Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A495C/55918004E2AD11E9B4A27546C4F9AE02/7EEC8CB2ABD711EE87BA6328C4F9AE02.roa
File: 7EEC8CB2ABD711EE87BA6328C4F9AE02.roa (raw, json)
Hash identifier: d7RWZyzuZnmplTA4u0H3yPFHsPU5cEHm8I1b24fTgus=
Subject key identifier: 73:12:FC:93:07:7D:8B:63:89:44:1E:95:2E:13:8A:5D:2E:B3:6D:25
Certificate issuer: /CN=A91A495C/serialNumber=78BEDBEDC0459B900C282892F13B1782A9560429
Certificate serial: 0C1E
Authority key identifier: 78:BE:DB:ED:C0:45:9B:90:0C:28:28:92:F1:3B:17:82:A9:56:04:29
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/eL7b7cBFm5AMKCiS8TsXgqlWBCk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A495C/55918004E2AD11E9B4A27546C4F9AE02/7EEC8CB2ABD711EE87BA6328C4F9AE02.roa
Signing time: Fri 05 Jan 2024 14:34:29 +0000
ROA not before: Fri 05 Jan 2024 14:34:29 +0000
ROA not after: Mon 30 Sep 2024 00:00:00 +0000
asID: 136967
IP address blocks: 2403:1e40:1180::/41 maxlen: 48
2403:1e40:1a00::/41 maxlen: 48
2403:1e40:1a80::/41 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3102 (0xc1e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A495C/serialNumber=78BEDBEDC0459B900C282892F13B1782A9560429
Validity
Not Before: Jan 5 14:34:29 2024 GMT
Not After : Sep 30 00:00:00 2024 GMT
Subject: CN=65981375-92a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:4d:bc:0b:16:71:e3:44:ed:d0:7c:10:67:ed:
8d:ec:8c:84:e2:18:75:57:57:cc:63:9e:2d:e0:56:
2a:e2:b8:2e:8d:c4:a1:a7:17:0a:d5:e7:7b:fb:19:
a6:9a:69:64:53:17:ca:e6:22:c1:4f:27:de:24:13:
45:96:4f:36:c4:43:ec:9d:fe:60:af:bc:1e:30:fc:
07:6c:52:da:27:30:8b:10:eb:1b:08:dc:11:31:14:
9b:7b:e9:2f:f3:a9:91:32:5a:74:e5:fc:b1:fa:86:
c5:77:15:86:88:1f:1b:19:86:1d:83:eb:c1:89:83:
b0:74:7a:8a:26:91:7f:b5:7f:d5:0b:29:78:4c:74:
77:6c:d4:d7:1c:df:5b:c4:e8:f9:db:18:8f:9a:1c:
61:c8:94:f3:2a:b5:ce:9d:d8:b8:b4:11:1e:ff:d3:
44:06:6f:f8:e8:c5:e9:74:00:a8:0e:f6:9c:50:be:
24:ea:c2:15:65:02:ca:23:5c:00:29:2c:4b:bd:ec:
47:4f:88:ea:90:f9:50:97:02:2b:1b:e3:d4:17:53:
f2:6d:5f:35:79:72:06:e3:af:f2:3e:bc:a1:c5:32:
d4:f7:dd:e6:8c:7a:da:6b:a4:f0:c1:4c:a8:a6:6d:
17:ff:1d:91:76:b8:68:43:a3:cb:a6:53:ce:a5:aa:
3b:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:12:FC:93:07:7D:8B:63:89:44:1E:95:2E:13:8A:5D:2E:B3:6D:25
X509v3 Authority Key Identifier:
keyid:78:BE:DB:ED:C0:45:9B:90:0C:28:28:92:F1:3B:17:82:A9:56:04:29
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A495C/55918004E2AD11E9B4A27546C4F9AE02/eL7b7cBFm5AMKCiS8TsXgqlWBCk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/eL7b7cBFm5AMKCiS8TsXgqlWBCk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A495C/55918004E2AD11E9B4A27546C4F9AE02/7EEC8CB2ABD711EE87BA6328C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2403:1e40:1180::/41
2403:1e40:1a00::/40
Signature Algorithm: sha256WithRSAEncryption
1b:c0:2b:e1:94:08:e8:f1:3f:7b:dc:c0:15:42:b4:f5:79:e7:
6e:d7:a3:47:84:3d:d6:eb:fb:40:b7:8b:eb:34:d5:9f:b2:fa:
1d:2b:79:b3:88:67:4f:60:e8:11:a0:c9:3b:92:72:ec:fc:e8:
fb:a9:63:69:ec:85:2c:d6:b4:e9:84:b8:41:da:60:e7:15:ba:
e2:75:5e:05:68:4d:44:d3:b8:b8:d0:c2:af:62:84:83:3e:f8:
6e:97:5f:ae:71:16:02:33:f4:51:3e:b4:bb:b7:e6:81:3c:58:
8f:01:c9:41:b4:fb:b6:bf:40:56:1b:48:69:de:cf:ec:4e:67:
b1:41:88:a8:4c:92:31:54:2c:80:5e:5b:58:9d:bc:35:a4:db:
2e:94:c7:a7:7e:ca:2f:36:cf:63:9a:5e:21:0a:21:42:83:c4:
9c:1d:d3:7c:f9:8b:46:d3:d1:b4:f3:bc:3d:14:5c:4b:3f:8f:
13:7f:41:4b:ef:34:6b:3d:c7:8a:3a:00:11:6c:bb:7b:0b:ab:
21:c0:92:d6:95:be:17:d1:48:61:12:ab:a0:99:8a:55:c3:c5:
d9:2c:ef:5e:b0:ab:1c:af:84:1c:e2:29:d5:19:af:5b:1d:6b:
35:10:f5:61:12:5a:94:75:bc:31:b8:b3:9c:9f:b0:0b:67:34:
cc:8f:36:12
-----BEGIN CERTIFICATE-----
MIIFfDCCBGSgAwIBAgICDB4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTQ5NUMxMTAvBgNVBAUTKDc4QkVEQkVEQzA0NTlCOTAwQzI4Mjg5MkYxM0IxNzgy
QTk1NjA0MjkwHhcNMjQwMTA1MTQzNDI5WhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTk4MTM3NS05MmEwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA9k28CxZx40Tt0HwQZ+2N7IyE4hh1V1fMY54t4FYq4rgujcShpxcK1ed7+xmm
mmlkUxfK5iLBTyfeJBNFlk82xEPsnf5gr7weMPwHbFLaJzCLEOsbCNwRMRSbe+kv
86mRMlp05fyx+obFdxWGiB8bGYYdg+vBiYOwdHqKJpF/tX/VCyl4THR3bNTXHN9b
xOj52xiPmhxhyJTzKrXOndi4tBEe/9NEBm/46MXpdACoDvacUL4k6sIVZQLKI1wA
KSxLvexHT4jqkPlQlwIrG+PUF1PybV81eXIG46/yPryhxTLU993mjHraa6TwwUyo
pm0X/x2RdrhoQ6PLplPOpao7BwIDAQABo4ICoDCCApwwHQYDVR0OBBYEFHMS/JMH
fYtjiUQelS4Til0us20lMB8GA1UdIwQYMBaAFHi+2+3ARZuQDCgokvE7F4KpVgQp
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNDk1Qy81NTkxODAwNEUy
QUQxMUU5QjRBMjc1NDZDNEY5QUUwMi9lTDdiN2NCRm01QU1LQ2lTOFRzWGdxbFdC
Q2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2VMN2I3Y0JGbTVBTUtDaVM4VHNYZ3FsV0JDay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTQ5NUMvNTU5MTgwMDRFMkFEMTFFOUI0QTI3NTQ2QzRGOUFFMDIvN0VFQzhDQjJB
QkQ3MTFFRTg3QkE2MzI4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwKgYIKwYBBQUHAQcBAf8E
GzAZMBcEAgACMBEDBwckAx5AEYADBgAkAx5AGjANBgkqhkiG9w0BAQsFAAOCAQEA
G8Ar4ZQI6PE/e9zAFUK09XnnbtejR4Q91uv7QLeL6zTVn7L6HSt5s4hnT2DoEaDJ
O5Jy7Pzo+6ljaeyFLNa06YS4Qdpg5xW64nVeBWhNRNO4uNDCr2KEgz74bpdfrnEW
AjP0UT60u7fmgTxYjwHJQbT7tr9AVhtIad7P7E5nsUGIqEySMVQsgF5bWJ28NaTb
LpTHp37KLzbPY5peIQohQoPEnB3TfPmLRtPRtPO8PRRcSz+PE39BS+80az3HijoA
EWy7ewurIcCS1pW+F9FIYRKroJmKVcPF2SzvXrCrHK+EHOIp1RmvWx1rNRD1YRJa
lHW8MbiznJ+wC2c0zI82Eg==
-----END CERTIFICATE-----
Generated at Fri Jan 5 21:23:36 2024 by rpki-client on console-fra.rpki-client.org