Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A860C/F806E01C1D9E11E2BBD0358F08B02CD2/513426C6AA7111E898EE8F79C4F9AE02.roa
File: 513426C6AA7111E898EE8F79C4F9AE02.roa (raw, json)
Hash identifier: tCdj6bp+5IcOFcx8vDKw0wXb4PBJkK4AlD4pTuplRb8=
Subject key identifier: 42:8B:DC:5B:7E:7F:17:C1:95:CF:B8:0B:31:D7:4B:3C:A0:07:32:C3
Certificate issuer: /CN=A91A860C/serialNumber=690D2545CB8C0A229C1CD3F50E2C6A2B2128170A
Certificate serial: 335F
Authority key identifier: 69:0D:25:45:CB:8C:0A:22:9C:1C:D3:F5:0E:2C:6A:2B:21:28:17:0A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aQ0lRcuMCiKcHNP1DixqKyEoFwo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A860C/F806E01C1D9E11E2BBD0358F08B02CD2/513426C6AA7111E898EE8F79C4F9AE02.roa
Signing time: Tue 22 Aug 2023 15:10:57 +0000
ROA not before: Tue 22 Aug 2023 15:10:57 +0000
ROA not after: Mon 30 Sep 2024 00:00:00 +0000
asID: 131222
IP address blocks: 2406:5600::/32 maxlen: 32
2406:5600:30::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 15 Jul 2024 00:40:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13151 (0x335f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A860C/serialNumber=690D2545CB8C0A229C1CD3F50E2C6A2B2128170A
Validity
Not Before: Aug 22 15:10:57 2023 GMT
Not After : Sep 30 00:00:00 2024 GMT
Subject: CN=64e4d001-8b94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:c7:45:52:31:e9:11:69:63:61:96:7c:57:8c:
00:2e:37:58:cd:f6:a1:db:76:f3:13:53:eb:2b:ce:
f6:81:08:1f:e4:ce:bf:2b:b4:d4:48:46:55:b8:82:
7e:79:c7:6d:77:b6:d1:03:31:b0:b3:ce:84:2a:21:
ec:75:30:e5:a3:53:c1:4d:eb:07:2c:40:07:20:ef:
8a:bc:4d:ec:a9:f5:ba:e3:74:44:ea:e6:f9:33:4e:
d0:31:61:32:d5:a5:0f:fd:78:d5:0b:18:d7:18:7e:
a8:d6:c5:32:0b:5d:c9:ae:39:f4:ac:8e:97:7b:bd:
2f:78:db:0a:d9:fe:54:57:35:44:c7:64:14:33:4d:
7a:82:db:51:c7:2a:69:0e:28:8d:8e:e8:ce:77:08:
34:f9:1a:17:a1:9e:37:62:77:f0:34:cc:0c:fc:13:
45:1c:95:9a:6b:86:22:95:78:53:a3:42:5b:aa:b6:
7c:60:bc:cb:7b:06:13:f5:d3:ba:42:73:df:64:28:
36:ce:0b:f2:3b:95:5c:5a:ce:72:a5:cc:c4:01:e5:
83:18:18:67:2e:50:cc:a6:fb:19:fc:8f:50:c3:72:
84:d0:1b:09:42:95:18:6f:84:7c:92:f6:5a:a6:a5:
fc:c1:89:8d:24:4a:ca:c6:a3:d2:52:ef:36:e6:89:
c5:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:8B:DC:5B:7E:7F:17:C1:95:CF:B8:0B:31:D7:4B:3C:A0:07:32:C3
X509v3 Authority Key Identifier:
keyid:69:0D:25:45:CB:8C:0A:22:9C:1C:D3:F5:0E:2C:6A:2B:21:28:17:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A860C/F806E01C1D9E11E2BBD0358F08B02CD2/aQ0lRcuMCiKcHNP1DixqKyEoFwo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aQ0lRcuMCiKcHNP1DixqKyEoFwo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A860C/F806E01C1D9E11E2BBD0358F08B02CD2/513426C6AA7111E898EE8F79C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv6:
2406:5600::/32
Signature Algorithm: sha256WithRSAEncryption
a7:94:46:50:ca:d1:8c:a3:14:d9:a7:02:ca:f6:35:0b:6a:fd:
e1:2b:ca:e3:b2:19:78:0b:ff:d9:f6:91:0d:75:09:b0:e5:bb:
64:62:55:06:3b:56:41:dd:2a:ee:95:2e:16:52:a2:2e:ad:98:
68:68:8a:5c:82:55:d1:e5:bb:14:8a:78:53:00:c7:f0:5a:ce:
58:67:a1:f5:c3:d7:44:b8:62:b9:4b:78:b4:55:ca:71:77:12:
d0:3e:94:ee:01:12:91:56:a1:75:51:50:82:4d:52:b0:17:88:
75:8d:41:22:66:a4:bc:fd:a0:a3:e2:43:2c:6c:ef:43:6c:aa:
5b:47:6c:26:0c:3a:cb:84:b4:0c:ce:0e:fc:44:e6:73:7e:6c:
07:1e:9a:a0:67:28:2e:cc:58:91:88:f7:7d:0a:ff:06:1e:55:
d5:20:e6:9a:b9:17:a5:9e:73:58:fe:ee:0b:03:6f:7a:f3:fd:
a0:7b:5d:a8:7c:8c:91:38:b4:1e:9d:bc:99:cc:7c:23:a6:94:
fc:36:8d:eb:32:03:c3:b5:70:7f:30:4d:e4:7d:68:40:a0:75:
83:1c:c9:e3:9b:26:6c:78:ff:d9:89:13:a4:f1:2e:50:a9:2c:
ee:6c:db:ea:46:9c:8a:85:af:14:d1:b0:73:aa:df:a1:5f:3f:
85:cd:68:b0
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgICM18wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTg2MEMxMTAvBgNVBAUTKDY5MEQyNTQ1Q0I4QzBBMjI5QzFDRDNGNTBFMkM2QTJC
MjEyODE3MEEwHhcNMjMwODIyMTUxMDU3WhcNMjQwOTMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NGU0ZDAwMS04Yjk0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2MdFUjHpEWljYZZ8V4wALjdYzfah23bzE1PrK872gQgf5M6/K7TUSEZVuIJ+
ecdtd7bRAzGws86EKiHsdTDlo1PBTesHLEAHIO+KvE3sqfW643RE6ub5M07QMWEy
1aUP/XjVCxjXGH6o1sUyC13Jrjn0rI6Xe70veNsK2f5UVzVEx2QUM016gttRxypp
DiiNjujOdwg0+RoXoZ43YnfwNMwM/BNFHJWaa4YilXhTo0JbqrZ8YLzLewYT9dO6
QnPfZCg2zgvyO5VcWs5ypczEAeWDGBhnLlDMpvsZ/I9Qw3KE0BsJQpUYb4R8kvZa
pqX8wYmNJErKxqPSUu825onFNQIDAQABo4ICljCCApIwHQYDVR0OBBYEFEKL3Ft+
fxfBlc+4CzHXSzygBzLDMB8GA1UdIwQYMBaAFGkNJUXLjAoinBzT9Q4saishKBcK
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBODYwQy9GODA2RTAxQzFE
OUUxMUUyQkJEMDM1OEYwOEIwMkNEMi9hUTBsUmN1TUNpS2NITlAxRGl4cUt5RW9G
d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2FRMGxSY3VNQ2lLY0hOUDFEaXhxS3lFb0Z3by5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QTg2MEMvRjgwNkUwMUMxRDlFMTFFMkJCRDAzNThGMDhCMDJDRDIvNTEzNDI2QzZB
QTcxMTFFODk4RUU4Rjc5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIAYIKwYBBQUHAQcBAf8E
ETAPMA0EAgACMAcDBQAkBlYAMA0GCSqGSIb3DQEBCwUAA4IBAQCnlEZQytGMoxTZ
pwLK9jULav3hK8rjshl4C//Z9pENdQmw5btkYlUGO1ZB3SrulS4WUqIurZhoaIpc
glXR5bsUinhTAMfwWs5YZ6H1w9dEuGK5S3i0VcpxdxLQPpTuARKRVqF1UVCCTVKw
F4h1jUEiZqS8/aCj4kMsbO9DbKpbR2wmDDrLhLQMzg78ROZzfmwHHpqgZyguzFiR
iPd9Cv8GHlXVIOaauRelnnNY/u4LA2968/2ge12ofIyROLQenbyZzHwjppT8No3r
MgPDtXB/ME3kfWhAoHWDHMnjmyZseP/ZiROk8S5QqSzubNvqRpyKha8U0bBzqt+h
Xz+FzWiw
-----END CERTIFICATE-----
Generated at Mon Jul 15 02:10:32 2024 by rpki-client on console-fra.rpki-client.org