Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919A909/209EDDCE2A3311EFBE9AA859C4F9AE02/9196D69C2BE811EFA302ED45C4F9AE02.roa
File: 9196D69C2BE811EFA302ED45C4F9AE02.roa (raw, json)
Hash identifier: 3otiYSRKzY4rcTDiboYoLlc5jI/DqgdeWuV1uW66XGg=
Subject key identifier: 14:D7:C4:D6:BD:8D:C2:68:03:E8:F4:6C:93:A4:1F:7B:8C:5F:59:62
Certificate issuer: /CN=A919A909/serialNumber=908DB3F9B746F520BBB9A84C853F6926C15EB9BD
Certificate serial: 04
Authority key identifier: 90:8D:B3:F9:B7:46:F5:20:BB:B9:A8:4C:85:3F:69:26:C1:5E:B9:BD
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kI2z-bdG9SC7uahMhT9pJsFeub0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919A909/209EDDCE2A3311EFBE9AA859C4F9AE02/9196D69C2BE811EFA302ED45C4F9AE02.roa
Signing time: Sun 16 Jun 2024 13:58:55 +0000
ROA not before: Sun 16 Jun 2024 13:58:55 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 32595
IP address blocks: 2001:df3:ed40::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 19 Jun 2024 14:30:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4 (0x4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919A909/serialNumber=908DB3F9B746F520BBB9A84C853F6926C15EB9BD
Validity
Not Before: Jun 16 13:58:55 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=666eef9e-58fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:1d:ed:6b:f7:70:4a:45:b0:83:73:53:cb:12:
c7:c4:67:19:ac:37:79:ea:1d:4b:40:96:a3:03:e2:
92:59:ca:dd:c4:48:3d:5a:dc:ba:da:9f:85:2d:e8:
10:ff:3d:ea:aa:74:66:e3:ee:20:60:f3:a2:bf:88:
1d:9f:55:37:58:09:5b:65:51:c6:58:54:75:28:61:
f2:9a:b3:d7:37:3c:4e:cc:50:a5:db:d1:3e:9b:90:
36:26:42:ec:1a:57:ab:e4:2c:9c:9c:e4:f3:cc:c0:
5e:35:aa:38:06:d8:25:77:80:51:6c:7c:91:1b:89:
26:32:51:11:dd:e1:85:8d:fc:59:a1:db:cb:76:c6:
2f:c8:d4:0e:3e:9a:07:a9:1b:38:42:b0:b4:48:a0:
b8:95:c5:e4:c4:81:4d:d4:62:ee:31:0c:4b:41:20:
48:fa:4b:e4:3b:b2:56:85:cc:b0:a2:2e:2e:a2:15:
b8:b6:1a:b4:c2:ef:0e:6f:bc:ae:6d:e1:7e:4f:3b:
7f:4b:ab:76:c1:ef:01:f5:bb:f6:b7:77:b7:a0:ce:
59:8b:18:fc:78:30:67:2c:02:e2:1f:c3:d2:07:63:
76:18:cd:2b:30:d6:70:85:c5:44:f5:3f:d8:62:4f:
59:17:ec:bb:20:93:d3:9c:0b:1f:48:67:73:0b:45:
8b:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:D7:C4:D6:BD:8D:C2:68:03:E8:F4:6C:93:A4:1F:7B:8C:5F:59:62
X509v3 Authority Key Identifier:
keyid:90:8D:B3:F9:B7:46:F5:20:BB:B9:A8:4C:85:3F:69:26:C1:5E:B9:BD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919A909/209EDDCE2A3311EFBE9AA859C4F9AE02/kI2z-bdG9SC7uahMhT9pJsFeub0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kI2z-bdG9SC7uahMhT9pJsFeub0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919A909/209EDDCE2A3311EFBE9AA859C4F9AE02/9196D69C2BE811EFA302ED45C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2001:df3:ed40::/48
Signature Algorithm: sha256WithRSAEncryption
28:70:67:82:50:d9:04:99:3f:e1:47:78:b0:16:f7:06:2e:b5:
62:d0:9e:0a:24:7c:f6:c1:e1:b4:3e:de:1f:79:e2:dc:c3:74:
3e:84:cd:20:08:c1:65:eb:ee:b4:e6:69:27:93:6b:36:a1:7f:
18:03:6f:a7:1a:7f:d6:3b:69:22:6c:72:5f:c4:82:f7:6e:b4:
e2:e8:d3:cb:af:65:4f:27:8c:28:fb:bb:83:76:54:2d:2d:55:
f4:16:20:81:6a:61:13:53:76:42:f6:53:bb:3a:8a:ff:ba:9d:
e0:5b:4f:18:68:38:27:f0:fb:bf:a8:7a:0a:cc:6c:2a:fd:80:
8d:53:89:7a:f3:5f:db:84:12:6e:8f:73:60:cc:c7:74:67:5a:
81:e9:ed:0f:7f:98:08:ba:21:56:a4:30:af:95:77:47:3c:ef:
e7:a3:a2:8d:c8:42:2b:d2:29:58:74:e9:9c:e1:01:03:7a:a5:
b6:7a:6e:ca:49:8a:6c:24:37:78:0f:13:a6:1c:f5:63:a2:8b:
f0:f5:00:37:23:e7:56:1a:4d:fe:47:df:cd:38:71:db:fc:ee:
3f:4b:2e:d1:8f:ce:94:25:80:78:5c:6d:f6:c9:0b:a8:16:a9:
32:00:79:d5:ef:96:a1:d4:3c:3f:01:fd:0d:05:d4:2a:b0:04:
a8:85:86:c1
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgIBBDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE5
QTkwOTExMC8GA1UEBRMoOTA4REIzRjlCNzQ2RjUyMEJCQjlBODRDODUzRjY5MjZD
MTVFQjlCRDAeFw0yNDA2MTYxMzU4NTVaFw0yNTA5MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2NmVlZjllLTU4ZmMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCeHe1r93BKRbCDc1PLEsfEZxmsN3nqHUtAlqMD4pJZyt3ESD1a3Lran4Ut6BD/
PeqqdGbj7iBg86K/iB2fVTdYCVtlUcZYVHUoYfKas9c3PE7MUKXb0T6bkDYmQuwa
V6vkLJyc5PPMwF41qjgG2CV3gFFsfJEbiSYyURHd4YWN/Fmh28t2xi/I1A4+mgep
GzhCsLRIoLiVxeTEgU3UYu4xDEtBIEj6S+Q7slaFzLCiLi6iFbi2GrTC7w5vvK5t
4X5PO39Lq3bB7wH1u/a3d7egzlmLGPx4MGcsAuIfw9IHY3YYzSsw1nCFxUT1P9hi
T1kX7Lsgk9OcCx9IZ3MLRYvdAgMBAAGjggKYMIIClDAdBgNVHQ4EFgQUFNfE1r2N
wmgD6PRsk6Qfe4xfWWIwHwYDVR0jBBgwFoAUkI2z+bdG9SC7uahMhT9pJsFeub0w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTlBOTA5LzIwOUVERENFMkEz
MzExRUZCRTlBQTg1OUM0RjlBRTAyL2tJMnotYmRHOVNDN3VhaE1oVDlwSnNGZXVi
MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIva0kyei1iZEc5U0M3dWFoTWhUOXBKc0ZldWIwLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5
QTkwOS8yMDlFRERDRTJBMzMxMUVGQkU5QUE4NTlDNEY5QUUwMi85MTk2RDY5QzJC
RTgxMUVGQTMwMkVENDVDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAiBggrBgEFBQcBBwEB/wQT
MBEwDwQCAAIwCQMHACABDfPtQDANBgkqhkiG9w0BAQsFAAOCAQEAKHBnglDZBJk/
4Ud4sBb3Bi61YtCeCiR89sHhtD7eH3ni3MN0PoTNIAjBZevutOZpJ5NrNqF/GANv
pxp/1jtpImxyX8SC92604ujTy69lTyeMKPu7g3ZULS1V9BYggWphE1N2QvZTuzqK
/7qd4FtPGGg4J/D7v6h6CsxsKv2AjVOJevNf24QSbo9zYMzHdGdagentD3+YCLoh
VqQwr5V3Rzzv56OijchCK9IpWHTpnOEBA3qltnpuykmKbCQ3eA8Tphz1Y6KL8PUA
NyPnVhpN/kffzThx2/zuP0su0Y/OlCWAeFxt9skLqBapMgB51e+WodQ8PwH9DQXU
KrAEqIWGwQ==
-----END CERTIFICATE-----
Generated at Wed Jun 19 20:09:55 2024 by rpki-client on console-ams.rpki-client.org