e:1f:
3f:12:8c:4d:91:39:61:48:36:1c:7e:4f:dd:42:2e:e2:5a:c0:
1b:bd:a1:c5
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgIBDjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE5
MDgxODExMC8GA1UEBRMoNTQ4NDMwRUFCODhFNEUzNzhGQjUwMDVBRkFFNUNBQjlD
MDAwN0ExQTAeFw0yNDExMDMxNTQyMDJaFw0yNjAxMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3Mjc5OWNhLWVmY2MwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCuUJOm+/zgOTzj9DSTcR6rLAYKXQdHLZ6wVYmKws9I4nhJYXpKykCMy1pd7oXR
94CFaC2IrEVhp5e0uOFzSclD3iPuHoBDKAWgaGe5Pkc1+COg9TmsBlKd5RQxpcuo
60xlCYbhtIThN6TWC2vqvALFpd3GMhhVSCYdVWCOAGNgqXbSJOPlAGpZ4Wj7aoGf
KV8CBuicKagT07S07iKXmyS30M7V/beMEaEVQ8nA2JE3DcNcg32HdfqOVBR44hle
dZe2G6tXj8iHTmoZ60HLPg0/nvPrwYJUA1maWyb7rtHrt13QHwTcC1b/c3ihR877
ZIvwjppWFFBXntvaCNV0izbvAgMBAAGjggKWMIICkjAdBgNVHQ4EFgQUil51BjO2
wRYfxjS76AzT9CaIPV4wHwYDVR0jBBgwFoAUVIQw6riOTjePtQBa+uXKucAAehow
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTkwODE4LzdFMUY2QUUyOTA5
RDExRUY5NzE3RjY1MEM0RjlBRTAyL1ZJUXc2cmlPVGplUHRRQmEtdVhLdWNBQWVo
by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvVklRdzZyaU9UamVQdFFCYS11WEt1Y0FBZWhvLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5
MDgxOC83RTFGNkFFMjkwOUQxMUVGOTcxN0Y2NTBDNEY5QUUwMi8yQjNERTAzNjk5
RkExMUVGQTJBOTBFMTFDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAgBggrBgEFBQcBBwEB/wQR
MA8wDQQCAAIwBwMFACQBziAwDQYJKoZIhvcNAQELBQADggEBAJqVOkP+quSUlMBK
WBX9EmcOwPZEaZB2WQb3gEGPI5qlL6TEBwIGFqGHQwNKwcox03YEfoD3I932sUiD
1CZ4p/4fN1jQaWXm8FlDczW808H2yK6jKCPQKro+o88S19dfXk8Wq2Xw90FaaNgm
GEr8mazFuq0q+ZhZpdnNvq+VGLg7Jcz+8VLP9lqS+plbeQhjC8xKLRF4IxhYV3fN
0pJoePI/CVCuEIw9RZtyoHlX5zTJ3KsjnrwVfKS/buZj3+2mXJKeisykYLgJFTUK
9Jin1aDs7dag1F2syz1wnJAg9pq4lUTkzvSSbDWeHz8SjE2ROWFINhx+T91CLuJa
wBu9ocU=
-----END CERTIFICATE-----
Generated at Mon Nov 4 21:29:22 2024 by rpki-client on console-fra.rpki-client.org