Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9198996/66030F5ED06011ECBA40FC83C4F9AE02/944D025C5FF811ED993A5009C4F9AE02.roa
File: 944D025C5FF811ED993A5009C4F9AE02.roa (raw, json)
Hash identifier: 5+84mT0ZnXcAivlsKjgsBU3GEvSTKpSWi7iKtrdI7ms=
Subject key identifier: F7:09:94:5C:36:DE:55:C7:1C:13:F7:BB:44:E9:31:21:8D:A4:90:38
Certificate issuer: /CN=A9198996/serialNumber=692135608683755E94D8ECA57D8B0B358ECE1718
Certificate serial: 01B1
Authority key identifier: 69:21:35:60:86:83:75:5E:94:D8:EC:A5:7D:8B:0B:35:8E:CE:17:18
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aSE1YIaDdV6U2OylfYsLNY7OFxg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9198996/66030F5ED06011ECBA40FC83C4F9AE02/944D025C5FF811ED993A5009C4F9AE02.roa
Signing time: Wed 17 May 2023 06:15:16 +0000
ROA not before: Wed 17 May 2023 06:15:16 +0000
ROA not after: Sat 31 Aug 2024 00:00:00 +0000
asID: 150414
IP address blocks: 2402:e940:10::/44 maxlen: 44
2402:e940:50::/44 maxlen: 44
Validation: Failed, certificate revoked on Mon 25 Sep 2023 14:50:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 433 (0x1b1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9198996/serialNumber=692135608683755E94D8ECA57D8B0B358ECE1718
Validity
Not Before: May 17 06:15:16 2023 GMT
Not After : Aug 31 00:00:00 2024 GMT
Subject: CN=646470f4-ce73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:ec:85:40:4f:96:bf:14:f7:fb:5f:f2:18:36:
c7:dc:c0:0f:68:02:f3:1e:69:6a:73:4f:a6:83:e0:
4d:24:8a:08:ef:b4:b1:63:26:31:40:63:e5:ac:e9:
91:15:b3:68:d2:3e:9d:e3:f9:be:e6:7c:41:22:24:
64:34:66:31:97:b6:83:93:02:7b:10:49:cb:b0:7b:
a8:af:65:1b:0c:6d:50:fa:be:ee:9b:3a:d5:55:b6:
3e:2c:0b:6b:f0:4f:ed:ff:34:5d:f8:24:3e:a7:e5:
34:72:b3:bc:5e:5e:d2:6c:b8:ea:07:26:c9:06:8e:
ab:73:ef:ff:dc:41:9b:a0:6f:a1:8e:69:d5:1c:3f:
15:2c:a6:50:bc:59:3b:f1:be:87:89:70:b1:5b:5b:
53:d9:ff:2b:77:2a:aa:59:27:a9:00:8e:00:7a:fe:
35:11:d6:df:c2:8a:ce:a0:98:6d:fd:46:2b:25:e4:
5e:b7:eb:87:75:7a:82:a8:7b:32:75:c7:76:1a:20:
76:6e:2b:b6:c9:55:0a:37:5f:a7:f1:72:f5:18:07:
13:6d:15:8d:df:01:b7:2a:56:91:6e:91:71:14:78:
bf:8c:27:8f:bf:91:c6:9b:3c:58:e8:c5:e1:89:69:
d6:78:91:d5:3b:17:7c:ae:ac:cc:4f:4d:35:be:ba:
9a:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:09:94:5C:36:DE:55:C7:1C:13:F7:BB:44:E9:31:21:8D:A4:90:38
X509v3 Authority Key Identifier:
keyid:69:21:35:60:86:83:75:5E:94:D8:EC:A5:7D:8B:0B:35:8E:CE:17:18
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9198996/66030F5ED06011ECBA40FC83C4F9AE02/aSE1YIaDdV6U2OylfYsLNY7OFxg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aSE1YIaDdV6U2OylfYsLNY7OFxg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9198996/66030F5ED06011ECBA40FC83C4F9AE02/944D025C5FF811ED993A5009C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2402:e940:10::/44
2402:e940:50::/44
Signature Algorithm: sha256WithRSAEncryption
0d:1f:71:a8:4e:4d:49:43:a5:10:72:ba:1c:d1:41:2f:f3:8f:
c3:d6:70:b8:f5:ce:78:b4:a5:3e:46:f8:15:cb:0b:8a:68:c9:
34:e6:d3:01:33:6c:95:9a:c2:5f:21:95:db:c9:24:23:c7:42:
cf:95:2a:64:86:03:c2:fa:db:85:f5:81:92:4f:22:52:be:32:
b2:f8:53:49:83:e0:18:93:34:35:89:b1:35:49:e4:e0:4e:5c:
50:88:58:19:98:96:2d:80:dc:f5:6e:c7:92:73:c6:a3:17:b6:
70:2b:bc:92:50:14:55:67:df:fc:5b:a4:08:6c:84:d2:1f:d2:
8b:33:0c:59:3a:fd:a7:d5:43:51:52:ed:83:0b:7b:65:5f:9f:
5f:3e:b6:a7:fb:2e:5c:b6:b1:e1:89:2c:96:f0:d7:12:70:aa:
fd:04:8e:40:71:ea:15:b4:9a:81:fa:37:d7:52:8c:9a:0c:84:
89:e0:13:3d:cc:03:38:59:fe:b9:91:8c:3f:1c:65:04:87:6a:
92:a5:4e:20:aa:4e:f8:5b:3d:d9:95:cc:ac:71:b9:94:a7:33:
8a:04:cc:40:69:23:76:a7:bb:4b:0f:2f:4f:ba:04:ba:fd:a8:
45:85:2a:b9:ab:e8:42:9b:cd:28:3f:8a:bc:5e:53:11:43:d2:
6c:54:ea:86
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgICAbEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTg5OTYxMTAvBgNVBAUTKDY5MjEzNTYwODY4Mzc1NUU5NEQ4RUNBNTdEOEIwQjM1
OEVDRTE3MTgwHhcNMjMwNTE3MDYxNTE2WhcNMjQwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDY0NzBmNC1jZTczMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsuyFQE+WvxT3+1/yGDbH3MAPaALzHmlqc0+mg+BNJIoI77SxYyYxQGPlrOmR
FbNo0j6d4/m+5nxBIiRkNGYxl7aDkwJ7EEnLsHuor2UbDG1Q+r7umzrVVbY+LAtr
8E/t/zRd+CQ+p+U0crO8Xl7SbLjqBybJBo6rc+//3EGboG+hjmnVHD8VLKZQvFk7
8b6HiXCxW1tT2f8rdyqqWSepAI4Aev41EdbfworOoJht/UYrJeRet+uHdXqCqHsy
dcd2GiB2biu2yVUKN1+n8XL1GAcTbRWN3wG3KlaRbpFxFHi/jCePv5HGmzxY6MXh
iWnWeJHVOxd8rqzMT001vrqajwIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFPcJlFw2
3lXHHBP3u0TpMSGNpJA4MB8GA1UdIwQYMBaAFGkhNWCGg3VelNjspX2LCzWOzhcY
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5ODk5Ni82NjAzMEY1RUQw
NjAxMUVDQkE0MEZDODNDNEY5QUUwMi9hU0UxWUlhRGRWNlUyT3lsZllzTE5ZN09G
eGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2FTRTFZSWFEZFY2VTJPeWxmWXNMTlk3T0Z4Zy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTg5OTYvNjYwMzBGNUVEMDYwMTFFQ0JBNDBGQzgzQzRGOUFFMDIvOTQ0RDAyNUM1
RkY4MTFFRDk5M0E1MDA5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKwYIKwYBBQUHAQcBAf8E
HDAaMBgEAgACMBIDBwQkAulAABADBwQkAulAAFAwDQYJKoZIhvcNAQELBQADggEB
AA0fcahOTUlDpRByuhzRQS/zj8PWcLj1zni0pT5G+BXLC4poyTTm0wEzbJWawl8h
ldvJJCPHQs+VKmSGA8L624X1gZJPIlK+MrL4U0mD4BiTNDWJsTVJ5OBOXFCIWBmY
li2A3PVux5JzxqMXtnArvJJQFFVn3/xbpAhshNIf0oszDFk6/afVQ1FS7YMLe2Vf
n18+tqf7Lly2seGJLJbw1xJwqv0EjkBx6hW0moH6N9dSjJoMhIngEz3MAzhZ/rmR
jD8cZQSHapKlTiCqTvhbPdmVzKxxuZSnM4oEzEBpI3anu0sPL0+6BLr9qEWFKrmr
6EKbzSg/irxeUxFD0mxU6oY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:48 2024 by rpki-client on console-ams.rpki-client.org