Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A15FB/C73C45982EC711EF82208273C4F9AE02/3E2DF956451811EFAD083958C4F9AE02.roa
File: 3E2DF956451811EFAD083958C4F9AE02.roa (raw, json)
Hash identifier: oPwtLbDIWQIyQqq/2qHDoK2aw2UBpc2xmDYP5tyeG9c=
Subject key identifier: 7B:D3:11:B1:9C:DE:38:FE:AD:94:5B:9B:14:C2:C4:7B:E4:C0:A1:E6
Certificate issuer: /CN=A91A15FB/serialNumber=92EB8EF2C6E2616988A98FD5B13EE2A36B221C43
Certificate serial: 11
Authority key identifier: 92:EB:8E:F2:C6:E2:61:69:88:A9:8F:D5:B1:3E:E2:A3:6B:22:1C:43
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kuuO8sbiYWmIqY_VsT7io2siHEM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A15FB/C73C45982EC711EF82208273C4F9AE02/3E2DF956451811EFAD083958C4F9AE02.roa
Signing time: Thu 18 Jul 2024 15:13:10 +0000
ROA not before: Thu 18 Jul 2024 15:13:10 +0000
ROA not after: Tue 30 Sep 2025 00:00:00 +0000
asID: 138997
IP address blocks: 2401:a420::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 22 Aug 2024 07:26:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17 (0x11)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A15FB/serialNumber=92EB8EF2C6E2616988A98FD5B13EE2A36B221C43
Validity
Not Before: Jul 18 15:13:10 2024 GMT
Not After : Sep 30 00:00:00 2025 GMT
Subject: CN=66993105-a3ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:8f:aa:a5:49:60:a7:a5:4b:35:25:43:36:13:
85:bb:63:9a:7f:c3:1e:e1:b6:b7:c8:ac:f2:03:9b:
42:8b:c6:e6:87:15:48:b6:23:dc:99:d1:85:e7:88:
03:9e:91:13:cd:5b:c8:09:ef:57:39:3a:f7:58:00:
3d:ce:0a:32:29:23:e6:5d:9a:85:04:07:fd:a4:5a:
99:0a:32:1b:22:7a:65:0c:8e:56:97:46:1b:ea:7d:
7e:9e:00:e4:03:0e:07:c9:34:09:4b:b5:d8:43:7e:
e3:dc:e0:b9:34:f7:b3:92:8c:d4:4e:7b:1a:29:e0:
30:ae:7a:c6:10:26:92:ee:61:e9:b9:36:7e:32:aa:
6d:7b:41:4a:fc:99:17:5f:23:72:0a:72:55:69:ff:
5b:6a:ba:dd:65:15:20:c5:e3:a4:46:fd:ff:de:25:
fa:c1:21:5a:0a:d1:81:7a:46:84:35:2b:e7:0a:25:
99:36:29:c9:fb:a8:37:45:d5:61:00:a1:d0:a8:a0:
79:c3:d1:2c:98:e1:e7:3e:28:13:e0:16:fc:b9:4d:
a5:3f:6b:d4:f6:37:34:56:73:7b:2e:36:99:02:52:
a4:9e:e0:8f:f8:17:c0:e4:71:de:b8:01:e7:6a:e9:
02:f2:fa:57:ac:f4:23:f3:b3:ba:81:b6:9f:56:28:
79:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:D3:11:B1:9C:DE:38:FE:AD:94:5B:9B:14:C2:C4:7B:E4:C0:A1:E6
X509v3 Authority Key Identifier:
keyid:92:EB:8E:F2:C6:E2:61:69:88:A9:8F:D5:B1:3E:E2:A3:6B:22:1C:43
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A15FB/C73C45982EC711EF82208273C4F9AE02/kuuO8sbiYWmIqY_VsT7io2siHEM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kuuO8sbiYWmIqY_VsT7io2siHEM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A15FB/C73C45982EC711EF82208273C4F9AE02/3E2DF956451811EFAD083958C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2401:a420::/32
Signature Algorithm: sha256WithRSAEncryption
34:1e:10:10:3d:97:c3:0e:76:7d:1e:db:80:27:24:68:57:c7:
3a:73:c6:d3:60:78:f3:76:c0:bf:65:ab:64:1f:31:75:14:74:
e9:45:ee:ae:c0:af:1b:12:e3:c0:89:d0:0f:92:1f:73:d0:8c:
ae:20:79:bc:6c:1c:cc:59:b2:f2:9c:cb:8e:c6:aa:40:46:c6:
42:07:aa:33:02:4b:99:ba:b9:3c:3b:e2:dc:3c:04:c9:d3:db:
e5:f2:28:da:59:ea:a5:bf:99:e9:c9:0b:38:37:6d:50:21:e9:
16:bd:92:ec:53:56:3c:ac:c8:8d:ba:c4:a4:f6:ce:ee:e0:9b:
74:31:fa:0b:2c:d7:1f:4b:a9:ee:fc:d9:81:87:49:9c:b7:b7:
51:28:b7:aa:6f:6c:17:95:bd:79:b8:a2:1c:68:17:84:0b:75:
76:f0:04:5f:fc:1d:23:45:71:81:63:25:7d:73:f4:ed:8c:39:
de:97:97:24:ea:9a:eb:83:6d:ba:ab:1a:17:ed:eb:74:7a:cb:
6c:ba:b3:7f:c5:b6:a2:6d:68:ee:cc:ba:fd:09:3b:97:5b:3f:
ab:4b:ea:a6:c6:83:aa:69:f8:55:90:88:f8:0d:83:37:6f:d3:
e6:a6:7c:30:39:12:48:28:40:1a:fa:22:ed:54:10:0a:77:f7:
2a:d5:4b:fc
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgIBETANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB
MTVGQjExMC8GA1UEBRMoOTJFQjhFRjJDNkUyNjE2OTg4QTk4RkQ1QjEzRUUyQTM2
QjIyMUM0MzAeFw0yNDA3MTgxNTEzMTBaFw0yNTA5MzAwMDAwMDBaMBgxFjAUBgNV
BAMTDTY2OTkzMTA1LWEzY2EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCXj6qlSWCnpUs1JUM2E4W7Y5p/wx7htrfIrPIDm0KLxuaHFUi2I9yZ0YXniAOe
kRPNW8gJ71c5OvdYAD3OCjIpI+ZdmoUEB/2kWpkKMhsiemUMjlaXRhvqfX6eAOQD
DgfJNAlLtdhDfuPc4Lk097OSjNROexop4DCuesYQJpLuYem5Nn4yqm17QUr8mRdf
I3IKclVp/1tqut1lFSDF46RG/f/eJfrBIVoK0YF6RoQ1K+cKJZk2Kcn7qDdF1WEA
odCooHnD0SyY4ec+KBPgFvy5TaU/a9T2NzRWc3suNpkCUqSe4I/4F8Dkcd64Aedq
6QLy+les9CPzs7qBtp9WKHntAgMBAAGjggKWMIICkjAdBgNVHQ4EFgQUe9MRsZze
OP6tlFubFMLEe+TAoeYwHwYDVR0jBBgwFoAUkuuO8sbiYWmIqY/VsT7io2siHEMw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUExNUZCL0M3M0M0NTk4MkVD
NzExRUY4MjIwODI3M0M0RjlBRTAyL2t1dU84c2JpWVdtSXFZX1ZzVDdpbzJzaUhF
TS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIva3V1TzhzYmlZV21JcVlfVnNUN2lvMnNpSEVNLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcsGCCsGAQUFBwELBIG+MIG7MIGDBggrBgEFBQcw
C4Z3cnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB
MTVGQi9DNzNDNDU5ODJFQzcxMUVGODIyMDgyNzNDNEY5QUUwMi8zRTJERjk1NjQ1
MTgxMUVGQUQwODM5NThDNEY5QUUwMi5yb2EwMwYIKwYBBQUHMA2GJ2h0dHBzOi8v
cnJkcC5hcG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAgBggrBgEFBQcBBwEB/wQR
MA8wDQQCAAIwBwMFACQBpCAwDQYJKoZIhvcNAQELBQADggEBADQeEBA9l8MOdn0e
24AnJGhXxzpzxtNgePN2wL9lq2QfMXUUdOlF7q7ArxsS48CJ0A+SH3PQjK4gebxs
HMxZsvKcy47GqkBGxkIHqjMCS5m6uTw74tw8BMnT2+XyKNpZ6qW/menJCzg3bVAh
6Ra9kuxTVjysyI26xKT2zu7gm3Qx+gss1x9Lqe782YGHSZy3t1Eot6pvbBeVvXm4
ohxoF4QLdXbwBF/8HSNFcYFjJX1z9O2MOd6XlyTqmuuDbbqrGhft63R6y2y6s3/F
tqJtaO7Muv0JO5dbP6tL6qbGg6pp+FWQiPgNgzdv0+amfDA5EkgoQBr6Iu1UEAp3
9yrVS/w=
-----END CERTIFICATE-----
Generated at Thu Aug 22 10:22:54 2024 by rpki-client on console-fra.rpki-client.org