Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9190818/7E1F6AE2909D11EF9717F650C4F9AE02/C9B305A89AD511EF85A65073C4F9AE02.roa
File: C9B305A89AD511EF85A65073C4F9AE02.roa (raw, json)
Hash identifier: /WvdZPUzGKkYmbDgvxaKPmxlrnwVHo4YKsu4fxc7MYY=
Subject key identifier: 87:FB:CE:A7:81:0C:39:0C:FB:D1:0C:6E:80:8D:1F:FC:14:A2:AB:66
Certificate issuer: /CN=A9190818/serialNumber=548430EAB88E4E378FB5005AFAE5CAB9C0007A1A
Certificate serial: 11
Authority key identifier: 54:84:30:EA:B8:8E:4E:37:8F:B5:00:5A:FA:E5:CA:B9:C0:00:7A:1A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VIQw6riOTjePtQBa-uXKucAAeho.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9190818/7E1F6AE2909D11EF9717F650C4F9AE02/C9B305A89AD511EF85A65073C4F9AE02.roa
Signing time: Mon 04 Nov 2024 17:54:07 +0000
ROA not before: Mon 04 Nov 2024 17:54:07 +0000
ROA not after: Sat 31 Jan 2026 00:00:00 +0000
asID: 153371
IP address blocks: 2401:ce20::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 09 Nov 2024 21:36:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17 (0x11)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9190818/serialNumber=548430EAB88E4E378FB5005AFAE5CAB9C0007A1A
Validity
Not Before: Nov 4 17:54:07 2024 GMT
Not After : Jan 31 00:00:00 2026 GMT
Subject: CN=67290a3f-c375
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:80:ff:ee:cb:3a:d9:a0:cb:6b:5c:5f:f1:e1:
dd:d7:62:f7:80:41:14:3d:e1:66:17:3a:ac:90:23:
7f:24:63:b6:93:83:7c:29:ea:04:cc:da:c1:f9:2a:
a5:84:67:5d:0e:fd:66:cf:73:09:de:75:5d:5f:c9:
b6:b5:06:a5:d4:65:58:62:0f:fe:44:93:47:0e:bb:
93:63:92:8c:cd:8c:82:3c:5e:29:4d:00:47:48:43:
e9:e1:f4:41:68:ef:32:80:dd:c1:3a:cf:c8:9b:f0:
28:48:00:8b:a1:9c:9f:e9:b0:63:f3:e7:d0:5a:fd:
da:f3:5e:95:69:d8:7f:40:ba:0c:49:73:d7:99:41:
98:85:2a:48:c1:23:fc:3a:10:cb:37:37:7a:0a:74:
be:45:a4:19:31:54:76:0d:04:33:91:f7:f7:2a:c7:
2f:f5:d7:b1:4e:76:82:be:21:b2:82:92:44:dd:da:
f0:25:57:24:21:78:85:23:82:96:28:c1:d4:03:b6:
32:40:df:8f:91:45:41:bb:49:56:8f:d6:65:0e:41:
d1:8d:38:28:b1:5a:6c:6a:9c:26:cd:38:ba:d8:b9:
47:3c:e0:48:e3:0e:ad:29:d1:29:e3:09:67:48:6e:
ed:3c:d6:76:56:3e:da:85:53:4f:b7:58:6e:4d:0d:
70:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:FB:CE:A7:81:0C:39:0C:FB:D1:0C:6E:80:8D:1F:FC:14:A2:AB:66
X509v3 Authority Key Identifier:
keyid:54:84:30:EA:B8:8E:4E:37:8F:B5:00:5A:FA:E5:CA:B9:C0:00:7A:1A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9190818/7E1F6AE2909D11EF9717F650C4F9AE02/VIQw6riOTjePtQBa-uXKucAAeho.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VIQw6riOTjePtQBa-uXKucAAeho.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9190818/7E1F6AE2909D11EF9717F650C4F9AE02/C9B305A89AD511EF85A65073C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2401:ce20::/48
Signature Algorithm: sha256WithRSAEncryption
93:0f:8d:b3:82:32:60:17:a0:ec:51:75:06:fd:f6:e7:97:0e:
1c:7e:6d:4a:87:19:03:98:6e:f2:3a:ea:a2:68:7b:72:82:8d:
7c:a0:06:b6:db:26:0e:17:5a:3f:4b:d1:2f:60:3c:07:65:89:
9e:0a:90:e7:06:d7:ab:3b:26:10:56:89:b2:5f:27:44:0e:35:
dc:41:68:ae:8c:ee:19:7c:e2:79:08:e5:a8:58:4e:81:e9:48:
b0:a0:5d:22:5e:97:88:d3:48:82:de:89:c5:a0:e3:ea:9e:80:
2d:d1:ca:e5:29:37:34:97:95:a1:a6:a3:74:75:51:94:28:64:
a4:fd:95:f7:f1:6c:80:57:0b:68:21:af:01:43:9c:d1:9c:1c:
d0:15:ef:ed:c5:4f:1d:19:e3:1a:66:da:73:b2:42:91:82:ac:
66:86:a2:14:3e:fd:80:18:46:72:cf:8b:a8:26:b0:04:09:b6:
48:75:3a:a7:82:30:44:76:5c:1a:62:4f:97:9d:78:e6:82:cc:
7c:86:e8:61:f0:ae:b0:37:04:13:ae:cc:3f:1a:4f:67:53:74:
ec:87:a5:9f:3a:d2:31:a8:16:a0:e1:52:0e:6c:c3:38:2e:fe:
b8:a1:ed:9c:05:8a:59:10:89:a2:aa:8f:b6:e3:2b:7c:0d:bf:
f4:18:1d:9c
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgIBETANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE5
MDgxODExMC8GA1UEBRMoNTQ4NDMwRUFCODhFNEUzNzhGQjUwMDVBRkFFNUNBQjlD
MDAwN0ExQTAeFw0yNDExMDQxNzU0MDdaFw0yNjAxMzEwMDAwMDBaMBgxFjAUBgNV
BAMTDTY3MjkwYTNmLWMzNzUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDdgP/uyzrZoMtrXF/x4d3XYveAQRQ94WYXOqyQI38kY7aTg3wp6gTM2sH5KqWE
Z10O/WbPcwnedV1fyba1BqXUZVhiD/5Ek0cOu5NjkozNjII8XilNAEdIQ+nh9EFo
7zKA3cE6z8ib8ChIAIuhnJ/psGPz59Ba/drzXpVp2H9AugxJc9eZQZiFKkjBI/w6
EMs3N3oKdL5FpBkxVHYNBDOR9/cqxy/117FOdoK+IbKCkkTd2vAlVyQheIUjgpYo
wdQDtjJA34+RRUG7SVaP1mUOQdGNOCixWmxqnCbNOLrYuUc84EjjDq0p0SnjCWdI
bu081nZWPtqFU0+3WG5NDXAnAgMBAAGjggKYMIIClDAdBgNVHQ4EFgQUh/vOp4EM
OQz70QxugI0f/BSiq2YwHwYDVR0jBBgwFoAUVIQw6riOTjePtQBa+uXKucAAehow
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTkwODE4LzdFMUY2QUUyOTA5
RDExRUY5NzE3RjY1MEM0RjlBRTAyL1ZJUXc2cmlPVGplUHRRQmEtdVhLdWNBQWVo
by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvVklRdzZyaU9UamVQdFFCYS11WEt1Y0FBZWhvLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5
MDgxOC83RTFGNkFFMjkwOUQxMUVGOTcxN0Y2NTBDNEY5QUUwMi9DOUIzMDVBODlB
RDUxMUVGODVBNjUwNzNDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAiBggrBgEFBQcBBwEB/wQT
MBEwDwQCAAIwCQMHACQBziAAADANBgkqhkiG9w0BAQsFAAOCAQEAkw+Ns4IyYBeg
7FF1Bv3255cOHH5tSocZA5hu8jrqomh7coKNfKAGttsmDhdaP0vRL2A8B2WJngqQ
5wbXqzsmEFaJsl8nRA413EForozuGXzieQjlqFhOgelIsKBdIl6XiNNIgt6JxaDj
6p6ALdHK5Sk3NJeVoaajdHVRlChkpP2V9/FsgFcLaCGvAUOc0Zwc0BXv7cVPHRnj
Gmbac7JCkYKsZoaiFD79gBhGcs+LqCawBAm2SHU6p4IwRHZcGmJPl5145oLMfIbo
YfCusDcEE67MPxpPZ1N07IelnzrSMagWoOFSDmzDOC7+uKHtnAWKWRCJoqqPtuMr
fA2/9BgdnA==
-----END CERTIFICATE-----
Generated at Sun Nov 10 02:19:47 2024 by rpki-client on console-fra.rpki-client.org