Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/48F34BEA9B4711EFB734735DC4F9AE02.roa
File: 48F34BEA9B4711EFB734735DC4F9AE02.roa (raw, json)
Hash identifier: W2M04+Z+6zn7cXB3ZU1R11hecLlK4DfpMSwrffmqUcc=
Subject key identifier: 57:FA:0D:50:6F:0E:EA:03:89:FB:8D:39:2D:BA:D7:83:50:5E:22:07
Certificate issuer: /CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Certificate serial: 47E2
Authority key identifier: 16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/48F34BEA9B4711EFB734735DC4F9AE02.roa
Signing time: Tue 05 Nov 2024 07:26:34 +0000
ROA not before: Tue 05 Nov 2024 07:26:34 +0000
ROA not after: Fri 31 Oct 2025 00:00:00 +0000
asID: 153024
IP address blocks: 2001:df4:7dc0::/48 maxlen: 48
Validation: Failed, certificate revoked on Sat 16 Nov 2024 14:44:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18402 (0x47e2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A560A/serialNumber=167C3B221775FEC05039468150CE814756AC6F0A
Validity
Not Before: Nov 5 07:26:34 2024 GMT
Not After : Oct 31 00:00:00 2025 GMT
Subject: CN=6729c8aa-2e86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:b7:9c:97:b0:50:ba:81:ab:c1:bb:43:15:70:
00:80:a4:45:46:39:4e:8b:5c:16:aa:a1:40:bc:4c:
2f:a4:00:54:79:a9:af:b5:c4:77:7a:e7:a3:91:5e:
dc:c5:2a:3d:5e:6e:87:eb:ec:c9:c4:62:b0:c3:a0:
83:53:c3:dc:2d:1d:f1:ee:46:34:13:19:08:7b:78:
94:43:42:ad:83:97:bc:db:05:8a:2c:76:68:8a:9e:
cf:60:49:7c:6b:27:7e:2f:e7:a6:5d:77:eb:70:2d:
e9:cc:02:33:0d:49:cb:2b:c9:d9:02:3d:bf:48:4b:
95:11:38:9b:2d:5a:1c:7e:7c:38:3e:e7:28:de:70:
14:0d:29:e7:ed:fc:93:3b:44:47:d3:f8:fe:b0:ef:
98:3b:3b:35:c5:a7:5a:1b:4b:5b:76:d3:7d:e5:37:
67:e6:65:e3:9f:bc:fb:29:8a:2c:03:00:3e:54:ee:
d9:a9:5a:19:fd:39:f9:16:08:20:1c:96:f8:1d:b4:
6a:4b:42:1a:20:b2:aa:98:12:1e:94:0a:9f:d9:c7:
b6:f0:9e:6a:a3:6e:ab:9d:63:42:79:7e:4c:21:97:
b7:27:4b:10:60:6c:c3:85:ed:c1:b9:2e:82:34:37:
0a:26:e8:94:aa:96:41:ac:84:c4:1b:b0:c4:38:08:
f1:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:FA:0D:50:6F:0E:EA:03:89:FB:8D:39:2D:BA:D7:83:50:5E:22:07
X509v3 Authority Key Identifier:
keyid:16:7C:3B:22:17:75:FE:C0:50:39:46:81:50:CE:81:47:56:AC:6F:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Fnw7Ihd1_sBQOUaBUM6BR1asbwo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/AAEB191A1D8A11E2A387D0E408B02CD2/48F34BEA9B4711EFB734735DC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2001:df4:7dc0::/48
Signature Algorithm: sha256WithRSAEncryption
1d:ae:fe:3b:b3:11:d4:37:a3:49:32:93:93:c6:27:88:f2:b3:
c6:32:7f:58:e0:a9:cc:33:e5:47:c9:03:8b:9f:dc:19:06:cd:
ff:2b:c8:ae:29:0e:ab:13:54:67:8b:60:a2:f8:bb:35:70:3d:
8d:c1:7a:9a:67:4a:fb:b5:02:2f:99:c8:9d:b8:e7:21:e8:8b:
a8:2f:34:c6:80:27:05:0f:a1:f1:e7:69:99:e3:3f:b5:1e:c5:
80:5c:75:f8:b7:aa:3d:68:d9:00:fd:6e:6a:29:e8:be:cc:fd:
30:98:be:87:3f:98:a0:aa:cd:c6:9f:96:6f:2a:c8:e6:be:ef:
86:fe:b0:bb:95:7b:d1:5d:2a:2f:e0:a2:4f:41:17:11:b9:ce:
96:33:9f:c8:f5:d7:6e:c5:d4:63:8c:26:76:c9:35:94:4e:51:
11:ef:f8:f8:4f:13:99:7a:76:48:2d:ec:d0:ae:05:f2:ff:77:
34:81:11:04:1c:9e:6d:3b:a1:1c:c0:8f:02:27:d8:d1:c1:f9:
94:02:6e:d3:02:17:bb:f0:de:88:3d:33:58:d4:32:94:92:75:
cf:46:4f:62:45:d5:d0:e1:c6:ac:7c:ff:bb:6e:97:77:f9:a1:
1b:65:87:d6:d2:3e:62:c6:45:a9:a9:96:3b:99:67:48:f5:aa:
02:17:20:19
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgICR+IwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTU2MEExMTAvBgNVBAUTKDE2N0MzQjIyMTc3NUZFQzA1MDM5NDY4MTUwQ0U4MTQ3
NTZBQzZGMEEwHhcNMjQxMTA1MDcyNjM0WhcNMjUxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NzI5YzhhYS0yZTg2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAz7ecl7BQuoGrwbtDFXAAgKRFRjlOi1wWqqFAvEwvpABUeamvtcR3euejkV7c
xSo9Xm6H6+zJxGKww6CDU8PcLR3x7kY0ExkIe3iUQ0Ktg5e82wWKLHZoip7PYEl8
ayd+L+emXXfrcC3pzAIzDUnLK8nZAj2/SEuVETibLVocfnw4Puco3nAUDSnn7fyT
O0RH0/j+sO+YOzs1xadaG0tbdtN95Tdn5mXjn7z7KYosAwA+VO7ZqVoZ/Tn5Fggg
HJb4HbRqS0IaILKqmBIelAqf2ce28J5qo26rnWNCeX5MIZe3J0sQYGzDhe3BuS6C
NDcKJuiUqpZBrITEG7DEOAjxkQIDAQABo4ICmDCCApQwHQYDVR0OBBYEFFf6DVBv
DuoDifuNOS2614NQXiIHMB8GA1UdIwQYMBaAFBZ8OyIXdf7AUDlGgVDOgUdWrG8K
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9BQUVCMTkxQTFE
OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9Gbnc3SWhkMV9zQlFPVWFCVU02QlIxYXNi
d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZudzdJaGQxX3NCUU9VYUJVTTZCUjFhc2J3by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTU2MEEvQUFFQjE5MUExRDhBMTFFMkEzODdEMEU0MDhCMDJDRDIvNDhGMzRCRUE5
QjQ3MTFFRkI3MzQ3MzVEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwAgAQ30fcAwDQYJKoZIhvcNAQELBQADggEBAB2u/juzEdQ3
o0kyk5PGJ4jys8Yyf1jgqcwz5UfJA4uf3BkGzf8ryK4pDqsTVGeLYKL4uzVwPY3B
eppnSvu1Ai+ZyJ245yHoi6gvNMaAJwUPofHnaZnjP7UexYBcdfi3qj1o2QD9bmop
6L7M/TCYvoc/mKCqzcaflm8qyOa+74b+sLuVe9FdKi/gok9BFxG5zpYzn8j1127F
1GOMJnbJNZROURHv+PhPE5l6dkgt7NCuBfL/dzSBEQQcnm07oRzAjwIn2NHB+ZQC
btMCF7vw3og9M1jUMpSSdc9GT2JF1dDhxqx8/7tul3f5oRtlh9bSPmLGRampljuZ
Z0j1qgIXIBk=
-----END CERTIFICATE-----
Generated at Sat Nov 16 16:48:09 2024 by rpki-client on console-ams.rpki-client.org